Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h1wObtsVGo-RoIabv6VhiD58Ems.cer
File: h1wObtsVGo-RoIabv6VhiD58Ems.cer (raw, json)
Hash identifier: IiW28HJIAqJRY40AxBKwzdyyShX2kjoH0KieMrta3gs=
Subject key identifier: 87:5C:0E:6E:DB:15:1A:8F:91:A0:86:9B:BF:A5:61:88:3E:7C:12:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9B73D49ABE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/h1wObtsVGo-RoIabv6VhiD58Ems.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 02:53:50 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.129.20.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 667663243966 (0x9b73d49abe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=875c0e6edb151a8f91a0869bbfa561883e7c126b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:76:7f:e9:62:eb:f1:ed:db:b8:fa:93:8a:
89:04:ad:18:67:72:b3:02:71:3f:8b:80:05:70:02:
83:c3:39:54:7a:d3:d6:ec:7e:ec:f6:eb:bd:bb:55:
0d:d5:66:59:7e:48:fb:5f:80:45:ff:c0:92:74:4c:
f2:29:f4:f4:8d:08:f5:4f:e3:ca:5c:21:0b:eb:05:
0d:a6:2e:4e:fe:ac:42:15:17:dc:0e:73:60:38:0e:
3d:1a:9f:29:91:9d:f0:de:7f:5d:29:c7:d5:14:55:
dc:72:53:fb:7f:5e:9f:02:96:bf:c7:c6:e9:9b:52:
1a:16:ea:43:f0:34:a4:04:00:9c:dd:60:df:a3:84:
f6:f5:d3:82:7e:64:47:d2:68:85:c7:3a:0d:29:a4:
98:1a:c2:73:ef:59:12:af:a7:a7:93:06:4e:a4:1f:
0c:dc:1f:f5:ac:0e:53:63:ba:28:82:d1:1c:d0:0e:
83:39:3a:d2:9c:63:25:03:a5:05:5f:ff:84:6b:ef:
c0:de:15:16:a4:42:a4:68:f8:47:56:e2:de:b2:80:
99:b6:36:4f:7a:20:84:6e:e3:ae:be:49:d2:c8:c1:
b1:1e:e5:18:92:79:0c:79:ce:76:6e:56:02:a1:63:
bb:38:c1:10:f5:3f:1b:a9:6a:38:84:c3:38:c4:5e:
39:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5C:0E:6E:DB:15:1A:8F:91:A0:86:9B:BF:A5:61:88:3E:7C:12:6B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/h1wObtsVGo-RoIabv6VhiD58Ems.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
Signature Algorithm: sha256WithRSAEncryption
35:a6:2d:a8:b3:ee:10:f6:21:75:1d:00:3f:e7:3e:8e:ac:ca:
4a:1e:ac:4f:43:15:24:ae:8a:a2:c2:d3:ed:b5:33:6d:0b:be:
8a:f5:5d:e5:50:b4:45:62:5e:2d:ff:8c:59:a2:dc:06:17:0d:
98:71:cd:74:93:2d:aa:15:a4:e1:32:f3:22:8e:da:a6:6c:96:
c2:52:af:8b:21:04:16:e7:26:00:68:0f:76:68:ea:bf:b9:43:
af:1b:45:5c:a7:14:fd:46:76:87:66:77:5c:60:7e:04:34:30:
bb:b8:7f:1a:3f:87:04:8e:89:b0:d0:f4:fa:09:18:60:c8:1e:
8f:fd:6e:e9:5c:9f:ca:a3:eb:0f:27:83:85:72:37:81:59:6f:
24:d7:25:23:43:91:5e:89:ee:96:9d:de:1d:d4:6d:a6:4e:f0:
00:22:2b:7e:3c:93:8c:99:8f:53:c7:f8:2c:d9:93:a1:a6:f9:
29:0c:6c:89:ad:ce:a7:ec:49:45:b5:12:b3:2d:a0:5d:08:52:
4c:91:e6:24:cb:f9:3d:f5:da:c4:27:03:5b:ea:a1:fe:6b:cc:
c0:11:70:b5:8c:6b:9e:70:dc:7b:bd:2c:17:1a:08:c2:d8:40:
c4:60:4c:04:df:f0:87:7c:e4:ce:ca:41:57:ac:f3:dd:0a:e6:
9d:f4:fd:25
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAJtz1Jq+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDI1MzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NzVjMGU2ZWRi
MTUxYThmOTFhMDg2OWJiZmE1NjE4ODNlN2MxMjZiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwxB2f+li6/Ht27j6k4qJBK0YZ3KzAnE/i4AFcAKDwzlU
etPW7H7s9uu9u1UN1WZZfkj7X4BF/8CSdEzyKfT0jQj1T+PKXCEL6wUNpi5O/qxC
FRfcDnNgOA49Gp8pkZ3w3n9dKcfVFFXcclP7f16fApa/x8bpm1IaFupD8DSkBACc
3WDfo4T29dOCfmRH0miFxzoNKaSYGsJz71kSr6enkwZOpB8M3B/1rA5TY7oogtEc
0A6DOTrSnGMlA6UFX/+Ea+/A3hUWpEKkaPhHVuLesoCZtjZPeiCEbuOuvknSyMGx
HuUYknkMec52blYCoWO7OMEQ9T8bqWo4hMM4xF45xwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFIdcDm7bFRqPkaCGm7+lYYg+fBJrMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RmLzc5Njk0NS02ODg2LTQzYmMt
YWQ4ZC01ZDNmYzU2MDQzYmYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvNzk2OTQ1LTY4ODYtNDNiYy1h
ZDhkLTVkM2ZjNTYwNDNiZi8xL2gxd09idHNWR28tUm9JYWJ2NlZoaUQ1OEVtcy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCLYEUMA0GCSqGSIb3DQEBCwUAA4IBAQA1pi2os+4Q9iF1HQA/5z6O
rMpKHqxPQxUkroqiwtPttTNtC76K9V3lULRFYl4t/4xZotwGFw2Ycc10ky2qFaTh
MvMijtqmbJbCUq+LIQQW5yYAaA92aOq/uUOvG0VcpxT9RnaHZndcYH4ENDC7uH8a
P4cEjomw0PT6CRhgyB6P/W7pXJ/Ko+sPJ4OFcjeBWW8k1yUjQ5Feie6Wnd4d1G2m
TvAAIit+PJOMmY9Tx/gs2ZOhpvkpDGyJrc6n7ElFtRKzLaBdCFJMkeYky/k99drE
JwNb6qH+a8zAEXC1jGuecNx7vSwXGgjC2EDEYEwE3/CHfOTOykFXrPPdCuad9P0l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:12 2024 by rpki-client on console-ams.rpki-client.org