Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/s7PbkkYCvlKZA9_GVmO36q14Vx0.cer
File: s7PbkkYCvlKZA9_GVmO36q14Vx0.cer (raw, json)
Hash identifier: JTjXoaheO20AdR+b8kIjhAgoVbOkre2Q/5OkQqRWzwM=
Subject key identifier: B3:B3:DB:92:46:02:BE:52:99:03:DF:C6:56:63:B7:EA:AD:78:57:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AAF34596ED
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/s7PbkkYCvlKZA9_GVmO36q14Vx0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 16:02:53 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 47119
IP: 79.174.32.0/19
IP: 188.191.112.0/20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 734225864429 (0xaaf34596ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3b3db924602be529903dfc65663b7eaad78571d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:12:3d:e8:c0:e8:21:b6:82:a3:69:56:ee:dc:
be:58:fa:c4:b9:0d:72:e0:4a:ed:78:b8:37:03:3c:
af:93:e7:ba:68:85:48:b9:0d:47:57:13:8f:12:b1:
fa:0c:a4:17:0f:a6:47:7a:45:4d:d2:59:81:be:f2:
33:d4:3b:0f:4f:d0:e6:66:08:1f:dc:61:3a:67:05:
09:df:68:50:d0:61:cb:f5:9d:d5:a0:58:9a:02:4f:
60:3f:20:82:25:80:c5:dd:0f:4c:73:d1:2f:d4:e7:
0b:54:a9:0a:3a:23:75:a3:11:dd:e2:c7:dd:96:9b:
da:71:74:1f:4f:28:f2:1f:e6:47:48:cb:77:d4:49:
49:38:b9:c1:79:17:40:55:03:4e:68:35:52:1e:07:
d9:e4:d6:ca:14:e3:de:ce:0e:a4:64:51:d1:61:7a:
f6:81:a5:ba:94:ff:15:9e:ba:8c:56:39:15:b4:d4:
cc:f9:cf:93:14:af:7f:f0:03:50:e7:fe:e1:fc:5b:
a6:da:3d:45:5a:ef:b3:75:69:04:d8:2e:17:f6:1f:
1a:dc:c2:dd:d9:2b:9f:e9:0a:88:8c:36:72:6a:a9:
94:7f:21:46:52:58:af:72:43:7a:d0:c9:ec:88:42:
2f:4f:53:38:de:f0:6a:b6:16:77:c1:8b:ff:3b:29:
02:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B3:DB:92:46:02:BE:52:99:03:DF:C6:56:63:B7:EA:AD:78:57:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/fe43bc-75e1-48da-8cde-68222fab1bfb/1/s7PbkkYCvlKZA9_GVmO36q14Vx0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.32.0/19
188.191.112.0/20
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47119
Signature Algorithm: sha256WithRSAEncryption
1b:99:b4:40:b1:a9:ba:7d:85:d1:45:b8:3d:65:73:c2:94:79:
0f:e8:4d:79:33:c7:d6:b9:44:48:76:b7:85:56:e8:4f:53:e3:
de:77:31:e8:9a:83:4d:53:15:f3:2c:17:84:7f:17:d9:6a:df:
e4:df:0e:c6:20:34:63:c4:92:60:64:6a:22:d9:20:7b:a6:2c:
48:ee:39:10:9c:26:d8:18:76:66:a7:05:2a:0c:5e:2d:3b:62:
eb:58:3d:fa:63:6d:d3:c2:2b:a4:ce:b2:81:83:5d:f2:60:3d:
6f:5e:d4:c9:94:6f:92:10:dc:f5:01:9d:78:ff:b1:78:50:a0:
06:5e:c3:16:a8:4b:8f:ec:cf:bb:c4:3d:57:51:34:64:2d:a3:
ed:38:de:3f:ee:49:f5:f0:30:61:fe:7c:4e:e4:e4:37:ab:01:
52:b0:85:cf:11:78:83:bf:4a:ff:cf:dd:c4:29:16:e3:d4:78:
71:20:94:10:83:87:17:91:65:fa:98:06:b4:f0:90:7d:4a:92:
35:c1:4a:d1:68:2f:11:c8:15:a9:49:56:f8:5b:a5:58:29:49:
68:d0:ad:ca:28:b0:6e:54:7d:fa:76:c6:e5:65:31:6d:09:49:
d5:3a:eb:bf:e5:7a:fa:b0:f7:63:86:66:c0:d9:1e:0b:ab:e7:
8c:95:0c:87
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIGAKrzRZbtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTYwMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiM2IzZGI5MjQ2
MDJiZTUyOTkwM2RmYzY1NjYzYjdlYWFkNzg1NzFkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmBI96MDoIbaCo2lW7ty+WPrEuQ1y4ErteLg3Azyvk+e6
aIVIuQ1HVxOPErH6DKQXD6ZHekVN0lmBvvIz1DsPT9DmZggf3GE6ZwUJ32hQ0GHL
9Z3VoFiaAk9gPyCCJYDF3Q9Mc9Ev1OcLVKkKOiN1oxHd4sfdlpvacXQfTyjyH+ZH
SMt31ElJOLnBeRdAVQNOaDVSHgfZ5NbKFOPezg6kZFHRYXr2gaW6lP8VnrqMVjkV
tNTM+c+TFK9/8ANQ5/7h/Fum2j1FWu+zdWkE2C4X9h8a3MLd2Suf6QqIjDZyaqmU
fyFGUlivckN60MnsiEIvT1M43vBqthZ3wYv/OykCZQIDAQABo4ICpjCCAqIwHQYD
VR0OBBYEFLOz25JGAr5SmQPfxlZjt+qteFcdMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiL2ZlNDNiYy03NWUxLTQ4ZGEt
OGNkZS02ODIyMmZhYjFiZmIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvZmU0M2JjLTc1ZTEtNDhkYS04
Y2RlLTY4MjIyZmFiMWJmYi8xL3M3UGJra1lDdmxLWkE5X0dWbU8zNnExNFZ4MC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQFT64gAwQEvL9wMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC4DzAN
BgkqhkiG9w0BAQsFAAOCAQEAG5m0QLGpun2F0UW4PWVzwpR5D+hNeTPH1rlESHa3
hVboT1Pj3ncx6JqDTVMV8ywXhH8X2Wrf5N8OxiA0Y8SSYGRqItkge6YsSO45EJwm
2Bh2ZqcFKgxeLTti61g9+mNt08IrpM6ygYNd8mA9b17UyZRvkhDc9QGdeP+xeFCg
Bl7DFqhLj+zPu8Q9V1E0ZC2j7TjeP+5J9fAwYf58TuTkN6sBUrCFzxF4g79K/8/d
xCkW49R4cSCUEIOHF5Fl+pgGtPCQfUqSNcFK0WgvEcgVqUlW+FulWClJaNCtyiiw
blR9+nbG5WUxbQlJ1Trrv+V6+rD3Y4ZmwNkeC6vnjJUMhw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:03:10 2024 by rpki-client on console-fra.rpki-client.org