Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bS3Yl1bQU-BM7RPrmc9XXz36qQE.cer
File: bS3Yl1bQU-BM7RPrmc9XXz36qQE.cer (raw, json)
Hash identifier: 524NVEKOrw1V9aFSRqiiOmJt2nOm39cHVjLf1av/VEw=
Subject key identifier: 6D:2D:D8:97:56:D0:53:E0:4C:ED:13:EB:99:CF:57:5F:3D:FA:A9:01
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856FAF53EE6156E687A9E71BFCEA4FAB29
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/ff4a3b-2191-4841-b764-245a41b5ab23/1/bS3Yl1bQU-BM7RPrmc9XXz36qQE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/ff4a3b-2191-4841-b764-245a41b5ab23/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 23:33:59 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 203284
IP: 2001:67c:2fa8::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:af:53:ee:61:56:e6:87:a9:e7:1b:fc:ea:4f:ab:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:33:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d2dd89756d053e04ced13eb99cf575f3dfaa901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:af:95:6e:60:fb:d9:32:8d:b2:bf:ca:c4:42:
9a:a0:98:7f:54:68:21:c8:bb:92:f1:8d:42:91:b4:
21:fe:60:e2:98:ba:d7:41:c5:be:fe:ac:8f:62:b7:
c3:10:4d:db:b8:ea:06:40:7a:7d:24:55:ad:0f:02:
ee:6a:b3:16:9c:75:ba:f8:ae:ac:68:8b:85:73:02:
89:18:d3:25:6e:52:4f:70:ce:62:e6:9e:62:ee:2e:
35:12:dc:df:c1:26:74:c9:c1:4d:df:be:ba:ed:37:
97:36:5b:84:f9:9c:cc:61:5c:60:5f:7b:a1:2c:41:
0e:2e:83:2a:10:87:d4:94:5c:5d:29:ea:26:b3:28:
4c:f8:dc:96:10:76:ed:12:62:34:aa:85:c7:c5:e3:
a7:5c:d1:73:0c:38:06:98:0e:05:4a:96:78:78:60:
e3:8f:54:58:17:38:c5:df:7a:63:ca:dd:21:88:19:
4a:ff:1f:d2:2d:7f:9b:59:d2:9d:5e:5e:1a:c5:41:
ff:e1:4f:b8:27:86:1a:84:98:85:95:c1:ac:dc:9b:
5a:e2:85:0f:42:56:18:8b:f2:9f:be:b8:fe:62:b9:
ea:1d:c0:36:1a:48:59:7b:a3:30:f6:4d:24:42:c5:
42:ec:ef:ea:de:1d:1e:a6:82:54:41:97:58:74:3d:
94:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2D:D8:97:56:D0:53:E0:4C:ED:13:EB:99:CF:57:5F:3D:FA:A9:01
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ff4a3b-2191-4841-b764-245a41b5ab23/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ff4a3b-2191-4841-b764-245a41b5ab23/1/bS3Yl1bQU-BM7RPrmc9XXz36qQE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2fa8::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203284
Signature Algorithm: sha256WithRSAEncryption
97:13:88:18:af:1c:01:95:19:36:eb:cf:e9:0f:9a:31:c3:e0:
f7:4a:19:b7:7c:5f:2e:75:ee:3d:ae:3d:4b:02:ff:2f:28:89:
67:91:69:66:04:26:5e:b3:fe:19:8b:83:fa:3b:af:82:67:42:
dc:c6:c8:75:8a:09:b5:ec:da:0f:4b:90:fc:f9:f5:a0:bf:ca:
60:c6:2d:56:e2:e4:88:de:27:be:3f:0a:b0:1e:1a:1e:62:f3:
09:83:c7:bb:c7:6d:02:f5:b9:e9:ac:ca:4a:e7:8e:8a:4c:b7:
0f:81:c7:13:66:d6:e3:b8:42:34:d5:dd:20:d5:83:d4:7a:c2:
b2:76:ac:91:99:f2:f9:57:b1:eb:b6:97:41:34:34:60:7a:71:
e8:16:fc:61:e4:27:17:aa:03:48:a2:f6:5f:11:d7:98:4c:97:
d6:8f:ae:4b:09:72:77:75:40:18:60:f5:51:47:68:b7:de:54:
6e:8b:fe:39:3a:86:18:05:86:31:b1:24:05:4b:fa:29:f1:2f:
71:58:d1:1d:0d:4d:a0:e0:6c:37:4c:e7:11:4c:37:0b:9d:8c:
56:67:3f:9e:57:a1:30:be:82:78:ba:34:22:c4:3b:96:e0:1e:
dd:53:1e:46:bd:5b:e0:23:3e:9b:c4:f6:8d:90:be:09:8b:0c:
12:d2:67:45
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVvr1PuYVbmh6nnG/zqT6spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJkZDg5NzU2ZDA1M2UwNGNlZDEzZWI5OWNmNTc1ZjNkZmFhOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq+VbmD72TKNsr/KxEKaoJh/VGgh
yLuS8Y1CkbQh/mDimLrXQcW+/qyPYrfDEE3buOoGQHp9JFWtDwLuarMWnHW6+K6s
aIuFcwKJGNMlblJPcM5i5p5i7i41EtzfwSZ0ycFN37667TeXNluE+ZzMYVxgX3uh
LEEOLoMqEIfUlFxdKeomsyhM+NyWEHbtEmI0qoXHxeOnXNFzDDgGmA4FSpZ4eGDj
j1RYFzjF33pjyt0hiBlK/x/SLX+bWdKdXl4axUH/4U+4J4YahJiFlcGs3Jta4oUP
QlYYi/Kfvrj+YrnqHcA2GkhZe6Mw9k0kQsVC7O/q3h0epoJUQZdYdD2U6wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFG0t2JdW0FPgTO0T65nPV189+qkBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhL2ZmNGEz
Yi0yMTkxLTQ4NDEtYjc2NC0yNDVhNDFiNWFiMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvZmY0YTNi
LTIxOTEtNDg0MS1iNzY0LTI0NWE0MWI1YWIyMy8xL2JTM1lsMWJRVS1CTTdSUHJt
YzlYWHozNnFRRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC+oMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMaFDANBgkqhkiG9w0BAQsFAAOCAQEAlxOIGK8cAZUZNuvP6Q+aMcPg90oZ
t3xfLnXuPa49SwL/LyiJZ5FpZgQmXrP+GYuD+juvgmdC3MbIdYoJtezaD0uQ/Pn1
oL/KYMYtVuLkiN4nvj8KsB4aHmLzCYPHu8dtAvW56azKSueOiky3D4HHE2bW47hC
NNXdINWD1HrCsnaskZny+Vex67aXQTQ0YHpx6Bb8YeQnF6oDSKL2XxHXmEyX1o+u
Swlyd3VAGGD1UUdot95Ubov+OTqGGAWGMbEkBUv6KfEvcVjRHQ1NoOBsN0znEUw3
C52MVmc/nlehML6CeLo0IsQ7luAe3VMeRr1b4CM+m8T2jZC+CYsMEtJnRQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:14:24 2025 by rpki-client