Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PAOaGdMCerVsPyQ540YuJd-XrmI.cer
File: PAOaGdMCerVsPyQ540YuJd-XrmI.cer (raw, json)
Hash identifier: pT1Qt2dhXKFJxj5hd+Q86D6dnVyypd+6J3ZuW35Qhdo=
Subject key identifier: 3C:03:9A:19:D3:02:7A:B5:6C:3F:24:39:E3:46:2E:25:DF:97:AE:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A271099586
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d8/4c3566-71e3-4cb9-bdd6-6a191a57731a/1/PAOaGdMCerVsPyQ540YuJd-XrmI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d8/4c3566-71e3-4cb9-bdd6-6a191a57731a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:54:46 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 42011
IP: 185.209.116.0/22
IP: 2a0b:4540::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 697681155462 (0xa271099586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:54:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c039a19d3027ab56c3f2439e3462e25df97ae62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2a:67:21:e8:d2:e8:2f:f8:c9:88:10:83:a2:
6a:c9:94:c8:94:52:80:65:82:18:34:f1:a3:17:ec:
5d:dc:c9:c4:14:1b:09:4c:84:51:cf:b1:08:4f:e4:
8f:6e:46:7d:f3:f4:8a:37:0e:0e:54:d2:b3:85:66:
6c:6a:6d:f6:a8:8b:b9:7e:c6:7b:dc:f5:22:30:a9:
94:f3:ee:e2:a5:fd:79:4a:98:93:0d:26:9d:05:30:
b7:82:9b:cb:33:a5:2b:2f:8f:85:73:6c:5a:4f:7c:
6e:a9:93:f2:32:7f:75:36:e9:e3:b4:83:9b:6f:e3:
c7:33:04:19:5a:cf:79:61:92:68:b5:9d:9f:cd:8f:
b7:a0:57:34:88:91:e9:eb:11:61:ba:ff:ba:00:d2:
a4:ea:ee:56:9c:ae:50:62:9c:bf:ba:bd:c9:f5:97:
c9:d3:fe:33:5c:02:3a:bf:fd:0a:75:8a:26:29:a8:
cf:75:06:7a:c8:36:cd:78:f6:fb:29:b8:6b:d3:f6:
8e:2a:7d:83:10:23:d4:18:0d:91:7b:44:37:aa:10:
75:17:e5:72:bd:e0:b5:d2:72:25:c3:47:15:05:c9:
96:de:2e:7b:5e:09:2f:b1:af:4e:fa:81:51:4f:2e:
f2:27:34:7b:05:63:54:dc:65:b2:2e:a3:8c:9b:d2:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:03:9A:19:D3:02:7A:B5:6C:3F:24:39:E3:46:2E:25:DF:97:AE:62
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4c3566-71e3-4cb9-bdd6-6a191a57731a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/4c3566-71e3-4cb9-bdd6-6a191a57731a/1/PAOaGdMCerVsPyQ540YuJd-XrmI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.116.0/22
IPv6:
2a0b:4540::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42011
Signature Algorithm: sha256WithRSAEncryption
4c:b2:20:de:74:1c:aa:7b:52:b1:b0:17:60:38:a1:a2:d3:79:
a1:66:4d:eb:9e:f3:b2:08:8c:bb:5a:4e:ef:96:ba:0c:2f:1e:
33:6a:83:4a:57:c7:fb:2b:67:af:c2:15:fb:ed:00:e6:ca:47:
9b:7c:da:c1:6a:19:53:46:04:ed:8c:50:b2:eb:74:3a:ce:95:
f9:29:97:c8:25:0c:6a:5c:96:4d:cc:63:a5:4e:52:65:07:c8:
a5:b1:a4:3b:78:80:6e:c5:e9:35:ee:a3:b9:8c:f3:28:f5:a7:
db:10:fa:08:93:de:e1:06:09:e9:87:a4:bc:13:02:34:d4:35:
ca:76:62:6d:f6:b1:41:ec:ec:51:d6:80:03:f3:07:92:4e:fe:
03:cb:32:aa:8d:c1:7a:a6:30:9b:f9:35:94:13:f2:e1:a6:32:
2e:71:9c:90:19:6a:fa:df:26:8d:5c:af:40:de:6e:73:79:e9:
5b:a7:82:4a:17:de:e4:f6:02:2c:b9:aa:f1:ce:40:07:ef:aa:
8b:f3:10:df:4f:af:b0:be:ec:90:12:25:b2:72:85:ce:c8:8d:
47:5d:a8:33:32:a2:7e:b0:56:3a:2d:80:07:d7:d2:75:b4:30:
c3:6c:ff:50:7d:76:58:b2:42:75:14:f5:70:49:fd:f6:b2:e1:
b7:ff:0d:5e
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKJxCZWGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1NDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYzAzOWExOWQz
MDI3YWI1NmMzZjI0MzllMzQ2MmUyNWRmOTdhZTYyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoSpnIejS6C/4yYgQg6JqyZTIlFKAZYIYNPGjF+xd3MnE
FBsJTIRRz7EIT+SPbkZ98/SKNw4OVNKzhWZsam32qIu5fsZ73PUiMKmU8+7ipf15
SpiTDSadBTC3gpvLM6UrL4+Fc2xaT3xuqZPyMn91NunjtIObb+PHMwQZWs95YZJo
tZ2fzY+3oFc0iJHp6xFhuv+6ANKk6u5WnK5QYpy/ur3J9ZfJ0/4zXAI6v/0KdYom
KajPdQZ6yDbNePb7Kbhr0/aOKn2DECPUGA2Re0Q3qhB1F+VyveC10nIlw0cVBcmW
3i57Xgkvsa9O+oFRTy7yJzR7BWNU3GWyLqOMm9IRUQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFDwDmhnTAnq1bD8kOeNGLiXfl65iMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q4LzRjMzU2Ni03MWUzLTRjYjkt
YmRkNi02YTE5MWE1NzczMWEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgvNGMzNTY2LTcxZTMtNGNiOS1i
ZGQ2LTZhMTkxYTU3NzMxYS8xL1BBT2FHZE1DZXJWc1B5UTU0MFl1SmQtWHJtSS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCudF0MA0EAgACMAcDBQMqC0VAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwCkGzANBgkqhkiG9w0BAQsFAAOCAQEATLIg3nQcqntSsbAXYDihotN5oWZN
657zsgiMu1pO75a6DC8eM2qDSlfH+ytnr8IV++0A5spHm3zawWoZU0YE7YxQsut0
Os6V+SmXyCUMalyWTcxjpU5SZQfIpbGkO3iAbsXpNe6juYzzKPWn2xD6CJPe4QYJ
6YekvBMCNNQ1ynZibfaxQezsUdaAA/MHkk7+A8syqo3BeqYwm/k1lBPy4aYyLnGc
kBlq+t8mjVyvQN5uc3npW6eCShfe5PYCLLmq8c5AB++qi/MQ30+vsL7skBIlsnKF
zsiNR12oMzKifrBWOi2AB9fSdbQww2z/UH12WLJCdRT1cEn99rLht/8NXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:44:58 2024 by rpki-client on console-fra.rpki-client.org