Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OkoDTnfBRLMYfD3l47uj5gTH5Js.cer
File: OkoDTnfBRLMYfD3l47uj5gTH5Js.cer (raw, json)
Hash identifier: SFwr9Gs6uTJJ9Y2LyVbpSkACqT8lSUsp5ivH68On6Go=
Subject key identifier: 3A:4A:03:4E:77:C1:44:B3:18:7C:3D:E5:E3:BB:A3:E6:04:C7:E4:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A8A48AEEE7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1f/9a3898-f8fd-4add-b85d-4c5d3518472c/1/OkoDTnfBRLMYfD3l47uj5gTH5Js.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1f/9a3898-f8fd-4add-b85d-4c5d3518472c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:02:10 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.179.244.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 724315074279 (0xa8a48aeee7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a4a034e77c144b3187c3de5e3bba3e604c7e49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:00:b2:18:4f:02:8b:86:b0:a8:e1:71:e9:9c:
45:e9:a6:09:f8:f2:16:27:75:6d:76:44:55:a2:b7:
da:2a:80:db:0a:28:6c:80:3b:85:5b:15:af:01:b2:
29:78:ae:af:e3:75:fc:2b:27:89:2d:8e:05:60:4b:
ae:7d:71:f4:b0:32:11:9c:f0:40:00:c0:97:15:89:
ea:71:48:30:79:79:1f:70:48:8a:95:7e:4e:5e:0e:
6a:31:f7:11:94:26:4e:c1:30:83:b4:02:99:c7:89:
72:52:8b:19:31:b2:b4:c9:7f:0c:2f:df:f9:90:28:
06:56:05:aa:b3:b4:33:eb:31:9a:36:5d:1c:e0:58:
67:49:43:0e:63:20:7b:3a:81:94:6f:c6:fe:73:b6:
4a:12:50:44:20:ef:9c:f9:9c:9c:65:95:c5:5d:9e:
fc:ca:10:4f:21:7f:60:b9:d3:a8:0a:d9:27:5b:c1:
08:cd:cc:74:30:73:6b:5d:a1:c8:77:ee:53:47:41:
e6:71:aa:ef:e8:e2:56:cd:b7:f1:83:76:30:c2:f3:
9f:94:e7:80:ba:85:9f:5a:a9:2f:89:39:67:c6:c9:
37:da:19:1e:fa:e9:93:76:9a:a8:c5:a8:38:7e:02:
eb:d0:02:cc:b7:5c:71:0d:e0:41:4b:30:4a:04:3c:
7f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4A:03:4E:77:C1:44:B3:18:7C:3D:E5:E3:BB:A3:E6:04:C7:E4:9B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9a3898-f8fd-4add-b85d-4c5d3518472c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9a3898-f8fd-4add-b85d-4c5d3518472c/1/OkoDTnfBRLMYfD3l47uj5gTH5Js.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.244.0/24
Signature Algorithm: sha256WithRSAEncryption
30:46:75:57:dd:e3:23:25:22:70:30:e8:2c:34:eb:e8:fd:73:
2c:bd:f7:05:e8:e1:27:b3:3f:3f:c7:c4:b2:e7:43:68:ba:a0:
e6:13:f5:43:8d:30:22:a7:e4:68:b4:40:da:d4:ea:20:64:e4:
78:ac:44:96:57:fa:c7:1d:33:a6:97:25:22:40:1e:7b:e1:0c:
14:b1:69:eb:2a:c5:72:52:d6:70:4b:7b:35:46:59:97:d4:4e:
60:5e:84:1b:24:9d:f3:c3:c1:1a:b6:85:a6:4f:10:37:b8:27:
21:c1:b4:b7:b7:f2:f3:8e:05:78:83:c7:e1:0c:d2:74:80:1a:
07:9d:da:b7:99:17:f6:d8:e7:4d:0f:37:d0:bc:c4:77:bb:8f:
ad:ff:01:25:a1:35:eb:94:25:dd:24:7a:9b:51:f8:df:79:aa:
ce:73:d0:2f:44:93:07:b4:fc:e2:1d:7b:2e:c1:91:b4:2b:45:
33:dd:a4:c5:bf:c0:de:59:64:b1:3c:ab:36:1b:7d:90:0d:20:
66:9b:ae:1c:be:c2:2b:81:1d:1b:03:82:91:8d:89:4c:4c:ea:
a0:0c:b7:4d:b1:1b:43:62:29:15:43:db:1e:07:4b:e0:5a:21:
fa:4f:0f:38:6b:0d:c0:c6:34:28:d4:57:ce:6a:4c:d7:f6:89:
c0:a2:43:f5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKikiu7nMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYTRhMDM0ZTc3
YzE0NGIzMTg3YzNkZTVlM2JiYTNlNjA0YzdlNDliMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoQCyGE8Ci4awqOFx6ZxF6aYJ+PIWJ3VtdkRVorfaKoDb
CihsgDuFWxWvAbIpeK6v43X8KyeJLY4FYEuufXH0sDIRnPBAAMCXFYnqcUgweXkf
cEiKlX5OXg5qMfcRlCZOwTCDtAKZx4lyUosZMbK0yX8ML9/5kCgGVgWqs7Qz6zGa
Nl0c4FhnSUMOYyB7OoGUb8b+c7ZKElBEIO+c+ZycZZXFXZ78yhBPIX9gudOoCtkn
W8EIzcx0MHNrXaHId+5TR0Hmcarv6OJWzbfxg3YwwvOflOeAuoWfWqkviTlnxsk3
2hke+umTdpqoxag4fgLr0ALMt1xxDeBBSzBKBDx/6wIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFDpKA053wUSzGHw95eO7o+YEx+SbMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFmLzlhMzg5OC1mOGZkLTRhZGQt
Yjg1ZC00YzVkMzUxODQ3MmMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYvOWEzODk4LWY4ZmQtNGFkZC1i
ODVkLTRjNWQzNTE4NDcyYy8xL09rb0RUbmZCUkxNWWZEM2w0N3VqNWdUSDVKcy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAubP0MA0GCSqGSIb3DQEBCwUAA4IBAQAwRnVX3eMjJSJwMOgsNOvo
/XMsvfcF6OEnsz8/x8Sy50NouqDmE/VDjTAip+RotEDa1OogZOR4rESWV/rHHTOm
lyUiQB574QwUsWnrKsVyUtZwS3s1RlmX1E5gXoQbJJ3zw8EatoWmTxA3uCchwbS3
t/LzjgV4g8fhDNJ0gBoHndq3mRf22OdNDzfQvMR3u4+t/wEloTXrlCXdJHqbUfjf
earOc9AvRJMHtPziHXsuwZG0K0Uz3aTFv8DeWWSxPKs2G32QDSBmm64cvsIrgR0b
A4KRjYlMTOqgDLdNsRtDYikVQ9seB0vgWiH6Tw84aw3AxjQo1FfOakzX9onAokP1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:31:42 2024 by rpki-client on console-ams.rpki-client.org