Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ib-wH2N-QVYWj-_SGSpaAHWyXOM.cer
File: ib-wH2N-QVYWj-_SGSpaAHWyXOM.cer (raw, json)
Hash identifier: avUTzQ2mo1qv8AelFBSWqGHC7GV5gZjqiPq4Fvkgse0=
Subject key identifier: 89:BF:B0:1F:63:7E:41:56:16:8F:EF:D2:19:2A:5A:00:75:B2:5C:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9E4A2FBD96
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9a/fc5f6c-7113-4cdf-ade6-a4ce2e4d8971/1/ib-wH2N-QVYWj-_SGSpaAHWyXOM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9a/fc5f6c-7113-4cdf-ade6-a4ce2e4d8971/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 05:01:10 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 207522
IP: 84.252.104.0/24
IP: 2a0b:cb40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 679849475478 (0x9e4a2fbd96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89bfb01f637e4156168fefd2192a5a0075b25ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:72:cc:b8:8b:2a:2b:c2:85:db:a2:ec:e8:77:
27:a7:08:91:e2:a5:ba:6b:53:aa:63:da:a7:3c:25:
07:1e:03:2f:38:0b:17:c9:45:43:07:0b:d2:2a:45:
e3:52:87:ca:47:b1:74:54:75:38:dd:e1:05:fd:dd:
a0:21:bf:db:8f:12:52:21:af:f7:93:10:91:15:dc:
ff:95:5b:ee:7b:24:fd:fb:d1:cd:60:27:1a:7d:a4:
04:98:df:bd:58:40:09:15:f4:23:0f:d5:96:f8:67:
82:b1:da:b3:96:74:bf:ef:fa:5c:33:4e:56:16:93:
55:1b:11:4f:f9:13:10:26:bb:a7:9c:6f:94:11:86:
a7:45:7d:5f:7e:93:96:1a:5d:34:30:c7:6b:ed:06:
bd:d3:2b:0c:ef:69:c1:29:5c:bd:b0:2d:14:ca:06:
51:3b:61:b9:9b:28:48:2e:72:9f:d2:6d:1d:d4:5e:
fb:53:45:4c:c8:47:3f:66:bd:22:d6:75:03:f9:6c:
ae:cf:30:db:ba:57:8f:33:5f:d8:da:38:48:6c:f2:
18:48:cd:4e:17:19:1c:04:02:30:4e:0e:36:e3:85:
33:49:60:c3:8a:18:ce:ba:3b:e3:d3:9b:15:d8:ee:
b5:d2:78:88:91:97:83:8c:75:6b:76:d7:36:16:b0:
32:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BF:B0:1F:63:7E:41:56:16:8F:EF:D2:19:2A:5A:00:75:B2:5C:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/fc5f6c-7113-4cdf-ade6-a4ce2e4d8971/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/fc5f6c-7113-4cdf-ade6-a4ce2e4d8971/1/ib-wH2N-QVYWj-_SGSpaAHWyXOM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.104.0/24
IPv6:
2a0b:cb40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207522
Signature Algorithm: sha256WithRSAEncryption
a9:6e:70:7e:5d:12:6c:e6:10:14:27:e0:07:2e:e8:fd:86:ca:
5c:0f:29:3d:0a:e4:d9:79:89:2e:e5:68:e4:b8:86:0c:9f:39:
36:10:52:9a:47:fc:e7:9f:8b:8c:7c:7b:ae:c8:5c:e0:98:48:
82:98:6b:7a:4a:4d:cf:2e:48:41:ae:4a:1e:42:ff:f6:16:3b:
53:fd:6b:fa:b8:a6:f9:11:79:f3:80:3c:aa:86:f6:34:d3:1e:
4c:4e:8c:54:0b:61:a1:6b:a0:e3:3d:81:9f:1c:40:16:48:43:
32:c4:c4:dc:45:06:b0:a5:4e:b8:09:66:6a:cf:82:ee:81:d5:
07:59:44:19:9c:5b:b8:ff:00:0d:53:43:f2:fa:23:58:2a:99:
0c:2d:4d:4e:f2:d9:2b:fd:62:f8:27:3e:9a:c1:c1:35:b7:ca:
68:c4:07:bb:4e:27:7f:2f:d6:90:f2:fe:fb:5c:88:29:90:33:
c9:9d:dc:3d:ff:50:38:ee:2a:45:9a:16:c3:46:c9:9c:d1:56:
df:81:80:99:17:70:e4:84:ea:5d:6a:0f:bc:3d:98:e0:62:93:
02:12:a8:23:ec:3a:2b:f2:c9:9e:2a:95:04:61:73:7d:3d:61:
b2:32:92:25:24:c2:ab:c8:62:d8:8c:68:f7:5b:37:c7:8e:52:
3b:bc:d3:a4
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJ5KL72WMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDUwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OWJmYjAxZjYz
N2U0MTU2MTY4ZmVmZDIxOTJhNWEwMDc1YjI1Y2UzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtXLMuIsqK8KF26Ls6HcnpwiR4qW6a1OqY9qnPCUHHgMv
OAsXyUVDBwvSKkXjUofKR7F0VHU43eEF/d2gIb/bjxJSIa/3kxCRFdz/lVvueyT9
+9HNYCcafaQEmN+9WEAJFfQjD9WW+GeCsdqzlnS/7/pcM05WFpNVGxFP+RMQJrun
nG+UEYanRX1ffpOWGl00MMdr7Qa90ysM72nBKVy9sC0UygZRO2G5myhILnKf0m0d
1F77U0VMyEc/Zr0i1nUD+WyuzzDbulePM1/Y2jhIbPIYSM1OFxkcBAIwTg4244Uz
SWDDihjOujvj05sV2O610niIkZeDjHVrdtc2FrAy1QIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFIm/sB9jfkFWFo/v0hkqWgB1slzjMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhL2ZjNWY2Yy03MTEzLTRjZGYt
YWRlNi1hNGNlMmU0ZDg5NzEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvZmM1ZjZjLTcxMTMtNGNkZi1h
ZGU2LWE0Y2UyZTRkODk3MS8xL2liLXdIMk4tUVZZV2otX1NHU3BhQUhXeVhPTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAVPxoMA0EAgACMAcDBQMqC8tAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMqojANBgkqhkiG9w0BAQsFAAOCAQEAqW5wfl0SbOYQFCfgBy7o/YbKXA8p
PQrk2XmJLuVo5LiGDJ85NhBSmkf855+LjHx7rshc4JhIgphrekpNzy5IQa5KHkL/
9hY7U/1r+rim+RF584A8qob2NNMeTE6MVAthoWug4z2BnxxAFkhDMsTE3EUGsKVO
uAlmas+C7oHVB1lEGZxbuP8ADVND8vojWCqZDC1NTvLZK/1i+Cc+msHBNbfKaMQH
u04nfy/WkPL++1yIKZAzyZ3cPf9QOO4qRZoWw0bJnNFW34GAmRdw5ITqXWoPvD2Y
4GKTAhKoI+w6K/LJniqVBGFzfT1hsjKSJSTCq8hi2Ixo91s3x45SO7zTpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:29 2024 by rpki-client on console-ams.rpki-client.org