Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BXMYfrwqkoDxWT43w17YjqVlW_Y.cer
File: BXMYfrwqkoDxWT43w17YjqVlW_Y.cer (raw, json)
Hash identifier: 20EAHJiT0e3S6NN7bvUrdRgU/3Mj6ghIZS+1x8+3hfA=
Subject key identifier: 05:73:18:7E:BC:2A:92:80:F1:59:3E:37:C3:5E:D8:8E:A5:65:5B:F6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A4CD5F7F4F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/BXMYfrwqkoDxWT43w17YjqVlW_Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:55:44 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 202583
IP: 157.97.176.0/21
IP: 185.72.0.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 707820224335 (0xa4cd5f7f4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0573187ebc2a9280f1593e37c35ed88ea5655bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:96:3f:25:41:ed:95:c3:b0:97:2e:88:7f:a4:
89:6d:29:db:82:6f:64:0f:00:5a:fc:3c:3d:fa:1c:
35:99:69:6b:82:80:9c:4a:56:1e:10:0d:02:b7:66:
b8:ff:1e:54:a9:7e:5c:95:7d:81:a2:3f:9e:5b:31:
a7:ee:0a:38:eb:3f:ef:4c:9e:2c:63:43:12:fd:60:
f8:5e:2d:e3:96:73:0e:01:09:07:6d:90:38:5b:5f:
ef:f3:ab:6e:4b:d5:52:65:ef:6f:58:d8:4a:8d:2a:
a6:d2:75:2b:e2:cc:6f:68:c3:04:d4:8b:4b:c5:ac:
39:ae:8b:90:04:3e:3d:07:23:4e:ee:5c:0e:2e:e6:
c9:f5:b0:93:d5:81:0d:82:2d:68:e3:e7:fe:3b:c9:
8f:15:d6:e5:f7:20:01:83:9e:69:39:9e:a9:79:36:
94:7c:62:4b:61:b5:c8:1e:34:8d:9e:4f:01:c8:af:
d2:f2:5c:ac:bf:5e:50:c0:18:48:47:76:9c:48:f6:
e5:77:f5:51:08:b8:cf:ed:10:99:c3:87:ae:9f:ca:
89:ef:6e:c6:df:de:07:71:a4:cd:b1:37:7f:96:06:
ec:79:25:56:47:83:cf:14:e6:77:75:39:68:87:c6:
24:c6:8f:73:18:42:1d:ce:36:35:ab:db:ab:22:da:
12:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:73:18:7E:BC:2A:92:80:F1:59:3E:37:C3:5E:D8:8E:A5:65:5B:F6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/BXMYfrwqkoDxWT43w17YjqVlW_Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.176.0/21
185.72.0.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202583
Signature Algorithm: sha256WithRSAEncryption
04:a2:d4:e3:57:92:79:56:17:77:d9:d5:b2:65:a2:08:94:d5:
d5:1b:49:e9:dc:71:15:53:26:11:ce:9b:40:f5:4c:06:a1:19:
7f:53:fb:dd:e3:14:9a:44:90:82:a8:c5:8e:c7:83:a1:04:55:
eb:ef:86:af:a5:8a:81:ec:e3:90:6b:1a:fe:f8:6c:88:7e:5b:
9f:72:8a:ef:a2:0e:33:33:d6:89:fe:ac:81:85:06:8e:9d:90:
9d:6c:9b:6e:e5:20:c3:4c:84:1f:60:29:e2:c7:0f:ae:87:3f:
94:18:26:ca:34:5a:9e:28:d3:38:1b:d8:f1:40:50:88:ce:3d:
f3:5f:26:94:53:44:df:48:73:fd:3a:b6:32:ae:d6:41:5f:4f:
cc:2b:03:7b:11:52:47:53:cb:83:aa:12:13:26:3a:04:5a:c1:
a8:9f:54:73:92:b0:93:a4:65:ce:14:84:0f:a3:2f:63:95:b4:
4c:88:6e:b1:85:4d:b7:fe:41:1e:46:c9:4e:21:9e:f0:21:7b:
3f:12:1d:38:93:39:6f:e5:d2:da:ab:84:44:b7:c7:f9:77:55:
90:43:99:34:60:65:8b:b6:b3:ad:f3:fc:72:f8:11:d0:97:3b:
04:f3:89:d1:60:0e:2a:8a:31:c4:6d:2a:6c:f4:aa:82:4b:1c:
e7:67:93:9a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIGAKTNX39PMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTA1NTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNTczMTg3ZWJj
MmE5MjgwZjE1OTNlMzdjMzVlZDg4ZWE1NjU1YmY2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuZY/JUHtlcOwly6If6SJbSnbgm9kDwBa/Dw9+hw1mWlr
goCcSlYeEA0Ct2a4/x5UqX5clX2Boj+eWzGn7go46z/vTJ4sY0MS/WD4Xi3jlnMO
AQkHbZA4W1/v86tuS9VSZe9vWNhKjSqm0nUr4sxvaMME1ItLxaw5rouQBD49ByNO
7lwOLubJ9bCT1YENgi1o4+f+O8mPFdbl9yABg55pOZ6peTaUfGJLYbXIHjSNnk8B
yK/S8lysv15QwBhIR3acSPbld/VRCLjP7RCZw4eun8qJ727G394HcaTNsTd/lgbs
eSVWR4PPFOZ3dTloh8Ykxo9zGEIdzjY1q9urItoSMwIDAQABo4ICpjCCAqIwHQYD
VR0OBBYEFAVzGH68KpKA8Vk+N8Ne2I6lZVv2MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NhLzI2Mjc3Yy0zNGVmLTRkZmEt
YWMzMi05N2Y1NGU1Njg5NTIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvMjYyNzdjLTM0ZWYtNGRmYS1h
YzMyLTk3ZjU0ZTU2ODk1Mi8xL0JYTVlmcndxa29EeFdUNDN3MTdZanFWbFdfWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQDnWGwAwQCuUgAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMXVzAN
BgkqhkiG9w0BAQsFAAOCAQEABKLU41eSeVYXd9nVsmWiCJTV1RtJ6dxxFVMmEc6b
QPVMBqEZf1P73eMUmkSQgqjFjseDoQRV6++Gr6WKgezjkGsa/vhsiH5bn3KK76IO
MzPWif6sgYUGjp2QnWybbuUgw0yEH2Ap4scProc/lBgmyjRanijTOBvY8UBQiM49
818mlFNE30hz/Tq2Mq7WQV9PzCsDexFSR1PLg6oSEyY6BFrBqJ9Uc5Kwk6RlzhSE
D6MvY5W0TIhusYVNt/5BHkbJTiGe8CF7PxIdOJM5b+XS2quERLfH+XdVkEOZNGBl
i7azrfP8cvgR0Jc7BPOJ0WAOKooxxG0qbPSqgksc52eTmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:27:19 2024 by rpki-client on console-ams.rpki-client.org