Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PofJdjc_o9itkF5TTE_8I4BCDho.cer
File: PofJdjc_o9itkF5TTE_8I4BCDho.cer (raw, json)
Hash identifier: NltJJehK+AD/adFEJgBSKufz7pKiCSkUTBrJTIcFbxM=
Subject key identifier: 3E:87:C9:76:37:3F:A3:D8:AD:90:5E:53:4C:4F:FC:23:80:42:0E:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A751E870A3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/PofJdjc_o9itkF5TTE_8I4BCDho.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:58:32 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 207709
IP: 2.56.152.0/22
IP: 2a0f:3580::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 718633726115 (0xa751e870a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e87c976373fa3d8ad905e534c4ffc2380420e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:8f:b3:6a:d2:b7:8a:65:28:d1:bf:9c:1e:18:
39:63:19:7f:d1:88:70:a6:9d:f4:6e:32:75:8b:bf:
13:70:e6:e3:8f:9d:be:30:83:ae:41:3a:f7:7b:14:
1c:79:8a:74:37:b2:89:fc:bd:dd:bd:03:e1:91:99:
79:38:c9:be:81:fb:12:d7:47:83:25:26:f7:07:52:
91:7d:88:3c:15:f2:b5:2b:28:bc:de:a5:5c:17:2a:
07:8f:27:ce:e3:36:b1:13:9a:d3:af:ff:24:e3:69:
c0:62:40:cf:87:d1:32:aa:0f:e2:f3:b4:af:50:2c:
dc:c6:7a:4e:6a:92:d7:51:d7:79:4c:8d:38:78:4a:
2a:7e:4b:46:db:36:de:1d:aa:ad:d8:d0:af:d1:c2:
64:a5:05:81:a9:26:d0:2a:c3:bb:da:57:e7:12:98:
74:84:cf:47:09:74:8d:60:3c:fb:35:ae:97:d3:d5:
b0:e0:88:b1:34:36:07:ae:5e:cc:cc:fe:c4:c8:fc:
af:6f:d4:a0:27:1c:ae:80:ac:85:90:5b:50:a2:77:
ef:0d:16:89:4f:4e:99:66:4f:84:d7:6b:da:35:87:
c2:39:56:f8:0f:04:2a:70:67:79:8e:e8:29:ad:2d:
93:46:a0:a6:0e:86:87:25:d0:b1:3e:df:14:c7:84:
fe:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:87:C9:76:37:3F:A3:D8:AD:90:5E:53:4C:4F:FC:23:80:42:0E:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/PofJdjc_o9itkF5TTE_8I4BCDho.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
IPv6:
2a0f:3580::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207709
Signature Algorithm: sha256WithRSAEncryption
0c:ad:31:7c:0b:0c:22:3a:32:ba:87:03:1a:b7:d7:92:bb:fd:
99:d8:24:40:aa:1d:c9:ca:ce:d5:24:be:5e:eb:14:38:2a:9e:
3c:14:ff:f1:4f:54:9d:9e:50:9b:4b:ca:be:d7:3a:94:90:ba:
3b:6f:d7:c5:84:7f:b1:42:38:13:f7:bf:b8:8f:d9:95:15:bb:
94:47:1b:9d:dc:45:e0:83:30:69:8a:6d:dc:22:2a:59:b0:e0:
ad:bc:ff:5a:1f:a2:9d:c8:77:42:80:7c:b0:14:f0:8f:43:76:
77:18:3a:34:95:da:64:58:95:7e:d9:ab:99:f0:f1:d1:f2:5f:
1f:b8:c8:61:9d:ab:7c:8f:4b:40:32:98:ee:a5:73:b4:7d:24:
34:8e:d2:ac:ac:13:42:3d:a4:66:e0:cd:e2:d0:7d:9b:77:1b:
ef:8d:02:5c:a0:88:69:49:1f:88:6c:2f:cf:42:5d:7d:e0:2b:
54:8b:6d:d4:f4:03:56:fd:d0:51:5c:a9:fe:4a:6d:aa:61:7f:
94:fb:3d:5f:cc:b5:52:3f:4c:58:b1:e3:95:a2:99:ae:6a:4e:
2b:a6:06:4a:dc:5f:8f:a6:0a:1c:58:99:fa:4c:d0:14:35:52:
da:44:03:68:83:82:bc:b5:5d:12:b8:24:ab:85:56:1e:8d:64:
35:0c:84:41
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKdR6HCjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTI1ODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzZTg3Yzk3NjM3
M2ZhM2Q4YWQ5MDVlNTM0YzRmZmMyMzgwNDIwZTFhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA8I+zatK3imUo0b+cHhg5Yxl/0Yhwpp30bjJ1i78TcObj
j52+MIOuQTr3exQceYp0N7KJ/L3dvQPhkZl5OMm+gfsS10eDJSb3B1KRfYg8FfK1
Kyi83qVcFyoHjyfO4zaxE5rTr/8k42nAYkDPh9Eyqg/i87SvUCzcxnpOapLXUdd5
TI04eEoqfktG2zbeHaqt2NCv0cJkpQWBqSbQKsO72lfnEph0hM9HCXSNYDz7Na6X
09Ww4IixNDYHrl7MzP7EyPyvb9SgJxyugKyFkFtQonfvDRaJT06ZZk+E12vaNYfC
OVb4DwQqcGd5jugprS2TRqCmDoaHJdCxPt8Ux4T+IQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFD6HyXY3P6PYrZBeU0xP/COAQg4aMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzLzUwOWQyNy1hOTFlLTQ1YmYt
YmVhMi0yNTZkMjUwZWFjNzYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvNTA5ZDI3LWE5MWUtNDViZi1i
ZWEyLTI1NmQyNTBlYWM3Ni8xL1BvZkpkamNfbzlpdGtGNVRURV84STRCQ0Roby5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCAjiYMA0EAgACMAcDBQMqDzWAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMrXTANBgkqhkiG9w0BAQsFAAOCAQEADK0xfAsMIjoyuocDGrfXkrv9mdgk
QKodycrO1SS+XusUOCqePBT/8U9UnZ5Qm0vKvtc6lJC6O2/XxYR/sUI4E/e/uI/Z
lRW7lEcbndxF4IMwaYpt3CIqWbDgrbz/Wh+inch3QoB8sBTwj0N2dxg6NJXaZFiV
ftmrmfDx0fJfH7jIYZ2rfI9LQDKY7qVztH0kNI7SrKwTQj2kZuDN4tB9m3cb740C
XKCIaUkfiGwvz0JdfeArVItt1PQDVv3QUVyp/kptqmF/lPs9X8y1Uj9MWLHjlaKZ
rmpOK6YGStxfj6YKHFiZ+kzQFDVS2kQDaIOCvLVdErgkq4VWHo1kNQyEQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:32:00 2024 by rpki-client on console-ams.rpki-client.org