Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.cer
File: AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.cer (raw, json)
Hash identifier: gxWYVhDHMgZSMIRnQ9/WhNJ1RyBgQCeX7eAijCRCFQM=
Subject key identifier: 00:E2:D3:C0:80:07:75:93:94:70:6A:F7:4C:61:D2:B0:C2:76:62:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AA8162F491
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 15:56:14 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 7007
IP: 204.152.98.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 732315186321 (0xaa8162f491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00e2d3c08007759394706af74c61d2b0c27662c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:63:89:0f:02:91:66:02:9a:a6:cb:e3:a4:11:
12:c2:d6:54:b4:a1:42:bf:08:fe:96:27:27:9b:c6:
b2:b7:17:fd:40:6e:f4:1e:b2:d1:d4:30:42:3f:65:
ec:7d:48:d2:c9:64:1b:be:a2:55:56:64:59:74:99:
12:d4:bf:60:0e:2b:c3:ff:41:78:fb:a9:ca:71:90:
0d:b0:94:05:4f:87:45:52:71:38:de:c5:6e:a7:ef:
08:7f:97:ea:71:e3:4a:89:7c:4f:96:19:b7:34:5b:
48:d6:41:cf:fd:57:58:6e:86:f0:88:28:dc:49:e7:
c6:56:5a:c1:fe:44:a3:b5:cd:7b:8b:7f:5b:cf:f2:
6d:76:c1:fb:fb:a6:bb:28:bf:1a:64:8c:bd:24:9f:
ca:4f:1a:d3:4d:fb:b9:f4:6f:7f:6d:ba:8a:22:d1:
99:26:3e:c7:9d:a0:be:00:36:ab:4e:da:3b:2f:15:
44:e3:1a:10:12:3b:ff:8c:bd:31:ed:f5:e0:23:93:
64:cb:20:6a:ac:68:05:b4:20:2f:bc:4b:95:a4:69:
fd:99:40:4c:bc:36:cf:5a:08:be:00:8a:05:f4:1e:
a9:a2:ed:46:74:b9:92:a1:8f:8b:64:16:1f:02:40:
6e:0a:ff:c6:0a:38:1b:ff:93:52:3c:1e:6e:45:d0:
b1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E2:D3:C0:80:07:75:93:94:70:6A:F7:4C:61:D2:B0:C2:76:62:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/397e09-113b-4708-aa8b-4396af7d7709/1/AOLTwIAHdZOUcGr3TGHSsMJ2Ysc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.152.98.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7007
Signature Algorithm: sha256WithRSAEncryption
4a:c4:97:54:c0:c7:b9:e2:af:d9:ee:fc:bb:81:c3:64:17:6b:
34:8b:a0:cb:d6:fb:85:bb:42:f6:a7:c2:4d:6a:ed:ed:ed:46:
39:3e:44:1b:50:48:3e:90:2d:7c:70:31:ee:09:23:41:98:fb:
38:35:ec:f8:ff:67:97:0f:19:ed:77:e9:64:1d:e3:16:86:3c:
3d:fb:11:60:bb:9c:09:85:80:fb:a4:87:f2:36:40:ac:9f:bc:
bf:ec:fd:d0:79:a1:8e:e2:09:2e:ec:6a:db:f3:12:09:30:60:
bb:4a:a2:25:b1:b3:0b:d9:c3:9b:29:3a:6b:58:a9:59:53:87:
a0:69:48:05:8a:db:2f:de:a4:f0:3a:1f:84:c6:ed:ad:30:90:
b1:13:d8:b4:2d:2e:cf:a6:cf:cc:68:e8:7a:20:9d:26:f5:b6:
81:ba:40:01:07:68:e3:da:4b:a3:f5:aa:a1:3a:18:2d:02:49:
f6:54:00:4b:f9:72:bf:95:2f:79:0f:a0:b5:61:c1:d9:9d:53:
89:30:24:d7:01:c0:cb:52:2b:89:78:ea:73:0b:66:e4:49:71:
f3:ef:ed:22:e0:a9:8b:70:16:64:29:4e:b0:75:30:24:aa:e0:
99:63:a8:6d:99:1d:9f:68:45:f3:87:5a:95:25:99:00:d6:09:
b6:c2:62:a1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIGAKqBYvSRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTU1NjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMGUyZDNjMDgw
MDc3NTkzOTQ3MDZhZjc0YzYxZDJiMGMyNzY2MmM3MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAm2OJDwKRZgKapsvjpBESwtZUtKFCvwj+licnm8aytxf9
QG70HrLR1DBCP2XsfUjSyWQbvqJVVmRZdJkS1L9gDivD/0F4+6nKcZANsJQFT4dF
UnE43sVup+8If5fqceNKiXxPlhm3NFtI1kHP/VdYbobwiCjcSefGVlrB/kSjtc17
i39bz/JtdsH7+6a7KL8aZIy9JJ/KTxrTTfu59G9/bbqKItGZJj7HnaC+ADarTto7
LxVE4xoQEjv/jL0x7fXgI5NkyyBqrGgFtCAvvEuVpGn9mUBMvDbPWgi+AIoF9B6p
ou1GdLmSoY+LZBYfAkBuCv/GCjgb/5NSPB5uRdCx3wIDAQABo4ICnzCCApswHQYD
VR0OBBYEFADi08CAB3WTlHBq90xh0rDCdmLHMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzM5N2UwOS0xMTNiLTQ3MDgt
YWE4Yi00Mzk2YWY3ZDc3MDkvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvMzk3ZTA5LTExM2ItNDcwOC1h
YThiLTQzOTZhZjdkNzcwOS8xL0FPTFR3SUFIZFpPVWNHcjNUR0hTc01KMllzYy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAzJhiMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAhtfMA0GCSqGSIb3
DQEBCwUAA4IBAQBKxJdUwMe54q/Z7vy7gcNkF2s0i6DL1vuFu0L2p8JNau3t7UY5
PkQbUEg+kC18cDHuCSNBmPs4Nez4/2eXDxntd+lkHeMWhjw9+xFgu5wJhYD7pIfy
NkCsn7y/7P3QeaGO4gku7Grb8xIJMGC7SqIlsbML2cObKTprWKlZU4egaUgFitsv
3qTwOh+Exu2tMJCxE9i0LS7Pps/MaOh6IJ0m9baBukABB2jj2kuj9aqhOhgtAkn2
VABL+XK/lS95D6C1YcHZnVOJMCTXAcDLUiuJeOpzC2bkSXHz7+0i4KmLcBZkKU6w
dTAkquCZY6htmR2faEXzh1qVJZkA1gm2wmKh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:12 2023 by rpki-client on console-fra.rpki-client.org