Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3HMIO-1Eh3F-59kMZ1E3nFtpFcI.cer
File: 3HMIO-1Eh3F-59kMZ1E3nFtpFcI.cer (raw, json)
Hash identifier: NVUJ+qSbzRcGaDeB05WQpKwYjwDQyX7vuKAJ3mSncVk=
Subject key identifier: DC:73:08:3B:ED:44:87:71:7E:E7:D9:0C:67:51:37:9C:5B:69:15:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A24B1824C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ce/1d42cd-00b0-4333-874b-3718656a40e8/1/3HMIO-1Eh3F-59kMZ1E3nFtpFcI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ce/1d42cd-00b0-4333-874b-3718656a40e8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 08:53:28 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.190.89.0/24
IP: 2a10:64c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 697044575424 (0xa24b1824c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:53:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc73083bed4487717ee7d90c6751379c5b6915c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:1f:86:d2:f9:e4:2a:47:02:3b:5a:8c:da:
ef:7f:f4:18:61:dd:7c:5b:70:b4:a0:63:a8:63:3a:
dd:1a:2f:ac:aa:3d:69:95:71:8f:90:c2:b0:6c:2d:
16:75:6e:a8:1a:13:df:62:56:a2:3c:b1:ca:2b:bb:
e9:35:7e:cc:90:c9:3b:60:36:4d:0f:60:b2:3c:1f:
e1:62:ba:64:53:cb:2c:82:1a:77:b2:37:ce:19:82:
01:be:9b:e7:d2:b0:93:67:f3:82:bf:d0:74:11:65:
ec:52:47:3e:72:4c:cf:35:19:25:c8:42:e8:a4:51:
aa:a5:c2:85:80:8f:e6:da:5b:87:f5:3e:a2:0f:6c:
98:31:d2:8d:d9:5e:11:a4:97:38:fb:9a:42:ca:78:
6c:20:af:2f:88:70:2a:c1:ce:99:dd:45:c2:d7:f7:
63:0d:92:91:25:98:01:32:41:a6:d1:27:72:1a:ca:
cd:87:af:35:22:55:1a:20:b8:0f:de:e0:f6:65:6d:
12:a1:37:9e:03:9e:c4:ab:7a:13:49:dd:0c:23:a1:
33:a5:c6:65:92:d1:91:12:5c:f2:72:e5:8f:96:b0:
85:80:69:e4:6c:c1:33:ec:65:98:8e:0c:61:d0:9f:
6e:20:8b:a8:2d:6d:dd:5d:5a:1f:50:81:d0:56:21:
40:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:73:08:3B:ED:44:87:71:7E:E7:D9:0C:67:51:37:9C:5B:69:15:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d42cd-00b0-4333-874b-3718656a40e8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d42cd-00b0-4333-874b-3718656a40e8/1/3HMIO-1Eh3F-59kMZ1E3nFtpFcI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.89.0/24
IPv6:
2a10:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
90:9a:58:b9:80:89:d7:d7:21:a3:e6:da:43:21:f1:c0:1f:3d:
f0:b5:6a:b5:72:b2:53:9a:68:0c:87:0a:6a:c5:b6:b1:93:9f:
4d:54:36:c6:66:90:41:81:75:2a:a9:e3:d6:d0:32:de:07:41:
ee:42:79:75:c1:cb:b7:59:b0:30:7d:67:6f:d6:fd:61:d4:de:
0c:e5:0f:91:52:47:7c:16:99:6e:34:7d:dc:85:7c:a9:e7:5d:
74:1f:18:a1:d3:a3:9c:03:b4:02:62:9f:88:27:38:52:1c:22:
e9:f1:a2:bc:9b:74:cc:20:63:f5:cd:90:73:7e:f6:98:c1:de:
bd:99:23:45:8d:73:d2:43:7e:68:16:e6:a6:f2:d9:38:ea:19:
ad:5b:10:bf:79:e8:04:60:3b:c2:d2:e3:21:c2:98:dc:80:f2:
4c:6a:00:8e:e0:fa:77:91:2d:be:55:0b:41:3e:24:dc:fe:b9:
08:e5:75:73:f1:c0:6a:61:ab:52:58:ba:64:16:16:82:32:d1:
03:98:69:10:57:f7:ab:d1:d6:3e:ba:2b:23:8b:05:74:51:f3:
31:de:f7:6a:42:c3:f4:20:e4:f9:17:3b:e0:b4:a2:b6:62:d6:
7b:cd:b1:3c:90:17:8c:39:44:5a:57:45:ff:a6:4a:04:e6:67:
5e:bf:28:e7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKJLGCTAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDg1MzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYzczMDgzYmVk
NDQ4NzcxN2VlN2Q5MGM2NzUxMzc5YzViNjkxNWMyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqTkfhtL55CpHAjtajNrvf/QYYd18W3C0oGOoYzrdGi+s
qj1plXGPkMKwbC0WdW6oGhPfYlaiPLHKK7vpNX7MkMk7YDZND2CyPB/hYrpkU8ss
ghp3sjfOGYIBvpvn0rCTZ/OCv9B0EWXsUkc+ckzPNRklyELopFGqpcKFgI/m2luH
9T6iD2yYMdKN2V4RpJc4+5pCynhsIK8viHAqwc6Z3UXC1/djDZKRJZgBMkGm0Sdy
GsrNh681IlUaILgP3uD2ZW0SoTeeA57Eq3oTSd0MI6EzpcZlktGRElzycuWPlrCF
gGnkbMEz7GWYjgxh0J9uIIuoLW3dXVofUIHQViFA8wIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFNxzCDvtRIdxfufZDGdRN5xbaRXCMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NlLzFkNDJjZC0wMGIwLTQzMzMt
ODc0Yi0zNzE4NjU2YTQwZTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2UvMWQ0MmNkLTAwYjAtNDMzMy04
NzRiLTM3MTg2NTZhNDBlOC8xLzNITUlPLTFFaDNGLTU5a01aMUUzbkZ0cEZjSS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAub5ZMA0EAgACMAcDBQMqEGTAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
mli5gInX1yGj5tpDIfHAHz3wtWq1crJTmmgMhwpqxbaxk59NVDbGZpBBgXUqqePW
0DLeB0HuQnl1wcu3WbAwfWdv1v1h1N4M5Q+RUkd8FpluNH3chXyp5110Hxih06Oc
A7QCYp+IJzhSHCLp8aK8m3TMIGP1zZBzfvaYwd69mSNFjXPSQ35oFuam8tk46hmt
WxC/eegEYDvC0uMhwpjcgPJMagCO4Pp3kS2+VQtBPiTc/rkI5XVz8cBqYatSWLpk
FhaCMtEDmGkQV/er0dY+uisjiwV0UfMx3vdqQsP0IOT5FzvgtKK2YtZ7zbE8kBeM
OURaV0X/pkoE5mdevyjn
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:49 2023 by rpki-client on console.sobornost.net