Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikHzezRogV7uot3nqDqLpPy6OCY.cer
File: ikHzezRogV7uot3nqDqLpPy6OCY.cer (raw, json)
Hash identifier: rnP9rq+Fmzz4JFUX9HR0hFM6ibAOs9/6R48Ery06RuQ=
Subject key identifier: 8A:41:F3:7B:34:68:81:5E:EE:A2:DD:E7:A8:3A:8B:A4:FC:BA:38:26
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: B3640DC06B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7c/f4c1fe-fd43-4281-a03a-b10e68987d9f/1/ikHzezRogV7uot3nqDqLpPy6OCY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7c/f4c1fe-fd43-4281-a03a-b10e68987d9f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 21 Jun 2022 12:15:54 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 21125
IP: 80.88.144.0/21
IP: 2a00:5aa0::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 770477768811 (0xb3640dc06b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 21 12:15:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a41f37b3468815eeea2dde7a83a8ba4fcba3826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1f:e9:72:2a:e5:f6:c1:5e:31:33:8f:5c:5b:
51:70:96:09:88:bd:93:8c:4f:42:9a:53:1b:1e:ca:
e2:7a:b3:96:5e:85:91:61:3a:3d:60:1b:6c:9e:07:
ea:1b:0f:39:ae:ab:10:34:a6:24:7a:dd:7b:5b:a9:
6f:4a:43:b1:44:97:b4:cb:70:77:01:8e:ce:4b:0d:
83:ca:0f:67:30:83:e5:14:df:7c:be:d0:1e:ef:a1:
fe:34:47:92:94:09:3d:b3:5d:c3:45:51:6d:79:2a:
0d:f9:60:be:aa:25:ed:ab:09:28:9f:03:52:2e:e8:
4f:5b:68:4a:43:98:bf:57:7a:36:e0:f8:87:57:64:
32:25:63:39:25:79:e9:70:2b:07:6e:5c:ea:9b:ba:
88:9c:0f:f2:44:8e:3a:04:a0:a4:5d:c8:3c:15:7c:
ee:68:c9:39:55:7c:1e:e3:f7:1f:00:9e:2f:b8:d5:
af:e9:8e:45:cd:b9:e3:43:49:77:10:93:73:0d:d0:
e5:9e:de:79:9b:de:82:35:e3:7b:44:ce:3a:80:26:
3f:99:df:b7:5a:67:a4:1d:d0:cf:44:e0:0b:6a:4e:
50:9b:44:57:9b:86:95:95:98:0a:f2:cf:bb:38:30:
9b:40:e8:23:6a:6f:9c:bb:69:8f:0d:09:df:12:cc:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:41:F3:7B:34:68:81:5E:EE:A2:DD:E7:A8:3A:8B:A4:FC:BA:38:26
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f4c1fe-fd43-4281-a03a-b10e68987d9f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f4c1fe-fd43-4281-a03a-b10e68987d9f/1/ikHzezRogV7uot3nqDqLpPy6OCY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.144.0/21
IPv6:
2a00:5aa0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
21125
Signature Algorithm: sha256WithRSAEncryption
62:11:bd:ef:1c:f1:7d:a7:1f:fd:cf:83:31:68:c4:67:7d:39:
14:ba:4f:cd:13:5e:a7:ed:87:32:f2:23:d5:e8:83:f7:ac:eb:
d8:98:d4:2a:f2:a1:30:ed:82:48:6d:e7:ef:2d:e2:4b:9f:c4:
f0:44:94:ab:a3:c1:b7:c1:a4:8a:03:aa:b7:50:54:d4:e3:c0:
db:32:21:98:e9:d4:17:e2:fd:45:9b:a7:f8:64:bf:41:fe:52:
73:49:07:30:27:76:d4:dc:cd:96:52:98:9c:d0:47:c5:e6:05:
06:68:d8:ac:83:d0:4b:84:90:45:70:59:d5:04:67:7f:95:44:
a4:18:2a:04:00:a7:07:45:fa:a8:a1:a4:f7:d6:00:b7:da:cd:
82:ec:23:70:56:6e:3c:f4:f3:c5:92:dc:58:53:da:65:4a:1e:
92:8c:fd:b3:f4:2c:90:7a:b5:5c:3e:52:1e:56:e5:e7:84:61:
fa:42:17:b1:32:8b:76:d6:42:ed:0f:e0:b7:7a:15:2c:df:3f:
bf:21:21:8e:a7:0e:d3:2c:fe:ba:25:25:5c:b0:8e:52:56:35:
e5:e6:4c:cd:9a:41:f0:e7:da:37:38:e2:80:6e:f0:8a:e4:37:
44:9c:67:81:cc:9f:55:27:d0:5c:39:e3:0d:d7:b3:7e:6b:91:
a5:f1:c4:1a
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIGALNkDcBrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NjIxMTIxNTU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YTQxZjM3YjM0
Njg4MTVlZWVhMmRkZTdhODNhOGJhNGZjYmEzODI2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAnx/pcirl9sFeMTOPXFtRcJYJiL2TjE9CmlMbHsrierOW
XoWRYTo9YBtsngfqGw85rqsQNKYket17W6lvSkOxRJe0y3B3AY7OSw2Dyg9nMIPl
FN98vtAe76H+NEeSlAk9s13DRVFteSoN+WC+qiXtqwkonwNSLuhPW2hKQ5i/V3o2
4PiHV2QyJWM5JXnpcCsHblzqm7qInA/yRI46BKCkXcg8FXzuaMk5VXwe4/cfAJ4v
uNWv6Y5FzbnjQ0l3EJNzDdDlnt55m96CNeN7RM46gCY/md+3WmekHdDPROALak5Q
m0RXm4aVlZgK8s+7ODCbQOgjam+cu2mPDQnfEszOaQIDAQABo4ICrjCCAqowHQYD
VR0OBBYEFIpB83s0aIFe7qLd56g6i6T8ujgmMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdjL2Y0YzFmZS1mZDQzLTQyODEt
YTAzYS1iMTBlNjg5ODdkOWYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2MvZjRjMWZlLWZkNDMtNDI4MS1h
MDNhLWIxMGU2ODk4N2Q5Zi8xL2lrSHplelJvZ1Y3dW90M25xRHFMcFB5Nk9DWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQDUFiQMA0EAgACMAcDBQAqAFqgMBkGCCsGAQUFBwEIAQH/BAowCKAG
MAQCAlKFMA0GCSqGSIb3DQEBCwUAA4IBAQBiEb3vHPF9px/9z4MxaMRnfTkUuk/N
E16n7Ycy8iPV6IP3rOvYmNQq8qEw7YJIbefvLeJLn8TwRJSro8G3waSKA6q3UFTU
48DbMiGY6dQX4v1Fm6f4ZL9B/lJzSQcwJ3bU3M2WUpic0EfF5gUGaNisg9BLhJBF
cFnVBGd/lUSkGCoEAKcHRfqooaT31gC32s2C7CNwVm489PPFktxYU9plSh6SjP2z
9CyQerVcPlIeVuXnhGH6QhexMot21kLtD+C3ehUs3z+/ISGOpw7TLP66JSVcsI5S
VjXl5kzNmkHw59o3OOKAbvCK5DdEnGeBzJ9VJ9BcOeMN17N+a5Gl8cQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:30 2024 by rpki-client on console-ams.rpki-client.org