Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/uRI8IakfgYQxP5C1abtRH6YLIOQ.cer
File: uRI8IakfgYQxP5C1abtRH6YLIOQ.cer (raw, json)
Hash identifier: FxkLaVAydqTl64VqV/P9kyoQS4VCJ89i3KYkw+HGBek=
Subject key identifier: B9:12:3C:21:A9:1F:81:84:31:3F:90:B5:69:BB:51:1F:A6:0B:20:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9C9045A9E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d3/b93a6f-fd3c-41b6-b6c8-60f35af7b92c/1/uRI8IakfgYQxP5C1abtRH6YLIOQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d3/b93a6f-fd3c-41b6-b6c8-60f35af7b92c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 03:53:06 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 212659
IP: 91.209.143.0/24
IP: 2a07:2f40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 672435382754 (0x9c9045a9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9123c21a91f8184313f90b569bb511fa60b20e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:09:58:10:fe:d4:44:3d:b2:3c:44:cb:86:04:
11:fa:54:9f:ee:3f:19:09:61:f3:89:a7:83:a2:b4:
3e:05:4e:8d:c6:3b:5a:f2:4d:cb:8f:9a:51:bd:f1:
f5:91:a9:31:4c:79:73:b6:da:45:b2:84:6a:70:ca:
d6:07:10:9d:24:5a:9d:fd:4d:f0:b9:53:57:1e:10:
e2:27:89:91:18:39:fa:dc:a7:18:92:fe:a0:02:a5:
b8:ee:bb:04:ce:4b:d8:54:54:da:25:b4:04:69:76:
b4:5e:a3:b4:ab:7d:95:dd:55:ee:b9:ae:10:d9:67:
13:25:d7:cd:e8:ff:2c:94:67:bb:1b:38:d8:bf:df:
12:8a:2e:85:a8:b6:38:81:74:a6:ae:77:22:7a:e9:
88:19:cb:75:2a:a8:b2:9b:28:27:70:70:d7:3e:a2:
d0:35:1b:56:56:82:b4:a1:22:05:ff:0d:ce:2f:7e:
19:d7:04:da:fe:ac:80:a7:cb:a5:61:2d:e1:c0:a3:
90:25:1d:0c:ef:7a:de:c5:35:e1:f9:9e:53:93:b7:
5a:20:ea:14:06:51:ec:fc:6a:59:96:19:40:6e:66:
9c:08:87:05:50:db:fb:65:73:b2:2d:cf:67:95:0a:
33:d2:41:e3:cd:47:31:8e:b6:5f:13:df:2c:a9:12:
ff:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:12:3C:21:A9:1F:81:84:31:3F:90:B5:69:BB:51:1F:A6:0B:20:E4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b93a6f-fd3c-41b6-b6c8-60f35af7b92c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b93a6f-fd3c-41b6-b6c8-60f35af7b92c/1/uRI8IakfgYQxP5C1abtRH6YLIOQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.143.0/24
IPv6:
2a07:2f40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212659
Signature Algorithm: sha256WithRSAEncryption
3b:51:63:99:c6:28:56:f1:de:00:65:c5:ac:dd:9a:cc:d7:f8:
1a:9c:ee:de:39:49:a5:70:11:a6:ad:87:e5:9b:38:3e:dd:e9:
9c:e1:d2:f1:c8:0c:a1:03:60:f4:3e:9d:41:a9:d3:b2:be:d4:
d9:9b:c1:d6:b6:cd:80:bd:aa:5b:56:b0:ba:12:77:b0:dd:a9:
59:43:bb:d8:9e:c0:fe:17:58:13:bd:f1:29:f7:0a:d8:c5:7a:
c2:e8:76:7a:86:ae:b9:ac:df:61:97:7b:02:6e:45:93:03:26:
41:b7:b1:16:33:80:b3:67:55:22:21:84:a1:64:a7:e2:86:8c:
26:0d:ea:5f:82:0b:c2:4c:17:67:20:d6:e4:7f:ce:6a:db:c4:
d1:f3:ab:f2:08:cd:27:20:a6:3c:89:b4:25:d0:d5:25:c5:e1:
02:b6:71:3c:0d:6a:65:07:d5:b8:21:ad:40:34:59:cc:4a:40:
69:13:d2:13:6a:4c:03:77:e4:cb:9b:6e:ee:d5:81:ed:9b:08:
d0:bc:c3:1b:19:8d:25:71:f6:91:00:f6:47:90:a2:ad:18:55:
35:4d:a6:60:fe:4f:34:43:ab:7f:ed:2a:24:f4:31:1c:3c:d4:
0f:e3:6d:71:71:77:27:f4:2f:30:6b:0f:de:e4:7d:b9:58:4b:
07:1a:83:1a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJyQRaniMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDM1MzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiOTEyM2MyMWE5
MWY4MTg0MzEzZjkwYjU2OWJiNTExZmE2MGIyMGU0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAkglYEP7URD2yPETLhgQR+lSf7j8ZCWHziaeDorQ+BU6N
xjta8k3Lj5pRvfH1kakxTHlzttpFsoRqcMrWBxCdJFqd/U3wuVNXHhDiJ4mRGDn6
3KcYkv6gAqW47rsEzkvYVFTaJbQEaXa0XqO0q32V3VXuua4Q2WcTJdfN6P8slGe7
GzjYv98Sii6FqLY4gXSmrncieumIGct1KqiymygncHDXPqLQNRtWVoK0oSIF/w3O
L34Z1wTa/qyAp8ulYS3hwKOQJR0M73rexTXh+Z5Tk7daIOoUBlHs/GpZlhlAbmac
CIcFUNv7ZXOyLc9nlQoz0kHjzUcxjrZfE98sqRL/CQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFLkSPCGpH4GEMT+QtWm7UR+mCyDkMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QzL2I5M2E2Zi1mZDNjLTQxYjYt
YjZjOC02MGYzNWFmN2I5MmMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMvYjkzYTZmLWZkM2MtNDFiNi1i
NmM4LTYwZjM1YWY3YjkyYy8xL3VSSThJYWtmZ1lReFA1QzFhYnRSSDZZTElPUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAW9GPMA0EAgACMAcDBQMqBy9AMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM+szANBgkqhkiG9w0BAQsFAAOCAQEAO1FjmcYoVvHeAGXFrN2azNf4Gpzu
3jlJpXARpq2H5Zs4Pt3pnOHS8cgMoQNg9D6dQanTsr7U2ZvB1rbNgL2qW1awuhJ3
sN2pWUO72J7A/hdYE73xKfcK2MV6wuh2eoauuazfYZd7Am5FkwMmQbexFjOAs2dV
IiGEoWSn4oaMJg3qX4ILwkwXZyDW5H/OatvE0fOr8gjNJyCmPIm0JdDVJcXhArZx
PA1qZQfVuCGtQDRZzEpAaRPSE2pMA3fky5tu7tWB7ZsI0LzDGxmNJXH2kQD2R5Ci
rRhVNU2mYP5PNEOrf+0qJPQxHDzUD+NtcXF3J/QvMGsP3uR9uVhLBxqDGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:58:16 2024 by rpki-client on console-ams.rpki-client.org