Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4q1ZuqyTurjkk8HeRx-LNvf4Jsw.cer
File: 4q1ZuqyTurjkk8HeRx-LNvf4Jsw.cer (raw, json)
Hash identifier: bHRJtJ0gsAHXkSPPdc1zUMm8r7yORefeneXz6KXpuCM=
Subject key identifier: E2:AD:59:BA:AC:93:BA:B8:E4:93:C1:DE:47:1F:8B:36:F7:F8:26:CC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856DF7A59FF1510CDE73A80C225BFCE35B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/d054e0-a5a9-4950-b07f-f6b5e9bb078c/1/4q1ZuqyTurjkk8HeRx-LNvf4Jsw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/d054e0-a5a9-4950-b07f-f6b5e9bb078c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 15:33:44 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 52073
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:f7:a5:9f:f1:51:0c:de:73:a8:0c:22:5b:fc:e3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:33:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2ad59baac93bab8e493c1de471f8b36f7f826cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:fd:ec:73:52:f4:a5:06:f1:0b:83:a6:de:
98:03:3f:d0:f7:20:0e:e3:51:5a:df:e8:a2:90:cb:
bd:c5:6b:58:b2:58:69:93:b4:ce:93:cf:37:37:63:
4f:22:ed:75:01:4f:a4:4e:4b:17:0f:ba:2a:46:45:
4e:3c:5c:d8:af:38:ca:5e:e8:04:2e:3a:ab:34:01:
ba:bd:69:67:05:96:4d:a3:52:05:f3:42:1b:7d:2a:
40:1e:e1:c2:4f:6a:0f:64:c6:58:7a:ec:5d:43:6d:
06:d3:25:0f:e6:eb:51:58:d1:cb:fd:24:55:a9:fe:
d2:07:4d:18:e9:9f:25:4d:68:9c:28:35:58:bf:92:
cf:60:66:ce:57:3d:b9:d3:a0:c6:8c:f0:41:d8:bd:
2e:71:fa:aa:83:e2:fa:29:5f:84:0d:ac:b0:e7:9b:
56:1b:88:7d:36:e9:f8:9d:3f:c2:31:14:29:bf:eb:
10:ca:91:ef:4b:24:93:db:37:cf:b8:10:1d:52:5d:
c8:d3:b9:b9:dc:76:40:07:90:0b:80:2e:15:5a:78:
b8:21:c0:06:47:23:84:a9:64:bc:c2:b8:1c:3e:f3:
a7:71:b3:1d:8a:60:1c:26:7d:4b:c3:52:3a:67:c7:
f8:c5:c6:17:cc:18:3c:49:fa:8a:6c:58:24:d8:01:
59:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AD:59:BA:AC:93:BA:B8:E4:93:C1:DE:47:1F:8B:36:F7:F8:26:CC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d054e0-a5a9-4950-b07f-f6b5e9bb078c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d054e0-a5a9-4950-b07f-f6b5e9bb078c/1/4q1ZuqyTurjkk8HeRx-LNvf4Jsw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
52073
Signature Algorithm: sha256WithRSAEncryption
a2:11:9d:2d:f7:31:14:a6:6c:d6:b7:ce:55:09:73:a3:2b:a6:
4b:c4:02:3a:e0:b2:5d:68:8b:e5:32:87:62:70:81:a2:07:28:
27:75:74:4b:f5:bc:32:cf:df:7c:c4:66:de:35:37:4e:11:5a:
8d:05:de:2f:d9:38:f9:ba:ad:ff:c0:71:ed:fa:cc:4b:9c:a5:
af:19:7e:b2:50:8b:19:a3:ce:4d:4c:98:d8:bd:b5:79:83:ec:
24:8d:e3:34:e3:8f:9d:cc:5b:5e:82:62:cf:e4:72:76:5e:b8:
5e:21:ed:8c:0f:59:3f:3f:65:9e:be:67:4a:98:c0:83:2a:28:
9c:f2:7c:6e:8b:a6:59:b3:5b:9a:71:74:2c:d5:72:ca:11:0d:
47:92:9f:e7:de:e0:3c:7a:46:a9:39:8e:16:5b:ff:22:36:8e:
2f:ee:f6:04:88:c5:f3:82:82:48:81:3c:b5:40:7b:9a:50:f1:
67:94:81:c1:ba:b1:46:96:e8:2d:ec:6b:2a:a6:b4:d0:f0:83:
f8:39:c1:2b:15:4e:c6:49:ff:6f:50:f0:bb:f4:27:36:77:f1:
06:55:bf:0d:87:01:b4:98:2b:d6:e9:25:9d:96:8d:50:a1:a7:
b9:24:9e:f3:c6:ca:dd:20:cc:40:48:ed:35:15:01:38:14:bd:
e7:e0:03:2a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYVt96Wf8VEM3nOoDCJb/ONbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFkNTliYWFjOTNiYWI4ZTQ5M2MxZGU0NzFmOGIzNmY3ZjgyNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLn97HNS9KUG8QuDpt6YAz/Q9yAO
41Fa3+iikMu9xWtYslhpk7TOk883N2NPIu11AU+kTksXD7oqRkVOPFzYrzjKXugE
LjqrNAG6vWlnBZZNo1IF80IbfSpAHuHCT2oPZMZYeuxdQ20G0yUP5utRWNHL/SRV
qf7SB00Y6Z8lTWicKDVYv5LPYGbOVz2506DGjPBB2L0ucfqqg+L6KV+EDayw55tW
G4h9Nun4nT/CMRQpv+sQypHvSyST2zfPuBAdUl3I07m53HZAB5ALgC4VWni4IcAG
RyOEqWS8wrgcPvOncbMdimAcJn1Lw1I6Z8f4xcYXzBg8SfqKbFgk2AFZjwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFOKtWbqsk7q45JPB3kcfizb3+CbMMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxL2QwNTRl
MC1hNWE5LTQ5NTAtYjA3Zi1mNmI1ZTliYjA3OGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvZDA1NGUw
LWE1YTktNDk1MC1iMDdmLWY2YjVlOWJiMDc4Yy8xLzRxMVp1cXlUdXJqa2s4SGVS
eC1MTnZmNEpzdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDLaTANBgkqhkiG9w0BAQsFAAOCAQEAohGdLfcxFKZs
1rfOVQlzoyumS8QCOuCyXWiL5TKHYnCBogcoJ3V0S/W8Ms/ffMRm3jU3ThFajQXe
L9k4+bqt/8Bx7frMS5ylrxl+slCLGaPOTUyY2L21eYPsJI3jNOOPncxbXoJiz+Ry
dl64XiHtjA9ZPz9lnr5nSpjAgyoonPJ8boumWbNbmnF0LNVyyhENR5Kf597gPHpG
qTmOFlv/IjaOL+72BIjF84KCSIE8tUB7mlDxZ5SBwbqxRpboLexrKqa00PCD+DnB
KxVOxkn/b1Dwu/QnNnfxBlW/DYcBtJgr1uklnZaNUKGnuSSe88bK3SDMQEjtNRUB
OBS95+ADKg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:29:37 2025 by rpki-client