Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lzimBYws6NLA1l7G5tczPokGDxU.cer
File: lzimBYws6NLA1l7G5tczPokGDxU.cer (raw, json)
Hash identifier: 5dZN0OdXC92P4RZ8ssmF0OXzpg7ETeG+PrGraDubT8I=
Subject key identifier: 97:38:A6:05:8C:2C:E8:D2:C0:D6:5E:C6:E6:D7:33:3E:89:06:0F:15
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7B2502621
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/ff0c62-1be4-4c5e-98bb-62559d0e4566/1/lzimBYws6NLA1l7G5tczPokGDxU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/ff0c62-1be4-4c5e-98bb-62559d0e4566/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:04:16 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 47825
IP: 91.206.228.0/23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720251135521 (0xa7b2502621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9738a6058c2ce8d2c0d65ec6e6d7333e89060f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ef:16:f0:5a:96:55:fe:07:8c:c3:81:aa:b6:
07:e6:af:f2:e1:07:42:6e:74:dd:de:05:df:ed:f1:
cc:28:10:51:90:03:eb:c7:f7:2e:a0:93:7e:df:65:
f4:30:3c:24:09:d4:57:76:c8:54:4c:10:76:b2:ae:
ea:ba:4e:f0:a7:e4:7c:d9:ad:8c:76:b8:6b:c4:74:
82:e0:06:ee:d9:26:4e:6e:55:ae:5e:79:a2:72:ad:
5b:b0:d8:b3:33:f5:f3:12:71:46:f2:ef:54:52:58:
8d:2a:ba:e0:f5:98:36:49:ba:42:58:bb:36:d8:10:
da:33:d5:1b:3f:7d:3a:8e:f9:61:37:27:d0:c6:03:
5c:30:04:46:68:fa:4e:e1:26:64:78:38:34:9f:55:
a9:7f:0f:78:98:61:97:ea:79:ec:ba:80:c0:8a:9c:
04:99:8c:14:34:f4:ad:8c:af:c3:65:8b:95:ce:d6:
dd:3f:79:26:7f:13:50:82:66:cd:4a:29:b5:7f:db:
7f:53:04:9e:c5:26:be:df:45:ec:71:20:a4:0d:56:
ef:4a:b6:aa:15:54:b3:dc:07:35:7b:21:67:c5:13:
00:44:e8:c0:82:d2:90:75:34:c9:ff:5c:a6:19:16:
14:76:c1:83:22:c0:71:bd:9b:a2:30:90:7d:a8:e1:
c8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:38:A6:05:8C:2C:E8:D2:C0:D6:5E:C6:E6:D7:33:3E:89:06:0F:15
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ff0c62-1be4-4c5e-98bb-62559d0e4566/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ff0c62-1be4-4c5e-98bb-62559d0e4566/1/lzimBYws6NLA1l7G5tczPokGDxU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.228.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47825
Signature Algorithm: sha256WithRSAEncryption
99:49:36:ad:a9:e1:6e:cf:1a:40:2a:b4:76:a1:04:47:80:9b:
7c:ef:0d:3b:a6:d8:db:ec:93:57:e0:ba:21:9d:52:c6:5d:08:
eb:4d:41:81:b0:3e:13:b3:53:8e:bb:1a:00:67:be:67:64:54:
f4:7e:32:e1:89:e6:28:96:bd:4c:e9:b6:5d:ea:fb:75:2e:cc:
99:40:ae:01:5c:87:3b:4c:f7:69:91:b0:4d:4a:5d:f2:6a:04:
b7:0f:1b:ac:ca:5d:94:6f:ed:e2:f0:7e:41:c9:e4:a8:e5:3e:
e1:cb:fb:58:a8:38:cb:26:ce:dd:a6:b1:b9:be:3a:51:1e:cd:
df:d8:74:8b:ea:f5:4f:71:16:87:94:74:56:b0:60:d4:39:30:
1d:fe:5c:3b:b6:5d:d8:5f:5e:d1:03:cf:d6:5a:98:c6:4f:21:
30:4c:05:55:1f:99:7f:2a:fa:2e:0d:75:be:e9:2d:2e:49:96:
63:b4:8b:5f:fc:98:de:42:f1:d0:3b:e6:82:6a:69:d5:66:ca:
73:b9:f4:3d:c9:68:64:b7:7a:cd:ec:df:d3:08:75:80:d0:b4:
47:2b:93:38:9f:aa:1f:e9:72:d8:bd:95:05:c7:8a:18:ce:5e:
cc:aa:d9:5e:80:e6:d4:0a:76:c1:30:92:73:63:c4:48:5d:42:
61:f4:86:68
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKeyUCYhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NzM4YTYwNThj
MmNlOGQyYzBkNjVlYzZlNmQ3MzMzZTg5MDYwZjE1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApO8W8FqWVf4HjMOBqrYH5q/y4QdCbnTd3gXf7fHMKBBR
kAPrx/cuoJN+32X0MDwkCdRXdshUTBB2sq7quk7wp+R82a2MdrhrxHSC4Abu2SZO
blWuXnmicq1bsNizM/XzEnFG8u9UUliNKrrg9Zg2SbpCWLs22BDaM9UbP306jvlh
NyfQxgNcMARGaPpO4SZkeDg0n1Wpfw94mGGX6nnsuoDAipwEmYwUNPStjK/DZYuV
ztbdP3kmfxNQgmbNSim1f9t/UwSexSa+30XscSCkDVbvSraqFVSz3Ac1eyFnxRMA
ROjAgtKQdTTJ/1ymGRYUdsGDIsBxvZuiMJB9qOHIQwIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFJc4pgWMLOjSwNZexubXMz6JBg8VMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhL2ZmMGM2Mi0xYmU0LTRjNWUt
OThiYi02MjU1OWQwZTQ1NjYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvZmYwYzYyLTFiZTQtNGM1ZS05
OGJiLTYyNTU5ZDBlNDU2Ni8xL2x6aW1CWXdzNk5MQTFsN0c1dGN6UG9rR0R4VS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBW87kMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC60TANBgkqhkiG
9w0BAQsFAAOCAQEAmUk2ranhbs8aQCq0dqEER4CbfO8NO6bY2+yTV+C6IZ1Sxl0I
601BgbA+E7NTjrsaAGe+Z2RU9H4y4YnmKJa9TOm2Xer7dS7MmUCuAVyHO0z3aZGw
TUpd8moEtw8brMpdlG/t4vB+QcnkqOU+4cv7WKg4yybO3aaxub46UR7N39h0i+r1
T3EWh5R0VrBg1DkwHf5cO7Zd2F9e0QPP1lqYxk8hMEwFVR+Zfyr6Lg11vuktLkmW
Y7SLX/yY3kLx0Dvmgmpp1WbKc7n0PcloZLd6zezf0wh1gNC0RyuTOJ+qH+ly2L2V
BceKGM5ezKrZXoDm1Ap2wTCSc2PESF1CYfSGaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:12 2024 by rpki-client on console-ams.rpki-client.org