Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hZcqBIfZXMG_4dptGie4nR01dtY.cer
File: hZcqBIfZXMG_4dptGie4nR01dtY.cer (raw, json)
Hash identifier: 48droxsgue9SnMH7BXRfWXMtON4aQJ8GmZ2yxSfW1Cs=
Subject key identifier: 85:97:2A:04:87:D9:5C:C1:BF:E1:DA:6D:1A:27:B8:9D:1D:35:76:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7D2416E91
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/hZcqBIfZXMG_4dptGie4nR01dtY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:05:45 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.95.232.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720787041937 (0xa7d2416e91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85972a0487d95cc1bfe1da6d1a27b89d1d3576d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e6:10:21:8a:68:5b:f9:17:da:d0:81:a0:e5:
53:71:32:55:5d:4e:04:f5:8e:d9:b0:18:25:f0:05:
ad:7a:85:df:7c:c4:aa:d9:a6:83:59:09:4d:9b:11:
c4:52:24:9d:df:c2:4b:6a:18:32:16:b3:bb:5c:63:
c3:c5:23:12:f4:c5:c9:3b:19:65:09:6e:52:44:17:
ee:d1:f0:0a:46:5f:33:a1:19:b2:21:27:00:20:28:
fe:4e:8b:6b:58:7a:84:83:70:9f:94:e0:ad:d6:a9:
c0:27:5d:1c:d9:9a:75:08:87:0f:ed:f3:d8:7f:0e:
74:ee:66:97:e0:22:f1:0b:1b:5d:dc:a0:e4:32:49:
b0:e4:2e:bb:2f:7b:b0:9f:fa:92:6b:55:91:22:11:
eb:25:4e:8d:d6:57:78:2d:7e:87:76:04:3d:b5:da:
a1:d1:73:56:f9:97:b8:b5:45:fe:d8:7d:9f:5e:a4:
d8:a8:0f:50:10:f0:9e:9a:18:e5:07:54:6d:4d:88:
34:47:dc:94:c1:64:18:34:e9:66:e4:a4:8e:fb:39:
3a:c7:63:9f:3d:96:02:ad:d0:40:fc:9c:17:68:e4:
06:b2:56:7e:4f:6e:84:19:df:35:5a:aa:e5:12:97:
5f:e9:30:bc:0a:b9:53:71:13:4a:1a:d3:62:86:4f:
1f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:97:2A:04:87:D9:5C:C1:BF:E1:DA:6D:1A:27:B8:9D:1D:35:76:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/hZcqBIfZXMG_4dptGie4nR01dtY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.232.0/22
Signature Algorithm: sha256WithRSAEncryption
98:35:78:9f:a2:1f:b7:e5:e0:bd:af:92:43:2e:0c:0e:58:c1:
94:fd:4d:59:be:58:f3:6d:c7:bb:4b:40:a4:73:48:b2:10:4b:
47:17:49:b6:67:b6:95:dd:75:af:48:14:42:ce:21:e9:19:1b:
fb:33:5b:b5:09:73:2d:2b:08:57:2d:e0:b9:96:3c:46:80:b1:
c4:ab:9a:5b:29:56:7e:66:b4:5c:63:0d:75:d0:4f:0e:b6:64:
4f:84:6e:38:7b:70:16:45:42:90:3a:45:84:44:46:fd:7a:b6:
cf:e0:38:88:db:22:78:b1:20:c0:73:91:ac:69:90:f7:fd:fe:
54:20:9c:36:ee:ed:84:b2:6e:3d:7b:65:22:fc:82:9c:ba:e7:
80:20:da:b0:01:95:7a:9e:c4:fa:21:91:a6:4d:8d:59:12:0a:
d7:4a:65:e9:56:ad:13:c3:8a:66:7e:ca:5b:df:b5:02:ba:33:
4d:ac:f0:48:bd:4c:8e:df:fe:fd:94:f0:db:da:14:23:25:60:
df:0b:88:8f:f5:cf:40:98:f5:c4:74:18:e3:f2:cb:1b:aa:6f:
b3:0d:a5:02:48:76:3c:0e:a2:d5:86:af:2d:bc:c3:6e:ac:dc:
b8:40:94:f1:58:72:ca:c4:44:58:56:b8:e3:c0:73:f6:84:8d:
c0:fa:2b:61
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKfSQW6RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NTk3MmEwNDg3
ZDk1Y2MxYmZlMWRhNmQxYTI3Yjg5ZDFkMzU3NmQ2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAm+YQIYpoW/kX2tCBoOVTcTJVXU4E9Y7ZsBgl8AWteoXf
fMSq2aaDWQlNmxHEUiSd38JLahgyFrO7XGPDxSMS9MXJOxllCW5SRBfu0fAKRl8z
oRmyIScAICj+TotrWHqEg3CflOCt1qnAJ10c2Zp1CIcP7fPYfw507maX4CLxCxtd
3KDkMkmw5C67L3uwn/qSa1WRIhHrJU6N1ld4LX6HdgQ9tdqh0XNW+Ze4tUX+2H2f
XqTYqA9QEPCemhjlB1RtTYg0R9yUwWQYNOlm5KSO+zk6x2OfPZYCrdBA/JwXaOQG
slZ+T26EGd81WqrlEpdf6TC8CrlTcRNKGtNihk8fPwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFIWXKgSH2VzBv+HabRonuJ0dNXbWMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NhLzcyOTAzNC0wY2VhLTQ0Zjgt
OWYzMC0wZDVlYjNkNjA5ZWEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvNzI5MDM0LTBjZWEtNDRmOC05
ZjMwLTBkNWViM2Q2MDllYS8xL2haY3FCSWZaWE1HXzRkcHRHaWU0blIwMWR0WS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCLV/oMA0GCSqGSIb3DQEBCwUAA4IBAQCYNXifoh+35eC9r5JDLgwO
WMGU/U1Zvljzbce7S0Ckc0iyEEtHF0m2Z7aV3XWvSBRCziHpGRv7M1u1CXMtKwhX
LeC5ljxGgLHEq5pbKVZ+ZrRcYw110E8OtmRPhG44e3AWRUKQOkWEREb9erbP4DiI
2yJ4sSDAc5GsaZD3/f5UIJw27u2Esm49e2Ui/IKcuueAINqwAZV6nsT6IZGmTY1Z
EgrXSmXpVq0Tw4pmfspb37UCujNNrPBIvUyO3/79lPDb2hQjJWDfC4iP9c9AmPXE
dBjj8ssbqm+zDaUCSHY8DqLVhq8tvMNurNy4QJTxWHLKxERYVrjjwHP2hI3A+ith
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:17 2024 by rpki-client on console-ams.rpki-client.org