Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RS2bx4SsAiOQH-QxKrDNKNRZB7A.cer
File: RS2bx4SsAiOQH-QxKrDNKNRZB7A.cer (raw, json)
Hash identifier: 5T+/57se/V3d17dnUTj1Bo2tvDGPPY81VYDQbzFyavY=
Subject key identifier: 45:2D:9B:C7:84:AC:02:23:90:1F:E4:31:2A:B0:CD:28:D4:59:07:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A43BFC7990
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/cb6eae-d1e6-4111-bd4c-be25bb926bdc/1/RS2bx4SsAiOQH-QxKrDNKNRZB7A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/cb6eae-d1e6-4111-bd4c-be25bb926bdc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:02:27 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.216.50.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705381038480 (0xa43bfc7990)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:02:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=452d9bc784ac0223901fe4312ab0cd28d45907b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:61:4a:fb:7c:d6:a5:11:e8:ab:74:20:3a:92:
9b:72:12:d9:e1:3c:de:31:f2:e1:68:a5:4a:41:5f:
09:fa:0b:4c:c1:7e:f0:29:d6:24:d7:24:ea:36:9e:
b9:42:d6:f9:de:84:5f:a1:c9:d9:32:f3:9d:5b:71:
95:3d:8d:c5:8d:08:f1:80:1a:18:9b:c3:10:2d:f7:
6a:78:6d:e6:9b:3e:18:70:78:17:28:cd:4e:8f:63:
43:2b:1b:66:0d:5d:ac:fb:63:f2:ce:e7:c4:36:c6:
85:4a:36:55:11:05:3f:63:58:76:b5:24:f9:d8:56:
60:05:1a:6e:70:c4:2c:6a:63:11:d6:ff:68:5b:c5:
17:47:4d:eb:15:b0:80:b3:be:ac:d7:30:ee:3a:26:
79:75:81:74:a0:19:ba:ad:d1:4d:d2:6c:06:f8:07:
31:6d:2c:4d:bf:75:dd:1d:a0:88:18:2b:00:87:55:
ae:15:dd:97:f3:b1:40:6a:87:56:a7:19:4c:dd:7f:
48:9a:d9:6c:5a:f8:04:12:06:07:e5:30:2c:96:8f:
62:06:1d:56:4a:8d:d5:32:2e:29:30:09:b2:b9:c1:
03:14:43:a0:fd:38:69:50:f9:04:f8:1c:67:f1:4c:
ad:b1:98:4d:e8:d7:0d:cf:c7:39:09:b8:0f:7d:58:
95:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2D:9B:C7:84:AC:02:23:90:1F:E4:31:2A:B0:CD:28:D4:59:07:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/cb6eae-d1e6-4111-bd4c-be25bb926bdc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/cb6eae-d1e6-4111-bd4c-be25bb926bdc/1/RS2bx4SsAiOQH-QxKrDNKNRZB7A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.50.0/24
Signature Algorithm: sha256WithRSAEncryption
88:a6:b1:55:26:1f:43:a2:4c:f9:6d:74:0c:ce:4c:32:87:79:
38:a9:7a:9d:77:c4:28:82:f9:eb:25:6a:5b:30:ac:3b:0c:36:
70:c3:21:bc:05:38:6b:35:75:64:30:7d:50:a6:9e:f6:25:d5:
8b:08:57:1f:6e:64:42:00:a4:4c:14:a7:83:07:d3:9b:74:0b:
22:a4:e3:df:4c:25:f3:54:f0:e7:c3:61:83:32:d0:a5:a1:d1:
97:8d:7d:4f:7e:90:7f:b2:75:28:18:b0:fe:c6:b0:04:a9:60:
6b:8c:28:eb:ed:25:1f:18:12:39:73:40:8f:0a:a7:2f:58:6f:
01:57:a6:9e:8f:7d:d2:8d:9c:81:4e:1c:ec:74:5f:4e:df:e1:
2b:41:3d:5d:37:05:f4:dd:56:2c:71:5c:5a:64:a8:20:53:10:
53:88:64:8d:da:04:c9:45:2e:ae:31:d6:01:cc:64:eb:54:01:
b3:24:6e:1a:79:34:c9:d9:92:5f:54:dc:ca:15:35:f3:b8:93:
e7:ba:ca:b2:fa:e8:c7:0f:8a:fc:7c:91:5c:59:0a:c5:52:3c:
e3:1f:8b:54:9b:29:f2:4f:69:2c:32:34:cd:5c:89:ea:bf:bb:
29:19:46:99:5a:0e:0c:0e:02:09:4e:12:09:fa:16:a4:70:61:
0e:c7:6e:2c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKQ7/HmQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwMjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NTJkOWJjNzg0
YWMwMjIzOTAxZmU0MzEyYWIwY2QyOGQ0NTkwN2IwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAkWFK+3zWpRHoq3QgOpKbchLZ4TzeMfLhaKVKQV8J+gtM
wX7wKdYk1yTqNp65Qtb53oRfocnZMvOdW3GVPY3FjQjxgBoYm8MQLfdqeG3mmz4Y
cHgXKM1Oj2NDKxtmDV2s+2PyzufENsaFSjZVEQU/Y1h2tST52FZgBRpucMQsamMR
1v9oW8UXR03rFbCAs76s1zDuOiZ5dYF0oBm6rdFN0mwG+AcxbSxNv3XdHaCIGCsA
h1WuFd2X87FAaodWpxlM3X9ImtlsWvgEEgYH5TAslo9iBh1WSo3VMi4pMAmyucED
FEOg/ThpUPkE+Bxn8UytsZhN6NcNz8c5CbgPfViVRwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFEUtm8eErAIjkB/kMSqwzSjUWQewMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiL2NiNmVhZS1kMWU2LTQxMTEt
YmQ0Yy1iZTI1YmI5MjZiZGMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvY2I2ZWFlLWQxZTYtNDExMS1i
ZDRjLWJlMjViYjkyNmJkYy8xL1JTMmJ4NFNzQWlPUUgtUXhLckROS05SWkI3QS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAudgyMA0GCSqGSIb3DQEBCwUAA4IBAQCIprFVJh9Dokz5bXQMzkwy
h3k4qXqdd8QogvnrJWpbMKw7DDZwwyG8BThrNXVkMH1Qpp72JdWLCFcfbmRCAKRM
FKeDB9ObdAsipOPfTCXzVPDnw2GDMtClodGXjX1PfpB/snUoGLD+xrAEqWBrjCjr
7SUfGBI5c0CPCqcvWG8BV6aej33SjZyBThzsdF9O3+ErQT1dNwX03VYscVxaZKgg
UxBTiGSN2gTJRS6uMdYBzGTrVAGzJG4aeTTJ2ZJfVNzKFTXzuJPnusqy+ujHD4r8
fJFcWQrFUjzjH4tUmynyT2ksMjTNXInqv7spGUaZWg4MDgIJThIJ+hakcGEOx24s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:30 2024 by rpki-client on console-fra.rpki-client.org