Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tkXAa0d16Suh8hTjQvjF43hggzQ.cer
File: tkXAa0d16Suh8hTjQvjF43hggzQ.cer (raw, json)
Hash identifier: EcFB7dsl/TXY2/Pais/qLlFOWcvZceUESHa7Lou+RMw=
Subject key identifier: B6:45:C0:6B:47:75:E9:2B:A1:F2:14:E3:42:F8:C5:E3:78:60:83:34
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A298886C4C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f5/789da3-7c3e-4499-8ce5-5b9ff9622fe2/1/tkXAa0d16Suh8hTjQvjF43hggzQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f5/789da3-7c3e-4499-8ce5-5b9ff9622fe2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:56:31 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 205852
IP: 185.204.72.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698343779404 (0xa298886c4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:56:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b645c06b4775e92ba1f214e342f8c5e378608334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fb:03:56:98:81:94:15:18:d2:15:24:8c:c8:
d9:24:2f:f5:f4:f2:4b:ab:8c:9f:36:f0:13:fe:fc:
0d:d2:46:72:c0:b1:06:80:4a:5b:cf:d5:36:2e:a0:
07:eb:86:41:1f:ff:1d:b2:24:a5:4a:87:a2:24:ac:
84:29:42:8f:6a:f7:36:e6:18:78:bc:35:3e:0b:6e:
7b:aa:e3:17:47:b9:9c:85:d7:13:85:51:77:4a:cb:
5f:c7:9b:a8:fc:fa:f0:ad:7c:db:97:49:71:c7:7e:
d1:97:be:7b:8f:30:f4:6f:2b:c9:13:03:3d:30:11:
9a:5a:86:2f:7f:91:ff:aa:82:93:b7:7b:f1:bb:e3:
5a:ca:6e:d5:9b:cc:13:91:74:1b:fe:4a:b0:09:21:
85:7f:07:20:db:3d:41:7a:60:ff:1d:0b:41:10:7f:
07:7e:9e:18:94:d4:d0:cd:26:ca:5c:44:8b:8c:5d:
48:50:9f:ce:96:4a:fd:7d:b6:04:6d:32:e9:f9:8d:
21:98:56:0c:44:98:91:f9:82:02:12:94:c8:01:a0:
83:b2:90:83:5b:06:87:1f:f9:31:10:9a:c6:a0:d7:
0e:0d:31:03:51:ec:d8:1e:6b:05:3b:c2:f8:4e:2c:
ab:e4:39:ad:e4:0e:56:f3:80:d9:24:66:a6:f8:07:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:45:C0:6B:47:75:E9:2B:A1:F2:14:E3:42:F8:C5:E3:78:60:83:34
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/789da3-7c3e-4499-8ce5-5b9ff9622fe2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/789da3-7c3e-4499-8ce5-5b9ff9622fe2/1/tkXAa0d16Suh8hTjQvjF43hggzQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.72.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205852
Signature Algorithm: sha256WithRSAEncryption
2d:dd:4f:d2:d9:a0:c3:1a:92:b4:11:7f:44:55:60:4f:73:2b:
81:c5:87:1f:ea:97:45:b2:f8:cb:ff:b4:86:89:f6:25:67:14:
0a:1f:84:9b:8d:75:d5:38:9f:84:36:19:28:cc:9b:1e:ec:42:
7c:37:99:8f:ee:d4:1c:69:04:5a:bb:96:4a:b0:fd:49:b7:3c:
ff:d0:51:85:9c:8b:8e:e8:fb:2b:56:e0:21:db:37:02:80:59:
63:79:b6:4e:01:6c:58:cc:88:f2:35:ca:61:f9:83:e8:44:95:
84:13:30:fd:9b:36:5d:a6:0e:e3:51:5b:c3:fe:59:e2:8a:34:
04:3a:25:f3:be:aa:37:6f:76:15:12:7b:4d:cd:5a:cd:3e:fb:
5c:e6:d8:d3:db:be:2a:23:25:66:81:2c:0c:fc:6c:35:6c:17:
01:a8:8e:fb:65:cb:4d:98:cf:97:85:8d:1e:94:60:40:c5:b3:
fe:f7:96:44:ee:5a:d7:38:bc:25:ca:27:02:36:8e:ed:dd:7d:
cb:61:a6:4a:66:36:1b:bc:aa:82:a6:40:f6:41:1a:2a:89:53:
f9:4b:a2:9b:de:de:6c:5f:b4:a9:d5:37:2d:54:d4:34:e5:9f:
91:4e:ce:f8:4a:1a:89:dd:dc:c2:e3:30:21:08:c1:85:fc:06:
6c:fc:a5:1e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKKYiGxMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1NjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNjQ1YzA2YjQ3
NzVlOTJiYTFmMjE0ZTM0MmY4YzVlMzc4NjA4MzM0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0PsDVpiBlBUY0hUkjMjZJC/19PJLq4yfNvAT/vwN0kZy
wLEGgEpbz9U2LqAH64ZBH/8dsiSlSoeiJKyEKUKPavc25hh4vDU+C257quMXR7mc
hdcThVF3Sstfx5uo/PrwrXzbl0lxx37Rl757jzD0byvJEwM9MBGaWoYvf5H/qoKT
t3vxu+Naym7Vm8wTkXQb/kqwCSGFfwcg2z1BemD/HQtBEH8Hfp4YlNTQzSbKXESL
jF1IUJ/Olkr9fbYEbTLp+Y0hmFYMRJiR+YICEpTIAaCDspCDWwaHH/kxEJrGoNcO
DTEDUezYHmsFO8L4Tiyr5Dmt5A5W84DZJGam+AfLvQIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFLZFwGtHdekrofIU40L4xeN4YIM0MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y1Lzc4OWRhMy03YzNlLTQ0OTkt
OGNlNS01YjlmZjk2MjJmZTIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUvNzg5ZGEzLTdjM2UtNDQ5OS04
Y2U1LTViOWZmOTYyMmZlMi8xL3RrWEFhMGQxNlN1aDhoVGpRdmpGNDNoZ2d6US5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCucxIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMkHDANBgkqhkiG
9w0BAQsFAAOCAQEALd1P0tmgwxqStBF/RFVgT3MrgcWHH+qXRbL4y/+0hon2JWcU
Ch+Em4111TifhDYZKMybHuxCfDeZj+7UHGkEWruWSrD9Sbc8/9BRhZyLjuj7K1bg
Ids3AoBZY3m2TgFsWMyI8jXKYfmD6ESVhBMw/Zs2XaYO41Fbw/5Z4oo0BDol876q
N292FRJ7Tc1azT77XObY09u+KiMlZoEsDPxsNWwXAaiO+2XLTZjPl4WNHpRgQMWz
/veWRO5a1zi8JconAjaO7d19y2GmSmY2G7yqgqZA9kEaKolT+Uuim97ebF+0qdU3
LVTUNOWfkU7O+Eoaid3cwuMwIQjBhfwGbPylHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:03:25 2024 by rpki-client on console-fra.rpki-client.org