Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U4fC0BCOE7IB8FBakCXK12tfUJg.cer
File: U4fC0BCOE7IB8FBakCXK12tfUJg.cer (raw, json)
Hash identifier: Ons7SLqPHOxB9Qcl1tzP/Luj3fY9TcHcnUN8ph04iiU=
Subject key identifier: 53:87:C2:D0:10:8E:13:B2:01:F0:50:5A:90:25:CA:D7:6B:5F:50:98
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9DE20A8C62
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a5/b3e5e9-5b65-4461-be96-368af02cf775/1/U4fC0BCOE7IB8FBakCXK12tfUJg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a5/b3e5e9-5b65-4461-be96-368af02cf775/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 04:56:32 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.213.74.0/23
IP: 91.213.120.0/23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 678102207586 (0x9de20a8c62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5387c2d0108e13b201f0505a9025cad76b5f5098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:e9:7f:5b:d9:c9:25:d7:a3:e3:d6:76:22:
3d:1e:6f:ef:47:e3:f8:c0:93:bb:dc:b5:1b:5e:a7:
71:5d:0e:6c:1d:39:d1:8b:3d:7b:79:95:e9:1d:a3:
04:4e:e9:70:3a:6b:77:23:98:48:76:29:44:d7:a0:
4c:e5:c0:1a:bf:d2:b1:dc:f4:fd:1f:d4:a0:fe:73:
21:96:10:a7:a7:9e:b3:06:17:40:6e:ce:04:0e:b0:
75:13:bc:39:bd:21:7d:4b:80:ea:57:3a:3d:6b:b2:
dd:d8:9d:14:f3:63:ad:85:1a:73:cf:60:e1:8b:e6:
f0:65:1b:2d:94:d9:d4:78:55:a9:b6:ed:a6:8f:3b:
42:81:0f:09:40:8a:22:1a:04:66:4e:57:72:4c:0e:
f2:5c:61:8c:0a:f6:06:23:9c:c0:be:a3:f1:9d:70:
c2:d2:e0:64:0b:c5:d8:01:97:27:bb:95:3f:86:85:
4a:fc:7c:ce:ab:e1:47:e3:d3:66:9b:de:19:d7:38:
09:7b:a6:e5:42:9c:00:d9:49:68:09:c2:68:25:dc:
b8:09:5e:bc:16:a9:92:11:e6:69:a0:9c:87:d0:6b:
64:6f:a5:43:01:c2:64:f3:2a:34:0b:9c:e6:45:c2:
db:cc:8f:5c:77:17:b1:4f:fb:4d:25:09:bb:2d:35:
78:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:87:C2:D0:10:8E:13:B2:01:F0:50:5A:90:25:CA:D7:6B:5F:50:98
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b3e5e9-5b65-4461-be96-368af02cf775/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b3e5e9-5b65-4461-be96-368af02cf775/1/U4fC0BCOE7IB8FBakCXK12tfUJg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.74.0/23
91.213.120.0/23
Signature Algorithm: sha256WithRSAEncryption
26:4f:2e:19:0d:3c:02:e3:85:83:ec:ce:33:d7:06:d3:f9:be:
04:5e:04:46:ef:47:fc:60:48:54:4b:f1:14:17:96:7c:28:67:
57:25:b9:e0:37:d0:76:c0:42:bc:b8:e9:48:68:5d:b8:36:9e:
08:1a:b6:14:00:8e:b6:e2:72:93:92:98:49:d5:ba:bf:5f:f3:
80:fc:64:5a:1f:c5:ab:15:fc:13:ab:1f:d1:0e:3f:e4:47:ae:
81:9e:a2:7d:db:49:9f:6f:fa:6b:8d:2b:9b:5f:02:a9:d1:17:
4a:51:4f:1f:cf:60:ab:9d:b3:49:3d:28:91:4e:25:c6:5d:85:
93:de:d3:7e:a2:17:05:36:01:67:8b:7c:87:28:8e:4d:07:80:
c3:35:98:b4:49:07:41:1b:e4:08:d4:ae:82:a5:de:f9:e2:13:
ef:a8:a1:a7:ec:46:c4:85:e9:8b:40:ac:7a:07:2b:87:cd:ee:
69:a1:8d:e5:85:86:b1:f0:28:ef:ea:4a:92:a0:33:19:3f:bb:
43:91:49:db:ba:34:88:da:dc:f7:47:e9:59:f8:9d:3a:d8:4d:
1c:00:c9:69:d8:cb:f6:36:91:a3:ba:cb:2d:a1:3e:99:3d:70:
79:e5:34:42:1f:f2:43:c7:12:55:b8:f8:7d:ed:e1:9d:13:cd:
e5:17:9e:25
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIGAJ3iCoxiMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQ1NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1Mzg3YzJkMDEw
OGUxM2IyMDFmMDUwNWE5MDI1Y2FkNzZiNWY1MDk4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAl6Hpf1vZySXXo+PWdiI9Hm/vR+P4wJO73LUbXqdxXQ5s
HTnRiz17eZXpHaMETulwOmt3I5hIdilE16BM5cAav9Kx3PT9H9Sg/nMhlhCnp56z
BhdAbs4EDrB1E7w5vSF9S4DqVzo9a7Ld2J0U82OthRpzz2Dhi+bwZRstlNnUeFWp
tu2mjztCgQ8JQIoiGgRmTldyTA7yXGGMCvYGI5zAvqPxnXDC0uBkC8XYAZcnu5U/
hoVK/HzOq+FH49Nmm94Z1zgJe6blQpwA2UloCcJoJdy4CV68FqmSEeZpoJyH0Gtk
b6VDAcJk8yo0C5zmRcLbzI9cdxexT/tNJQm7LTV49wIDAQABo4ICijCCAoYwHQYD
VR0OBBYEFFOHwtAQjhOyAfBQWpAlytdrX1CYMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E1L2IzZTVlOS01YjY1LTQ0NjEt
YmU5Ni0zNjhhZjAyY2Y3NzUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUvYjNlNWU5LTViNjUtNDQ2MS1i
ZTk2LTM2OGFmMDJjZjc3NS8xL1U0ZkMwQkNPRTdJQjhGQmFrQ1hLMTJ0ZlVKZy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQBW9VKAwQBW9V4MA0GCSqGSIb3DQEBCwUAA4IBAQAmTy4ZDTwC44WD
7M4z1wbT+b4EXgRG70f8YEhUS/EUF5Z8KGdXJbngN9B2wEK8uOlIaF24Np4IGrYU
AI624nKTkphJ1bq/X/OA/GRaH8WrFfwTqx/RDj/kR66BnqJ920mfb/prjSubXwKp
0RdKUU8fz2CrnbNJPSiRTiXGXYWT3tN+ohcFNgFni3yHKI5NB4DDNZi0SQdBG+QI
1K6Cpd754hPvqKGn7EbEhemLQKx6ByuHze5poY3lhYax8Cjv6kqSoDMZP7tDkUnb
ujSI2tz3R+lZ+J062E0cAMlp2Mv2NpGjusstoT6ZPXB55TRCH/JDxxJVuPh97eGd
E83lF54l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:08 2024 by rpki-client on console-fra.rpki-client.org