Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4jrIC6uhHbovuL8QOD9XYe2RWgo.cer
File: 4jrIC6uhHbovuL8QOD9XYe2RWgo.cer (raw, json)
Hash identifier: jWCsLUfG1WdzLuabaL4dxOgDVuCrpT3fWB6uUsgecwY=
Subject key identifier: E2:3A:C8:0B:AB:A1:1D:BA:2F:B8:BF:10:38:3F:57:61:ED:91:5A:0A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A631F1276C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/29/67da32-8c4e-4fa0-a6e2-e73c8f618dc2/1/4jrIC6uhHbovuL8QOD9XYe2RWgo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/29/67da32-8c4e-4fa0-a6e2-e73c8f618dc2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:58:55 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 200717
IP: 185.97.24.0/22
IP: 2a06:400::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 713802458988 (0xa631f1276c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:58:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e23ac80baba11dba2fb8bf10383f5761ed915a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a9:d4:7f:ae:96:69:83:df:b5:11:5a:3a:57:
8e:4a:0f:89:5a:24:69:3d:37:d1:7f:fe:d4:90:b4:
b5:ca:91:93:5f:e8:52:49:0e:40:02:23:42:4c:7f:
53:21:96:d8:f5:39:e7:76:6a:44:9b:bd:2c:63:73:
ec:82:b3:c5:1e:31:73:13:13:a9:84:e9:13:04:a1:
a0:d8:d7:e5:50:3c:b3:fc:5a:aa:d8:64:ff:af:0f:
96:ab:dc:1e:c2:6f:3e:b9:fa:fe:40:3f:d8:4f:88:
15:d8:81:24:1d:8b:61:0e:10:b9:64:42:e1:6f:53:
45:21:81:33:0b:5d:52:65:b1:b9:f4:5d:f2:1f:4d:
e5:4b:f8:20:3c:54:83:cf:db:8e:68:f5:64:4a:b1:
1b:11:c9:16:87:85:67:08:46:e7:20:0d:f2:0c:c4:
be:c5:bf:35:1f:c5:10:56:a8:9e:9b:90:4f:1d:64:
d3:4f:02:f2:33:c4:1e:71:f6:ae:e5:e5:0e:81:9d:
17:e6:24:3b:49:94:a7:7d:b3:ad:77:97:43:ce:47:
27:69:14:7a:f2:ae:70:fb:ee:57:ac:f7:77:50:72:
2e:6e:c1:16:b2:19:aa:9f:57:7e:65:d2:02:26:92:
0e:c5:49:e8:79:4f:b5:5a:38:fb:ab:e7:2d:16:78:
3b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3A:C8:0B:AB:A1:1D:BA:2F:B8:BF:10:38:3F:57:61:ED:91:5A:0A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/67da32-8c4e-4fa0-a6e2-e73c8f618dc2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/67da32-8c4e-4fa0-a6e2-e73c8f618dc2/1/4jrIC6uhHbovuL8QOD9XYe2RWgo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.24.0/22
IPv6:
2a06:400::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200717
Signature Algorithm: sha256WithRSAEncryption
68:4c:d7:79:46:12:a6:f3:01:b3:ad:51:4f:8c:a1:43:96:f6:
db:03:81:54:aa:38:7b:4e:2f:b8:2b:de:4b:ea:85:9b:84:5c:
3e:4f:c6:90:3e:4c:98:80:9f:73:45:a8:53:82:11:fe:ef:4f:
83:a0:62:b9:60:5c:08:a8:71:24:f1:13:20:05:bd:5b:f3:e9:
9b:5f:e3:da:56:8e:44:39:f5:8b:02:49:b2:ea:eb:e7:5d:c5:
f4:8b:3b:e5:5a:ff:1a:41:cf:66:d4:b5:e0:b6:20:85:8e:8e:
a3:5b:1a:cb:3b:5d:12:61:c0:32:f4:2e:69:fd:ab:31:6c:d3:
29:48:21:34:52:4c:6e:2f:19:f2:63:40:e5:c6:af:6d:a9:df:
0c:69:02:f6:14:ab:e3:5a:10:a7:ff:ea:a7:e7:3e:a8:6d:be:
d3:0c:1b:c4:dc:43:c7:07:40:3b:53:ff:74:50:5b:44:c8:70:
34:f5:8c:29:89:cc:dc:d6:51:f5:b6:b4:30:e6:dc:2b:ae:c3:
55:e8:d3:74:e3:34:7d:d8:9e:a9:8d:a5:63:6e:06:b4:67:86:
ee:c7:cd:c9:44:6a:7a:99:fb:a7:5b:86:46:a1:55:9d:2a:80:
8e:7a:77:ce:12:0b:a7:aa:5b:37:10:32:0a:30:da:27:cd:87:
fe:e1:65:06
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKYx8SdsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTE1ODU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlMjNhYzgwYmFi
YTExZGJhMmZiOGJmMTAzODNmNTc2MWVkOTE1YTBhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAj6nUf66WaYPftRFaOleOSg+JWiRpPTfRf/7UkLS1ypGT
X+hSSQ5AAiNCTH9TIZbY9TnndmpEm70sY3PsgrPFHjFzExOphOkTBKGg2NflUDyz
/Fqq2GT/rw+Wq9wewm8+ufr+QD/YT4gV2IEkHYthDhC5ZELhb1NFIYEzC11SZbG5
9F3yH03lS/ggPFSDz9uOaPVkSrEbEckWh4VnCEbnIA3yDMS+xb81H8UQVqiem5BP
HWTTTwLyM8Qecfau5eUOgZ0X5iQ7SZSnfbOtd5dDzkcnaRR68q5w++5XrPd3UHIu
bsEWshmqn1d+ZdICJpIOxUnoeU+1Wjj7q+ctFng7eQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFOI6yAuroR26L7i/EDg/V2HtkVoKMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5LzY3ZGEzMi04YzRlLTRmYTAt
YTZlMi1lNzNjOGY2MThkYzIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvNjdkYTMyLThjNGUtNGZhMC1h
NmUyLWU3M2M4ZjYxOGRjMi8xLzRqcklDNnVoSGJvdnVMOFFPRDlYWWUyUldnby5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuWEYMA0EAgACMAcDBQMqBgQAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMQDTANBgkqhkiG9w0BAQsFAAOCAQEAaEzXeUYSpvMBs61RT4yhQ5b22wOB
VKo4e04vuCveS+qFm4RcPk/GkD5MmICfc0WoU4IR/u9Pg6BiuWBcCKhxJPETIAW9
W/Ppm1/j2laORDn1iwJJsurr513F9Is75Vr/GkHPZtS14LYghY6Oo1sayztdEmHA
MvQuaf2rMWzTKUghNFJMbi8Z8mNA5cavbanfDGkC9hSr41oQp//qp+c+qG2+0wwb
xNxDxwdAO1P/dFBbRMhwNPWMKYnM3NZR9ba0MObcK67DVejTdOM0fdieqY2lY24G
tGeG7sfNyURqepn7p1uGRqFVnSqAjnp3zhILp6pbNxAyCjDaJ82H/uFlBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:49 2023 by rpki-client on console-ams.rpki-client.org