Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8OkZ32Xf4fhxffWA3R6J1E1TTDU.cer
File: 8OkZ32Xf4fhxffWA3R6J1E1TTDU.cer (raw, json)
Hash identifier: q/DgrdpPs+KVw/OpuBJaiXGjnRzteH1UjR61VpL9CSs=
Subject key identifier: F0:E9:19:DF:65:DF:E1:F8:71:7D:F5:80:DD:1E:89:D4:4D:53:4C:35
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 787598D554
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/93/576e4b-e3ec-4982-8b53-520d3828fe0f/1/8OkZ32Xf4fhxffWA3R6J1E1TTDU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/93/576e4b-e3ec-4982-8b53-520d3828fe0f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 01:32:20 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 209289
IP: 92.118.92.0/22
IP: 2a09:aac0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 517369025876 (0x787598d554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:32:20 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=f0e919df65dfe1f8717df580dd1e89d44d534c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:36:6a:f5:3d:7d:1a:5d:03:f5:01:5e:6c:a1:
68:45:07:2a:4f:3e:14:89:7d:c6:1c:b9:c6:dc:63:
0d:4a:a4:63:1e:21:c5:4e:a7:28:9c:f3:d8:3a:d6:
ef:eb:c0:88:05:3e:09:64:7e:cc:30:06:2f:69:47:
a5:5c:fc:63:15:31:50:89:a0:c7:51:82:84:85:e0:
07:74:8c:d2:19:56:d3:f0:43:7a:90:86:97:6d:97:
9f:b6:2b:f7:7f:3b:54:88:dc:e8:d9:04:0f:7a:34:
56:3f:28:ed:a5:d0:25:cc:1d:0c:83:a5:1d:c3:1c:
dd:16:cd:8c:66:55:3f:76:ce:fb:e2:06:2d:30:ff:
8c:67:a2:a0:0a:a0:28:9d:88:19:5d:97:d5:3b:3f:
63:b5:1d:88:39:0c:0d:da:07:75:79:b4:93:ba:38:
ba:5d:4e:b1:76:b6:a5:d4:f8:47:0c:64:5f:b6:4a:
7d:1f:77:6b:bc:38:a6:02:b6:29:ad:22:4b:92:e7:
5f:db:a4:ee:b4:ac:cc:91:00:d9:90:6d:8e:c0:a1:
5f:f5:e7:46:47:f8:ca:1d:02:a4:e4:94:b5:11:01:
88:9b:07:e2:c6:22:d7:27:22:16:6f:65:6a:95:cf:
b4:2f:ba:64:82:dc:c8:a1:99:04:e0:92:32:ed:68:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E9:19:DF:65:DF:E1:F8:71:7D:F5:80:DD:1E:89:D4:4D:53:4C:35
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/576e4b-e3ec-4982-8b53-520d3828fe0f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/576e4b-e3ec-4982-8b53-520d3828fe0f/1/8OkZ32Xf4fhxffWA3R6J1E1TTDU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.92.0/22
IPv6:
2a09:aac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209289
Signature Algorithm: sha256WithRSAEncryption
26:66:c9:23:58:8b:0b:89:c0:d5:37:6c:dd:e9:f9:3a:ca:00:
de:84:87:5f:5b:7e:c4:85:21:12:7a:b0:00:33:b2:01:44:f0:
90:f6:e1:58:e6:c0:27:5d:6a:9a:cc:d7:78:d4:f6:d8:12:50:
ee:53:a6:f9:34:5e:19:d9:7e:4c:14:63:8e:aa:91:b1:35:8f:
d5:1c:f3:57:79:7b:cd:90:a3:8a:86:23:f2:97:cb:7d:52:cc:
79:04:dc:e4:38:62:6a:32:76:9d:30:db:eb:46:6a:06:df:0a:
bc:3d:a0:a4:cd:7d:23:72:9b:7e:61:26:71:3e:0a:7f:ff:02:
95:fa:73:bb:dd:f1:c1:0f:91:ee:32:fb:52:67:08:aa:38:10:
96:92:cc:75:3c:3f:47:ac:2f:ae:29:80:c7:b2:32:60:1f:f5:
4b:67:63:8e:dd:73:3e:e8:c8:7b:78:26:2e:de:cf:61:6d:63:
fe:6a:5b:46:60:26:cb:1b:85:87:48:61:78:84:c0:51:05:ec:
8a:79:c2:eb:3c:9a:96:dd:04:4d:4a:60:f8:a3:80:1a:8d:ca:
e9:f9:d3:5f:cd:ce:2a:06:20:46:0d:e8:98:93:c2:e8:76:54:
6d:11:d5:15:68:2e:cf:3d:e3:7f:b4:d5:0e:7f:fb:07:73:d4:
68:36:ee:bc
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIFeHWY1VQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMTMyMjBaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGYwZTkxOWRmNjVk
ZmUxZjg3MTdkZjU4MGRkMWU4OWQ0NGQ1MzRjMzUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeNmr1PX0aXQP1AV5soWhFBypPPhSJfcYcucbcYw1KpGMe
IcVOpyic89g61u/rwIgFPglkfswwBi9pR6Vc/GMVMVCJoMdRgoSF4Ad0jNIZVtPw
Q3qQhpdtl5+2K/d/O1SI3OjZBA96NFY/KO2l0CXMHQyDpR3DHN0WzYxmVT92zvvi
Bi0w/4xnoqAKoCidiBldl9U7P2O1HYg5DA3aB3V5tJO6OLpdTrF2tqXU+EcMZF+2
Sn0fd2u8OKYCtimtIkuS51/bpO60rMyRANmQbY7AoV/150ZH+ModAqTklLURAYib
B+LGItcnIhZvZWqVz7QvumSC3MihmQTgkjLtaPq5AgMBAAGjggKvMIICqzAdBgNV
HQ4EFgQU8OkZ32Xf4fhxffWA3R6J1E1TTDUwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMvNTc2ZTRiLWUzZWMtNDk4Mi04
YjUzLTUyMGQzODI4ZmUwZi8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81NzZlNGItZTNlYy00OTgyLThi
NTMtNTIwZDM4MjhmZTBmLzEvOE9rWjMyWGY0Zmh4ZmZXQTNSNkoxRTFUVERVLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwE
AgABMAYDBAJcdlwwDQQCAAIwBwMFAyoJqsAwGgYIKwYBBQUHAQgBAf8ECzAJoAcw
BQIDAzGJMA0GCSqGSIb3DQEBCwUAA4IBAQAmZskjWIsLicDVN2zd6fk6ygDehIdf
W37EhSESerAAM7IBRPCQ9uFY5sAnXWqazNd41PbYElDuU6b5NF4Z2X5MFGOOqpGx
NY/VHPNXeXvNkKOKhiPyl8t9Usx5BNzkOGJqMnadMNvrRmoG3wq8PaCkzX0jcpt+
YSZxPgp//wKV+nO73fHBD5HuMvtSZwiqOBCWksx1PD9HrC+uKYDHsjJgH/VLZ2OO
3XM+6Mh7eCYu3s9hbWP+altGYCbLG4WHSGF4hMBRBeyKecLrPJqW3QRNSmD4o4Aa
jcrp+dNfzc4qBiBGDeiYk8LodlRtEdUVaC7PPeN/tNUOf/sHc9RoNu68
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:45 2023 by rpki-client on console-ams.rpki-client.org