Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sKtXYaD4Kzb_Yi1KwLY3nSBY1QY.cer
File: sKtXYaD4Kzb_Yi1KwLY3nSBY1QY.cer (raw, json)
Hash identifier: ypWKsKN+6Vbup61xKDruUqZ7su0WbdwdIGE2wR+KLGA=
Subject key identifier: B0:AB:57:61:A0:F8:2B:36:FF:62:2D:4A:C0:B6:37:9D:20:58:D5:06
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A48569786D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/79/d886aa-c14b-488c-81b1-325b9f3159af/1/sKtXYaD4Kzb_Yi1KwLY3nSBY1QY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/79/d886aa-c14b-488c-81b1-325b9f3159af/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:05:56 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 203265
IP: 2001:67c:29a4::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 706612918381 (0xa48569786d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:05:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0ab5761a0f82b36ff622d4ac0b6379d2058d506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:68:39:e0:69:17:7b:a7:13:8b:2b:e2:7d:
96:64:c9:aa:93:70:f1:23:2e:33:9e:4f:34:2c:ae:
ec:02:5b:55:da:11:29:38:a8:69:22:b4:0e:c9:4b:
c4:e4:b1:a9:64:81:08:df:ee:f6:b8:4f:37:cf:d1:
2b:ea:07:1a:d6:c8:aa:cc:0e:e6:81:9a:b6:52:07:
5f:95:33:5c:fd:65:84:34:7f:48:d9:6b:b5:d0:2e:
e5:29:0a:65:47:43:18:10:df:4b:4e:5a:13:d9:b7:
06:73:24:35:fa:3e:ec:68:06:ed:e5:33:6b:70:d8:
b4:e6:cf:a1:39:ad:ef:64:66:74:4b:d9:8d:9d:09:
c2:6f:3c:5f:b8:46:1a:84:32:d0:b3:b6:2f:da:4c:
bf:62:32:8b:65:8e:6d:61:5e:bc:35:2d:c2:38:8d:
34:a5:2c:15:76:93:2f:bc:b6:f2:4d:e1:33:fe:cc:
7c:94:a9:dc:a7:71:c2:69:a7:b7:02:72:cc:b6:df:
ba:d5:6b:a7:7f:d8:4f:18:95:86:a0:63:08:8c:e9:
0d:94:d1:26:a4:bc:91:24:19:f7:53:68:48:07:02:
0e:a2:3f:f0:5f:0a:6f:cb:9f:f6:df:97:f1:4d:5d:
d9:04:91:b6:2d:d7:b6:db:c4:4c:61:36:ee:ec:7b:
f1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AB:57:61:A0:F8:2B:36:FF:62:2D:4A:C0:B6:37:9D:20:58:D5:06
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d886aa-c14b-488c-81b1-325b9f3159af/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d886aa-c14b-488c-81b1-325b9f3159af/1/sKtXYaD4Kzb_Yi1KwLY3nSBY1QY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:29a4::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203265
Signature Algorithm: sha256WithRSAEncryption
4f:e1:11:a2:99:67:56:d5:f7:56:b2:07:6e:c7:8f:c9:5d:d8:
01:9b:03:dc:0e:56:70:0b:7a:0a:9d:b7:48:cf:32:69:62:5a:
84:b0:df:ff:35:ff:ce:c5:c0:02:fd:ca:68:92:38:fe:67:07:
be:4f:65:c3:88:0a:1f:d1:de:af:57:9b:ba:bb:89:fe:4d:02:
cd:ba:66:a6:21:41:e9:03:6f:43:a1:2f:cf:2e:54:a5:7f:2d:
8b:4b:cb:60:61:20:21:df:a0:d2:da:6d:7b:30:38:8e:5c:54:
dc:5a:9c:96:3a:be:be:9a:f9:b0:11:84:5d:32:83:67:65:5c:
c0:00:fd:98:09:74:45:05:36:be:a3:87:85:44:23:18:31:e0:
4c:30:2f:84:25:38:ec:f7:41:05:ba:4e:ce:cd:96:76:34:08:
f4:d8:8b:bd:d1:fa:04:41:84:bf:17:fe:db:26:43:15:af:36:
17:c0:0b:23:04:19:9e:94:52:e3:f9:fb:da:d1:c3:b5:5f:ac:
3a:77:64:95:f9:79:14:5e:38:d8:7c:ed:50:3f:1b:e2:e7:55:
67:17:e0:05:c2:4e:d4:c6:de:74:f1:6a:91:4a:3b:0f:cf:4c:
c6:c5:a3:1a:49:ec:ba:7c:a2:ea:c4:7e:ce:a0:05:a7:0f:f2:
7c:7f:6a:e5
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIGAKSFaXhtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwNTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMGFiNTc2MWEw
ZjgyYjM2ZmY2MjJkNGFjMGI2Mzc5ZDIwNThkNTA2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAyZhoOeBpF3unE4sr4n2WZMmqk3DxIy4znk80LK7sAltV
2hEpOKhpIrQOyUvE5LGpZIEI3+72uE83z9Er6gca1siqzA7mgZq2UgdflTNc/WWE
NH9I2Wu10C7lKQplR0MYEN9LTloT2bcGcyQ1+j7saAbt5TNrcNi05s+hOa3vZGZ0
S9mNnQnCbzxfuEYahDLQs7Yv2ky/YjKLZY5tYV68NS3COI00pSwVdpMvvLbyTeEz
/sx8lKncp3HCaae3AnLMtt+61Wunf9hPGJWGoGMIjOkNlNEmpLyRJBn3U2hIBwIO
oj/wXwpvy5/235fxTV3ZBJG2Lde228RMYTbu7HvxSQIDAQABo4ICozCCAp8wHQYD
VR0OBBYEFLCrV2Gg+Cs2/2ItSsC2N50gWNUGMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5L2Q4ODZhYS1jMTRiLTQ4OGMt
ODFiMS0zMjViOWYzMTU5YWYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvZDg4NmFhLWMxNGItNDg4Yy04
MWIxLTMyNWI5ZjMxNTlhZi8xL3NLdFhZYUQ0S3piX1lpMUt3TFkzblNCWTFRWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEGfCmkMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMaATANBgkq
hkiG9w0BAQsFAAOCAQEAT+ERoplnVtX3VrIHbsePyV3YAZsD3A5WcAt6Cp23SM8y
aWJahLDf/zX/zsXAAv3KaJI4/mcHvk9lw4gKH9Her1eburuJ/k0CzbpmpiFB6QNv
Q6Evzy5UpX8ti0vLYGEgId+g0tptezA4jlxU3Fqcljq+vpr5sBGEXTKDZ2VcwAD9
mAl0RQU2vqOHhUQjGDHgTDAvhCU47PdBBbpOzs2WdjQI9NiLvdH6BEGEvxf+2yZD
Fa82F8ALIwQZnpRS4/n72tHDtV+sOndklfl5FF442HztUD8b4udVZxfgBcJO1Mbe
dPFqkUo7D89MxsWjGknsunyi6sR+zqAFpw/yfH9q5Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:17 2025 by rpki-client