Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/wKFPVLAdAqc1r-9XIgLdm0FyZGs.cer
File: wKFPVLAdAqc1r-9XIgLdm0FyZGs.cer (raw, json)
Hash identifier: drB8hR3QEUIIxLYcp1OIPGRizINXAd/LW06ZsWuOUcA=
Subject key identifier: C0:A1:4F:54:B0:1D:02:A7:35:AF:EF:57:22:02:DD:9B:41:72:64:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AF9054104D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/e36b96-2003-41b1-9b51-ce20f8786046/1/wKFPVLAdAqc1r-9XIgLdm0FyZGs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/e36b96-2003-41b1-9b51-ce20f8786046/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 04 Apr 2022 12:08:14 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 42279
IP: 194.0.177.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 754040705101 (0xaf9054104d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 4 12:08:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0a14f54b01d02a735afef572202dd9b4172646b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:5f:1e:89:f4:d7:ec:5f:ec:01:a3:88:79:
fb:af:fa:72:f1:2d:f6:49:a4:c7:a7:29:6c:35:ec:
d2:ae:e4:c4:80:9b:2b:57:97:45:bd:a4:a1:a8:fb:
e4:21:87:40:cc:d0:c6:c8:2c:bb:f7:9a:8e:41:79:
29:d3:04:fe:66:a9:38:a1:c1:34:af:6a:b4:c2:70:
74:fb:10:c3:e7:5a:24:99:31:a1:0f:2d:dd:a3:cf:
6c:91:15:5e:19:68:21:a1:97:5a:87:73:27:7c:be:
63:69:4f:8c:fc:40:b3:b0:fe:6e:70:6a:be:66:47:
e0:22:a5:34:dc:96:35:cd:d7:0f:99:c4:42:f1:75:
1c:78:4d:06:fe:8a:db:fc:e4:94:1c:98:1d:4e:1a:
b4:e1:6a:0f:d2:8f:d0:a9:76:dd:c4:d6:9d:5f:ec:
1e:59:86:b8:af:22:fd:b3:f6:9c:e7:3c:5f:7c:51:
2f:1b:47:e7:1c:c7:31:e4:20:52:0e:c7:46:07:17:
9b:ea:a7:46:51:37:a9:89:c1:7b:21:cd:c7:64:d0:
d0:fc:b7:bd:cf:63:ee:ef:cd:d3:0a:01:fd:d8:20:
60:bb:20:26:e7:ad:bb:c2:46:3f:a5:33:d2:0e:14:
d9:bc:8e:93:05:44:fc:b1:4d:d8:6b:6f:f3:a0:99:
94:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A1:4F:54:B0:1D:02:A7:35:AF:EF:57:22:02:DD:9B:41:72:64:6B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e36b96-2003-41b1-9b51-ce20f8786046/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e36b96-2003-41b1-9b51-ce20f8786046/1/wKFPVLAdAqc1r-9XIgLdm0FyZGs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.177.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42279
Signature Algorithm: sha256WithRSAEncryption
4d:b2:04:96:2a:44:68:a6:c7:1c:40:20:7b:27:ca:09:ac:aa:
03:ea:b4:f9:04:b4:7b:11:2d:02:f8:71:83:95:cd:06:42:59:
1e:46:fa:da:59:4f:d5:99:99:55:79:1a:9e:93:10:e3:53:b5:
eb:e6:2d:79:32:f8:17:74:bf:42:7c:ef:24:e8:d8:69:20:eb:
ca:99:41:a2:5f:4c:16:3e:bd:7b:3e:1c:3d:89:90:59:48:e8:
c0:95:8e:8f:84:26:30:b4:8b:a4:83:ff:ef:af:98:f8:15:09:
4d:51:de:c1:30:3b:cd:87:3d:98:16:65:c5:f5:e4:d7:15:77:
9b:41:e5:69:7e:72:bf:fa:69:ca:e3:91:09:09:2c:0e:b5:e1:
62:d1:4e:7f:e0:19:39:73:3f:f3:7e:02:79:ff:4d:ed:af:51:
23:a3:4b:99:47:02:9f:d7:9f:71:a0:25:c0:1b:ad:86:e4:15:
37:20:d4:ca:7e:17:32:1c:df:24:c2:d8:22:8e:37:46:45:6e:
6c:72:c8:4e:97:60:ea:71:94:7f:58:b6:ec:cb:7c:3b:10:32:
6d:94:b0:f2:9b:47:d1:1b:52:a9:a1:bc:07:11:89:c8:d9:c7:
8c:37:8c:97:cb:7f:ad:b1:df:20:0f:a1:1f:54:fc:a4:af:c6:
41:69:b6:d8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAK+QVBBNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NDA0MTIwODE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMGExNGY1NGIw
MWQwMmE3MzVhZmVmNTcyMjAyZGQ5YjQxNzI2NDZiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoe1fHon01+xf7AGjiHn7r/py8S32SaTHpylsNezSruTE
gJsrV5dFvaShqPvkIYdAzNDGyCy795qOQXkp0wT+Zqk4ocE0r2q0wnB0+xDD51ok
mTGhDy3do89skRVeGWghoZdah3MnfL5jaU+M/ECzsP5ucGq+ZkfgIqU03JY1zdcP
mcRC8XUceE0G/orb/OSUHJgdThq04WoP0o/QqXbdxNadX+weWYa4ryL9s/ac5zxf
fFEvG0fnHMcx5CBSDsdGBxeb6qdGUTepicF7Ic3HZNDQ/Le9z2Pu783TCgH92CBg
uyAm5627wkY/pTPSDhTZvI6TBUT8sU3Ya2/zoJmUxQIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFMChT1SwHQKnNa/vVyIC3ZtBcmRrMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0L2UzNmI5Ni0yMDAzLTQxYjEt
OWI1MS1jZTIwZjg3ODYwNDYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvZTM2Yjk2LTIwMDMtNDFiMS05
YjUxLWNlMjBmODc4NjA0Ni8xL3dLRlBWTEFkQXFjMXItOVhJZ0xkbTBGeVpHcy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwgCxMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwClJzANBgkqhkiG
9w0BAQsFAAOCAQEATbIElipEaKbHHEAgeyfKCayqA+q0+QS0exEtAvhxg5XNBkJZ
Hkb62llP1ZmZVXkanpMQ41O16+YteTL4F3S/QnzvJOjYaSDryplBol9MFj69ez4c
PYmQWUjowJWOj4QmMLSLpIP/76+Y+BUJTVHewTA7zYc9mBZlxfXk1xV3m0HlaX5y
v/ppyuORCQksDrXhYtFOf+AZOXM/834Cef9N7a9RI6NLmUcCn9efcaAlwButhuQV
NyDUyn4XMhzfJMLYIo43RkVubHLITpdg6nGUf1i27Mt8OxAybZSw8ptH0RtSqaG8
BxGJyNnHjDeMl8t/rbHfIA+hH1T8pK/GQWm22A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:40 2023 by rpki-client on console.sobornost.net