Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U4H7YcEgRmBHa9JpVKLoxVuiwsI.cer
File: U4H7YcEgRmBHa9JpVKLoxVuiwsI.cer (raw, json)
Hash identifier: 8kAXZh/d5NQpmI6pnwNdjI5Em0ZpbNpC1YYnNTbAjZY=
Subject key identifier: 53:81:FB:61:C1:20:46:60:47:6B:D2:69:54:A2:E8:C5:5B:A2:C2:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A002D4E382
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5a/97a25f-815e-4607-a5dd-36edf2c195dc/1/U4H7YcEgRmBHa9JpVKLoxVuiwsI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5a/97a25f-815e-4607-a5dd-36edf2c195dc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 06:53:33 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.84.52.0/22
IP: 2a0e:9780::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 687242273666 (0xa002d4e382)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:53:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5381fb61c1204660476bd26954a2e8c55ba2c2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2b:54:7c:19:f6:41:87:f2:92:e1:69:a1:fe:
ba:33:de:55:84:b4:26:3b:6f:03:94:eb:66:90:24:
b6:b0:4c:91:ef:44:cd:6b:30:30:e6:1b:01:1b:96:
dd:33:35:09:05:d8:ce:d5:27:75:78:03:25:5f:c3:
c4:cc:67:d7:04:57:11:ca:29:9b:98:f9:fc:c5:91:
2b:3c:26:35:27:9b:c6:2c:a9:34:00:39:b6:3a:c2:
36:26:71:6a:a9:da:8b:ec:da:ea:30:03:62:f7:c2:
34:c8:b2:0a:b0:43:2f:91:90:50:b2:3c:56:fb:6a:
3a:c5:2a:5d:1f:95:af:3a:d8:19:9e:67:4c:ab:a3:
7f:2e:e8:d3:5a:9d:9e:48:c1:05:b6:48:ef:d5:20:
60:0e:3e:61:16:08:b9:8c:f7:97:41:60:99:c8:21:
21:66:17:1e:dd:a0:b4:7d:7d:72:db:48:2f:fc:a5:
17:97:e6:8c:fc:2f:08:4b:d3:68:5e:d7:05:fa:40:
73:d2:3d:cc:ce:34:98:3d:3d:86:62:a5:d7:74:19:
c6:23:a7:97:85:3f:75:ed:2c:5e:b5:44:d4:99:ec:
b6:5e:75:75:9a:c6:eb:29:ab:eb:e2:27:70:aa:71:
b4:4a:e8:aa:f2:a0:d2:03:9d:56:91:bf:5f:f2:82:
c3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:81:FB:61:C1:20:46:60:47:6B:D2:69:54:A2:E8:C5:5B:A2:C2:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/97a25f-815e-4607-a5dd-36edf2c195dc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/97a25f-815e-4607-a5dd-36edf2c195dc/1/U4H7YcEgRmBHa9JpVKLoxVuiwsI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.52.0/22
IPv6:
2a0e:9780::/29
Signature Algorithm: sha256WithRSAEncryption
4b:d7:2d:d1:9f:f0:46:4a:c3:43:77:7a:e7:b3:c3:42:bd:cd:
ad:32:6f:1e:27:96:be:6b:27:31:3b:46:d9:d1:4b:5c:61:74:
8f:33:bd:90:9b:e8:8c:fc:71:fe:87:e2:55:20:3a:d9:04:13:
21:c1:6f:7e:dc:1d:c8:6b:d6:dd:dd:6e:32:f3:66:36:7d:36:
37:09:e8:51:8e:59:97:ff:5f:3d:77:99:25:9e:89:27:d6:02:
6c:67:bf:d9:3e:c5:25:bd:fe:b6:2b:a5:60:28:6c:c5:8a:b2:
d1:32:38:36:58:7a:bd:d9:0b:d0:76:ad:5d:9b:37:a6:50:9d:
97:4c:25:a6:bb:47:37:b4:9b:a7:9b:5c:b7:8d:00:8e:54:ad:
23:10:33:4d:86:a8:3d:3b:a8:97:32:8e:0e:ee:be:63:f6:79:
4c:b3:e0:e4:97:6b:90:2b:b7:d7:f3:a5:cd:1d:16:45:63:5b:
7f:ac:ac:99:c6:32:38:e1:61:18:5c:ec:95:2a:e3:9b:3c:37:
34:23:d0:7b:2f:86:a1:18:7c:b1:59:49:66:e6:42:e1:64:ad:
50:29:0e:7c:df:d8:03:69:68:e8:43:43:b7:be:01:6e:86:0b:
23:0c:a0:0b:a4:64:d3:10:73:2d:49:93:e2:1d:fa:5e:5c:e9:
96:2c:73:a1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKAC1OOCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDY1MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MzgxZmI2MWMx
MjA0NjYwNDc2YmQyNjk1NGEyZThjNTViYTJjMmMyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwCtUfBn2QYfykuFpof66M95VhLQmO28DlOtmkCS2sEyR
70TNazAw5hsBG5bdMzUJBdjO1Sd1eAMlX8PEzGfXBFcRyimbmPn8xZErPCY1J5vG
LKk0ADm2OsI2JnFqqdqL7NrqMANi98I0yLIKsEMvkZBQsjxW+2o6xSpdH5WvOtgZ
nmdMq6N/LujTWp2eSMEFtkjv1SBgDj5hFgi5jPeXQWCZyCEhZhce3aC0fX1y20gv
/KUXl+aM/C8IS9NoXtcF+kBz0j3MzjSYPT2GYqXXdBnGI6eXhT917SxetUTUmey2
XnV1msbrKavr4idwqnG0Suiq8qDSA51Wkb9f8oLD9QIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFFOB+2HBIEZgR2vSaVSi6MVbosLCMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzk3YTI1Zi04MTVlLTQ2MDct
YTVkZC0zNmVkZjJjMTk1ZGMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvOTdhMjVmLTgxNWUtNDYwNy1h
NWRkLTM2ZWRmMmMxOTVkYy8xL1U0SDdZY0VnUm1CSGE5SnBWS0xveFZ1aXdzSS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLVQ0MA0EAgACMAcDBQMqDpeAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
1y3Rn/BGSsNDd3rns8NCvc2tMm8eJ5a+aycxO0bZ0UtcYXSPM72Qm+iM/HH+h+JV
IDrZBBMhwW9+3B3Ia9bd3W4y82Y2fTY3CehRjlmX/189d5klnokn1gJsZ7/ZPsUl
vf62K6VgKGzFirLRMjg2WHq92QvQdq1dmzemUJ2XTCWmu0c3tJunm1y3jQCOVK0j
EDNNhqg9O6iXMo4O7r5j9nlMs+Dkl2uQK7fX86XNHRZFY1t/rKyZxjI44WEYXOyV
KuObPDc0I9B7L4ahGHyxWUlm5kLhZK1QKQ5839gDaWjoQ0O3vgFuhgsjDKALpGTT
EHMtSZPiHfpeXOmWLHOh
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:48 2023 by rpki-client on console.sobornost.net