Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b_IQJIqHj9xU-ThcCsVE1_7KY0M.cer
File: b_IQJIqHj9xU-ThcCsVE1_7KY0M.cer (raw, json)
Hash identifier: 2ERW7KNFh4VuRh6NbJNFkowVNWrV56jwuSCAZjPDuTc=
Subject key identifier: 6F:F2:10:24:8A:87:8F:DC:54:F9:38:5C:0A:C5:44:D7:FE:CA:63:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A658DCA7CF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/1da29f-f040-4ea5-ba5c-db6432797c20/1/b_IQJIqHj9xU-ThcCsVE1_7KY0M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/1da29f-f040-4ea5-ba5c-db6432797c20/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:01:14 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 203534
IP: 185.131.184.0/22
IP: 2a0c:7700::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714455427023 (0xa658dca7cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ff210248a878fdc54f9385c0ac544d7feca6343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:07:20:18:44:a0:7c:5a:b6:46:ea:e6:73:41:
79:9a:18:79:6d:2c:3f:d2:f4:ff:e4:d9:65:90:43:
32:e9:a2:14:bb:6b:52:75:30:e5:67:48:98:2b:f2:
89:d4:eb:53:e8:8b:80:60:d1:2a:f8:5d:3e:49:f1:
19:04:e0:7a:80:0e:eb:35:df:22:ba:8b:db:b8:b7:
a8:0e:08:43:84:94:34:0b:85:90:e3:13:52:75:f7:
51:71:a6:9a:a5:53:10:5b:96:b3:04:63:af:19:07:
43:1f:0f:bc:ec:bd:fd:18:2c:26:2e:d2:2e:60:f2:
78:e7:82:5b:6b:5f:73:94:77:e2:0b:07:cb:4a:4c:
96:d7:6f:3c:fd:5a:e4:a2:df:45:49:12:d8:01:54:
1d:68:6d:f1:fa:26:79:43:8b:00:e2:91:63:78:50:
80:4a:24:a2:71:59:a4:d9:06:ee:b5:0f:44:d9:cf:
de:7a:92:11:73:f9:70:ad:6b:1f:2f:e6:a8:f9:6e:
f3:35:4c:2b:95:29:b6:0f:37:3d:54:45:84:0e:15:
b4:ed:f1:a5:a1:80:17:97:22:30:05:c5:ed:b0:ed:
a9:6d:59:eb:56:a2:07:f8:c3:1b:45:06:32:a3:62:
15:1b:cb:50:e3:3b:38:53:ba:7b:88:f1:fd:00:2d:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F2:10:24:8A:87:8F:DC:54:F9:38:5C:0A:C5:44:D7:FE:CA:63:43
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/1da29f-f040-4ea5-ba5c-db6432797c20/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/1da29f-f040-4ea5-ba5c-db6432797c20/1/b_IQJIqHj9xU-ThcCsVE1_7KY0M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.184.0/22
IPv6:
2a0c:7700::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203534
Signature Algorithm: sha256WithRSAEncryption
25:c7:0d:90:cd:aa:1d:82:48:ba:f6:11:0a:c9:d8:ab:63:53:
d2:64:54:e0:00:b4:1e:ee:bc:08:ac:8b:ec:59:e5:35:0e:a0:
c5:10:cd:b7:b4:9f:ac:25:29:7a:a4:dd:6e:c9:5c:bd:91:b2:
9c:a6:25:66:c0:1b:0e:4f:2c:f2:6e:5a:28:f7:a7:7f:bb:ae:
18:61:07:8c:d8:af:ad:33:3f:08:64:f2:f5:ee:a6:97:1f:af:
58:f8:31:61:2e:8f:51:6a:57:0b:af:d7:18:c5:84:39:ab:0e:
5e:9c:29:60:d2:c9:79:b7:3c:03:a0:a1:54:e4:ad:2e:b2:38:
de:fd:9f:d4:23:7b:64:1a:4a:7e:79:08:ea:7d:9e:9b:a9:3a:
79:07:a0:e9:49:e6:55:89:ba:d3:c6:42:65:8d:fb:55:e7:ee:
65:fb:86:4f:d7:03:56:48:0f:44:a7:6e:67:47:01:aa:bf:3b:
2d:16:f4:d6:0c:b1:dc:03:eb:c5:3e:e1:07:7b:55:0a:65:4d:
7e:b5:c7:58:a2:bd:98:82:13:4f:2e:6d:5d:6f:e5:5c:ab:2f:
6d:36:70:c2:52:47:f4:22:ac:f3:81:04:23:dc:d5:ef:4c:9b:
02:6a:28:52:55:80:14:b1:08:9b:ae:01:24:c1:4c:1b:ae:4c:
54:26:09:81
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAKZY3KfPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZmYyMTAyNDhh
ODc4ZmRjNTRmOTM4NWMwYWM1NDRkN2ZlY2E2MzQzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAjAcgGESgfFq2Rurmc0F5mhh5bSw/0vT/5NllkEMy6aIU
u2tSdTDlZ0iYK/KJ1OtT6IuAYNEq+F0+SfEZBOB6gA7rNd8iuovbuLeoDghDhJQ0
C4WQ4xNSdfdRcaaapVMQW5azBGOvGQdDHw+87L39GCwmLtIuYPJ454Jba19zlHfi
CwfLSkyW1288/Vrkot9FSRLYAVQdaG3x+iZ5Q4sA4pFjeFCASiSicVmk2QbutQ9E
2c/eepIRc/lwrWsfL+ao+W7zNUwrlSm2Dzc9VEWEDhW07fGloYAXlyIwBcXtsO2p
bVnrVqIH+MMbRQYyo2IVG8tQ4zs4U7p7iPH9AC0T8QIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFG/yECSKh4/cVPk4XArFRNf+ymNDMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhLzFkYTI5Zi1mMDQwLTRlYTUt
YmE1Yy1kYjY0MzI3OTdjMjAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvMWRhMjlmLWYwNDAtNGVhNS1i
YTVjLWRiNjQzMjc5N2MyMC8xL2JfSVFKSXFIajl4VS1UaGNDc1ZFMV83S1kwTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuYO4MA0EAgACMAcDBQAqDHcAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMbDjANBgkqhkiG9w0BAQsFAAOCAQEAJccNkM2qHYJIuvYRCsnYq2NT0mRU
4AC0Hu68CKyL7FnlNQ6gxRDNt7SfrCUpeqTdbslcvZGynKYlZsAbDk8s8m5aKPen
f7uuGGEHjNivrTM/CGTy9e6mlx+vWPgxYS6PUWpXC6/XGMWEOasOXpwpYNLJebc8
A6ChVOStLrI43v2f1CN7ZBpKfnkI6n2em6k6eQeg6UnmVYm608ZCZY37VefuZfuG
T9cDVkgPRKduZ0cBqr87LRb01gyx3APrxT7hB3tVCmVNfrXHWKK9mIITTy5tXW/l
XKsvbTZwwlJH9CKs84EEI9zV70ybAmooUlWAFLEIm64BJMFMG65MVCYJgQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:05 2023 by rpki-client on console.sobornost.net