Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WhIaVFvXApIVevl1RmzINoMat9Y.cer
File: WhIaVFvXApIVevl1RmzINoMat9Y.cer (raw, json)
Hash identifier: mZmlridRbJblGvuwsr2rMYOotMBI/M+NQRIX2QPLiSc=
Subject key identifier: 5A:12:1A:54:5B:D7:02:92:15:7A:F9:75:46:6C:C8:36:83:1A:B7:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7B14DCD42
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/db/acffcd-0c96-4e5c-9357-1c2f7677a88c/1/WhIaVFvXApIVevl1RmzINoMat9Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/db/acffcd-0c96-4e5c-9357-1c2f7677a88c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:04:15 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 28951
IP: 195.47.213.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720234204482 (0xa7b14dcd42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a121a545bd70292157af975466cc836831ab7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:4d:43:71:9e:b0:0b:fb:32:28:8c:3e:49:
63:51:a5:4e:b3:d2:a9:b0:90:f7:3e:5d:91:dc:b8:
4c:20:61:74:07:e7:00:02:a4:da:f0:38:fc:dc:46:
5f:7b:45:e6:78:93:fe:bd:34:d2:f1:ad:59:d5:36:
55:dc:59:00:e5:a5:37:e3:48:44:89:50:d6:94:5c:
b5:91:dd:6e:4e:fa:c5:b2:03:a6:da:12:7a:42:84:
ab:04:90:ae:6d:30:4b:4b:fa:6b:40:53:ab:a9:7f:
9d:94:c2:ff:8d:bc:b4:9a:f6:8c:fa:8f:81:91:db:
68:60:74:3c:5a:24:da:92:aa:f8:f7:e1:e4:17:d2:
5a:67:d6:0a:db:fc:0b:05:62:bc:e9:49:35:43:71:
31:75:19:eb:0f:ec:f3:30:d1:10:32:d4:bb:4a:bf:
7d:75:32:be:ae:2b:94:09:00:b3:12:12:53:c1:d5:
77:63:8b:1c:45:e8:c0:56:3e:fc:c7:6f:1f:e0:c3:
b6:c7:44:c2:fa:f8:62:5e:3e:35:82:ce:28:2a:ee:
89:a0:a6:3d:ea:02:a3:33:e3:2c:08:a9:51:04:90:
eb:fb:11:9c:c1:83:43:97:60:e0:98:22:d3:de:37:
0e:fe:d0:ee:47:68:9a:1d:b1:14:00:0f:7d:41:9b:
00:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:12:1A:54:5B:D7:02:92:15:7A:F9:75:46:6C:C8:36:83:1A:B7:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acffcd-0c96-4e5c-9357-1c2f7677a88c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acffcd-0c96-4e5c-9357-1c2f7677a88c/1/WhIaVFvXApIVevl1RmzINoMat9Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.213.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
28951
Signature Algorithm: sha256WithRSAEncryption
27:40:1c:cc:12:d3:78:b1:93:8a:4f:4c:6e:af:de:08:b2:57:
9f:0d:48:48:5d:38:2d:7e:39:2c:68:f1:3e:03:20:24:78:44:
82:58:b1:bc:39:bd:ac:89:97:1e:19:ac:7f:53:cf:07:fb:d8:
e5:6e:b9:87:10:cd:f8:1b:6c:ff:e3:44:7d:4a:26:d8:75:f1:
c7:c8:92:74:a3:2d:bf:32:66:9b:1d:6e:6f:0c:d9:2d:76:18:
d9:31:70:95:e8:56:3e:f3:56:dc:43:0d:1f:d5:45:9d:c5:5a:
a1:21:a6:b1:f8:df:99:36:21:a4:a7:78:21:a1:fd:1b:28:91:
dd:48:c8:23:d4:3d:4f:e6:2a:af:67:7f:27:2e:ef:4b:e4:5d:
98:ad:05:8e:22:71:19:ad:2b:f1:a8:b1:34:68:ac:6b:48:07:
6d:82:52:89:95:f3:f9:eb:92:b1:e1:fb:e3:a6:74:65:18:be:
cc:5a:1e:50:8c:8a:57:0e:b4:36:20:6a:70:0c:08:28:c6:3d:
ca:9e:b7:a8:e1:ab:d4:05:8d:54:a5:13:36:e2:90:8d:d8:d8:
37:43:43:7a:8b:f6:9d:41:41:94:3d:61:95:92:ed:02:e3:fe:
83:2e:c8:cd:76:2d:22:15:fe:54:26:ca:3c:87:06:4b:8f:33:
23:1a:b6:e7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIGAKexTc1CMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1YTEyMWE1NDVi
ZDcwMjkyMTU3YWY5NzU0NjZjYzgzNjgzMWFiN2Q2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA1o9NQ3GesAv7MiiMPkljUaVOs9KpsJD3Pl2R3LhMIGF0
B+cAAqTa8Dj83EZfe0XmeJP+vTTS8a1Z1TZV3FkA5aU340hEiVDWlFy1kd1uTvrF
sgOm2hJ6QoSrBJCubTBLS/prQFOrqX+dlML/jby0mvaM+o+BkdtoYHQ8WiTakqr4
9+HkF9JaZ9YK2/wLBWK86Uk1Q3ExdRnrD+zzMNEQMtS7Sr99dTK+riuUCQCzEhJT
wdV3Y4scRejAVj78x28f4MO2x0TC+vhiXj41gs4oKu6JoKY96gKjM+MsCKlRBJDr
+xGcwYNDl2DgmCLT3jcO/tDuR2iaHbEUAA99QZsARwIDAQABo4ICnzCCApswHQYD
VR0OBBYEFFoSGlRb1wKSFXr5dUZsyDaDGrfWMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiL2FjZmZjZC0wYzk2LTRlNWMt
OTM1Ny0xYzJmNzY3N2E4OGMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvYWNmZmNkLTBjOTYtNGU1Yy05
MzU3LTFjMmY3Njc3YTg4Yy8xL1doSWFWRnZYQXBJVmV2bDFSbXpJTm9NYXQ5WS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwy/VMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnEXMA0GCSqGSIb3
DQEBCwUAA4IBAQAnQBzMEtN4sZOKT0xur94IslefDUhIXTgtfjksaPE+AyAkeESC
WLG8Ob2siZceGax/U88H+9jlbrmHEM34G2z/40R9SibYdfHHyJJ0oy2/MmabHW5v
DNktdhjZMXCV6FY+81bcQw0f1UWdxVqhIaax+N+ZNiGkp3ghof0bKJHdSMgj1D1P
5iqvZ38nLu9L5F2YrQWOInEZrSvxqLE0aKxrSAdtglKJlfP565Kx4fvjpnRlGL7M
Wh5QjIpXDrQ2IGpwDAgoxj3Knreo4avUBY1UpRM24pCN2Ng3Q0N6i/adQUGUPWGV
ku0C4/6DLsjNdi0iFf5UJso8hwZLjzMjGrbn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:44 2024 by rpki-client on console-fra.rpki-client.org