Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YAB38hSPbYdXlJmVEU_fUQBUoKY.cer
File: YAB38hSPbYdXlJmVEU_fUQBUoKY.cer (raw, json)
Hash identifier: TZzlRiN3GorHl4JmMcGkpI9YDUdG7Prct7ZMnZk+FUc=
Subject key identifier: 60:00:77:F2:14:8F:6D:87:57:94:99:95:11:4F:DF:51:00:54:A0:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A3AF134BCB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/98/72ee7b-6018-49e8-85a7-258ecb4ee605/1/YAB38hSPbYdXlJmVEU_fUQBUoKY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/98/72ee7b-6018-49e8-85a7-258ecb4ee605/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 09:56:08 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 47387
IP: 195.190.20.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703016946635 (0xa3af134bcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=600077f2148f6d8757949995114fdf510054a0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:85:74:89:13:43:0c:d5:aa:57:41:8e:3a:c3:
a8:91:ca:d4:fa:65:14:4a:ad:f0:3c:1e:b6:a6:1d:
ae:0a:2f:86:0f:ad:91:60:0d:2a:8a:63:90:91:17:
70:38:e6:39:30:f8:ee:da:aa:33:94:08:00:33:2e:
20:4b:04:5e:a0:d1:19:45:7b:27:50:20:4f:e9:85:
17:83:bd:13:71:b5:bb:11:40:de:b6:58:a3:68:d5:
df:3d:bc:59:6d:cb:1e:a7:2d:2b:ee:18:d6:5f:29:
83:58:82:31:37:bc:0c:c3:eb:b2:61:29:9c:e4:5f:
e9:b9:2e:ce:82:57:4e:1d:b7:12:1a:d2:81:4f:06:
7e:85:db:d6:03:21:f4:7d:a0:80:fa:9c:fd:c6:42:
60:95:bc:40:aa:53:04:18:9e:c9:f1:4c:d9:6d:43:
73:7c:20:92:30:2d:88:85:3f:4f:27:18:3a:88:31:
1e:2f:3a:4f:86:a5:5e:46:8d:e2:8a:a0:48:5c:79:
ef:13:e3:e2:35:d2:ad:95:a3:bf:25:45:97:04:d8:
9f:b5:f9:61:0d:69:f1:61:71:cb:38:85:3a:f6:49:
67:69:3e:a3:af:7d:f2:7f:85:76:b3:9b:6f:4e:7f:
01:49:12:fc:c6:37:a6:d9:d3:18:4e:06:3c:96:17:
99:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:00:77:F2:14:8F:6D:87:57:94:99:95:11:4F:DF:51:00:54:A0:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72ee7b-6018-49e8-85a7-258ecb4ee605/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72ee7b-6018-49e8-85a7-258ecb4ee605/1/YAB38hSPbYdXlJmVEU_fUQBUoKY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.20.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47387
Signature Algorithm: sha256WithRSAEncryption
a2:fc:77:74:7c:d1:4e:44:6a:0e:38:f7:02:8c:23:5f:48:9e:
01:fc:0e:c2:60:13:7f:6d:37:c4:8d:74:9f:13:f5:6e:c9:33:
60:1a:97:bc:b1:3a:49:bc:60:28:26:07:74:68:e9:9f:aa:7b:
dd:58:4a:88:e9:99:a8:1e:fc:0f:b4:83:f5:32:d0:49:45:ba:
8c:40:8d:e4:45:e0:f0:55:4a:6a:d2:f3:5a:ed:6c:5b:21:d8:
c8:8e:81:eb:34:26:db:4c:3d:c5:eb:f3:ea:1f:b1:a9:55:c9:
b9:9d:1e:d1:db:31:52:fb:56:42:9a:bc:55:c6:2a:19:fd:34:
9c:22:7b:84:25:4b:64:b3:7b:65:88:05:da:b5:45:a5:85:20:
d4:37:02:cf:00:ad:19:0c:c2:82:aa:fd:10:54:0d:2c:c9:bb:
59:25:b0:17:14:47:f5:e8:82:ee:e0:38:e0:37:51:bc:d6:a6:
01:17:f1:63:67:16:7c:49:d3:da:1a:33:95:4c:31:fa:ae:70:
0b:be:53:d3:8a:5a:a2:e0:12:a3:be:c5:84:2f:9d:46:68:42:
3f:2f:a9:c7:62:10:4b:34:a3:4d:ed:08:cb:6e:8b:88:a2:1e:
30:66:bb:52:d4:94:62:3c:ba:04:55:45:12:d0:5b:f7:b8:26:
72:e8:33:09
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKOvE0vLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDk1NjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MDAwNzdmMjE0
OGY2ZDg3NTc5NDk5OTUxMTRmZGY1MTAwNTRhMGE2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAjIV0iRNDDNWqV0GOOsOokcrU+mUUSq3wPB62ph2uCi+G
D62RYA0qimOQkRdwOOY5MPju2qozlAgAMy4gSwReoNEZRXsnUCBP6YUXg70TcbW7
EUDetlijaNXfPbxZbcsepy0r7hjWXymDWIIxN7wMw+uyYSmc5F/puS7OgldOHbcS
GtKBTwZ+hdvWAyH0faCA+pz9xkJglbxAqlMEGJ7J8UzZbUNzfCCSMC2IhT9PJxg6
iDEeLzpPhqVeRo3iiqBIXHnvE+PiNdKtlaO/JUWXBNiftflhDWnxYXHLOIU69kln
aT6jr33yf4V2s5tvTn8BSRL8xjem2dMYTgY8lheZYQIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFGAAd/IUj22HV5SZlRFP31EAVKCmMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4LzcyZWU3Yi02MDE4LTQ5ZTgt
ODVhNy0yNThlY2I0ZWU2MDUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvNzJlZTdiLTYwMTgtNDllOC04
NWE3LTI1OGVjYjRlZTYwNS8xL1lBQjM4aFNQYllkWGxKbVZFVV9mVVFCVW9LWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAw74UMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC5GzANBgkqhkiG
9w0BAQsFAAOCAQEAovx3dHzRTkRqDjj3AowjX0ieAfwOwmATf203xI10nxP1bskz
YBqXvLE6SbxgKCYHdGjpn6p73VhKiOmZqB78D7SD9TLQSUW6jECN5EXg8FVKatLz
Wu1sWyHYyI6B6zQm20w9xevz6h+xqVXJuZ0e0dsxUvtWQpq8VcYqGf00nCJ7hCVL
ZLN7ZYgF2rVFpYUg1DcCzwCtGQzCgqr9EFQNLMm7WSWwFxRH9eiC7uA44DdRvNam
ARfxY2cWfEnT2hozlUwx+q5wC75T04paouASo77FhC+dRmhCPy+px2IQSzSjTe0I
y26LiKIeMGa7UtSUYjy6BFVFEtBb97gmcugzCQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:44:15 2023 by rpki-client on console.sobornost.net