Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AG3SbsOJ2nlpzLnxav2FCS-qGKo.cer
File: AG3SbsOJ2nlpzLnxav2FCS-qGKo.cer (raw, json)
Hash identifier: 7g9y+zr4CbV8AGlcuM8rP/jdYfEf5P/IGiCB3TLO4t8=
Subject key identifier: 00:6D:D2:6E:C3:89:DA:79:69:CC:B9:F1:6A:FD:85:09:2F:AA:18:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 77A659D7B0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1a/225d6d-ec01-4e25-83de-6fa4e6e51054/1/AG3SbsOJ2nlpzLnxav2FCS-qGKo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1a/225d6d-ec01-4e25-83de-6fa4e6e51054/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Jan 2021 00:55:53 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: AS: 29590
IP: 141.255.176.0/21
IP: 185.96.4.0/22
IP: 2a01:9280::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 513892014000 (0x77a659d7b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:55:53 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=006dd26ec389da7969ccb9f16afd85092faa18aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cd:15:81:2e:e9:6b:53:ff:6e:ec:87:6f:e6:
f1:06:5e:59:82:e7:de:a8:ff:85:15:fb:6e:21:1d:
2c:99:62:5a:1c:01:9f:da:0b:bd:57:47:f0:5a:c8:
5f:f5:1d:d1:fb:6c:8e:63:ef:f3:53:90:eb:4b:e8:
a0:ec:90:8d:c7:da:c9:45:ad:ce:4f:37:66:b5:ec:
cc:0c:a8:8d:9d:16:9e:3e:ad:ed:84:06:97:2d:c1:
fe:ff:a8:6a:c6:74:1b:10:00:9b:46:67:d8:00:ad:
f5:9e:7f:1b:8d:16:f3:13:ca:9e:93:5c:52:22:69:
83:2f:aa:2b:71:d4:74:93:a4:d6:e1:20:5b:9a:5c:
f7:24:ad:7b:e4:ec:b4:38:3c:e1:4c:6a:06:b9:6b:
f3:3f:49:44:f1:15:79:7a:02:47:44:41:02:1f:bd:
c6:3f:88:9d:82:7e:01:50:ff:f7:c3:c0:36:d0:1d:
83:76:15:e1:25:0e:ae:06:74:03:a0:c8:87:5f:41:
25:b3:15:08:b3:32:48:99:d9:e2:c3:60:77:cf:9f:
30:a2:20:e9:c2:63:4a:37:6c:8c:35:eb:af:e0:02:
50:e4:33:0d:24:8a:7c:51:b6:2b:62:83:ae:be:36:
30:2d:fc:0c:0c:12:4e:67:b4:ce:b8:96:2d:c0:29:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6D:D2:6E:C3:89:DA:79:69:CC:B9:F1:6A:FD:85:09:2F:AA:18:AA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/225d6d-ec01-4e25-83de-6fa4e6e51054/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/225d6d-ec01-4e25-83de-6fa4e6e51054/1/AG3SbsOJ2nlpzLnxav2FCS-qGKo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.255.176.0/21
185.96.4.0/22
IPv6:
2a01:9280::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29590
Signature Algorithm: sha256WithRSAEncryption
9c:44:43:35:85:b2:80:5a:9e:8d:bc:c7:f6:0c:98:56:2f:7f:
5c:a0:03:70:a1:9e:08:92:6e:68:63:5a:47:74:fe:a0:ff:81:
9f:3b:39:29:77:ad:af:58:06:15:94:8f:83:bb:fa:3c:8c:53:
