Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CfIVD6wsfBlrwrCyXtRU9YUFdiM.cer
File: CfIVD6wsfBlrwrCyXtRU9YUFdiM.cer (raw, json)
Hash identifier: fsd7xL/wOLsRfGU1DZ4WxJi0CvI2RZuNZryxGuszczI=
Subject key identifier: 09:F2:15:0F:AC:2C:7C:19:6B:C2:B0:B2:5E:D4:54:F5:85:05:76:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A654370E4B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/295db1-65a2-4cc7-94b1-73e90d0d4922/1/CfIVD6wsfBlrwrCyXtRU9YUFdiM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/295db1-65a2-4cc7-94b1-73e90d0d4922/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:01:02 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 197132
IP: 91.216.184.0/24
IP: 2001:67c:284c::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714377465419 (0xa654370e4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:01:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09f2150fac2c7c196bc2b0b25ed454f585057623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:76:da:d0:c6:d7:7a:f4:ac:31:34:7e:de:
76:dd:74:03:3a:5f:ad:49:ca:24:2c:da:0b:c5:59:
12:b2:ae:38:ef:39:18:78:52:ca:bc:12:23:bc:4a:
e6:b2:9b:27:ab:0e:aa:c2:4f:9e:61:bc:45:55:70:
2b:6e:29:fa:e6:f2:35:72:d6:f2:d7:3f:4b:6d:3a:
d8:59:4f:27:d1:8a:a3:1d:8d:4b:f8:63:a0:e1:d4:
96:f5:ed:3a:06:f4:5c:07:ad:22:e2:54:c6:e0:c8:
2d:fe:2d:9b:3c:1c:e0:ff:38:a9:c5:d5:0c:db:8b:
9a:44:70:8e:63:75:e4:b4:02:15:dc:f0:b3:ca:bc:
96:07:09:65:6b:ee:fa:19:09:fc:45:47:42:ff:bc:
bc:51:d1:62:c3:47:60:d8:dd:13:c2:72:5c:ad:47:
80:d3:d4:06:5c:69:08:4f:49:1f:5d:e0:a2:fd:2c:
4e:8a:8b:a5:cd:ee:65:49:3c:30:91:49:c8:2a:7b:
dc:6d:dc:38:82:a8:25:f4:d1:e6:c3:0e:da:36:20:
2f:7b:30:31:7e:c9:d1:37:86:57:c4:e6:0d:f1:6a:
53:e3:a4:03:90:f0:a1:42:cb:51:46:8c:27:78:57:
16:97:34:6a:44:17:63:b9:f4:47:53:b5:c4:b4:41:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F2:15:0F:AC:2C:7C:19:6B:C2:B0:B2:5E:D4:54:F5:85:05:76:23
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/295db1-65a2-4cc7-94b1-73e90d0d4922/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/295db1-65a2-4cc7-94b1-73e90d0d4922/1/CfIVD6wsfBlrwrCyXtRU9YUFdiM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.184.0/24
IPv6:
2001:67c:284c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197132
Signature Algorithm: sha256WithRSAEncryption
1a:0a:4b:65:d7:15:37:b5:69:da:47:22:54:ac:0a:8e:32:3a:
3b:77:89:88:a4:02:7c:a6:2a:c7:52:97:6b:ef:fb:44:f6:3a:
b9:5a:d1:ad:4e:b4:ae:95:f1:d4:1f:45:7c:02:96:f1:c7:0c:
d5:e0:6b:89:8e:5c:9f:b1:1b:3f:9d:b3:0d:3d:4a:e4:75:77:
3c:db:5d:b7:92:94:fb:38:53:ce:8a:6d:29:8a:6b:f0:fa:fd:
8b:bb:66:30:62:c1:ca:19:7e:5a:0c:08:82:7a:ab:ef:44:58:
aa:33:37:fe:9a:1f:b4:0d:07:f2:01:79:93:55:a9:09:44:7d:
85:3c:83:ee:a8:6e:20:26:89:e5:f9:9d:1e:8f:15:89:05:b3:
09:70:a6:ad:cc:d4:0d:03:b2:1a:4e:65:c4:32:c4:01:36:f5:
74:6e:15:d0:d4:4a:af:fa:d8:8a:d4:58:b3:72:7d:70:dc:34:
c8:2f:b4:b3:25:07:c4:7f:d6:45:ef:8b:8f:13:62:e7:e9:2f:
8f:f9:61:3e:74:d7:6b:b3:5f:cb:ce:e0:93:43:64:1a:87:9a:
db:d4:0d:73:5f:9d:eb:7d:51:97:3e:e6:92:08:76:da:15:21:
50:50:3e:4f:91:f9:14:05:ba:2e:8a:3a:ed:27:eb:d6:8a:e3:
64:78:a4:9c
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIGAKZUNw5LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwMTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOWYyMTUwZmFj
MmM3YzE5NmJjMmIwYjI1ZWQ0NTRmNTg1MDU3NjIzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAn1122tDG13r0rDE0ft523XQDOl+tScokLNoLxVkSsq44
7zkYeFLKvBIjvErmspsnqw6qwk+eYbxFVXArbin65vI1ctby1z9LbTrYWU8n0Yqj
HY1L+GOg4dSW9e06BvRcB60i4lTG4Mgt/i2bPBzg/zipxdUM24uaRHCOY3XktAIV
3PCzyryWBwlla+76GQn8RUdC/7y8UdFiw0dg2N0TwnJcrUeA09QGXGkIT0kfXeCi
/SxOioulze5lSTwwkUnIKnvcbdw4gqgl9NHmww7aNiAvezAxfsnRN4ZXxOYN8WpT
46QDkPChQstRRowneFcWlzRqRBdjufRHU7XEtEGCCwIDAQABo4ICsTCCAq0wHQYD
VR0OBBYEFAnyFQ+sLHwZa8Kwsl7UVPWFBXYjMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwLzI5NWRiMS02NWEyLTRjYzct
OTRiMS03M2U5MGQwZDQ5MjIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvMjk1ZGIxLTY1YTItNGNjNy05
NGIxLTczZTkwZDBkNDkyMi8xL0NmSVZENndzZkJscndyQ3lYdFJVOVlVRmRpTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQAW9i4MA8EAgACMAkDBwAgAQZ8KEwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAwIMMA0GCSqGSIb3DQEBCwUAA4IBAQAaCktl1xU3tWnaRyJUrAqOMjo7
d4mIpAJ8pirHUpdr7/tE9jq5WtGtTrSulfHUH0V8ApbxxwzV4GuJjlyfsRs/nbMN
PUrkdXc82123kpT7OFPOim0pimvw+v2Lu2YwYsHKGX5aDAiCeqvvRFiqMzf+mh+0
DQfyAXmTVakJRH2FPIPuqG4gJonl+Z0ejxWJBbMJcKatzNQNA7IaTmXEMsQBNvV0
bhXQ1Eqv+tiK1Fizcn1w3DTIL7SzJQfEf9ZF74uPE2Ln6S+P+WE+dNdrs1/LzuCT
Q2Qah5rb1A1zX53rfVGXPuaSCHbaFSFQUD5PkfkUBbouijrtJ+vWiuNkeKSc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:57 2023 by rpki-client on console.sobornost.net