Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/s2eBmiAMrQtT0YAzFLUQcS4Nn0c.cer
File: s2eBmiAMrQtT0YAzFLUQcS4Nn0c.cer (raw, json)
Hash identifier: Zd1SmLoF+nKdUl3sju4yDrkekpR2Au/WNwJ9DM99O08=
Subject key identifier: B3:67:81:9A:20:0C:AD:0B:53:D1:80:33:14:B5:10:71:2E:0D:9F:47
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A8FA5C0B64
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d1/0d7934-5df2-4321-adbb-6374c8f68ee1/1/s2eBmiAMrQtT0YAzFLUQcS4Nn0c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d1/0d7934-5df2-4321-adbb-6374c8f68ee1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:06:26 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 57968
IP: 91.198.251.0/24
IP: 195.47.234.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 725754841956 (0xa8fa5c0b64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:06:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b367819a200cad0b53d1803314b510712e0d9f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:89:a3:05:69:ff:06:f3:74:e1:84:5a:14:
c2:cc:e1:49:72:cf:69:de:09:de:7f:17:5e:a7:72:
06:11:68:a6:1f:2b:46:92:03:38:a0:6b:a7:ca:f2:
b7:33:aa:29:1f:fe:dc:2f:4b:85:bd:4d:70:ce:f4:
e7:3f:72:5e:65:61:7a:37:29:a0:8d:1a:3c:8b:e3:
58:01:ba:cb:c7:e9:6c:42:31:0d:ab:41:86:ef:c7:
4a:ce:12:1a:62:22:b7:e1:1c:aa:01:6f:19:ea:ef:
6b:67:bd:2c:c9:1a:c3:c9:de:a3:66:68:f6:fd:cb:
72:91:5d:34:a3:94:2c:8d:97:5b:dc:ce:4b:a2:99:
d4:51:f2:49:a7:05:c8:e6:3f:8f:bd:61:23:95:fc:
ed:a3:a1:da:08:a2:7e:81:12:f5:06:77:ba:90:c2:
4f:11:4b:a4:fe:75:24:0b:2c:c1:31:52:56:cd:30:
a3:d4:22:6f:a7:f0:7e:98:3b:63:92:30:fd:16:88:
27:3f:38:cb:3a:b8:67:e8:14:41:3d:69:1b:1b:39:
94:a4:0b:00:b5:4e:96:cb:48:43:9b:ba:00:e9:22:
55:12:86:d7:95:56:93:94:1c:fc:7f:1c:f5:c7:7d:
61:71:f6:ac:7c:cb:56:ad:1d:ce:72:62:2d:f0:f9:
50:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:67:81:9A:20:0C:AD:0B:53:D1:80:33:14:B5:10:71:2E:0D:9F:47
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0d7934-5df2-4321-adbb-6374c8f68ee1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0d7934-5df2-4321-adbb-6374c8f68ee1/1/s2eBmiAMrQtT0YAzFLUQcS4Nn0c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.251.0/24
195.47.234.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57968
Signature Algorithm: sha256WithRSAEncryption
13:44:ed:18:c8:13:d4:b0:97:02:fb:b8:36:4c:9d:4e:0d:f2:
68:2a:f8:c7:7b:5b:bb:ee:e6:60:6b:44:3a:bf:c4:7c:40:57:
bd:6f:46:eb:9c:f4:4d:92:31:9f:5a:95:10:b1:68:ce:e7:01:
51:24:51:7f:a7:27:87:b9:69:11:99:7e:3f:ce:42:ec:fa:e1:
16:15:cd:f2:6d:94:aa:e6:e8:c9:87:8f:18:3b:aa:55:e5:b6:
55:e8:af:21:7b:3e:df:80:c5:4b:ed:73:e4:26:96:92:bb:8c:
23:a5:88:b7:0c:e5:3a:4d:72:52:f4:23:45:27:47:71:14:8d:
3f:f9:c2:6b:f7:13:fe:64:22:65:55:64:41:c8:60:c9:0b:0c:
1e:09:65:32:e3:58:92:3d:de:aa:a0:b8:83:6a:d0:2e:a4:19:
f3:92:a8:a9:72:2b:1d:4d:a3:30:8a:7d:87:09:b5:ed:36:c9:
64:a8:9c:fd:ad:ec:d5:12:66:1c:00:8d:40:a4:bc:db:86:38:
fb:9a:2c:a3:f0:a8:31:c3:b7:fd:3a:f5:3f:cb:97:cd:9c:f3:
7c:c3:82:b7:ce:f1:9c:a9:3d:7f:2a:ef:e6:a3:dd:a9:3b:a4:
ba:15:35:49:7a:36:5d:df:e5:a6:8f:d5:31:17:25:44:40:3c:
03:5c:8a:aa
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIGAKj6XAtkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwNjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMzY3ODE5YTIw
MGNhZDBiNTNkMTgwMzMxNGI1MTA3MTJlMGQ5ZjQ3MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuXCJowVp/wbzdOGEWhTCzOFJcs9p3gnefxdep3IGEWim
HytGkgM4oGunyvK3M6opH/7cL0uFvU1wzvTnP3JeZWF6NymgjRo8i+NYAbrLx+ls
QjENq0GG78dKzhIaYiK34RyqAW8Z6u9rZ70syRrDyd6jZmj2/ctykV00o5QsjZdb
3M5LopnUUfJJpwXI5j+PvWEjlfzto6HaCKJ+gRL1Bne6kMJPEUuk/nUkCyzBMVJW
zTCj1CJvp/B+mDtjkjD9FognPzjLOrhn6BRBPWkbGzmUpAsAtU6Wy0hDm7oA6SJV
EobXlVaTlBz8fxz1x31hcfasfMtWrR3OcmIt8PlQHwIDAQABo4ICpjCCAqIwHQYD
VR0OBBYEFLNngZogDK0LU9GAMxS1EHEuDZ9HMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QxLzBkNzkzNC01ZGYyLTQzMjEt
YWRiYi02Mzc0YzhmNjhlZTEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvMGQ3OTM0LTVkZjItNDMyMS1h
ZGJiLTYzNzRjOGY2OGVlMS8xL3MyZUJtaUFNclF0VDBZQXpGTFVRY1M0Tm4wYy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQAW8b7AwQAwy/qMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDicDAN
BgkqhkiG9w0BAQsFAAOCAQEAE0TtGMgT1LCXAvu4NkydTg3yaCr4x3tbu+7mYGtE
Or/EfEBXvW9G65z0TZIxn1qVELFozucBUSRRf6cnh7lpEZl+P85C7PrhFhXN8m2U
quboyYePGDuqVeW2VeivIXs+34DFS+1z5CaWkruMI6WItwzlOk1yUvQjRSdHcRSN
P/nCa/cT/mQiZVVkQchgyQsMHgllMuNYkj3eqqC4g2rQLqQZ85KoqXIrHU2jMIp9
hwm17TbJZKic/a3s1RJmHACNQKS824Y4+5oso/CoMcO3/Tr1P8uXzZzzfMOCt87x
nKk9fyrv5qPdqTukuhU1SXo2Xd/lpo/VMRclREA8A1yKqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:03:09 2024 by rpki-client on console-fra.rpki-client.org