dc:ee:81:71:0a:98:dd:6b:3d:77:19:cf:12:52:10:d9:8e:a7:
8e:cc:d5:72:b9:19:1f:f9:de:25:e3:99:a0:97:03:3b:09:f6:
ec:9e:0d:7d:ee:c4:1c:c9:f7:66:61:d6:f9:42:98:bc:5c:56:
86:9b:6c:9b:bd:a6:37:56:75:7e:36:46:eb:93:a9:26:c6:4d:
c2:81:a5:16:48:6c:49:d9:0b:25:97:49:04:ad:44:b3:6c:9c:
bc:77:b7:66:10:14:63:b0:93:66:14:2c:2f:28:5c:0c:44:3a:
cd:7d:16:c4:2e:f5:7a:07:2d:ae:a3:d4:0a:9b:61:03:df:c3:
e2:94:87:c1:35:1e:55:44:0c:88:41:07:4e:a1:27:3c:df:8c:
f1:ff:01:a4:c5:da:3f:33:b4:a1:ff:12:56:c7:68:cd:27:e6:
2a:9c:96:71:64:70:be:67:36:2c:da:68:0f:85:3f:4c:c7:bc:
4c:0f:85:29:6c:b8:58:49:ff:00:73:ac:d4:ee:ee:ac:63:66:
b9:e0:15:6c
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIFd6ZZ17AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDU1NTNaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAwNmRkMjZlYzM4
OWRhNzk2OWNjYjlmMTZhZmQ4NTA5MmZhYTE4YWEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCNzRWBLulrU/9u7Idv5vEGXlmC596o/4UV+24hHSyZYloc
AZ/aC71XR/BayF/1HdH7bI5j7/NTkOtL6KDskI3H2slFrc5PN2a17MwMqI2dFp4+
re2EBpctwf7/qGrGdBsQAJtGZ9gArfWefxuNFvMTyp6TXFIiaYMvqitx1HSTpNbh
IFuaXPckrXvk7LQ4POFMaga5a/M/SUTxFXl6AkdEQQIfvcY/iJ2CfgFQ//fDwDbQ
HYN2FeElDq4GdAOgyIdfQSWzFQizMkiZ2eLDYHfPnzCiIOnCY0o3bIw166/gAlDk
Mw0kinxRtitig66+NjAt/AwMEk5ntM64li3AKXBDAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUAG3SbsOJ2nlpzLnxav2FCS+qGKowHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCC
ASMGCCsGAQUFBwELBIIBFTCCAREwXQYIKwYBBQUHMAWGUXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEvMjI1ZDZkLWVjMDEtNGUyNS04
M2RlLTZmYTRlNmU1MTA1NC8xLzB8BggrBgEFBQcwCoZwcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yMjVkNmQtZWMwMS00ZTI1LTgz
ZGUtNmZhNGU2ZTUxMDU0LzEvQUczU2JzT0oybmxwekxueGF2MkZDUy1xR0tvLm1m
dDAyBggrBgEFBQcwDYYmaHR0cHM6Ly9ycmRwLnJpcGUubmV0L25vdGlmaWNhdGlv
bi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3Jl
cG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIE
AgABMAwDBAON/7ADBAK5YAQwDQQCAAIwBwMFACoBkoAwGQYIKwYBBQUHAQgBAf8E
CjAIoAYwBAICc5YwDQYJKoZIhvcNAQELBQADggEBAJxEQzWFsoBano28x/YMmFYv
f1ygA3ChngiSbmhjWkd0/qD/gZ87OSl3ra9YBhWUj4O7+jyMU9zugXEKmN1rPXcZ
zxJSENmOp47M1XK5GR/53iXjmaCXAzsJ9uyeDX3uxBzJ92Zh1vlCmLxcVoabbJu9
pjdWdX42RuuTqSbGTcKBpRZIbEnZCyWXSQStRLNsnLx3t2YQFGOwk2YULC8oXAxE
Os19FsQu9XoHLa6j1AqbYQPfw+KUh8E1HlVEDIhBB06hJzzfjPH/AaTF2j8ztKH/
ElbHaM0n5iqclnFkcL5nNizaaA+FP0zHvEwPhSlsuFhJ/wBzrNTu7qxjZrngFWw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:11 2023 by rpki-client on console-fra.rpki-client.org