Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38TsIRjIDPl7XhkEK6j73QOFMUE.cer
File: 38TsIRjIDPl7XhkEK6j73QOFMUE.cer (raw, json)
Hash identifier: 7GuDuWkUjcU+A3pVMVRFvt4yZyusbAESJDAKxcUcW6w=
Subject key identifier: DF:C4:EC:21:18:C8:0C:F9:7B:5E:19:04:2B:A8:FB:DD:03:85:31:41
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AD80FF587F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/5070be-d190-4ec0-ace8-d03b37bedace/1/38TsIRjIDPl7XhkEK6j73QOFMUE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/5070be-d190-4ec0-ace8-d03b37bedace/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 17 Feb 2022 12:59:17 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.216.171.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 745193560191 (0xad80ff587f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 17 12:59:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfc4ec2118c80cf97b5e19042ba8fbdd03853141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8f:59:d8:80:35:b9:65:d9:30:1a:85:e6:29:
9d:54:7f:c7:6c:35:42:4e:3e:2d:32:d2:d1:4e:2f:
27:ff:30:c3:69:58:99:c6:55:b2:d0:6a:b5:93:83:
15:b2:8b:51:d9:c2:5b:84:bc:67:9e:13:c6:e1:52:
8e:e3:3e:e9:0f:56:90:90:d3:03:04:2f:16:ed:2b:
fc:e2:12:f4:d7:23:d6:8a:5b:88:f7:d9:50:20:f2:
42:d3:9c:de:d7:e0:f7:f3:3b:e1:51:3c:c3:01:c7:
ca:48:67:8e:7d:20:86:18:e9:a2:1d:ac:e4:45:3c:
3d:3e:54:d9:23:b7:f8:00:ff:99:a6:46:73:ad:a8:
27:bb:aa:d8:6c:0c:65:af:64:f6:de:6d:07:64:90:
b3:a5:88:63:0e:8e:13:86:80:a5:e4:fe:b2:7d:3e:
a0:77:77:12:db:24:c6:3a:00:17:03:a6:40:0f:6c:
d8:20:db:15:b9:83:c8:15:eb:c6:3c:cc:dc:cc:27:
2a:dc:00:d6:bd:6c:f5:97:fe:d1:6e:ae:51:6a:39:
cf:8f:e2:e1:b3:f8:df:22:94:a3:27:5a:b1:92:67:
b4:1f:bb:a8:9b:4b:e6:b6:f6:84:05:e3:26:b9:eb:
af:a5:39:cf:8e:6d:64:c7:52:f3:31:a6:a4:31:7e:
a7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C4:EC:21:18:C8:0C:F9:7B:5E:19:04:2B:A8:FB:DD:03:85:31:41
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5070be-d190-4ec0-ace8-d03b37bedace/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5070be-d190-4ec0-ace8-d03b37bedace/1/38TsIRjIDPl7XhkEK6j73QOFMUE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.171.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:9c:2d:2a:6d:3c:fe:ce:fa:90:33:85:07:de:f3:60:9a:81:
80:33:19:45:3a:7e:1f:22:48:2d:35:d6:b4:59:db:5c:cf:21:
ab:7b:c2:7a:c0:5f:04:18:be:8d:6b:f3:5d:90:51:10:d1:d3:
d4:cc:cb:d7:5b:b6:85:63:cc:b7:dc:fd:c2:35:bb:04:dd:ea:
20:7e:0c:d7:0c:a3:eb:6c:50:2f:50:89:fe:2a:26:24:fa:c8:
5e:d4:58:e2:e2:42:da:b5:c6:a0:4c:95:f2:d8:eb:d7:0d:f2:
67:03:72:3b:5b:1a:7d:49:75:f5:cf:35:9e:9e:89:c6:0b:70:
21:5b:bc:8a:9d:f9:16:50:f4:e1:fe:b9:7b:eb:c4:4c:d1:7c:
24:74:af:d1:af:e3:b6:ba:7e:14:51:a6:10:00:2a:9d:84:ab:
7c:a2:3a:00:14:05:36:e2:d4:36:71:87:3e:92:b6:eb:dc:5a:
c9:94:5b:c7:88:ca:1a:1b:9e:c6:5b:ed:79:ad:56:25:29:12:
6f:e0:60:c1:f8:8a:67:ba:87:06:d7:60:95:36:58:41:a6:a3:
38:16:7e:01:8c:36:be:c6:54:29:d7:30:ad:85:1c:57:0a:99:
79:15:28:f7:c7:d3:b6:55:d8:3d:b7:82:9e:de:04:2e:82:29:
a3:0e:76:0e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAK2A/1h/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MjE3MTI1OTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZmM0ZWMyMTE4
YzgwY2Y5N2I1ZTE5MDQyYmE4ZmJkZDAzODUzMTQxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0Y9Z2IA1uWXZMBqF5imdVH/HbDVCTj4tMtLRTi8n/zDD
aViZxlWy0Gq1k4MVsotR2cJbhLxnnhPG4VKO4z7pD1aQkNMDBC8W7Sv84hL01yPW
iluI99lQIPJC05ze1+D38zvhUTzDAcfKSGeOfSCGGOmiHazkRTw9PlTZI7f4AP+Z
pkZzragnu6rYbAxlr2T23m0HZJCzpYhjDo4ThoCl5P6yfT6gd3cS2yTGOgAXA6ZA
D2zYINsVuYPIFevGPMzczCcq3ADWvWz1l/7Rbq5RajnPj+Lhs/jfIpSjJ1qxkme0
H7uom0vmtvaEBeMmueuvpTnPjm1kx1LzMaakMX6nWwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFN/E7CEYyAz5e14ZBCuo+90DhTFBMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0LzUwNzBiZS1kMTkwLTRlYzAt
YWNlOC1kMDNiMzdiZWRhY2UvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvNTA3MGJlLWQxOTAtNGVjMC1h
Y2U4LWQwM2IzN2JlZGFjZS8xLzM4VHNJUmpJRFBsN1hoa0VLNmo3M1FPRk1VRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAW9irMA0GCSqGSIb3DQEBCwUAA4IBAQANnC0qbTz+zvqQM4UH3vNg
moGAMxlFOn4fIkgtNda0WdtczyGre8J6wF8EGL6Na/NdkFEQ0dPUzMvXW7aFY8y3
3P3CNbsE3eogfgzXDKPrbFAvUIn+KiYk+she1Fji4kLatcagTJXy2OvXDfJnA3I7
Wxp9SXX1zzWenonGC3AhW7yKnfkWUPTh/rl768RM0XwkdK/Rr+O2un4UUaYQACqd
hKt8ojoAFAU24tQ2cYc+krbr3FrJlFvHiMoaG57GW+15rVYlKRJv4GDB+IpnuocG
12CVNlhBpqM4Fn4BjDa+xlQp1zCthRxXCpl5FSj3x9O2Vdg9t4Ke3gQugimjDnYO
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:08 2023 by rpki-client on console.sobornost.net