Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9khjTIG2opbAWcZHmWAXhn1arMY.cer
File: 9khjTIG2opbAWcZHmWAXhn1arMY.cer (raw, json)
Hash identifier: Fcy/+7YXvPMsGfff+P86QpynWiq7Pk45rxiaLbJHF28=
Subject key identifier: F6:48:63:4C:81:B6:A2:96:C0:59:C6:47:99:60:17:86:7D:5A:AC:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7D897EB77E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f7/a64a6e-7497-4356-bac8-ae600ac962b0/1/9khjTIG2opbAWcZHmWAXhn1arMY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f7/a64a6e-7497-4356-bac8-ae600ac962b0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 03:29:38 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 152.89.204.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 539177695102 (0x7d897eb77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:29:38 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=f648634c81b6a296c059c647996017867d5aacc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:36:77:f8:49:2a:64:03:80:f5:70:7b:57:2c:
15:08:e0:cd:25:b1:0c:21:36:17:c3:26:cf:fa:13:
06:4f:e9:c6:2b:72:48:fa:ca:85:17:ab:ae:29:61:
05:69:20:30:3d:88:2f:28:d1:0c:66:44:36:c1:48:
4a:40:b6:31:c0:41:64:85:3b:e2:06:df:82:2b:7c:
04:38:be:fa:ec:e2:3b:ba:6e:78:49:dc:76:3f:a9:
6f:66:26:b1:d5:9f:75:73:6d:27:3a:cb:c2:61:fd:
fd:21:0f:af:b7:3c:d9:91:30:46:24:14:21:ec:71:
ae:36:db:0c:c2:04:20:30:46:b6:6b:22:31:79:cd:
51:f5:fe:cc:85:58:99:fd:ac:df:8b:0b:76:90:2a:
e7:b2:7d:b0:05:82:e7:ed:64:2f:dd:86:7f:65:6a:
14:f2:43:75:c4:5e:08:15:1f:bf:9e:b0:4a:4d:4e:
c7:38:c2:20:18:f1:e5:df:06:ed:e8:b8:3f:9d:3f:
19:d1:d0:58:08:5b:dc:5b:98:42:8f:c5:74:1c:ff:
67:75:8d:f2:3e:a3:b4:4b:21:8d:48:e7:ef:61:70:
c0:08:a6:f8:4a:d9:6e:22:b7:54:d0:e4:8d:e7:1c:
29:28:4d:23:9a:7e:67:0e:54:cc:fe:7b:f5:50:d5:
1b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:48:63:4C:81:B6:A2:96:C0:59:C6:47:99:60:17:86:7D:5A:AC:C6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a64a6e-7497-4356-bac8-ae600ac962b0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a64a6e-7497-4356-bac8-ae600ac962b0/1/9khjTIG2opbAWcZHmWAXhn1arMY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.204.0/22
Signature Algorithm: sha256WithRSAEncryption
59:29:63:e3:09:94:60:38:f3:2f:0e:83:43:1b:67:6c:b1:f3:
ab:b0:e5:fe:9c:7c:f6:63:5b:0d:14:a5:6d:86:ef:18:65:78:
42:ae:43:fe:f7:34:2b:fa:f3:12:6e:78:ad:b5:b1:51:ce:0e:
fe:a6:30:7b:64:63:6f:ac:8f:fa:3b:82:f8:77:83:7a:55:2c:
f3:65:99:f7:34:d5:a3:52:73:6b:b0:b5:77:21:c5:f5:65:8e:
35:17:4d:87:fd:bd:49:ef:3c:58:4f:86:a3:f6:fe:44:85:a3:
79:2b:3b:39:f6:2f:49:ad:8d:5d:53:7a:93:7b:41:42:bf:6e:
6c:65:30:95:80:7e:d7:ff:93:0c:ec:95:cd:bf:e7:bd:39:33:
2d:5e:7a:58:d4:8c:fa:bc:c2:cf:82:a2:46:40:11:ef:8c:50:
ad:69:52:ba:47:bf:a3:70:72:78:53:a8:22:ed:2a:af:d8:b7:
19:2d:d2:d7:e2:3c:66:26:16:79:14:a2:97:b5:cd:16:47:c1:
14:af:8e:36:9c:fc:1b:3d:96:e4:2e:70:0a:fd:99:68:a7:8a:
73:a8:d8:d5:1c:07:07:a5:2d:a7:55:6a:0f:5a:45:9e:88:3a:
a3:4d:f1:3c:b4:3f:c2:4f:45:c6:ed:c2:4b:2d:bc:32:34:93:
64:46:3c:b4
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIFfYl+t34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMzI5MzhaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGY2NDg2MzRjODFi
NmEyOTZjMDU5YzY0Nzk5NjAxNzg2N2Q1YWFjYzYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUNnf4SSpkA4D1cHtXLBUI4M0lsQwhNhfDJs/6EwZP6cYr
ckj6yoUXq64pYQVpIDA9iC8o0QxmRDbBSEpAtjHAQWSFO+IG34IrfAQ4vvrs4ju6
bnhJ3HY/qW9mJrHVn3VzbSc6y8Jh/f0hD6+3PNmRMEYkFCHsca422wzCBCAwRrZr
IjF5zVH1/syFWJn9rN+LC3aQKueyfbAFguftZC/dhn9lahTyQ3XEXggVH7+esEpN
Tsc4wiAY8eXfBu3ouD+dPxnR0FgIW9xbmEKPxXQc/2d1jfI+o7RLIY1I5+9hcMAI
pvhK2W4it1TQ5I3nHCkoTSOafmcOVMz+e/VQ1Rs5AgMBAAGjggKEMIICgDAdBgNV
HQ4EFgQU9khjTIG2opbAWcZHmWAXhn1arMYwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcvYTY0YTZlLTc0OTctNDM1Ni1i
YWM4LWFlNjAwYWM5NjJiMC8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNjRhNmUtNzQ5Ny00MzU2LWJh
YzgtYWU2MDBhYzk2MmIwLzEvOWtoalRJRzJvcGJBV2NaSG1XQVhobjFhck1ZLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAKYWcwwDQYJKoZIhvcNAQELBQADggEBAFkpY+MJlGA48y8Og0MbZ2yx
86uw5f6cfPZjWw0UpW2G7xhleEKuQ/73NCv68xJueK21sVHODv6mMHtkY2+sj/o7
gvh3g3pVLPNlmfc01aNSc2uwtXchxfVljjUXTYf9vUnvPFhPhqP2/kSFo3krOzn2
L0mtjV1TepN7QUK/bmxlMJWAftf/kwzslc2/5705My1eeljUjPq8ws+CokZAEe+M
UK1pUrpHv6NwcnhTqCLtKq/Ytxkt0tfiPGYmFnkUope1zRZHwRSvjjac/Bs9luQu
cAr9mWininOo2NUcBwelLadVag9aRZ6IOqNN8Ty0P8JPRcbtwkstvDI0k2RGPLQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:57 2023 by rpki-client on console-ams.rpki-client.org