Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/epkSQeTcWTfvs40IIN0kKbwqFFE.cer
File: epkSQeTcWTfvs40IIN0kKbwqFFE.cer (raw, json)
Hash identifier: EHI1L8Turfs0iZ/WTRjqh3R/P5GTjrRW5EG2BfvhRxk=
Subject key identifier: 7A:99:12:41:E4:DC:59:37:EF:B3:8D:08:20:DD:24:29:BC:2A:14:51
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A58B23706E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/3f690b-4fe3-461a-b1b7-2bb9dd2f7a60/1/epkSQeTcWTfvs40IIN0kKbwqFFE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/3f690b-4fe3-461a-b1b7-2bb9dd2f7a60/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:03:23 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 47535
IP: 91.204.172.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 711003959406 (0xa58b23706e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a991241e4dc5937efb38d0820dd2429bc2a1451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:db:36:8d:ce:8c:07:09:54:4b:ba:a2:9b:
b1:59:0c:85:77:9e:9c:bd:64:4e:c2:21:d6:0d:da:
ee:05:fa:2d:4b:4d:09:31:7d:41:5b:64:0d:a6:ed:
59:4b:ef:41:00:a0:4a:1b:ee:36:57:86:d4:c7:3e:
09:61:5d:5b:58:c3:9a:64:b9:cd:e4:c5:23:e7:51:
1f:fd:d2:4c:c9:ef:6e:dd:21:f9:36:37:8d:38:53:
34:cd:67:fb:d0:34:df:31:49:be:b1:47:1b:54:7f:
43:2a:8b:19:fc:4a:02:e5:4b:7a:46:d0:dd:78:21:
f0:99:5b:dc:81:f3:63:b3:ce:53:e1:14:78:03:b3:
4d:ac:9a:95:0a:5f:3f:d3:72:41:ff:cc:d9:27:8c:
9d:4b:9c:cf:dd:bb:65:3c:be:6f:fa:c3:4f:a7:29:
f0:5e:be:2c:9c:6f:83:5d:80:c2:c7:3f:a6:ea:d0:
9d:98:56:4c:ee:bb:6e:55:9e:07:47:2d:48:05:28:
65:21:9d:47:31:e0:46:13:a2:a2:f2:fa:fd:c9:f7:
20:c1:e4:a5:b2:81:14:fb:b9:4e:40:4f:6c:2a:8b:
21:8c:fc:8b:a1:a1:69:47:86:27:73:00:21:1a:a1:
aa:d3:05:e1:f8:e7:32:80:7e:57:86:d4:71:94:08:
0d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:99:12:41:E4:DC:59:37:EF:B3:8D:08:20:DD:24:29:BC:2A:14:51
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/3f690b-4fe3-461a-b1b7-2bb9dd2f7a60/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/3f690b-4fe3-461a-b1b7-2bb9dd2f7a60/1/epkSQeTcWTfvs40IIN0kKbwqFFE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.172.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47535
Signature Algorithm: sha256WithRSAEncryption
92:1f:07:26:40:80:6e:dc:b1:07:e7:a6:3c:77:4b:d0:12:6b:
28:08:75:e8:e6:c5:74:48:52:b2:49:06:2c:eb:98:ba:1a:a5:
67:d0:34:a6:3e:9d:9e:70:16:74:3c:6b:eb:44:1d:43:7d:d6:
6b:10:9d:9b:97:7d:da:e1:01:1f:98:51:c2:ae:c4:ce:6d:81:
96:ab:e3:a7:ca:ec:17:08:d2:c2:41:1c:13:d1:a3:67:3e:30:
4d:a9:e2:c8:e8:47:93:7f:75:53:a7:1b:0a:2c:b0:e1:6e:85:
a7:73:01:d1:c0:52:c2:23:d3:6f:8d:e9:54:54:08:81:b5:b4:
8d:ea:70:1b:c3:c7:9b:0c:a3:29:3d:c8:25:5d:75:1c:cc:bf:
2b:46:1c:17:54:d9:10:61:2e:b7:99:cc:55:b5:36:6c:5d:5d:
bb:fc:3c:33:57:62:0f:18:c5:07:f6:f4:19:c7:1b:91:91:57:
77:34:cf:3a:6c:42:89:f2:97:a6:d5:8f:22:f5:74:a3:f0:ea:
0b:f9:ac:34:c2:9b:03:af:dd:a2:c4:9b:b7:ec:91:74:0f:de:
97:42:24:fe:9a:c1:a9:a1:c9:e1:79:ff:eb:23:96:bf:48:8c:
22:ea:77:53:96:21:9a:83:27:dc:ff:c1:7c:1a:ae:a4:4f:4c:
4b:cc:09:47
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKWLI3BuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTEwMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3YTk5MTI0MWU0
ZGM1OTM3ZWZiMzhkMDgyMGRkMjQyOWJjMmExNDUxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAkC/bNo3OjAcJVEu6opuxWQyFd56cvWROwiHWDdruBfot
S00JMX1BW2QNpu1ZS+9BAKBKG+42V4bUxz4JYV1bWMOaZLnN5MUj51Ef/dJMye9u
3SH5NjeNOFM0zWf70DTfMUm+sUcbVH9DKosZ/EoC5Ut6RtDdeCHwmVvcgfNjs85T
4RR4A7NNrJqVCl8/03JB/8zZJ4ydS5zP3btlPL5v+sNPpynwXr4snG+DXYDCxz+m
6tCdmFZM7rtuVZ4HRy1IBShlIZ1HMeBGE6Ki8vr9yfcgweSlsoEU+7lOQE9sKosh
jPyLoaFpR4YncwAhGqGq0wXh+OcygH5XhtRxlAgNxQIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFHqZEkHk3Fk377ONCCDdJCm8KhRRMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0LzNmNjkwYi00ZmUzLTQ2MWEt
YjFiNy0yYmI5ZGQyZjdhNjAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvM2Y2OTBiLTRmZTMtNDYxYS1i
MWI3LTJiYjlkZDJmN2E2MC8xL2Vwa1NRZVRjV1RmdnM0MElJTjBrS2J3cUZGRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCW8ysMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC5rzANBgkqhkiG
9w0BAQsFAAOCAQEAkh8HJkCAbtyxB+emPHdL0BJrKAh16ObFdEhSskkGLOuYuhql
Z9A0pj6dnnAWdDxr60QdQ33WaxCdm5d92uEBH5hRwq7Ezm2Blqvjp8rsFwjSwkEc
E9GjZz4wTaniyOhHk391U6cbCiyw4W6Fp3MB0cBSwiPTb43pVFQIgbW0jepwG8PH
mwyjKT3IJV11HMy/K0YcF1TZEGEut5nMVbU2bF1du/w8M1diDxjFB/b0GccbkZFX
dzTPOmxCifKXptWPIvV0o/DqC/msNMKbA6/dosSbt+yRdA/el0Ik/prBqaHJ4Xn/
6yOWv0iMIup3U5YhmoMn3P/BfBqupE9MS8wJRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:03 2024 by rpki-client on console-fra.rpki-client.org