Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4em1d4ab3KsAXeULMnxIcNR3-hk.cer
File: 4em1d4ab3KsAXeULMnxIcNR3-hk.cer (raw, json)
Hash identifier: rlmVLeGLTL2fZ+m/qKPPxzt5X94UFMxP48pSIiwtQxE=
Subject key identifier: E1:E9:B5:77:86:9B:DC:AB:00:5D:E5:0B:32:7C:48:70:D4:77:FA:19
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A646FD5C9F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/d40eb5-9d23-4fad-886c-130e90fdeb8c/1/4em1d4ab3KsAXeULMnxIcNR3-hk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/d40eb5-9d23-4fad-886c-130e90fdeb8c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:59:51 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 200877
IP: 185.91.124.0/22
IP: 2a05:e940::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714155580575 (0xa646fd5c9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1e9b577869bdcab005de50b327c4870d477fa19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:54:67:61:b2:6f:43:a4:8a:10:e3:71:c9:
4a:7f:c8:98:f9:85:b1:59:17:68:d7:12:39:5c:18:
01:f7:27:d6:2a:39:fe:f6:cc:73:a7:79:8b:cb:6c:
0a:14:42:e3:91:31:17:0a:13:28:36:78:fe:66:86:
64:62:bc:7a:bf:89:93:1a:85:e6:46:e3:81:1a:2e:
27:66:6d:91:69:bc:92:54:a9:12:54:cd:2e:b2:6c:
94:04:7c:fb:cc:b2:b7:43:00:34:be:ad:9e:64:3d:
5d:3f:95:f5:a8:cb:27:f4:4f:46:52:d9:b6:70:56:
e6:51:9d:f3:79:5d:6c:3a:98:8e:a7:34:64:d2:9c:
58:00:26:85:06:4b:00:4f:84:78:d8:6f:41:d7:6d:
e3:07:a2:21:d5:a3:ec:aa:12:ec:21:25:4f:6a:8a:
db:62:e8:16:33:bf:85:01:98:57:a3:92:d3:e4:41:
26:a1:3a:63:aa:74:7a:2c:05:e0:6b:66:2e:6d:f9:
ca:17:b4:a4:be:ae:ab:46:32:80:07:68:e6:99:c6:
d0:5f:62:aa:98:27:71:8c:f6:46:c9:ba:be:92:fd:
0c:b2:87:b3:d0:fe:ce:d5:88:78:42:13:6d:e8:a7:
56:3f:50:ae:fb:4f:80:86:8f:7a:98:05:ea:7c:c6:
c0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E9:B5:77:86:9B:DC:AB:00:5D:E5:0B:32:7C:48:70:D4:77:FA:19
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d40eb5-9d23-4fad-886c-130e90fdeb8c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d40eb5-9d23-4fad-886c-130e90fdeb8c/1/4em1d4ab3KsAXeULMnxIcNR3-hk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.124.0/22
IPv6:
2a05:e940::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200877
Signature Algorithm: sha256WithRSAEncryption
7c:53:96:0e:84:ea:8b:ec:cc:15:f2:de:a8:ab:d7:24:d6:01:
e3:c2:e7:75:b4:ac:69:b5:2a:80:7e:2f:fd:0d:40:96:d2:3d:
fa:e2:0a:1c:cb:ab:36:f3:b2:02:39:a4:7d:f6:e7:38:55:6b:
a5:d4:c1:c0:40:0c:1e:58:4f:aa:c7:1f:50:b7:ed:30:f4:6c:
72:08:83:a1:7e:85:50:60:70:5d:35:ef:b6:7a:3e:84:ee:0c:
64:7b:6c:7a:36:22:b0:e5:c2:ce:0c:4d:a9:c7:20:7b:93:84:
fe:71:92:2f:1d:73:e4:0b:9b:de:22:79:fe:6c:fd:62:6b:5a:
13:b1:2f:24:0f:48:93:45:17:65:2c:02:4f:fd:cf:32:54:49:
f5:d4:79:44:99:6d:81:a7:02:42:20:3c:53:7d:e8:37:fd:85:
ef:83:c1:d2:b6:77:09:4c:ff:f9:4e:0b:05:7a:3a:57:34:2f:
10:54:db:36:a8:5d:d3:5a:38:2e:33:37:6b:57:17:f6:b3:fd:
d6:2f:6f:f0:7a:b3:2b:2b:88:2f:16:43:28:e2:98:2d:13:0d:
83:4f:a6:99:e6:ca:be:9b:49:4a:8c:b0:c8:b2:8a:dd:21:ed:
2c:95:65:30:e8:99:74:ff:fc:41:56:1a:67:68:7d:33:cf:0a:
ce:49:5b:8a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKZG/VyfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTE1OTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMWU5YjU3Nzg2
OWJkY2FiMDA1ZGU1MGIzMjdjNDg3MGQ0NzdmYTE5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmW5UZ2Gyb0OkihDjcclKf8iY+YWxWRdo1xI5XBgB9yfW
Kjn+9sxzp3mLy2wKFELjkTEXChMoNnj+ZoZkYrx6v4mTGoXmRuOBGi4nZm2RabyS
VKkSVM0usmyUBHz7zLK3QwA0vq2eZD1dP5X1qMsn9E9GUtm2cFbmUZ3zeV1sOpiO
pzRk0pxYACaFBksAT4R42G9B123jB6Ih1aPsqhLsISVPaorbYugWM7+FAZhXo5LT
5EEmoTpjqnR6LAXga2YubfnKF7Skvq6rRjKAB2jmmcbQX2KqmCdxjPZGybq+kv0M
soez0P7O1Yh4QhNt6KdWP1Cu+0+Aho96mAXqfMbAKwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFOHptXeGm9yrAF3lCzJ8SHDUd/oZMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzL2Q0MGViNS05ZDIzLTRmYWQt
ODg2Yy0xMzBlOTBmZGViOGMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvZDQwZWI1LTlkMjMtNGZhZC04
ODZjLTEzMGU5MGZkZWI4Yy8xLzRlbTFkNGFiM0tzQVhlVUxNbnhJY05SMy1oay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuVt8MA0EAgACMAcDBQMqBelAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMQrTANBgkqhkiG9w0BAQsFAAOCAQEAfFOWDoTqi+zMFfLeqKvXJNYB48Ln
dbSsabUqgH4v/Q1AltI9+uIKHMurNvOyAjmkffbnOFVrpdTBwEAMHlhPqscfULft
MPRscgiDoX6FUGBwXTXvtno+hO4MZHtsejYisOXCzgxNqccge5OE/nGSLx1z5Aub
3iJ5/mz9YmtaE7EvJA9Ik0UXZSwCT/3PMlRJ9dR5RJltgacCQiA8U33oN/2F74PB
0rZ3CUz/+U4LBXo6VzQvEFTbNqhd01o4LjM3a1cX9rP91i9v8HqzKyuILxZDKOKY
LRMNg0+mmebKvptJSoywyLKK3SHtLJVlMOiZdP/8QVYaZ2h9M88Kzklbig==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:46 2023 by rpki-client on console-ams.rpki-client.org