Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0U8lQpU3wvlsHWvRBYwz7QJpFc8.cer
File: 0U8lQpU3wvlsHWvRBYwz7QJpFc8.cer (raw, json)
Hash identifier: 7b1nZnvM+xCYyEV35xShtwKqZf8TyY6CyA+MuxVtv2I=
Subject key identifier: D1:4F:25:42:95:37:C2:F9:6C:1D:6B:D1:05:8C:33:ED:02:69:15:CF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AA0A28F8CD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2e/23587f-6c39-45f9-baa9-f0600e8a3cd0/1/0U8lQpU3wvlsHWvRBYwz7QJpFc8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2e/23587f-6c39-45f9-baa9-f0600e8a3cd0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 15:04:02 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.146.224.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 730314897613 (0xaa0a28f8cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d14f25429537c2f96c1d6bd1058c33ed026915cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4a:fc:86:8d:5d:77:7d:03:04:be:1a:84:ec:
03:6e:05:bf:e7:27:0e:37:81:92:0a:67:b1:15:1e:
c6:9c:08:04:10:7a:8a:10:50:e2:de:2e:10:8e:cf:
d1:80:4b:f4:9c:ca:80:bc:af:d0:72:90:27:57:dd:
70:6b:9f:80:9c:cb:eb:c8:7c:35:f7:b3:ed:8b:17:
ca:ce:3b:4c:f7:f1:f4:6b:0c:8a:84:e5:71:74:9f:
8a:fb:7d:cc:90:06:03:be:ac:d4:af:0a:f4:48:0d:
67:9a:5c:dc:54:99:db:71:d3:25:39:05:da:79:95:
4a:d9:c1:6f:c7:cf:1c:0a:32:f1:3e:c4:a8:d4:2e:
35:14:e2:88:a8:da:ae:a9:96:f2:08:dd:18:a8:42:
96:83:56:3e:0a:9e:d7:aa:cc:b0:a9:2c:18:97:fa:
d0:69:58:93:5d:41:61:e0:3b:ed:23:03:ef:a4:4c:
c5:2c:85:75:07:c0:f4:4f:0a:aa:a5:94:c0:c7:93:
88:e7:9b:5a:dc:ef:90:3d:ab:d2:78:7b:a9:ca:4e:
a8:b9:8f:87:5a:2b:0d:bc:6d:ac:ff:55:40:00:48:
88:18:ef:60:8f:15:6d:43:22:2a:70:dd:d1:af:af:
28:d4:c6:b8:d8:20:0a:03:dd:a0:80:00:38:b9:2f:
b6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4F:25:42:95:37:C2:F9:6C:1D:6B:D1:05:8C:33:ED:02:69:15:CF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/23587f-6c39-45f9-baa9-f0600e8a3cd0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/23587f-6c39-45f9-baa9-f0600e8a3cd0/1/0U8lQpU3wvlsHWvRBYwz7QJpFc8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.224.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:75:cd:10:76:80:13:22:6f:0d:6f:9e:df:33:c8:fb:e2:0c:
c5:68:08:4e:78:46:c7:ea:50:76:ba:1c:66:a8:50:29:c7:98:
59:49:56:73:48:48:e8:7a:cb:4a:32:9d:b3:b4:ff:b8:92:a9:
45:cb:cc:1f:c5:5a:bc:f9:3e:99:26:d8:69:71:a2:16:d5:9a:
98:9a:3c:64:13:8d:53:ef:27:8c:87:3c:f6:3c:2d:ed:1d:44:
9a:87:e7:8f:43:84:ec:6c:50:6f:f9:69:57:0f:75:f1:aa:c9:
31:04:1b:00:a4:c9:18:e3:c5:5e:60:d5:76:3a:42:b4:36:1f:
cc:ef:1f:2c:53:4d:5c:a9:09:18:e8:1a:de:17:7d:ed:2a:bf:
09:89:d4:58:dd:7a:a7:53:19:44:86:eb:fa:91:38:94:e6:72:
d8:db:7e:39:3e:23:a5:50:df:3a:b4:9e:da:a4:d6:c2:97:72:
78:83:ad:4e:56:a1:90:fc:c2:c9:45:e2:8e:78:4f:a7:4f:0c:
99:54:17:f2:e5:24:9e:62:cd:bb:5a:0b:3d:62:cf:57:3a:a9:
2e:0b:e1:dd:41:ce:14:6e:82:11:a0:8d:d1:0c:cc:3c:23:0b:
66:7b:ec:0d:12:a3:f0:6a:b1:0a:12:f3:66:a8:52:a7:4a:1f:
f3:e3:d7:bc
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKoKKPjNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTUwNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMTRmMjU0Mjk1
MzdjMmY5NmMxZDZiZDEwNThjMzNlZDAyNjkxNWNmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtkr8ho1dd30DBL4ahOwDbgW/5ycON4GSCmexFR7GnAgE
EHqKEFDi3i4Qjs/RgEv0nMqAvK/QcpAnV91wa5+AnMvryHw197PtixfKzjtM9/H0
awyKhOVxdJ+K+33MkAYDvqzUrwr0SA1nmlzcVJnbcdMlOQXaeZVK2cFvx88cCjLx
PsSo1C41FOKIqNquqZbyCN0YqEKWg1Y+Cp7XqsywqSwYl/rQaViTXUFh4DvtIwPv
pEzFLIV1B8D0TwqqpZTAx5OI55ta3O+QPavSeHupyk6ouY+HWisNvG2s/1VAAEiI
GO9gjxVtQyIqcN3Rr68o1Ma42CAKA92ggAA4uS+2dwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFNFPJUKVN8L5bB1r0QWMM+0CaRXPMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlLzIzNTg3Zi02YzM5LTQ1Zjkt
YmFhOS1mMDYwMGU4YTNjZDAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvMjM1ODdmLTZjMzktNDVmOS1i
YWE5LWYwNjAwZThhM2NkMC8xLzBVOGxRcFUzd3Zsc0hXdlJCWXd6N1FKcEZjOC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCLZLgMA0GCSqGSIb3DQEBCwUAA4IBAQCsdc0QdoATIm8Nb57fM8j7
4gzFaAhOeEbH6lB2uhxmqFApx5hZSVZzSEjoestKMp2ztP+4kqlFy8wfxVq8+T6Z
JthpcaIW1ZqYmjxkE41T7yeMhzz2PC3tHUSah+ePQ4TsbFBv+WlXD3XxqskxBBsA
pMkY48VeYNV2OkK0Nh/M7x8sU01cqQkY6BreF33tKr8JidRY3XqnUxlEhuv6kTiU
5nLY2345PiOlUN86tJ7apNbCl3J4g61OVqGQ/MLJReKOeE+nTwyZVBfy5SSeYs27
Wgs9Ys9XOqkuC+HdQc4UboIRoI3RDMw8Iwtme+wNEqPwarEKEvNmqFKnSh/z49e8
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:21 2023 by rpki-client on console.sobornost.net