Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8vlQCoTyzpDEIUdIrLODXWxW2Ww.cer
File: 8vlQCoTyzpDEIUdIrLODXWxW2Ww.cer (raw, json)
Hash identifier: AXPKDAPap/P4dAfpmrSN3tMAlm67AIUxIywDIsDaBlM=
Subject key identifier: F2:F9:50:0A:84:F2:CE:90:C4:21:47:48:AC:B3:83:5D:6C:56:D9:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9D6C8758E5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/9bbe74-ac98-43ac-b18f-625406c2fb0e/1/8vlQCoTyzpDEIUdIrLODXWxW2Ww.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/9bbe74-ac98-43ac-b18f-625406c2fb0e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 04:03:11 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 44188
IP: 185.165.4.0/22
IP: 2a0b:bc00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676130674917 (0x9d6c8758e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2f9500a84f2ce90c4214748acb3835d6c56d96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:97:b9:ac:c9:b1:26:b4:d9:de:bb:9e:09:2f:
47:80:6d:a6:2d:94:a2:8b:ee:06:dd:c4:ff:e3:93:
a7:36:57:91:33:15:60:3d:3a:d4:f4:59:26:41:74:
61:38:4d:2f:10:a4:51:3b:dc:78:00:e6:20:df:28:
31:42:d6:56:45:88:3d:dc:99:c6:05:d3:3e:e3:9e:
24:a6:22:8b:28:b7:c6:e3:76:35:01:44:d9:a0:67:
97:be:71:0b:98:f0:57:49:79:9d:6d:44:0b:05:e6:
24:64:fe:58:60:b9:8b:6c:05:3f:26:28:fd:d7:67:
58:77:c1:ff:b8:13:be:f3:83:da:46:38:20:56:8c:
17:5b:7f:72:94:26:b9:0d:23:9e:bc:20:f5:db:fa:
0f:03:05:6c:5c:6c:08:ef:ca:6c:32:55:68:82:b2:
60:51:09:d0:5d:6b:2c:4f:6a:d1:cb:84:c4:34:33:
2a:65:8f:0f:e6:ca:6e:00:f1:14:d1:e8:6a:d5:b4:
fd:b3:b2:ba:45:7f:c4:0f:28:c8:af:a1:ed:04:14:
bd:f2:15:b8:41:c5:0c:d1:42:99:32:55:a2:6a:7b:
de:1c:02:04:ea:21:7d:d1:d2:95:24:2b:4c:5a:c5:
2f:9b:0b:e5:7e:f8:f4:65:8d:45:67:10:d4:0e:cc:
f7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F9:50:0A:84:F2:CE:90:C4:21:47:48:AC:B3:83:5D:6C:56:D9:6C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9bbe74-ac98-43ac-b18f-625406c2fb0e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9bbe74-ac98-43ac-b18f-625406c2fb0e/1/8vlQCoTyzpDEIUdIrLODXWxW2Ww.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.4.0/22
IPv6:
2a0b:bc00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44188
Signature Algorithm: sha256WithRSAEncryption
b0:9a:a0:70:7f:3b:fa:c1:90:af:ca:48:17:02:56:2b:eb:1b:
42:50:af:67:5b:4c:fe:be:3a:b3:a7:3c:d9:b1:2f:7d:9f:ee:
34:a1:2d:de:d3:ec:55:00:fa:46:46:c7:e8:89:ba:b7:6b:97:
41:ce:80:e6:f8:b3:bf:93:be:bd:46:68:b7:9f:60:0c:2d:9d:
94:2d:be:2c:b5:20:45:60:86:08:6a:6f:68:2b:21:0c:38:b5:
4c:a7:d5:9d:80:1b:0b:15:38:e4:91:96:9f:7d:7f:3f:55:48:
ff:cb:18:1f:ab:50:de:92:d6:b1:06:14:73:49:b6:c3:1e:92:
dc:40:ec:30:00:77:dc:52:a9:bf:fc:8c:ac:9f:7d:a9:2e:5a:
1b:74:0d:fa:1f:0f:03:32:23:82:be:85:a9:59:c6:da:7e:35:
e8:fc:9b:ee:a0:b5:a1:9d:a4:b5:7b:c2:74:07:5b:1b:2b:e4:
6c:52:44:02:4c:b8:fd:c7:3e:26:6b:1f:e5:ee:91:77:74:ef:
aa:ce:d3:2a:e6:f4:5b:c9:b5:fe:50:67:cd:93:51:a3:33:4f:
a0:18:1e:72:2c:55:ac:8f:4c:57:df:7e:30:25:b0:69:ff:52:
36:81:a6:59:57:fc:2c:25:5e:53:65:51:b7:e8:b3:92:0c:07:
3f:e2:2e:bd
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJ1sh1jlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQwMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMmY5NTAwYTg0
ZjJjZTkwYzQyMTQ3NDhhY2IzODM1ZDZjNTZkOTZjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtZe5rMmxJrTZ3rueCS9HgG2mLZSii+4G3cT/45OnNleR
MxVgPTrU9FkmQXRhOE0vEKRRO9x4AOYg3ygxQtZWRYg93JnGBdM+454kpiKLKLfG
43Y1AUTZoGeXvnELmPBXSXmdbUQLBeYkZP5YYLmLbAU/Jij912dYd8H/uBO+84Pa
RjggVowXW39ylCa5DSOevCD12/oPAwVsXGwI78psMlVogrJgUQnQXWssT2rRy4TE
NDMqZY8P5spuAPEU0ehq1bT9s7K6RX/EDyjIr6HtBBS98hW4QcUM0UKZMlWianve
HAIE6iF90dKVJCtMWsUvmwvlfvj0ZY1FZxDUDsz3BwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFPL5UAqE8s6QxCFHSKyzg11sVtlsMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzliYmU3NC1hYzk4LTQzYWMt
YjE4Zi02MjU0MDZjMmZiMGUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvOWJiZTc0LWFjOTgtNDNhYy1i
MThmLTYyNTQwNmMyZmIwZS8xLzh2bFFDb1R5enBERUlVZElyTE9EWFd4VzJXdy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuaUEMA0EAgACMAcDBQMqC7wAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCsnDANBgkqhkiG9w0BAQsFAAOCAQEAsJqgcH87+sGQr8pIFwJWK+sbQlCv
Z1tM/r46s6c82bEvfZ/uNKEt3tPsVQD6RkbH6Im6t2uXQc6A5vizv5O+vUZot59g
DC2dlC2+LLUgRWCGCGpvaCshDDi1TKfVnYAbCxU45JGWn31/P1VI/8sYH6tQ3pLW
sQYUc0m2wx6S3EDsMAB33FKpv/yMrJ99qS5aG3QN+h8PAzIjgr6FqVnG2n416Pyb
7qC1oZ2ktXvCdAdbGyvkbFJEAky4/cc+Jmsf5e6Rd3Tvqs7TKub0W8m1/lBnzZNR
ozNPoBgecixVrI9MV99+MCWwaf9SNoGmWVf8LCVeU2VRt+izkgwHP+IuvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:23 2023 by rpki-client on console-fra.rpki-client.org