Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/od0z45E3bAVvOySWtLTGUP6IHLg.cer
File: od0z45E3bAVvOySWtLTGUP6IHLg.cer (raw, json)
Hash identifier: HqRuI3ppNkETQQ6txNPPPkx7CDAYgo60eF5sRm5tjT0=
Subject key identifier: A1:DD:33:E3:91:37:6C:05:6F:3B:24:96:B4:B4:C6:50:FE:88:1C:B8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A658A139F9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ed/b64cd3-bdf9-4f39-9393-e1c448170efa/1/od0z45E3bAVvOySWtLTGUP6IHLg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ed/b64cd3-bdf9-4f39-9393-e1c448170efa/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:01:13 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 95.214.160.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714451532281 (0xa658a139f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1dd33e391376c056f3b2496b4b4c650fe881cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:ba:ff:05:f7:5b:5a:e8:4a:07:99:b5:d3:
d1:7e:90:96:1d:94:a5:e3:35:c6:99:25:aa:b9:2b:
d0:22:63:65:86:1c:b9:5b:bd:b1:a1:31:44:41:b2:
4b:46:f0:88:10:d4:a2:9f:5a:94:8a:c3:73:4c:d8:
6c:ed:df:25:0e:ce:e8:c9:63:3c:d0:74:db:a2:88:
f4:97:93:96:c9:2e:f4:89:06:f6:1d:23:e2:d0:03:
38:dc:6a:63:2a:c7:cc:7a:06:6a:84:4d:d9:50:57:
77:a7:70:b6:c1:c9:2d:98:2a:35:cd:5f:dd:e9:9a:
da:ff:4e:4d:a6:cf:2a:e8:f0:30:8e:b7:18:b2:0d:
90:43:92:f2:9a:5c:47:91:ac:ac:33:9b:ff:a3:13:
86:92:85:bb:2f:90:d5:75:1f:1a:82:9a:84:2b:3e:
37:5a:fb:3b:80:61:b7:e5:b2:f7:48:8a:ea:44:ab:
69:f5:54:09:28:1f:87:51:e2:02:ec:52:02:c1:34:
89:18:64:68:21:c1:88:b5:21:f2:10:7c:1c:f5:05:
04:9c:ee:b2:10:88:2b:da:10:0b:24:a3:73:e5:37:
cc:ab:31:93:45:20:c0:c6:c9:9c:26:ca:14:96:a4:
8c:8e:3d:4c:3f:7f:89:ae:49:8b:0a:4b:47:8d:07:
49:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DD:33:E3:91:37:6C:05:6F:3B:24:96:B4:B4:C6:50:FE:88:1C:B8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b64cd3-bdf9-4f39-9393-e1c448170efa/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/b64cd3-bdf9-4f39-9393-e1c448170efa/1/od0z45E3bAVvOySWtLTGUP6IHLg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.160.0/22
Signature Algorithm: sha256WithRSAEncryption
09:d2:73:84:03:2d:bd:40:a2:6b:cb:74:7a:61:31:38:01:3a:
be:e2:5c:af:e8:c2:d4:86:e1:3f:f6:6a:dc:84:35:a4:ca:af:
3d:77:a9:79:d2:9a:9d:6d:bb:25:f7:83:18:92:05:e8:80:38:
89:6f:bd:5b:04:45:e7:e2:14:9f:93:c0:9a:ab:8c:b8:a6:7c:
b4:cf:75:58:3f:13:fd:61:14:61:9a:f1:97:b1:51:2d:87:28:
0a:1c:2d:a3:d7:b0:d9:dc:2f:85:1c:bc:be:11:8c:78:b9:ac:
d1:dd:d4:a4:79:6f:fc:85:0a:cf:7b:b8:ab:31:2e:32:4d:45:
50:99:cf:50:fc:59:55:e0:4e:32:76:80:ba:19:e5:c4:d1:c9:
14:71:6b:0e:6d:b3:72:cd:3a:d3:86:8f:42:8c:07:20:9b:a9:
d2:dc:16:f3:40:3b:b5:1b:d5:f2:12:a3:b3:11:02:f2:87:03:
9d:c3:d5:9f:8e:1c:fe:db:20:61:ce:37:45:11:b3:7b:d2:bd:
73:41:31:aa:1c:02:b7:48:2c:6e:49:4c:ac:ad:7e:e5:5b:2a:
2d:4f:9b:2f:3a:87:68:9a:36:ed:96:99:4d:d7:8d:cc:31:a3:
e1:92:37:db:64:a4:ad:34:c2:c4:0a:57:43:e3:5c:de:1f:eb:
9f:23:9c:e0
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKZYoTn5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMWRkMzNlMzkx
Mzc2YzA1NmYzYjI0OTZiNGI0YzY1MGZlODgxY2I4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA00G6/wX3W1roSgeZtdPRfpCWHZSl4zXGmSWquSvQImNl
hhy5W72xoTFEQbJLRvCIENSin1qUisNzTNhs7d8lDs7oyWM80HTbooj0l5OWyS70
iQb2HSPi0AM43GpjKsfMegZqhE3ZUFd3p3C2wcktmCo1zV/d6Zra/05Nps8q6PAw
jrcYsg2QQ5LymlxHkaysM5v/oxOGkoW7L5DVdR8agpqEKz43Wvs7gGG35bL3SIrq
RKtp9VQJKB+HUeIC7FICwTSJGGRoIcGItSHyEHwc9QUEnO6yEIgr2hALJKNz5TfM
qzGTRSDAxsmcJsoUlqSMjj1MP3+JrkmLCktHjQdJmwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFKHdM+ORN2wFbzsklrS0xlD+iBy4MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkL2I2NGNkMy1iZGY5LTRmMzkt
OTM5My1lMWM0NDgxNzBlZmEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvYjY0Y2QzLWJkZjktNGYzOS05
MzkzLWUxYzQ0ODE3MGVmYS8xL29kMHo0NUUzYkFWdk95U1d0TFRHVVA2SUhMZy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCX9agMA0GCSqGSIb3DQEBCwUAA4IBAQAJ0nOEAy29QKJry3R6YTE4
ATq+4lyv6MLUhuE/9mrchDWkyq89d6l50pqdbbsl94MYkgXogDiJb71bBEXn4hSf
k8Caq4y4pny0z3VYPxP9YRRhmvGXsVEthygKHC2j17DZ3C+FHLy+EYx4uazR3dSk
eW/8hQrPe7irMS4yTUVQmc9Q/FlV4E4ydoC6GeXE0ckUcWsObbNyzTrTho9CjAcg
m6nS3BbzQDu1G9XyEqOzEQLyhwOdw9Wfjhz+2yBhzjdFEbN70r1zQTGqHAK3SCxu
SUysrX7lWyotT5svOodomjbtlplN143MMaPhkjfbZKStNMLECldD41zeH+ufI5zg
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:12 2023 by rpki-client on console.sobornost.net