Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nSFHL3ZFUU3Bq-YN_VZ6ZuQtoNQ.cer
File: nSFHL3ZFUU3Bq-YN_VZ6ZuQtoNQ.cer (raw, json)
Hash identifier: TzcjXoNw2TQwa17PytG8yA8ElTr0BYlrZhRjuxygk/k=
Subject key identifier: 9D:21:47:2F:76:45:51:4D:C1:AB:E6:0D:FD:56:7A:66:E4:2D:A0:D4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9E75D28511
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1d/fc65f8-f720-4645-9521-3fc28ca34a6e/1/nSFHL3ZFUU3Bq-YN_VZ6ZuQtoNQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1d/fc65f8-f720-4645-9521-3fc28ca34a6e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 05:03:06 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 199585
IP: 45.158.108.0/22
IP: 81.162.208.0/21
IP: 2a0f:5a80::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680581563665 (0x9e75d28511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d21472f7645514dc1abe60dfd567a66e42da0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:7b:44:46:47:e8:61:55:d9:e0:b8:31:20:
67:ca:71:33:f3:dd:40:ca:85:f1:0c:6e:ca:e5:ee:
94:e6:81:9f:66:b0:15:73:1a:9a:7b:9a:5c:36:5f:
de:61:d9:8f:6b:9f:2c:18:15:08:c1:2f:e0:92:da:
89:96:38:08:b6:62:10:12:62:3f:33:10:15:35:52:
96:df:76:85:fd:ba:46:30:5f:bc:38:6d:6e:80:20:
43:c5:ea:94:2e:f2:8c:58:c1:f9:b0:bf:35:6e:ce:
06:60:db:6b:f3:d4:f5:c5:08:88:70:53:97:53:63:
dd:16:17:c9:a9:11:f1:7b:57:ba:79:c4:ac:8c:dc:
de:5f:7d:c2:25:25:f2:96:d1:df:80:25:b1:71:6e:
2d:7e:d9:b5:db:e2:94:01:91:90:4b:35:cc:45:16:
6a:cc:fe:7d:5c:5d:70:78:64:e1:7d:99:0e:f2:37:
ec:64:37:dc:c3:e6:7d:44:7d:4d:26:e7:12:bd:8a:
bd:bd:85:be:c7:ba:e5:1e:05:0d:86:82:68:fa:e8:
58:a0:90:9b:ad:24:de:e5:6b:df:e6:8a:80:08:60:
75:28:61:8f:16:6c:08:58:52:e5:a1:21:e0:4c:45:
fc:90:95:90:8e:b1:68:6a:dd:91:d1:94:20:98:fd:
5e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:21:47:2F:76:45:51:4D:C1:AB:E6:0D:FD:56:7A:66:E4:2D:A0:D4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/fc65f8-f720-4645-9521-3fc28ca34a6e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/fc65f8-f720-4645-9521-3fc28ca34a6e/1/nSFHL3ZFUU3Bq-YN_VZ6ZuQtoNQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.108.0/22
81.162.208.0/21
IPv6:
2a0f:5a80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199585
Signature Algorithm: sha256WithRSAEncryption
67:83:4c:8b:b7:d2:d7:61:4b:8c:a4:71:7e:28:18:83:16:87:
36:1a:34:ac:e5:bc:e5:cb:bf:42:25:47:dc:f0:25:06:0d:a0:
90:38:8b:d1:bb:73:ad:07:f4:40:d1:39:58:27:3f:b1:ca:3a:
3a:d7:28:c0:91:aa:37:c5:07:7a:c5:db:2a:6b:8f:a2:2c:7c:
23:de:2b:31:69:21:ff:80:71:86:03:31:47:42:bb:6b:2f:83:
7b:3a:f2:81:09:21:e9:78:51:72:09:5b:7b:61:81:b7:28:dd:
a1:79:35:a6:ad:f5:64:ca:40:c6:21:84:8b:8c:5d:43:ea:dc:
e5:23:28:4c:f5:28:f5:ef:aa:1e:a5:aa:c4:17:75:c9:fa:ca:
ea:02:44:ec:77:eb:f1:a5:fc:a2:ff:0f:ee:6c:f6:26:1e:ae:
81:50:b7:7e:60:03:3c:0f:1f:d2:03:4f:bd:f3:be:42:76:d0:
7f:fb:be:84:1e:32:4e:d2:f4:ea:dd:43:63:03:53:c7:cc:53:
9c:ad:14:7f:4f:d7:c0:95:a0:0e:99:0b:c1:b8:64:f3:60:17:
6d:e6:d5:d0:f0:73:01:c1:b2:cb:28:95:05:ed:5f:f5:39:2d:
39:26:13:64:aa:29:c1:e8:29:a4:52:59:a3:ee:dc:cd:ac:32:
6c:1f:71:38
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIGAJ510oURMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDUwMzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZDIxNDcyZjc2
NDU1MTRkYzFhYmU2MGRmZDU2N2E2NmU0MmRhMGQ0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApjh7REZH6GFV2eC4MSBnynEz891AyoXxDG7K5e6U5oGf
ZrAVcxqae5pcNl/eYdmPa58sGBUIwS/gktqJljgItmIQEmI/MxAVNVKW33aF/bpG
MF+8OG1ugCBDxeqULvKMWMH5sL81bs4GYNtr89T1xQiIcFOXU2PdFhfJqRHxe1e6
ecSsjNzeX33CJSXyltHfgCWxcW4tftm12+KUAZGQSzXMRRZqzP59XF1weGThfZkO
8jfsZDfcw+Z9RH1NJucSvYq9vYW+x7rlHgUNhoJo+uhYoJCbrSTe5Wvf5oqACGB1
KGGPFmwIWFLloSHgTEX8kJWQjrFoat2R0ZQgmP1eNQIDAQABo4ICtTCCArEwHQYD
VR0OBBYEFJ0hRy92RVFNwavmDf1WembkLaDUMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkL2ZjNjVmOC1mNzIwLTQ2NDUt
OTUyMS0zZmMyOGNhMzRhNmUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvZmM2NWY4LWY3MjAtNDY0NS05
NTIxLTNmYzI4Y2EzNGE2ZS8xL25TRkhMM1pGVVUzQnEtWU5fVlo2WnVRdG9OUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCLZ5sAwQDUaLQMA0EAgACMAcDBQMqD1qAMBoGCCsGAQUFBwEIAQH/
BAswCaAHMAUCAwMLoTANBgkqhkiG9w0BAQsFAAOCAQEAZ4NMi7fS12FLjKRxfigY
gxaHNho0rOW85cu/QiVH3PAlBg2gkDiL0btzrQf0QNE5WCc/sco6OtcowJGqN8UH
esXbKmuPoix8I94rMWkh/4BxhgMxR0K7ay+DezrygQkh6XhRcglbe2GBtyjdoXk1
pq31ZMpAxiGEi4xdQ+rc5SMoTPUo9e+qHqWqxBd1yfrK6gJE7Hfr8aX8ov8P7mz2
Jh6ugVC3fmADPA8f0gNPvfO+QnbQf/u+hB4yTtL06t1DYwNTx8xTnK0Uf0/XwJWg
DpkLwbhk82AXbebV0PBzAcGyyyiVBe1f9TktOSYTZKopwegppFJZo+7czawybB9x
OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:56:32 2024 by rpki-client on console-ams.rpki-client.org