Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.cer
File: 1-1aGYcwXvMdMjcSUbqWs4pHhPQY.cer (raw, json)
Hash identifier: JkjDm0xgxfUaxETeoAworWis+Eu+EXs+a/r0G4/9z8g=
Subject key identifier: FB:56:86:61:CC:17:BC:C7:4C:8D:C4:94:6E:A5:AC:E2:91:E1:3D:06
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9CD175BD8A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 03:55:25 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.38.44.0/22
IP: 2a0d:6740::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 673529052554 (0x9cd175bd8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb568661cc17bcc74c8dc4946ea5ace291e13d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:67:2d:1c:51:e5:51:18:b2:6f:f5:72:4a:93:
7d:bf:1f:fa:20:44:33:f5:42:a3:75:28:31:72:26:
8f:52:e5:2f:50:bc:d8:eb:cc:cf:c3:b7:35:5f:66:
db:27:51:16:8a:4d:e6:5d:fa:7d:97:c5:77:14:e0:
b4:84:4c:2a:22:0e:b7:31:e9:ca:f6:d5:6b:52:27:
ab:9a:52:8b:2e:7c:f6:65:c8:6f:2b:a2:ad:51:53:
8c:ca:10:5e:73:ea:e5:91:85:34:be:ad:4d:07:be:
57:fc:0f:ab:c5:14:68:d1:2a:06:14:e5:ee:95:32:
fb:99:c0:62:7f:40:0c:a2:dc:b4:e5:33:2f:c6:40:
34:d0:d2:e9:66:4c:0b:32:ac:1f:86:bf:4f:49:c3:
94:e1:7b:37:62:9b:71:13:7c:02:2f:85:dd:4f:c6:
71:e2:40:f3:f4:42:b9:4f:4a:fc:92:53:87:e6:25:
a7:4d:1b:51:be:74:ba:af:77:a8:01:1d:bd:d7:42:
dc:28:20:05:ce:ff:4f:00:94:b5:3f:28:20:37:fb:
cc:7c:21:9c:ed:5d:cf:58:e6:4f:cb:c2:ca:ff:d0:
67:b4:cd:c1:aa:6d:c0:f2:79:5e:2e:55:d8:f8:86:
c4:be:bb:63:bd:f8:32:12:97:51:ee:cd:fd:83:8d:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:56:86:61:CC:17:BC:C7:4C:8D:C4:94:6E:A5:AC:E2:91:E1:3D:06
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/6c8e8d-3023-4cbf-a0fe-5fc96388b662/1/1-1aGYcwXvMdMjcSUbqWs4pHhPQY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.44.0/22
IPv6:
2a0d:6740::/29
Signature Algorithm: sha256WithRSAEncryption
ae:9e:73:41:47:32:5e:f3:76:ee:3c:90:16:9e:24:17:72:b5:
26:97:06:1d:cd:1a:b9:e8:d4:57:83:32:7d:b5:c7:a7:c0:da:
8a:de:bc:a6:ef:b4:fa:2e:8e:d7:21:50:90:7d:33:93:4e:cf:
fb:aa:12:a5:3f:57:17:b7:0b:aa:76:58:22:d4:f3:54:2e:22:
50:6a:b5:67:5c:d5:5b:12:f1:a0:02:71:2d:d3:cf:7e:64:6e:
59:58:86:39:29:e7:9a:57:7e:b7:1f:1f:68:db:c6:91:3e:a1:
72:7d:9c:1a:d8:e9:15:2a:75:51:6c:77:74:a3:e0:50:bf:a0:
2f:42:1a:be:56:0e:f4:ed:13:2a:c4:5c:13:de:6e:8b:b7:6a:
8f:f7:06:d2:04:82:6e:71:4a:1e:ac:37:5d:a1:14:cb:4e:7f:
f0:62:cc:6e:0d:aa:22:49:c0:42:78:4a:63:01:df:ba:ef:ee:
f0:ed:42:74:43:02:52:ca:a9:72:99:01:0f:0d:7c:c7:af:2a:
f3:d5:28:19:ea:05:7b:a3:f6:06:85:c2:b1:cb:71:19:fe:14:
2d:0b:fe:27:b8:bb:53:69:3e:d4:a0:02:85:79:72:bb:c0:d3:
0d:fd:74:15:d9:5f:dc:75:93:dc:2e:92:94:1e:5b:84:23:51:
b6:82:e9:b1
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIGAJzRdb2KMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDM1NTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYjU2ODY2MWNj
MTdiY2M3NGM4ZGM0OTQ2ZWE1YWNlMjkxZTEzZDA2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo2ctHFHlURiyb/VySpN9vx/6IEQz9UKjdSgxciaPUuUv
ULzY68zPw7c1X2bbJ1EWik3mXfp9l8V3FOC0hEwqIg63MenK9tVrUiermlKLLnz2
ZchvK6KtUVOMyhBec+rlkYU0vq1NB75X/A+rxRRo0SoGFOXulTL7mcBif0AMoty0
5TMvxkA00NLpZkwLMqwfhr9PScOU4Xs3YptxE3wCL4XdT8Zx4kDz9EK5T0r8klOH
5iWnTRtRvnS6r3eoAR2910LcKCAFzv9PAJS1PyggN/vMfCGc7V3PWOZPy8LK/9Bn
tM3Bqm3A8nleLlXY+IbEvrtjvfgyEpdR7s39g4254QIDAQABo4IClDCCApAwHQYD
VR0OBBYEFPtWhmHMF7zHTI3ElG6lrOKR4T0GMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzZjOGU4ZC0zMDIzLTRjYmYt
YTBmZS01ZmM5NjM4OGI2NjIvMS8wfQYIKwYBBQUHMAqGcXJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvNmM4ZThkLTMwMjMtNGNiZi1h
MGZlLTVmYzk2Mzg4YjY2Mi8xLzEtMWFHWWN3WHZNZE1qY1NVYnFXczRwSGhQUVku
bWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5uZXQvbm90aWZpY2F0
aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5j
cmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w
DAQCAAEwBgMEAsEmLDANBAIAAjAHAwUDKg1nQDANBgkqhkiG9w0BAQsFAAOCAQEA
rp5zQUcyXvN27jyQFp4kF3K1JpcGHc0auejUV4MyfbXHp8Dait68pu+0+i6O1yFQ
kH0zk07P+6oSpT9XF7cLqnZYItTzVC4iUGq1Z1zVWxLxoAJxLdPPfmRuWViGOSnn
mld+tx8faNvGkT6hcn2cGtjpFSp1UWx3dKPgUL+gL0IavlYO9O0TKsRcE95ui7dq
j/cG0gSCbnFKHqw3XaEUy05/8GLMbg2qIknAQnhKYwHfuu/u8O1CdEMCUsqpcpkB
Dw18x68q89UoGeoFe6P2BoXCsctxGf4ULQv+J7i7U2k+1KAChXlyu8DTDf10Fdlf
3HWT3C6SlB5bhCNRtoLpsQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:08:39 2025 by rpki-client