Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-iBKzSm-7ioyvx2satW9AHmDjyU.cer
File: 1-iBKzSm-7ioyvx2satW9AHmDjyU.cer (raw, json)
Hash identifier: CzH9xpotc+MhzSiC/7meQ76cDYwGM/zQDuZBvQPdCWQ=
Subject key identifier: FA:20:4A:CD:29:BE:EE:2A:32:BF:1D:AC:6A:D5:BD:00:79:83:8F:25
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01849A606EB2A19CAEE7E3B51078D9E69593
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/6aae5a-74aa-41cb-9d58-3c5a4307ac47/1/1-iBKzSm-7ioyvx2satW9AHmDjyU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/6aae5a-74aa-41cb-9d58-3c5a4307ac47/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 21 Nov 2022 13:28:41 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.234.234.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:60:6e:b2:a1:9c:ae:e7:e3:b5:10:78:d9:e6:95:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 21 13:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa204acd29beee2a32bf1dac6ad5bd0079838f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:93:3b:30:97:a5:0d:1f:14:01:93:49:8b:da:
76:9c:58:3e:4c:11:bb:16:4e:dc:7b:f5:b2:b8:96:
54:51:e7:33:2d:18:b2:e7:ac:d8:e5:8e:14:e1:5c:
7d:da:86:95:ac:3d:38:7d:0c:a6:38:cf:d8:02:95:
7d:87:1a:72:6b:dc:6d:33:6a:29:ff:23:32:07:d5:
d2:00:4a:4b:b8:a4:bd:5b:c8:b1:64:fe:a4:b3:fe:
88:1b:50:a2:49:e6:dc:d4:ee:29:84:52:6d:b3:68:
f0:42:e9:ae:30:e6:2a:1a:76:7e:1f:86:9a:ef:f6:
2d:58:92:b0:e8:b9:bc:64:ba:0a:51:2f:76:a6:1c:
14:6e:66:0a:a5:ac:93:1b:39:b8:f4:57:55:7d:66:
23:f1:4c:2e:51:25:a9:50:48:40:9a:87:00:0e:c2:
6f:ea:86:fd:62:84:b5:2d:fe:3b:be:55:ae:4a:d9:
09:d7:81:42:93:83:cc:b3:35:52:72:f8:ee:6b:38:
5e:4b:3d:dc:89:4a:a4:dd:96:9b:cb:c7:3a:70:52:
2c:f4:eb:24:ff:79:51:81:39:16:4f:4d:8a:25:de:
3d:85:b4:7d:33:bd:2c:24:16:39:30:1c:d1:13:56:
34:ea:99:ba:21:8c:46:cf:4e:a4:8c:32:8a:b7:fc:
d7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:20:4A:CD:29:BE:EE:2A:32:BF:1D:AC:6A:D5:BD:00:79:83:8F:25
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/6aae5a-74aa-41cb-9d58-3c5a4307ac47/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/6aae5a-74aa-41cb-9d58-3c5a4307ac47/1/1-iBKzSm-7ioyvx2satW9AHmDjyU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.234.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:5f:f1:a1:63:ba:2e:6a:50:b5:d6:b8:b6:2f:e0:c6:d3:d0:
3a:be:46:ec:e8:d7:e1:a7:60:47:b4:ed:85:5d:7b:25:74:66:
92:1d:0a:a6:36:74:53:96:f4:d0:d2:a9:48:99:6b:05:03:ee:
8a:a2:c7:4e:19:ba:7b:95:98:4c:7a:3b:36:f2:65:ea:9f:54:
43:62:8e:a5:55:ec:e9:e4:64:5c:ba:30:3f:56:c8:67:98:8f:
81:86:59:ad:31:a4:f6:96:92:82:e3:be:e4:cb:93:18:a9:cd:
b7:3b:99:f8:6e:a9:3a:0c:e0:b4:76:5b:03:85:5a:3b:df:c6:
d0:32:aa:97:39:ee:a5:c1:68:77:72:a5:a2:41:59:63:f8:0c:
31:66:c2:95:6e:cd:3a:22:1d:d7:6d:fa:c2:39:fc:d0:87:cf:
b9:38:20:fb:18:24:6f:c5:d4:c3:9d:db:5a:b1:49:e9:7e:7d:
ed:80:08:34:58:97:6a:1a:4a:74:d6:57:04:ae:b6:50:8b:73:
3b:00:a0:b0:a3:61:b5:f9:04:46:14:54:81:c0:b6:9f:03:c0:
8e:bd:46:7b:40:ec:37:94:fe:d2:3b:42:cb:62:d1:39:48:98:
db:0c:99:0f:d3:e3:57:2e:92:40:52:5b:44:10:b1:80:7e:58:
13:14:9a:89
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYSaYG6yoZyu5+O1EHjZ5pWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIxMTIxMTMyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIwNGFjZDI5YmVlZTJhMzJiZjFkYWM2YWQ1YmQwMDc5ODM4ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZM7MJelDR8UAZNJi9p2nFg+TBG7
Fk7ce/WyuJZUUeczLRiy56zY5Y4U4Vx92oaVrD04fQymOM/YApV9hxpya9xtM2op
/yMyB9XSAEpLuKS9W8ixZP6ks/6IG1CiSebc1O4phFJts2jwQumuMOYqGnZ+H4aa
7/YtWJKw6Lm8ZLoKUS92phwUbmYKpayTGzm49FdVfWYj8UwuUSWpUEhAmocADsJv
6ob9YoS1Lf47vlWuStkJ14FCk4PMszVScvjuazheSz3ciUqk3Zaby8c6cFIs9Osk
/3lRgTkWT02KJd49hbR9M70sJBY5MBzRE1Y06pm6IYxGz06kjDKKt/zXywIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPogSs0pvu4qMr8drGrVvQB5g48lMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzLzZhYWU1
YS03NGFhLTQxY2ItOWQ1OC0zYzVhNDMwN2FjNDcvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvNmFhZTVh
LTc0YWEtNDFjYi05ZDU4LTNjNWE0MzA3YWM0Ny8xLzEtaUJLelNtLTdpb3l2eDJz
YXRXOUFIbURqeVUubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvq6jANBgkqhkiG9w0BAQsFAAOCAQEArV/x
oWO6LmpQtda4ti/gxtPQOr5G7OjX4adgR7TthV17JXRmkh0KpjZ0U5b00NKpSJlr
BQPuiqLHThm6e5WYTHo7NvJl6p9UQ2KOpVXs6eRkXLowP1bIZ5iPgYZZrTGk9paS
guO+5MuTGKnNtzuZ+G6pOgzgtHZbA4VaO9/G0DKqlznupcFod3KlokFZY/gMMWbC
lW7NOiId1236wjn80IfPuTgg+xgkb8XUw53bWrFJ6X597YAINFiXahpKdNZXBK62
UItzOwCgsKNhtfkERhRUgcC2nwPAjr1Ge0DsN5T+0jtCy2LROUiY2wyZD9PjVy6S
QFJbRBCxgH5YExSaiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:43 2024 by rpki-client on console-ams.rpki-client.org