Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SbPeml_YRsoEmIZg4ahBMpGXBxs.cer
File: SbPeml_YRsoEmIZg4ahBMpGXBxs.cer (raw, json)
Hash identifier: XE4EpHidTuY6XsSFEI94Hp3TCPhnatlLiWOjs4KumQU=
Subject key identifier: 49:B3:DE:9A:5F:D8:46:CA:04:98:86:60:E1:A8:41:32:91:97:07:1B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A45CC69B1E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/9a0ba0-8ec7-4a92-93e6-291c5b1b6df1/1/SbPeml_YRsoEmIZg4ahBMpGXBxs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/9a0ba0-8ec7-4a92-93e6-291c5b1b6df1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:04:14 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.250.40.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705931156254 (0xa45cc69b1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49b3de9a5fd846ca04988660e1a841329197071b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:73:e0:a4:ed:6c:6d:87:2d:f0:14:c5:8a:
0f:5e:04:c8:34:80:e7:97:eb:a7:d8:3f:b1:29:c4:
32:e7:a6:33:f1:67:7b:da:e3:8b:66:d0:58:9c:a2:
02:e1:30:14:79:e4:ab:ad:6a:20:ad:7b:32:5d:b5:
0c:81:f4:e3:dc:10:35:7e:a0:8c:36:4e:ef:1e:58:
79:19:70:92:bc:67:da:79:07:81:60:a4:2c:db:b9:
b7:7c:58:55:84:41:f4:d4:49:f5:f3:d9:3f:5f:d8:
e7:75:91:0e:70:df:7f:1a:8f:19:53:2f:9f:d9:de:
8f:e3:65:b2:c4:b0:05:b7:a3:4a:0b:c9:37:dd:4c:
45:65:af:4d:38:99:e4:e9:4c:aa:4c:ca:6e:8a:51:
be:51:f6:01:f7:2c:ba:ec:7a:52:fc:ca:82:2e:96:
65:31:b9:69:b8:3b:d9:ef:fa:64:4f:0d:90:c6:5e:
7f:0b:23:b0:f0:e0:1d:a5:86:7d:97:7b:a9:fd:dd:
8a:9d:f5:db:e2:54:37:df:e9:5d:0c:23:bc:4c:46:
a2:1b:59:78:a1:fa:19:d3:5c:ff:94:5a:12:b5:cd:
63:6c:f1:3b:85:b1:26:b1:c5:22:81:8f:a5:95:79:
0e:d2:57:f7:b2:6c:71:b6:2a:b3:3c:2a:c1:54:e9:
e9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B3:DE:9A:5F:D8:46:CA:04:98:86:60:E1:A8:41:32:91:97:07:1B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9a0ba0-8ec7-4a92-93e6-291c5b1b6df1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/9a0ba0-8ec7-4a92-93e6-291c5b1b6df1/1/SbPeml_YRsoEmIZg4ahBMpGXBxs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.40.0/22
Signature Algorithm: sha256WithRSAEncryption
31:86:e8:e6:ac:59:9c:04:4d:d6:65:eb:b7:7a:fb:42:70:55:
c8:37:40:ee:ef:15:94:0f:a7:09:50:c5:bc:79:33:53:13:54:
99:ca:ff:bf:fb:96:00:03:2e:86:c0:28:bc:31:72:f5:22:0d:
46:fc:86:53:fc:01:c9:d8:7a:d2:79:f4:d0:ef:45:fd:ab:4f:
f7:b2:89:b1:ec:39:7d:9f:18:7b:ff:a0:84:4d:1d:b2:f6:99:
c7:fe:82:11:cc:15:25:af:37:bd:8a:97:2c:28:3e:ed:e2:9b:
57:ea:2a:20:b4:79:d9:90:3a:f7:37:5a:47:ad:d7:da:21:e7:
00:d3:da:29:ca:35:bf:43:ce:67:65:40:67:ed:0c:45:0d:d7:
22:ed:8b:ea:cc:a6:34:c0:54:bf:41:6a:d8:a9:86:49:a6:cf:
05:95:5b:5d:c3:c9:d3:36:19:f6:0a:45:24:f3:7c:53:f7:eb:
79:93:08:a5:10:f7:f0:19:da:8b:2c:d9:e2:b4:37:48:14:31:
2a:24:51:fa:bc:7c:ad:2d:3f:6e:32:58:69:d3:33:71:48:8b:
be:7e:37:a5:9e:8a:95:c9:bc:27:8c:55:0f:27:7a:b4:bd:6f:
fc:b1:9d:65:c3:71:46:df:13:a5:11:33:99:6b:b2:36:1f:40:
dd:7f:a1:16
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKRcxpseMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwNDE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0OWIzZGU5YTVm
ZDg0NmNhMDQ5ODg2NjBlMWE4NDEzMjkxOTcwNzFiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAq1Rz4KTtbG2HLfAUxYoPXgTINIDnl+un2D+xKcQy56Yz
8Wd72uOLZtBYnKIC4TAUeeSrrWogrXsyXbUMgfTj3BA1fqCMNk7vHlh5GXCSvGfa
eQeBYKQs27m3fFhVhEH01En189k/X9jndZEOcN9/Go8ZUy+f2d6P42WyxLAFt6NK
C8k33UxFZa9NOJnk6UyqTMpuilG+UfYB9yy67HpS/MqCLpZlMblpuDvZ7/pkTw2Q
xl5/CyOw8OAdpYZ9l3up/d2KnfXb4lQ33+ldDCO8TEaiG1l4ofoZ01z/lFoStc1j
bPE7hbEmscUigY+llXkO0lf3smxxtiqzPCrBVOnpdQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFEmz3ppf2EbKBJiGYOGoQTKRlwcbMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyLzlhMGJhMC04ZWM3LTRhOTIt
OTNlNi0yOTFjNWIxYjZkZjEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvOWEwYmEwLThlYzctNGE5Mi05
M2U2LTI5MWM1YjFiNmRmMS8xL1NiUGVtbF9ZUnNvRW1JWmc0YWhCTXBHWEJ4cy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCufooMA0GCSqGSIb3DQEBCwUAA4IBAQAxhujmrFmcBE3WZeu3evtC
cFXIN0Du7xWUD6cJUMW8eTNTE1SZyv+/+5YAAy6GwCi8MXL1Ig1G/IZT/AHJ2HrS
efTQ70X9q0/3somx7Dl9nxh7/6CETR2y9pnH/oIRzBUlrze9ipcsKD7t4ptX6iog
tHnZkDr3N1pHrdfaIecA09opyjW/Q85nZUBn7QxFDdci7YvqzKY0wFS/QWrYqYZJ
ps8FlVtdw8nTNhn2CkUk83xT9+t5kwilEPfwGdqLLNnitDdIFDEqJFH6vHytLT9u
Mlhp0zNxSIu+fjelnoqVybwnjFUPJ3q0vW/8sZ1lw3FG3xOlETOZa7I2H0Ddf6EW
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:38 2023 by rpki-client on console.sobornost.net