Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BJfNjthvyDRt2TySBPdrw7kqTP4.cer
File: BJfNjthvyDRt2TySBPdrw7kqTP4.cer (raw, json)
Hash identifier: TPM5LJojWO9Gx6QW8Z1TvSKoSZLItofXhfOMTmeuSe4=
Subject key identifier: 04:97:CD:8E:D8:6F:C8:34:6D:D9:3C:92:04:F7:6B:C3:B9:2A:4C:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A1FBBA3637
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/BJfNjthvyDRt2TySBPdrw7kqTP4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:03:03 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.4.32.0/22
IP: 185.239.160.0/22
IP: 2a02:5fc0::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 695713019447 (0xa1fbba3637)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0497cd8ed86fc8346dd93c9204f76bc3b92a4cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2d:01:8e:48:53:52:d4:d1:fa:9a:a7:18:e0:
7a:bb:9a:ce:bb:a1:35:0b:12:55:70:a2:6e:c5:49:
fe:ae:73:ab:b6:00:a9:13:c4:f4:4f:0a:64:b2:ab:
72:46:76:e3:80:23:6c:d6:26:5a:6e:d8:cf:74:62:
23:20:b2:5f:f0:97:24:48:f2:76:50:a4:1a:28:3f:
a0:d0:31:71:d5:bb:9c:5b:b2:33:7d:2e:01:e1:2e:
e9:74:e6:21:a2:aa:e1:1f:6d:54:8a:96:f1:07:8c:
9e:fa:57:1b:8b:8e:77:69:01:51:2a:55:9c:10:d4:
29:21:f3:55:3c:ff:86:c9:d8:6d:12:a1:91:9a:8d:
2e:2d:f7:c3:f2:a7:f6:3f:91:51:62:c5:b2:09:f9:
6a:33:a3:32:e9:46:06:b0:f5:23:3d:14:ea:69:75:
40:42:e9:23:89:79:df:89:d4:5f:64:24:47:54:bb:
4d:4e:4e:38:5c:e3:12:e5:4e:08:80:55:c9:5e:9b:
25:07:2c:27:f6:6b:52:b4:14:da:d0:4a:36:06:40:
13:ef:2a:70:ee:17:9d:4e:0c:be:f8:ef:d2:05:0b:
98:a7:65:9a:37:9e:4b:46:2a:dd:17:7a:ce:83:61:
38:0f:dc:be:b5:01:25:a9:e4:76:24:33:60:98:43:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:97:CD:8E:D8:6F:C8:34:6D:D9:3C:92:04:F7:6B:C3:B9:2A:4C:FE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/BJfNjthvyDRt2TySBPdrw7kqTP4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.32.0/22
185.239.160.0/22
IPv6:
2a02:5fc0::/32
Signature Algorithm: sha256WithRSAEncryption
72:53:28:51:b4:45:7a:c8:9e:07:01:80:85:7a:ef:3f:cf:cd:
ab:61:c6:84:63:6b:c6:6d:a6:fa:a6:6c:c5:0a:d8:ab:b4:63:
cc:38:fa:d0:5a:34:0d:00:a0:53:04:81:54:49:a6:e6:d6:31:
12:64:95:f5:f0:06:22:00:35:62:44:6e:d9:80:ea:78:34:f4:
91:59:90:91:93:66:90:20:46:26:5e:22:da:3a:90:9c:e1:c2:
d3:77:0f:94:1c:24:ec:06:fd:64:35:37:2e:76:e5:69:e0:81:
d4:d2:59:38:af:99:3e:34:80:2b:8a:85:f8:b3:db:dc:36:89:
51:4f:87:62:e4:e6:83:d7:21:80:59:f7:c4:7e:d2:37:7b:ca:
53:c6:83:ec:39:c5:c0:d4:e4:5c:a7:47:40:90:77:b8:b3:d3:
09:b4:af:15:b1:7f:4c:16:a4:74:b2:22:97:d0:31:10:cc:4c:
9a:86:dd:09:b1:8c:17:78:35:d9:2a:d8:2f:c4:e7:0d:fe:f2:
cc:ff:97:db:82:25:4b:e4:7b:5c:ad:5a:31:e3:6b:7e:7b:db:
11:08:58:51:d8:65:b4:70:42:95:98:cd:67:83:cb:6e:0b:4b:
14:44:6a:2c:b5:d6:98:49:18:29:0f:1e:7d:4d:a0:ae:b9:35:
23:5f:07:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIGAKH7ujY3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDgwMzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNDk3Y2Q4ZWQ4
NmZjODM0NmRkOTNjOTIwNGY3NmJjM2I5MmE0Y2ZlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAxy0BjkhTUtTR+pqnGOB6u5rOu6E1CxJVcKJuxUn+rnOr
tgCpE8T0TwpksqtyRnbjgCNs1iZabtjPdGIjILJf8JckSPJ2UKQaKD+g0DFx1buc
W7IzfS4B4S7pdOYhoqrhH21UipbxB4ye+lcbi453aQFRKlWcENQpIfNVPP+Gydht
EqGRmo0uLffD8qf2P5FRYsWyCflqM6My6UYGsPUjPRTqaXVAQukjiXnfidRfZCRH
VLtNTk44XOMS5U4IgFXJXpslBywn9mtStBTa0Eo2BkAT7ypw7hedTgy++O/SBQuY
p2WaN55LRirdF3rOg2E4D9y+tQElqeR2JDNgmEOLKQIDAQABo4ICmTCCApUwHQYD
VR0OBBYEFASXzY7Yb8g0bdk8kgT3a8O5Kkz+MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwL2NiN2UzNC00NmEzLTRlODIt
OTMxOC0zYzY2MjY2ZGMzYjAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvY2I3ZTM0LTQ2YTMtNGU4Mi05
MzE4LTNjNjYyNjZkYzNiMC8xL0JKZk5qdGh2eURSdDJUeVNCUGRydzdrcVRQNC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCuQQgAwQCue+gMA0EAgACMAcDBQAqAl/AMA0GCSqGSIb3DQEBCwUA
A4IBAQByUyhRtEV6yJ4HAYCFeu8/z82rYcaEY2vGbab6pmzFCtirtGPMOPrQWjQN
AKBTBIFUSabm1jESZJX18AYiADViRG7ZgOp4NPSRWZCRk2aQIEYmXiLaOpCc4cLT
dw+UHCTsBv1kNTcuduVp4IHU0lk4r5k+NIArioX4s9vcNolRT4di5OaD1yGAWffE
ftI3e8pTxoPsOcXA1ORcp0dAkHe4s9MJtK8VsX9MFqR0siKX0DEQzEyaht0JsYwX
eDXZKtgvxOcN/vLM/5fbgiVL5HtcrVox42t+e9sRCFhR2GW0cEKVmM1ng8tuC0sU
RGostdaYSRgpDx59TaCuuTUjXwf9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:27:14 2024 by rpki-client on console-ams.rpki-client.org