Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YzGimgm5i4WsSUShSLmvCMJ1RaE.cer
File: YzGimgm5i4WsSUShSLmvCMJ1RaE.cer (raw, json)
Hash identifier: euj3GtmmNIgFeveZnQ/kcMB+xBMAvqc711v7HXhnP/Y=
Subject key identifier: 63:31:A2:9A:09:B9:8B:85:AC:49:44:A1:48:B9:AF:08:C2:75:45:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A2BB7704C2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ff/b0a72d-c7a5-4add-9ec2-4be99f65dad4/1/YzGimgm5i4WsSUShSLmvCMJ1RaE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ff/b0a72d-c7a5-4add-9ec2-4be99f65dad4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:58:07 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 207227
IP: 185.74.36.0/22
IP: 2a05:48c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698929841346 (0xa2bb7704c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:58:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6331a29a09b98b85ac4944a148b9af08c27545a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:73:f3:da:c3:ac:32:43:6c:eb:99:61:8b:
b9:db:34:59:5c:47:8a:f6:b1:b5:91:12:c5:49:23:
7b:4b:c6:a8:ce:15:7f:07:5e:f8:d1:4a:14:94:fc:
6c:e3:f6:90:d1:e7:29:95:14:71:61:4d:99:63:74:
e8:dd:0b:81:04:d8:15:9b:5e:d6:49:7c:36:b2:7c:
7e:66:0b:67:5c:74:a3:44:c0:0b:3f:63:17:cd:b9:
27:35:93:1f:90:89:2b:45:42:6d:1c:b9:94:ae:fa:
b8:5e:a5:55:5a:58:9a:d4:87:85:87:99:49:d4:76:
46:77:14:c3:b5:6f:1a:e2:60:40:56:ca:56:c7:2c:
e1:56:cc:eb:bd:6d:6c:ad:b8:98:ac:d2:bf:3d:a0:
6e:f0:c2:b6:14:e3:8e:b0:eb:e7:c0:c8:59:56:6e:
99:bf:68:8d:b6:4a:e5:78:a8:82:15:d7:f6:3f:eb:
10:f5:5f:3c:e9:34:f7:b1:66:7b:76:37:18:64:21:
9b:ae:2a:b7:0a:0e:ff:6a:8a:04:5a:4b:0e:9a:cf:
38:26:7d:23:51:18:ba:9c:f6:ae:d0:ea:c3:e8:a3:
4d:06:2a:6d:7b:ad:30:c6:35:ed:c4:5a:cd:3a:d4:
b3:62:89:0a:05:d6:4b:00:d8:26:47:45:e4:d3:d6:
09:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:31:A2:9A:09:B9:8B:85:AC:49:44:A1:48:B9:AF:08:C2:75:45:A1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b0a72d-c7a5-4add-9ec2-4be99f65dad4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b0a72d-c7a5-4add-9ec2-4be99f65dad4/1/YzGimgm5i4WsSUShSLmvCMJ1RaE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.36.0/22
IPv6:
2a05:48c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207227
Signature Algorithm: sha256WithRSAEncryption
8e:4c:f8:47:19:45:f9:a5:b2:2b:07:12:60:ea:b4:91:6d:78:
e8:6b:8a:b4:99:c2:36:6b:2c:7d:0f:09:0c:76:ac:e0:23:9e:
ca:7e:ea:c6:78:9e:60:ab:2c:f3:70:0b:49:eb:94:96:7a:41:
72:8f:d9:da:2f:02:60:15:61:c1:1a:a7:33:9a:da:0d:7f:e9:
dd:0f:1f:c4:69:1a:09:db:47:b9:4f:d0:ab:a0:b1:41:6d:a4:
d7:21:ab:6e:97:3b:21:4f:87:75:48:2d:30:9b:50:a4:59:1e:
3c:ce:c6:b5:58:d7:36:1e:2f:f1:d8:41:58:4c:6b:0d:b4:3e:
6d:c0:34:22:67:7f:7b:29:54:76:79:cf:5b:73:b6:59:fd:a4:
19:5c:5c:e7:1a:32:a0:1d:80:25:67:6d:66:3e:7f:e0:03:e4:
3d:45:fc:57:8c:f1:1a:ff:38:12:84:a0:af:f3:ff:b0:a5:0a:
97:a7:48:4c:e4:f0:b3:c3:d7:0d:f8:c7:14:b6:80:59:d6:f5:
b9:4c:2e:5d:2d:af:5e:5d:e1:e6:e5:b4:a7:89:2a:56:89:ee:
12:c2:19:6d:89:05:c3:b5:08:9f:b7:d9:89:7a:d5:f0:7b:00:
7d:95:c6:9a:3a:c5:51:35:38:08:08:80:d1:ad:a8:17:04:f7:
65:05:67:3b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKK7dwTCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1ODA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MzMxYTI5YTA5
Yjk4Yjg1YWM0OTQ0YTE0OGI5YWYwOGMyNzU0NWExMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAjkVz89rDrDJDbOuZYYu52zRZXEeK9rG1kRLFSSN7S8ao
zhV/B1740UoUlPxs4/aQ0ecplRRxYU2ZY3To3QuBBNgVm17WSXw2snx+ZgtnXHSj
RMALP2MXzbknNZMfkIkrRUJtHLmUrvq4XqVVWlia1IeFh5lJ1HZGdxTDtW8a4mBA
VspWxyzhVszrvW1srbiYrNK/PaBu8MK2FOOOsOvnwMhZVm6Zv2iNtkrleKiCFdf2
P+sQ9V886TT3sWZ7djcYZCGbriq3Cg7/aooEWksOms84Jn0jURi6nPau0OrD6KNN
Bipte60wxjXtxFrNOtSzYokKBdZLANgmR0Xk09YJBwIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFGMxopoJuYuFrElEoUi5rwjCdUWhMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2IwYTcyZC1jN2E1LTRhZGQt
OWVjMi00YmU5OWY2NWRhZDQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvYjBhNzJkLWM3YTUtNGFkZC05
ZWMyLTRiZTk5ZjY1ZGFkNC8xL1l6R2ltZ201aTRXc1NVU2hTTG12Q01KMVJhRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuUokMA0EAgACMAcDBQMqBUjAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMpezANBgkqhkiG9w0BAQsFAAOCAQEAjkz4RxlF+aWyKwcSYOq0kW146GuK
tJnCNmssfQ8JDHas4COeyn7qxnieYKss83ALSeuUlnpBco/Z2i8CYBVhwRqnM5ra
DX/p3Q8fxGkaCdtHuU/Qq6CxQW2k1yGrbpc7IU+HdUgtMJtQpFkePM7GtVjXNh4v
8dhBWExrDbQ+bcA0Imd/eylUdnnPW3O2Wf2kGVxc5xoyoB2AJWdtZj5/4APkPUX8
V4zxGv84EoSgr/P/sKUKl6dITOTws8PXDfjHFLaAWdb1uUwuXS2vXl3h5uW0p4kq
VonuEsIZbYkFw7UIn7fZiXrV8HsAfZXGmjrFUTU4CAiA0a2oFwT3ZQVnOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:04 2024 by rpki-client on console-ams.rpki-client.org