Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RYSG8Ra3AJf-IkeQJ-FVPKfbc68.cer
File: RYSG8Ra3AJf-IkeQJ-FVPKfbc68.cer (raw, json)
Hash identifier: dMW9dtwC/qj6Uiyc0zcPLsyjFAwXMbg/TE4puQAemXk=
Subject key identifier: 45:84:86:F1:16:B7:00:97:FE:22:47:90:27:E1:55:3C:A7:DB:73:AF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 99D450B4C5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c9/7e80c0-7249-4b07-9c5b-b6194acf1c40/1/RYSG8Ra3AJf-IkeQJ-FVPKfbc68.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c9/7e80c0-7249-4b07-9c5b-b6194acf1c40/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 01:01:53 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 206503
IP: 185.131.188.0/22
IP: 2a0b:d80::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660692055237 (0x99d450b4c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:01:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=458486f116b70097fe22479027e1553ca7db73af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b4:d9:17:98:5d:15:b4:58:23:a5:54:87:38:
76:a1:10:6d:f1:59:b0:f6:39:dc:54:43:d4:df:35:
b2:57:49:7b:3b:b5:8a:78:8c:0c:9c:98:8a:c1:be:
70:dd:97:7c:f8:c6:43:34:36:e7:27:12:13:7f:c2:
89:e5:5d:f5:97:cd:db:38:63:ef:31:ef:cd:32:06:
f0:68:00:c8:cb:13:32:02:ac:29:fa:67:ca:d2:ae:
be:79:ec:33:b5:c3:ff:ec:a2:b3:5c:ec:c0:10:7c:
9c:70:cc:ec:ea:5d:e4:5f:c3:6c:3e:d0:c6:1c:10:
e6:04:50:52:9d:d4:83:f5:fa:9f:d7:99:6a:dc:46:
b5:46:2b:03:77:32:30:31:7c:82:d7:9d:53:34:c1:
b6:10:e1:a1:55:33:f3:2b:04:3e:c5:e6:29:a9:0d:
70:25:15:27:a7:40:10:ac:d7:4a:7f:d0:e1:df:df:
07:32:c6:08:5a:5f:17:0d:ce:cb:0c:bd:c5:75:e5:
b4:b3:af:84:86:09:e2:5e:6e:dd:ae:26:b2:c0:3e:
ac:12:33:79:f1:14:58:6e:b6:77:af:e4:be:a9:6c:
4c:58:d6:0f:9d:07:51:61:11:1a:92:3b:4a:f8:a4:
d6:31:7c:42:c6:40:b8:61:6b:6e:b3:e2:bd:f3:53:
21:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:84:86:F1:16:B7:00:97:FE:22:47:90:27:E1:55:3C:A7:DB:73:AF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/7e80c0-7249-4b07-9c5b-b6194acf1c40/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/7e80c0-7249-4b07-9c5b-b6194acf1c40/1/RYSG8Ra3AJf-IkeQJ-FVPKfbc68.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.188.0/22
IPv6:
2a0b:d80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206503
Signature Algorithm: sha256WithRSAEncryption
21:a3:ef:1e:c7:9d:22:6f:38:d1:47:cb:5c:67:47:21:ab:b9:
76:1b:0b:68:74:a7:18:e6:99:cc:ff:86:38:97:eb:d0:69:7f:
0d:72:47:b4:73:2b:d9:ba:46:cb:b9:8c:f2:a0:4c:36:c9:ff:
90:1c:97:6a:00:eb:a3:44:bd:17:35:bf:78:42:5f:ad:91:15:
c6:e4:ca:06:45:04:bb:f6:c4:d6:05:8f:4e:e1:21:70:1b:9f:
98:a0:f9:27:41:aa:b2:b9:42:8e:d5:7b:c0:68:ff:f3:60:76:
34:94:bc:3d:40:9f:2e:37:f7:72:77:39:f2:0e:f8:f1:bd:a9:
58:33:9d:ae:b2:78:9c:05:25:e6:89:cf:b2:32:3e:ca:02:3e:
eb:00:86:e0:54:ce:a0:7d:97:76:8b:c2:0c:c0:aa:c4:eb:1a:
0a:16:9d:23:d4:a6:7f:e4:fa:09:98:24:b5:15:68:1b:99:fe:
0d:cc:2d:19:87:a3:5f:6a:99:7b:e5:d2:c5:50:ef:44:2d:7e:
a7:bb:37:db:99:44:ff:c1:1d:85:95:34:4e:49:d1:84:36:55:
fa:a2:d1:12:8b:d2:ee:cc:fb:90:7f:c4:ca:75:16:0c:e0:84:
6b:53:eb:38:bc:09:8f:a7:fd:36:39:2f:02:af:55:2d:98:d2:
c9:90:be:ab
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJnUULTFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDEwMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NTg0ODZmMTE2
YjcwMDk3ZmUyMjQ3OTAyN2UxNTUzY2E3ZGI3M2FmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoLTZF5hdFbRYI6VUhzh2oRBt8Vmw9jncVEPU3zWyV0l7
O7WKeIwMnJiKwb5w3Zd8+MZDNDbnJxITf8KJ5V31l83bOGPvMe/NMgbwaADIyxMy
Aqwp+mfK0q6+eewztcP/7KKzXOzAEHyccMzs6l3kX8NsPtDGHBDmBFBSndSD9fqf
15lq3Ea1RisDdzIwMXyC151TNMG2EOGhVTPzKwQ+xeYpqQ1wJRUnp0AQrNdKf9Dh
398HMsYIWl8XDc7LDL3FdeW0s6+EhgniXm7driaywD6sEjN58RRYbrZ3r+S+qWxM
WNYPnQdRYREakjtK+KTWMXxCxkC4YWtus+K981MhBQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFEWEhvEWtwCX/iJHkCfhVTyn23OvMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5LzdlODBjMC03MjQ5LTRiMDct
OWM1Yi1iNjE5NGFjZjFjNDAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvN2U4MGMwLTcyNDktNGIwNy05
YzViLWI2MTk0YWNmMWM0MC8xL1JZU0c4UmEzQUpmLUlrZVFKLUZWUEtmYmM2OC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuYO8MA0EAgACMAcDBQMqCw2AMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMmpzANBgkqhkiG9w0BAQsFAAOCAQEAIaPvHsedIm840UfLXGdHIau5dhsL
aHSnGOaZzP+GOJfr0Gl/DXJHtHMr2bpGy7mM8qBMNsn/kByXagDro0S9FzW/eEJf
rZEVxuTKBkUEu/bE1gWPTuEhcBufmKD5J0GqsrlCjtV7wGj/82B2NJS8PUCfLjf3
cnc58g748b2pWDOdrrJ4nAUl5onPsjI+ygI+6wCG4FTOoH2XdovCDMCqxOsaChad
I9Smf+T6CZgktRVoG5n+DcwtGYejX2qZe+XSxVDvRC1+p7s325lE/8EdhZU0TknR
hDZV+qLREovS7sz7kH/EynUWDOCEa1PrOLwJj6f9NjkvAq9VLZjSyZC+qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:31 2024 by rpki-client on console-fra.rpki-client.org