Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K4eqKWCfjzLA7Unvv2eD0UWfjLQ.cer
File: K4eqKWCfjzLA7Unvv2eD0UWfjLQ.cer (raw, json)
Hash identifier: DOIG3Oa+v8uoKUY9+opvDGgwcMgN7oewEM1jCSmHjII=
Subject key identifier: 2B:87:AA:29:60:9F:8F:32:C0:ED:49:EF:BF:67:83:D1:45:9F:8C:B4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9DD702B004
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3b/d039bf-7f4e-43d4-9d80-fdbeb0cac84b/1/K4eqKWCfjzLA7Unvv2eD0UWfjLQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3b/d039bf-7f4e-43d4-9d80-fdbeb0cac84b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 04:56:04 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 204472
IP: 2a0b:ad00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 677917143044 (0x9dd702b004)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b87aa29609f8f32c0ed49efbf6783d1459f8cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:d8:4e:bb:e5:21:bc:ba:d0:c8:84:a3:7c:
47:be:36:49:d1:5d:e2:55:24:d7:ec:e0:fe:24:59:
0b:13:76:37:ba:6c:9a:fe:c7:52:fa:0f:22:f3:7f:
69:89:f2:3e:21:3a:dd:26:d2:15:c1:df:0d:6a:c3:
75:c9:44:aa:13:89:d4:1b:82:4b:71:77:b0:16:4e:
9d:19:af:d3:0c:e4:86:d5:09:5b:52:86:fa:0d:03:
3d:a1:c6:80:43:e5:2e:9d:98:65:fd:6d:17:80:ce:
db:5e:a7:fa:d1:a6:6a:c6:62:c9:02:8f:d7:cd:4d:
ef:91:dc:8f:ad:ba:69:59:29:33:0d:dd:4e:69:9e:
bf:a8:be:a4:ac:20:1f:bf:42:92:4d:9a:ac:7b:52:
3c:1f:37:28:d8:52:16:be:9f:5e:a7:ac:39:97:6d:
40:9e:6c:10:3e:3e:99:9a:39:86:57:11:05:9e:69:
fc:f3:f0:3e:f1:9e:ec:22:c1:70:f8:5d:2d:48:16:
60:51:34:1b:3d:a3:65:5a:eb:ac:fc:37:68:05:0b:
7f:9d:5b:29:52:a7:c7:9e:67:50:da:3e:cb:d4:b2:
54:57:4f:e4:88:c3:66:14:0b:f6:25:01:44:41:f3:
5d:6c:ca:e9:46:2b:00:00:14:e0:3e:4c:ab:91:74:
bf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:87:AA:29:60:9F:8F:32:C0:ED:49:EF:BF:67:83:D1:45:9F:8C:B4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d039bf-7f4e-43d4-9d80-fdbeb0cac84b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/d039bf-7f4e-43d4-9d80-fdbeb0cac84b/1/K4eqKWCfjzLA7Unvv2eD0UWfjLQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ad00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204472
Signature Algorithm: sha256WithRSAEncryption
7d:1c:c7:ce:ca:82:fd:e2:ab:e0:64:5c:50:c3:96:ea:64:4b:
02:0c:1a:83:95:ac:5e:d9:80:bb:4b:b6:66:85:27:0f:fd:8f:
f6:bd:03:da:c1:3f:ec:32:5a:56:a6:8c:76:21:2d:96:bf:94:
94:7b:f2:e3:97:b2:ba:e6:d9:6c:47:fd:98:5f:f0:59:2f:70:
9a:37:d0:6f:82:95:8d:e2:79:c9:c4:cb:6d:80:71:37:93:51:
c7:13:43:12:b3:78:82:41:f8:08:ea:dc:e3:66:19:77:69:74:
8f:0c:d6:b4:f9:c0:34:c2:8b:84:38:65:4b:b3:0b:08:09:a4:
2f:fc:a3:e6:f7:1e:25:1d:d7:af:b6:33:05:8e:af:60:ee:7a:
7f:bf:2a:87:fc:f5:66:ff:e2:47:69:f4:c0:ed:85:f2:79:60:
9e:83:a5:99:3f:4c:0a:c5:79:60:62:a4:48:0b:a3:1d:3f:9e:
b3:7c:7f:48:b6:c6:5c:fd:44:dd:99:5d:42:ca:f4:c3:0f:bb:
0a:84:21:d6:88:0b:83:b6:a1:ed:13:4f:7e:36:0e:28:93:fe:
a7:34:6b:84:db:e5:35:65:5b:f9:0f:9f:32:3c:38:09:82:a5:
70:fd:98:cf:2b:60:77:9d:3d:19:db:0a:11:55:05:2d:2f:d4:
9a:c0:34:9f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIGAJ3XArAEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQ1NjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyYjg3YWEyOTYw
OWY4ZjMyYzBlZDQ5ZWZiZjY3ODNkMTQ1OWY4Y2I0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAy7fYTrvlIby60MiEo3xHvjZJ0V3iVSTX7OD+JFkLE3Y3
umya/sdS+g8i839pifI+ITrdJtIVwd8NasN1yUSqE4nUG4JLcXewFk6dGa/TDOSG
1QlbUob6DQM9ocaAQ+UunZhl/W0XgM7bXqf60aZqxmLJAo/XzU3vkdyPrbppWSkz
Dd1OaZ6/qL6krCAfv0KSTZqse1I8Hzco2FIWvp9ep6w5l21AnmwQPj6ZmjmGVxEF
nmn88/A+8Z7sIsFw+F0tSBZgUTQbPaNlWuus/DdoBQt/nVspUqfHnmdQ2j7L1LJU
V0/kiMNmFAv2JQFEQfNdbMrpRisAABTgPkyrkXS/UwIDAQABo4ICoTCCAp0wHQYD
VR0OBBYEFCuHqilgn48ywO1J779ng9FFn4y0MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiL2QwMzliZi03ZjRlLTQzZDQt
OWQ4MC1mZGJlYjBjYWM4NGIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvZDAzOWJmLTdmNGUtNDNkNC05
ZDgwLWZkYmViMGNhYzg0Yi8xL0s0ZXFLV0NmanpMQTdVbnZ2MmVEMFVXZmpMUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUDKgutADAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDHrgwDQYJKoZI
hvcNAQELBQADggEBAH0cx87Kgv3iq+BkXFDDlupkSwIMGoOVrF7ZgLtLtmaFJw/9
j/a9A9rBP+wyWlamjHYhLZa/lJR78uOXsrrm2WxH/Zhf8FkvcJo30G+ClY3iecnE
y22AcTeTUccTQxKzeIJB+Ajq3ONmGXdpdI8M1rT5wDTCi4Q4ZUuzCwgJpC/8o+b3
HiUd16+2MwWOr2Duen+/Kof89Wb/4kdp9MDthfJ5YJ6DpZk/TArFeWBipEgLox0/
nrN8f0i2xlz9RN2ZXULK9MMPuwqEIdaIC4O2oe0TT342DiiT/qc0a4Tb5TVlW/kP
nzI8OAmCpXD9mM8rYHedPRnbChFVBS0v1JrANJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:30:10 2024 by rpki-client on console-ams.rpki-client.org