Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.cer
File: 9SGnQJ7Ukuqnr6cAffxZQjtYgpw.cer (raw, json)
Hash identifier: fX/b34HfT+X+CGl2QxrdeYIFmj7oyyVqdi+Zp7yHScE=
Subject key identifier: F5:21:A7:40:9E:D4:92:EA:A7:AF:A7:00:7D:FC:59:42:3B:58:82:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7ABDFF199
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:03:50 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.57.84.0/22
IP: 193.57.132.0/22
IP: 194.4.0.0/21
IP: 194.4.10.0 -- 194.4.13.255
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720143118745 (0xa7abdff199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f521a7409ed492eaa7afa7007dfc59423b58829c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:02:8d:15:d7:98:83:2b:55:b7:34:dd:99:17:
9c:22:af:11:c6:31:44:b3:cf:db:fc:0a:d5:ae:e1:
61:c9:89:11:b1:a9:20:52:d7:94:b8:25:3e:cc:1d:
b3:1d:5c:07:ae:ee:f6:39:8a:44:b6:35:28:10:be:
7e:83:50:22:11:dd:e2:98:90:d9:be:f8:b2:ce:be:
75:e2:85:4b:9f:b4:b7:a8:0c:77:8c:6c:8a:5d:4c:
70:fe:f8:74:b2:50:6a:a5:6f:9d:5a:f6:d3:48:86:
23:da:cb:1d:0c:bf:cb:6f:a8:e7:7d:a4:ba:8d:91:
7e:df:85:41:9a:80:9b:2b:ec:1d:09:6e:92:f8:3d:
e1:5b:6e:1f:2b:d6:cf:85:13:6b:cf:29:18:c4:96:
7a:ab:e4:16:5e:11:44:15:3b:18:bb:83:d7:4f:a6:
81:3e:8b:6d:4d:63:1d:f3:36:c7:95:2d:3c:e3:43:
a3:b3:2e:68:6b:cd:72:e0:ed:99:c1:43:87:a7:72:
70:94:43:f4:45:f5:08:15:c6:e7:13:f4:e3:52:54:
05:a1:25:86:e3:34:d0:31:d1:30:2e:83:e8:5c:46:
56:95:da:10:77:29:9a:6e:74:2e:a2:de:1c:5f:4c:
eb:4a:63:a6:e6:71:e2:e4:09:3d:c2:7f:db:7e:45:
39:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:21:A7:40:9E:D4:92:EA:A7:AF:A7:00:7D:FC:59:42:3B:58:82:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6f4855-c1e4-4499-a077-1acbfc4965c4/1/9SGnQJ7Ukuqnr6cAffxZQjtYgpw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.84.0/22
193.57.132.0/22
194.4.0.0/21
194.4.10.0-194.4.13.255
Signature Algorithm: sha256WithRSAEncryption
54:0a:15:4d:8e:af:82:fb:9e:1b:dc:b2:14:da:b9:50:70:5d:
fc:25:87:61:50:75:c8:d7:9e:b2:2f:ad:a5:70:f4:b5:49:d3:
c5:12:74:9d:0b:92:42:8f:3a:08:b5:30:78:08:f2:cf:ae:b6:
bc:04:68:0d:ee:1a:7e:fd:12:23:56:57:30:85:a9:1f:f3:33:
54:b4:ca:31:1c:ac:a6:b5:c1:04:d5:e1:a0:a6:67:4d:14:63:
e7:2a:9f:29:b4:28:40:4b:f2:d3:fc:39:d0:ff:a0:d5:0e:02:
e6:fb:5d:92:f6:4a:b8:51:a2:4a:8a:10:24:b2:d1:ea:1c:1f:
11:12:a6:55:27:c9:bd:2a:df:22:c1:6c:0b:63:3f:27:78:a7:
ee:79:33:28:84:e8:12:e6:2a:53:6b:f9:f7:14:c2:23:51:fa:
f4:f6:e0:bf:ff:ca:63:15:1b:dd:f3:7e:1b:85:d1:57:d0:de:
9b:55:ec:f5:74:d8:1f:e2:26:7b:70:ef:cb:7b:a2:aa:c1:71:
7a:35:7a:01:45:90:49:e1:3e:36:ab:ef:b1:87:c1:d1:4e:6d:
37:19:97:ad:9d:e7:19:e0:a4:c1:36:34:fa:86:ba:5a:19:1b:
0b:7d:ee:d0:f8:e4:be:84:4a:9a:5d:b4:8b:7d:62:a8:f5:69:
5b:35:b8:f6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgIGAKer3/GZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmNTIxYTc0MDll
ZDQ5MmVhYTdhZmE3MDA3ZGZjNTk0MjNiNTg4MjljMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlAKNFdeYgytVtzTdmRecIq8RxjFEs8/b/ArVruFhyYkR
sakgUteUuCU+zB2zHVwHru72OYpEtjUoEL5+g1AiEd3imJDZvviyzr514oVLn7S3
qAx3jGyKXUxw/vh0slBqpW+dWvbTSIYj2ssdDL/Lb6jnfaS6jZF+34VBmoCbK+wd
CW6S+D3hW24fK9bPhRNrzykYxJZ6q+QWXhFEFTsYu4PXT6aBPottTWMd8zbHlS08
40Ojsy5oa81y4O2ZwUOHp3JwlEP0RfUIFcbnE/TjUlQFoSWG4zTQMdEwLoPoXEZW
ldoQdymabnQuot4cX0zrSmOm5nHi5Ak9wn/bfkU5KwIDAQABo4ICnjCCApowHQYD
VR0OBBYEFPUhp0Ce1JLqp6+nAH38WUI7WIKcMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzZmNDg1NS1jMWU0LTQ0OTkt
YTA3Ny0xYWNiZmM0OTY1YzQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvNmY0ODU1LWMxZTQtNDQ5OS1h
MDc3LTFhY2JmYzQ5NjVjNC8xLzlTR25RSjdVa3VxbnI2Y0FmZnhaUWp0WWdwdy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAm
BAIAATAgAwQCwTlUAwQCwTmEAwQDwgQAMAwDBAHCBAoDBAHCBAwwDQYJKoZIhvcN
AQELBQADggEBAFQKFU2Or4L7nhvcshTauVBwXfwlh2FQdcjXnrIvraVw9LVJ08US
dJ0LkkKPOgi1MHgI8s+utrwEaA3uGn79EiNWVzCFqR/zM1S0yjEcrKa1wQTV4aCm
Z00UY+cqnym0KEBL8tP8OdD/oNUOAub7XZL2SrhRokqKECSy0eocHxESplUnyb0q
3yLBbAtjPyd4p+55MyiE6BLmKlNr+fcUwiNR+vT24L//ymMVG93zfhuF0VfQ3ptV
7PV02B/iJntw78t7oqrBcXo1egFFkEnhPjar77GHwdFObTcZl62d5xngpME2NPqG
uloZGwt97tD45L6ESppdtIt9Yqj1aVs1uPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:30 2024 by rpki-client on console-fra.rpki-client.org