Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tKxFvSGSars9AK3OhUeatgVGnxE.cer
File: tKxFvSGSars9AK3OhUeatgVGnxE.cer (raw, json)
Hash identifier: h6LWEmLDNqLF1pXHPemKScshZucchIOUYS6CIn1XXp8=
Subject key identifier: B4:AC:45:BD:21:92:6A:BB:3D:00:AD:CE:85:47:9A:B6:05:46:9F:11
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A975D3722E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/a6a83c-6e11-483a-9f2e-54bf5454bc88/1/tKxFvSGSars9AK3OhUeatgVGnxE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/a6a83c-6e11-483a-9f2e-54bf5454bc88/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:57:34 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 47650
IP: 195.34.220.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 727826264622 (0xa975d3722e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:57:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4ac45bd21926abb3d00adce85479ab605469f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:24:c3:6f:82:15:5d:b6:44:d3:d1:d9:f0:
c6:05:28:14:55:31:45:54:50:06:f3:83:0b:0d:21:
2d:6f:28:67:34:bc:d1:4d:96:64:e1:8b:c5:78:01:
c1:79:45:a3:2a:46:a5:4f:32:91:f5:0a:74:ce:6a:
6f:0e:96:1a:76:38:36:2b:81:b0:4b:e2:84:c1:2a:
be:ca:7a:0a:05:36:02:a6:c6:3b:0d:33:23:96:64:
65:da:50:55:e0:4c:52:37:9f:f8:8f:d7:ee:e2:30:
b8:c9:6c:87:3b:61:85:49:38:74:41:d1:65:58:b8:
63:2d:1b:d2:2f:7f:db:35:a9:d6:49:d9:46:3e:8e:
3b:b1:4c:a4:1b:7d:a7:75:f4:0f:4c:84:b0:2e:0c:
f9:e4:fc:af:31:05:0d:5a:09:de:01:89:73:9d:ad:
ef:65:3a:c2:9e:bb:6d:5b:87:67:1a:82:6f:fc:c4:
68:a2:e6:60:71:6f:50:79:f2:e9:20:6e:b4:25:4c:
3b:56:fe:c6:60:67:0d:67:76:ea:6f:86:15:5d:76:
b2:d9:aa:7a:dd:fe:5a:fe:f6:67:34:67:bc:9d:c5:
1c:de:47:2d:b2:9c:2e:c6:a2:64:27:80:5a:ef:d0:
85:6e:77:3d:7e:c9:1d:a8:e0:af:c3:30:fb:90:c3:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AC:45:BD:21:92:6A:BB:3D:00:AD:CE:85:47:9A:B6:05:46:9F:11
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a6a83c-6e11-483a-9f2e-54bf5454bc88/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a6a83c-6e11-483a-9f2e-54bf5454bc88/1/tKxFvSGSars9AK3OhUeatgVGnxE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.220.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47650
Signature Algorithm: sha256WithRSAEncryption
9e:83:85:da:9e:eb:e8:b4:06:69:21:66:31:a3:6d:08:e6:be:
f2:3f:fc:c4:fc:98:02:20:9a:ee:fd:23:10:3b:80:cd:66:d3:
4d:5d:d5:4c:8b:4c:4a:41:d9:ac:23:e6:35:a6:9e:e7:29:68:
af:3b:3f:2a:13:fb:57:91:06:91:63:82:84:ed:a0:70:d2:c7:
e2:6f:6b:8a:6d:b8:54:7b:83:37:89:04:0f:dc:9b:20:08:38:
73:6d:0d:36:67:04:a9:49:98:22:69:ff:5b:b3:b8:b4:d3:7e:
a2:cf:2a:67:82:04:a4:44:02:f8:9c:fa:b5:46:60:38:da:eb:
72:09:76:97:61:4f:05:7e:19:ec:4b:72:71:19:57:47:05:3a:
23:33:26:e9:c0:5f:0c:2f:f2:68:77:20:ba:8e:c1:5a:eb:12:
d6:be:d9:ec:15:1b:0d:f3:13:1e:53:7e:f4:57:91:eb:1e:9e:
e5:17:c6:e7:bd:22:f9:4d:30:22:7a:76:68:c2:e2:51:cf:97:
9f:8a:ac:09:25:c0:5d:ac:de:23:98:87:4d:4f:78:30:ec:d8:
f9:27:0e:1c:e9:fc:9e:39:53:23:31:5a:9d:bc:32:38:f0:6b:
6d:f9:48:a0:b4:c2:3f:06:fc:dc:d3:3a:78:e2:e2:ef:78:21:
a0:65:2c:5e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKl103IuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQ1NzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNGFjNDViZDIx
OTI2YWJiM2QwMGFkY2U4NTQ3OWFiNjA1NDY5ZjExMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuykkw2+CFV22RNPR2fDGBSgUVTFFVFAG84MLDSEtbyhn
NLzRTZZk4YvFeAHBeUWjKkalTzKR9Qp0zmpvDpYadjg2K4GwS+KEwSq+ynoKBTYC
psY7DTMjlmRl2lBV4ExSN5/4j9fu4jC4yWyHO2GFSTh0QdFlWLhjLRvSL3/bNanW
SdlGPo47sUykG32ndfQPTISwLgz55PyvMQUNWgneAYlzna3vZTrCnrttW4dnGoJv
/MRoouZgcW9QefLpIG60JUw7Vv7GYGcNZ3bqb4YVXXay2ap63f5a/vZnNGe8ncUc
3kctspwuxqJkJ4Ba79CFbnc9fskdqOCvwzD7kMOqqQIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFLSsRb0hkmq7PQCtzoVHmrYFRp8RMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwL2E2YTgzYy02ZTExLTQ4M2Et
OWYyZS01NGJmNTQ1NGJjODgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvYTZhODNjLTZlMTEtNDgzYS05
ZjJlLTU0YmY1NDU0YmM4OC8xL3RLeEZ2U0dTYXJzOUFLM09oVWVhdGdWR254RS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCwyLcMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC6IjANBgkqhkiG
9w0BAQsFAAOCAQEAnoOF2p7r6LQGaSFmMaNtCOa+8j/8xPyYAiCa7v0jEDuAzWbT
TV3VTItMSkHZrCPmNaae5ylorzs/KhP7V5EGkWOChO2gcNLH4m9rim24VHuDN4kE
D9ybIAg4c20NNmcEqUmYImn/W7O4tNN+os8qZ4IEpEQC+Jz6tUZgONrrcgl2l2FP
BX4Z7EtycRlXRwU6IzMm6cBfDC/yaHcguo7BWusS1r7Z7BUbDfMTHlN+9FeR6x6e
5RfG570i+U0wInp2aMLiUc+Xn4qsCSXAXazeI5iHTU94MOzY+ScOHOn8njlTIzFa
nbwyOPBrbflIoLTCPwb83NM6eOLi73ghoGUsXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:58:03 2024 by rpki-client on console-ams.rpki-client.org