Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2y4HqEBiXEwCBjDH8BUyHEko_HE.cer
File: 2y4HqEBiXEwCBjDH8BUyHEko_HE.cer (raw, json)
Hash identifier: LN4EqHXSg3H8pyJy7p9OICPChVkpMx+2DVFpalOSLps=
Subject key identifier: DB:2E:07:A8:40:62:5C:4C:02:06:30:C7:F0:15:32:1C:49:28:FC:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A28F34449C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/2y4HqEBiXEwCBjDH8BUyHEko_HE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:56:05 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 205741
IP: 185.207.208.0/22
IP: 2a0b:2c40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698187269276 (0xa28f34449c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db2e07a840625c4c020630c7f015321c4928fc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:f2:f4:be:3f:6b:79:70:5f:4c:63:81:ac:
c9:ec:2b:71:60:4a:27:87:fb:de:24:e9:5e:56:6e:
ab:af:72:d8:e4:a7:af:19:1c:5b:85:8d:49:ac:47:
72:e0:66:04:85:78:83:42:ae:48:29:6b:78:50:6b:
02:2a:bd:3d:13:77:91:4d:77:8d:21:17:f6:e0:a8:
80:b2:52:ad:bd:f1:1a:0b:1e:7d:bf:53:2d:c2:5f:
04:cf:3c:61:ca:ca:f3:ee:b0:46:b6:4c:ff:36:9f:
a3:54:f4:bb:4e:91:d9:e1:4a:68:57:dc:76:d1:0c:
da:df:b9:37:02:ac:56:28:1a:cd:ed:32:a5:09:e1:
21:91:b5:7c:f7:e2:eb:16:98:29:8a:63:98:43:a3:
17:a7:90:94:6b:89:53:1d:11:08:25:fe:6e:2d:e2:
43:1c:77:b2:7e:0d:dd:7f:8b:8f:ce:e5:d1:4d:8e:
ce:0c:57:12:b1:90:72:82:85:bf:e2:e4:b6:80:db:
d7:1e:6d:0e:83:03:ef:39:95:02:54:90:a1:50:ec:
dd:01:f4:e9:1f:6f:be:12:b4:39:c6:24:2a:0b:10:
cc:f2:36:37:4b:10:c7:63:6e:46:07:8a:be:72:73:
a2:5a:4e:90:52:a1:66:47:96:bc:75:6c:ba:02:24:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2E:07:A8:40:62:5C:4C:02:06:30:C7:F0:15:32:1C:49:28:FC:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/65ccd7-10b8-4af1-89a0-a28957f0206c/1/2y4HqEBiXEwCBjDH8BUyHEko_HE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.208.0/22
IPv6:
2a0b:2c40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205741
Signature Algorithm: sha256WithRSAEncryption
77:f7:97:9f:e5:2c:c1:e7:70:d5:53:0d:c2:b8:fe:97:e9:c9:
03:ec:b5:ba:5c:33:ec:96:15:59:1e:46:0c:b8:1b:07:36:a4:
8e:5f:43:03:ab:d2:e8:0f:fb:c4:13:2f:3c:5e:9c:0e:fc:e2:
5f:98:7d:25:fe:42:d8:21:fd:80:69:5e:b3:63:d0:22:5f:aa:
d4:83:25:79:03:73:87:9b:7b:75:99:95:ae:6a:3e:a6:ea:dc:
14:f0:89:58:10:f3:fe:eb:14:b6:56:2e:59:6c:fa:ac:70:83:
69:75:11:f8:7e:02:43:6e:25:1a:aa:12:c5:9e:0f:43:ea:79:
69:04:97:58:a4:18:94:53:fd:53:41:ae:82:f9:28:4e:e7:4a:
31:21:dc:41:9d:18:b4:a8:fb:f8:08:80:a0:21:e5:92:0e:cb:
7f:4f:65:12:64:c5:e8:c4:35:e8:64:ed:81:dc:12:83:31:e6:
43:d2:00:43:c4:99:7a:5b:08:43:35:83:0c:bf:d3:3d:b0:de:
89:3f:33:d2:31:34:ae:6a:00:01:64:32:18:d1:c3:83:17:78:
9d:c9:e8:17:ef:d0:4e:6b:50:b1:88:7c:81:dc:80:cc:92:96:
c7:eb:c5:91:6f:bc:74:e9:b2:ed:64:0f:9f:8a:ea:be:17:32:
71:e2:8d:af
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKKPNEScMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1NjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYjJlMDdhODQw
NjI1YzRjMDIwNjMwYzdmMDE1MzIxYzQ5MjhmYzcxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAssXy9L4/a3lwX0xjgazJ7CtxYEonh/veJOleVm6rr3LY
5KevGRxbhY1JrEdy4GYEhXiDQq5IKWt4UGsCKr09E3eRTXeNIRf24KiAslKtvfEa
Cx59v1Mtwl8Ezzxhysrz7rBGtkz/Np+jVPS7TpHZ4UpoV9x20Qza37k3AqxWKBrN
7TKlCeEhkbV89+LrFpgpimOYQ6MXp5CUa4lTHREIJf5uLeJDHHeyfg3df4uPzuXR
TY7ODFcSsZBygoW/4uS2gNvXHm0OgwPvOZUCVJChUOzdAfTpH2++ErQ5xiQqCxDM
8jY3SxDHY25GB4q+cnOiWk6QUqFmR5a8dWy6AiRrEQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFNsuB6hAYlxMAgYwx/AVMhxJKPxxMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzY1Y2NkNy0xMGI4LTRhZjEt
ODlhMC1hMjg5NTdmMDIwNmMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNjVjY2Q3LTEwYjgtNGFmMS04
OWEwLWEyODk1N2YwMjA2Yy8xLzJ5NEhxRUJpWEV3Q0JqREg4QlV5SEVrb19IRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuc/QMA0EAgACMAcDBQMqCyxAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMjrTANBgkqhkiG9w0BAQsFAAOCAQEAd/eXn+Uswedw1VMNwrj+l+nJA+y1
ulwz7JYVWR5GDLgbBzakjl9DA6vS6A/7xBMvPF6cDvziX5h9Jf5C2CH9gGles2PQ
Il+q1IMleQNzh5t7dZmVrmo+purcFPCJWBDz/usUtlYuWWz6rHCDaXUR+H4CQ24l
GqoSxZ4PQ+p5aQSXWKQYlFP9U0GugvkoTudKMSHcQZ0YtKj7+AiAoCHlkg7Lf09l
EmTF6MQ16GTtgdwSgzHmQ9IAQ8SZelsIQzWDDL/TPbDeiT8z0jE0rmoAAWQyGNHD
gxd4ncnoF+/QTmtQsYh8gdyAzJKWx+vFkW+8dOmy7WQPn4rqvhcyceKNrw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:45 2023 by rpki-client on console.sobornost.net