Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6mbhlKlb6TmfahVgzVxgC9xQ5ck.cer
File: 6mbhlKlb6TmfahVgzVxgC9xQ5ck.cer (raw, json)
Hash identifier: 166HYe4TzyvUXLrBNHx0zDp7WXsAivWXov9zfjQlu2A=
Subject key identifier: EA:66:E1:94:A9:5B:E9:39:9F:6A:15:60:CD:5C:60:0B:DC:50:E5:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AC3F449D32
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7d/a72549-df5b-4659-adb1-a3e98f7c7802/1/6mbhlKlb6TmfahVgzVxgC9xQ5ck.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7d/a72549-df5b-4659-adb1-a3e98f7c7802/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 24 Jan 2022 15:48:47 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 61357
AS: 204789
IP: 2a07:7ac0::/29
IP: 2a0c:6d80::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 739795836210 (0xac3f449d32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 24 15:48:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea66e194a95be9399f6a1560cd5c600bdc50e5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3f:57:eb:59:16:3c:81:d8:80:47:a7:b0:11:
1e:0a:14:a0:2d:0b:07:aa:38:3d:54:ce:37:dc:2b:
0c:61:7d:87:f2:f1:75:a6:66:84:ff:7a:33:d9:d0:
a3:e6:b9:13:ce:37:3f:59:1b:c5:62:a0:b0:88:11:
d1:48:30:59:5f:ae:db:4f:01:fc:da:16:40:71:97:
50:e1:12:a6:83:54:01:37:eb:3d:ab:3b:b7:ea:c8:
59:00:b8:40:1f:de:c5:58:df:ea:75:13:d7:0a:2a:
ef:b2:be:9b:92:6b:88:23:5e:55:fa:99:b5:31:e2:
f9:41:3c:0c:7e:aa:9d:4c:8c:97:11:75:13:26:b7:
37:a9:d9:ab:2c:a4:51:94:db:15:9d:70:8d:64:d3:
7a:89:c6:36:a7:2e:7a:f4:82:8f:48:d9:e5:37:29:
e8:c2:0c:11:79:99:aa:6c:50:14:95:d2:f0:52:7b:
4e:1a:9d:64:f5:b5:57:1d:fc:4e:94:f2:96:58:45:
89:35:04:50:80:11:89:d0:2b:9c:d1:ff:e5:af:75:
7d:36:92:11:4a:17:e4:07:ee:97:51:82:1d:21:47:
9d:15:c9:37:f5:b7:70:4a:59:2e:da:12:e0:7c:49:
fe:ed:8c:de:d7:8b:55:fa:f3:7b:ac:8d:e4:1b:fe:
bc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:66:E1:94:A9:5B:E9:39:9F:6A:15:60:CD:5C:60:0B:DC:50:E5:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a72549-df5b-4659-adb1-a3e98f7c7802/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a72549-df5b-4659-adb1-a3e98f7c7802/1/6mbhlKlb6TmfahVgzVxgC9xQ5ck.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7ac0::/29
2a0c:6d80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61357
204789
Signature Algorithm: sha256WithRSAEncryption
25:df:12:21:3d:37:be:05:82:42:a2:34:d1:d7:bc:cc:f0:9b:
5d:61:54:b5:66:d9:91:9a:28:c6:3d:85:4b:39:f3:a6:f1:95:
4a:d9:6e:92:6c:0e:16:9a:90:58:ef:5d:79:33:ab:59:8f:bf:
d1:3e:91:80:18:fb:c4:39:a0:a4:96:53:d0:8a:85:04:3e:39:
93:d8:e8:fc:37:55:0d:56:79:72:c4:84:bf:40:1e:24:6a:a7:
0c:14:92:09:fb:55:1a:e3:2b:b5:64:6d:b7:ed:12:03:b3:31:
92:f7:c9:17:2f:79:10:b0:08:ac:0b:09:93:88:86:54:e8:59:
2a:74:57:1e:f1:bc:a2:ef:1c:7d:5a:89:95:22:c4:5d:68:66:
33:b9:e2:b5:44:56:b9:45:a3:55:65:29:bf:97:7b:94:1c:e2:
0e:5e:68:bc:df:b1:1f:53:62:56:19:03:ca:48:2c:e2:62:a9:
e2:58:6e:d1:cf:da:4b:5a:c6:d8:5c:1b:d1:7a:f1:5a:37:c7:
a7:58:fc:c9:00:f7:4b:81:fe:ea:a2:fb:a3:97:21:fc:6e:2f:
9a:ff:ff:79:a8:25:d4:ef:e9:df:ad:39:3f:2e:2b:be:c3:de:
f6:33:58:6b:20:11:53:e6:fa:72:a9:4e:92:3c:22:f3:6a:f9:
ac:18:ac:af
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIGAKw/RJ0yMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTI0MTU0ODQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlYTY2ZTE5NGE5
NWJlOTM5OWY2YTE1NjBjZDVjNjAwYmRjNTBlNWM5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAvD9X61kWPIHYgEensBEeChSgLQsHqjg9VM433CsMYX2H
8vF1pmaE/3oz2dCj5rkTzjc/WRvFYqCwiBHRSDBZX67bTwH82hZAcZdQ4RKmg1QB
N+s9qzu36shZALhAH97FWN/qdRPXCirvsr6bkmuII15V+pm1MeL5QTwMfqqdTIyX
EXUTJrc3qdmrLKRRlNsVnXCNZNN6icY2py569IKPSNnlNynowgwReZmqbFAUldLw
UntOGp1k9bVXHfxOlPKWWEWJNQRQgBGJ0Cuc0f/lr3V9NpIRShfkB+6XUYIdIUed
Fck39bdwSlku2hLgfEn+7Yze14tV+vN7rI3kG/68DQIDAQABo4ICrTCCAqkwHQYD
VR0OBBYEFOpm4ZSpW+k5n2oVYM1cYAvcUOXJMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdkL2E3MjU0OS1kZjViLTQ2NTkt
YWRiMS1hM2U5OGY3Yzc4MDIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvYTcyNTQ5LWRmNWItNDY1OS1h
ZGIxLWEzZTk4ZjdjNzgwMi8xLzZtYmhsS2xiNlRtZmFoVmd6VnhnQzl4UTVjay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAU
BAIAAjAOAwUDKgd6wAMFAyoMbYAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAO+t
AgMDH/UwDQYJKoZIhvcNAQELBQADggEBACXfEiE9N74FgkKiNNHXvMzwm11hVLVm
2ZGaKMY9hUs586bxlUrZbpJsDhaakFjvXXkzq1mPv9E+kYAY+8Q5oKSWU9CKhQQ+
OZPY6Pw3VQ1WeXLEhL9AHiRqpwwUkgn7VRrjK7VkbbftEgOzMZL3yRcveRCwCKwL
CZOIhlToWSp0Vx7xvKLvHH1aiZUixF1oZjO54rVEVrlFo1VlKb+Xe5Qc4g5eaLzf
sR9TYlYZA8pILOJiqeJYbtHP2ktaxthcG9F68Vo3x6dY/MkA90uB/uqi+6OXIfxu
L5r//3moJdTv6d+tOT8uK77D3vYzWGsgEVPm+nKpTpI8IvNq+awYrK8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:41 2023 by rpki-client on console-fra.rpki-client.org