Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RHwxlGxhCWP_GlUiT7Rguz5KY_E.cer
File: RHwxlGxhCWP_GlUiT7Rguz5KY_E.cer (raw, json)
Hash identifier: 4UFzcJRdkOHT7iskS6dNTDBEM0NNAxsBm56nNl3hT2A=
Subject key identifier: 44:7C:31:94:6C:61:09:63:FF:1A:55:22:4F:B4:60:BB:3E:4A:63:F1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9B229E09C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/70/faa8db-1227-4b80-82af-33a8338bd111/1/RHwxlGxhCWP_GlUiT7Rguz5KY_E.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/70/faa8db-1227-4b80-82af-33a8338bd111/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 02:02:11 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 208974
IP: 45.12.168.0/22
IP: 2a0e:b500::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 666300713408 (0x9b229e09c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=447c31946c610963ff1a55224fb460bb3e4a63f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:28:3e:02:fa:37:65:35:fa:87:31:47:92:8a:
90:63:a5:84:52:6b:2e:35:13:ed:7c:99:64:f4:b2:
c3:9e:d3:7d:dc:9c:45:c5:83:b5:6f:93:1d:a0:83:
6e:aa:17:02:e0:da:ec:16:bf:89:ec:cb:30:a3:45:
83:6f:d3:41:71:b1:32:35:91:aa:78:04:b4:0c:3e:
2f:73:f9:32:0a:9c:55:43:bd:ae:fd:06:11:c8:99:
47:7e:71:48:42:43:4c:8b:b1:62:e6:64:b3:07:5a:
75:f4:83:0f:46:f1:c1:35:f9:fe:f5:42:16:57:f4:
5b:c1:6c:71:98:ff:16:dd:34:54:df:15:5e:0e:c9:
e1:b4:65:31:c8:57:c8:2d:bf:f3:80:37:16:eb:82:
4e:23:61:d4:f9:77:b4:21:91:87:42:98:d8:e9:b2:
18:85:4c:fd:00:e7:14:f3:12:bc:bb:5b:92:c9:6b:
e6:ec:b7:32:b7:5c:65:53:2c:e6:e5:8a:0a:8f:02:
da:01:34:de:61:c4:37:68:28:4e:44:06:07:be:03:
3b:b6:e9:39:7d:06:07:ee:8a:02:b1:75:2f:44:4f:
b2:49:9f:d1:a8:9f:34:ad:46:67:3b:0b:4b:ad:57:
6b:f9:5b:46:99:32:dd:a9:88:ea:70:ab:2e:19:bb:
47:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7C:31:94:6C:61:09:63:FF:1A:55:22:4F:B4:60:BB:3E:4A:63:F1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/faa8db-1227-4b80-82af-33a8338bd111/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/faa8db-1227-4b80-82af-33a8338bd111/1/RHwxlGxhCWP_GlUiT7Rguz5KY_E.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.168.0/22
IPv6:
2a0e:b500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208974
Signature Algorithm: sha256WithRSAEncryption
0e:02:d8:27:25:f8:1a:85:7d:52:be:32:ca:01:f6:24:9a:fc:
2d:32:fa:49:a6:67:29:66:c8:b1:c4:98:cc:72:3b:4f:84:86:
b7:95:86:b0:dc:d5:45:f8:7a:bc:65:da:57:99:60:74:56:62:
74:57:2c:67:00:16:34:23:68:02:49:44:36:40:da:2b:96:1c:
84:38:27:08:e2:34:f5:bb:b0:db:24:e3:51:fb:7a:ba:5b:ed:
d4:61:38:f9:38:84:48:ea:8b:60:60:45:4c:d2:7d:14:5c:7e:
ce:49:35:8f:7c:2f:eb:a0:d7:88:80:5d:31:59:f6:1e:de:9c:
0d:71:f5:39:84:90:fb:db:6a:c1:4b:fe:14:f0:e0:43:c8:56:
f3:f7:5e:5f:aa:68:b6:87:88:6d:f3:ac:78:9b:63:e4:b7:b5:
1e:0e:1a:77:6c:fe:09:27:f6:d7:bd:e3:83:12:6f:49:cb:a8:
8e:e4:a2:db:a5:14:b6:3e:56:b4:56:db:ec:f6:8d:d1:d0:ac:
41:09:f1:ce:3e:29:99:69:a4:62:14:eb:98:d4:36:ac:30:0d:
c1:7b:86:da:7a:41:96:d7:cf:f7:ae:3f:30:ce:9b:ae:b9:57:
d0:4d:6a:2c:4a:54:1c:98:d7:b5:c2:23:33:43:2f:06:ea:23:
eb:7a:cb:0f
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJsingnAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDIwMjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NDdjMzE5NDZj
NjEwOTYzZmYxYTU1MjI0ZmI0NjBiYjNlNGE2M2YxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuCg+Avo3ZTX6hzFHkoqQY6WEUmsuNRPtfJlk9LLDntN9
3JxFxYO1b5MdoINuqhcC4NrsFr+J7Mswo0WDb9NBcbEyNZGqeAS0DD4vc/kyCpxV
Q72u/QYRyJlHfnFIQkNMi7Fi5mSzB1p19IMPRvHBNfn+9UIWV/RbwWxxmP8W3TRU
3xVeDsnhtGUxyFfILb/zgDcW64JOI2HU+Xe0IZGHQpjY6bIYhUz9AOcU8xK8u1uS
yWvm7Lcyt1xlUyzm5YoKjwLaATTeYcQ3aChORAYHvgM7tuk5fQYH7ooCsXUvRE+y
SZ/RqJ80rUZnOwtLrVdr+VtGmTLdqYjqcKsuGbtHfwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFER8MZRsYQlj/xpVIk+0YLs+SmPxMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcwL2ZhYThkYi0xMjI3LTRiODAt
ODJhZi0zM2E4MzM4YmQxMTEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvZmFhOGRiLTEyMjctNGI4MC04
MmFmLTMzYTgzMzhiZDExMS8xL1JId3hsR3hoQ1dQX0dsVWlUN1JndXo1S1lfRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLQyoMA0EAgACMAcDBQMqDrUAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMwTjANBgkqhkiG9w0BAQsFAAOCAQEADgLYJyX4GoV9Ur4yygH2JJr8LTL6
SaZnKWbIscSYzHI7T4SGt5WGsNzVRfh6vGXaV5lgdFZidFcsZwAWNCNoAklENkDa
K5YchDgnCOI09buw2yTjUft6ulvt1GE4+TiESOqLYGBFTNJ9FFx+zkk1j3wv66DX
iIBdMVn2Ht6cDXH1OYSQ+9tqwUv+FPDgQ8hW8/deX6potoeIbfOseJtj5Le1Hg4a
d2z+CSf2173jgxJvScuojuSi26UUtj5WtFbb7PaN0dCsQQnxzj4pmWmkYhTrmNQ2
rDANwXuG2npBltfP964/MM6brrlX0E1qLEpUHJjXtcIjM0MvBuoj63rLDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:32:29 2024 by rpki-client on console-ams.rpki-client.org