Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5Q_XPWKesbw3NTlDXylX-kitCfk.cer
File: 5Q_XPWKesbw3NTlDXylX-kitCfk.cer (raw, json)
Hash identifier: +hVIqEttDqWxmPMoj9lVrd41WMGfDiu1tKqnIIqJz80=
Subject key identifier: E5:0F:D7:3D:62:9E:B1:BC:37:35:39:43:5F:29:57:FA:48:AD:09:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7C133B39BF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0c/7c0c6e-8cb6-471c-95ca-d31e7c405450/1/5Q_XPWKesbw3NTlDXylX-kitCfk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0c/7c0c6e-8cb6-471c-95ca-d31e7c405450/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 02:53:02 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 196767
IP: 91.214.48.0/22
IP: 91.237.0.0/22
IP: 176.102.0.0/19
IP: 178.217.200.0/21
IP: 193.238.72.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 532898593215 (0x7c133b39bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:53:02 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=e50fd73d629eb1bc373539435f2957fa48ad09f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ba:4d:85:53:35:e9:48:04:a7:c2:04:0e:3e:
a4:fc:29:85:d1:11:04:73:f7:0f:d6:20:65:ee:a7:
4f:97:79:25:57:4c:e5:6a:da:fb:17:f2:7d:8c:67:
f3:8f:ff:85:2c:dc:e5:cb:bb:9c:b2:5b:c3:c2:7c:
28:fd:6b:fe:88:5b:45:6c:24:31:e7:9f:11:21:ca:
c5:ab:a7:63:d0:bf:b0:d2:6a:6d:f5:7a:3a:e1:35:
86:80:6e:19:17:1e:bb:4f:b7:c3:54:7d:b0:68:de:
b7:14:29:29:d3:23:21:90:04:f0:2b:bf:fc:7f:9b:
5c:ed:1a:13:4f:a9:bb:f2:6e:b5:04:8f:97:43:b4:
3a:c7:76:78:fa:b4:04:51:53:e8:e0:ef:b8:d5:bb:
cc:59:d7:81:9a:22:93:09:60:af:a1:81:de:ff:a6:
09:60:1e:13:e1:76:9e:82:9e:4f:16:fe:ea:50:55:
5f:e1:b7:2c:21:11:65:31:5e:78:00:db:06:3e:42:
ad:4b:51:c5:e1:ae:01:0e:d6:38:7f:3a:ca:62:4a:
46:ae:31:81:ce:3c:25:56:50:58:a9:54:c8:da:56:
31:f3:eb:67:9f:f5:c3:0c:9b:bb:4f:42:e3:54:4e:
71:1b:9e:ed:1c:8a:a7:a3:57:90:17:d5:5c:f2:24:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0F:D7:3D:62:9E:B1:BC:37:35:39:43:5F:29:57:FA:48:AD:09:F9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7c0c6e-8cb6-471c-95ca-d31e7c405450/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7c0c6e-8cb6-471c-95ca-d31e7c405450/1/5Q_XPWKesbw3NTlDXylX-kitCfk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.48.0/22
91.237.0.0/22
176.102.0.0/19
178.217.200.0/21
193.238.72.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
196767
Signature Algorithm: sha256WithRSAEncryption
b2:0c:8e:f9:40:cd:24:40:0b:63:e3:4d:71:c2:f0:7c:48:84:
7e:ba:a1:df:e9:82:1a:08:15:a2:1b:1a:fb:b2:39:f6:af:ba:
07:21:4f:78:71:71:d1:39:89:5e:48:f9:df:0d:52:51:ab:71:
82:74:3c:ae:79:74:ae:9d:b7:e8:7e:73:39:a3:ba:38:c8:2f:
d2:73:ca:c9:c3:5e:40:59:df:fd:e0:c3:27:2d:34:f6:0a:32:
b0:be:73:c6:2e:21:40:c8:1a:63:74:84:51:61:3b:8f:44:87:
a8:38:1d:8d:fd:b9:ac:b1:d8:66:29:61:da:f4:e9:a8:0d:07:
a7:4e:a1:a6:64:74:7d:7a:25:8f:e8:be:d4:6b:70:2d:1a:3b:
57:f6:d1:5a:8e:74:4c:b1:96:79:1e:74:bb:05:9d:6b:20:46:
57:23:8f:6f:6d:7e:ab:c2:57:af:71:65:fc:d1:02:8b:eb:41:
ea:ef:24:de:56:85:c3:fe:cf:99:ba:36:64:16:7a:ed:09:da:
d5:a3:a8:05:54:2f:ba:e2:a7:31:6a:7a:a2:5d:51:2f:a8:a7:
12:a4:5d:c0:36:1d:7a:d0:db:c0:05:8c:dd:a0:0f:c1:af:ba:
55:5f:6c:14:79:28:9f:9c:8c:80:98:e2:ff:33:3c:88:07:fe:
16:1d:bc:af
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIFfBM7Ob8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMjUzMDJaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGU1MGZkNzNkNjI5
ZWIxYmMzNzM1Mzk0MzVmMjk1N2ZhNDhhZDA5ZjkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMuk2FUzXpSASnwgQOPqT8KYXREQRz9w/WIGXup0+XeSVX
TOVq2vsX8n2MZ/OP/4Us3OXLu5yyW8PCfCj9a/6IW0VsJDHnnxEhysWrp2PQv7DS
am31ejrhNYaAbhkXHrtPt8NUfbBo3rcUKSnTIyGQBPArv/x/m1ztGhNPqbvybrUE
j5dDtDrHdnj6tARRU+jg77jVu8xZ14GaIpMJYK+hgd7/pglgHhPhdp6Cnk8W/upQ
VV/htywhEWUxXngA2wY+Qq1LUcXhrgEO1jh/OspiSkauMYHOPCVWUFipVMjaVjHz
62ef9cMMm7tPQuNUTnEbnu0ciqejV5AX1VzyJDZvAgMBAAGjggK4MIICtDAdBgNV
HQ4EFgQU5Q/XPWKesbw3NTlDXylX+kitCfkwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvN2MwYzZlLThjYjYtNDcxYy05
NWNhLWQzMWU3YzQwNTQ1MC8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83YzBjNmUtOGNiNi00NzFjLTk1
Y2EtZDMxZTdjNDA1NDUwLzEvNVFfWFBXS2VzYnczTlRsRFh5bFgta2l0Q2ZrLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQE
AgABMB4DBAJb1jADBAJb7QADBAWwZgADBAOy2cgDBALB7kgwGgYIKwYBBQUHAQgB
Af8ECzAJoAcwBQIDAwCfMA0GCSqGSIb3DQEBCwUAA4IBAQCyDI75QM0kQAtj401x
wvB8SIR+uqHf6YIaCBWiGxr7sjn2r7oHIU94cXHROYleSPnfDVJRq3GCdDyueXSu
nbfofnM5o7o4yC/Sc8rJw15AWd/94MMnLTT2CjKwvnPGLiFAyBpjdIRRYTuPRIeo
OB2N/bmssdhmKWHa9OmoDQenTqGmZHR9eiWP6L7Ua3AtGjtX9tFajnRMsZZ5HnS7
BZ1rIEZXI49vbX6rwlevcWX80QKL60Hq7yTeVoXD/s+ZujZkFnrtCdrVo6gFVC+6
4qcxanqiXVEvqKcSpF3ANh160NvABYzdoA/Br7pVX2wUeSifnIyAmOL/MzyIB/4W
Hbyv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:49 2023 by rpki-client on console-fra.rpki-client.org