Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/D1nzgmI0aADT5W4k3uLvn81cL2g.cer
File: D1nzgmI0aADT5W4k3uLvn81cL2g.cer (raw, json)
Hash identifier: jqJTp0sEh9LXwv8nQEyBHEwdf4rgftapNF4d1zvODgc=
Subject key identifier: 0F:59:F3:82:62:34:68:00:D3:E5:6E:24:DE:E2:EF:9F:CD:5C:2F:68
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A554B319F3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a4/ac93b4-028a-4529-8c62-a24439173a8e/1/D1nzgmI0aADT5W4k3uLvn81cL2g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a4/ac93b4-028a-4529-8c62-a24439173a8e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:00:44 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 20505
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 710090627571 (0xa554b319f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f59f38262346800d3e56e24dee2ef9fcd5c2f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5e:fc:f7:15:6e:26:f9:f2:76:54:5b:38:f4:
66:eb:fd:58:32:be:0b:02:7a:c0:a1:36:13:d7:ef:
01:53:c6:9e:7a:ec:c9:e0:1a:8b:7a:1a:a2:55:e2:
7d:e8:20:7d:d2:2c:f5:d7:91:d3:92:c9:4e:a1:79:
41:1d:48:fd:a7:b0:d7:22:4e:ef:8e:9c:ca:ab:42:
cb:8b:96:63:57:6c:50:ea:4f:35:40:70:87:be:78:
a7:af:5c:7f:cf:26:09:98:4a:6c:34:e8:25:95:db:
6f:6a:c8:97:cb:79:89:65:b4:21:f2:8e:2f:ea:f3:
24:f4:85:c1:cb:49:dc:57:ba:b7:df:fb:49:4c:85:
0f:29:6d:87:8c:74:ef:6f:76:eb:47:5d:43:72:a6:
82:e3:11:c6:8a:87:be:58:ac:26:00:7a:cb:7d:16:
27:1b:d4:03:70:e3:a0:d5:de:55:f6:74:e7:f3:fa:
d4:dc:df:5d:02:98:9d:49:16:f5:9c:21:15:fd:6b:
66:7d:0c:59:a3:75:9b:70:d6:8f:83:33:67:d3:bf:
5b:69:c7:e8:03:fe:8b:bb:c7:09:20:44:f9:13:9b:
39:63:76:c3:92:ec:79:7e:34:61:ad:aa:fe:f4:0d:
30:1f:5d:26:29:26:26:d8:50:bd:64:95:4c:52:ce:
ed:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:59:F3:82:62:34:68:00:D3:E5:6E:24:DE:E2:EF:9F:CD:5C:2F:68
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ac93b4-028a-4529-8c62-a24439173a8e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ac93b4-028a-4529-8c62-a24439173a8e/1/D1nzgmI0aADT5W4k3uLvn81cL2g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20505
Signature Algorithm: sha256WithRSAEncryption
99:5e:5e:8e:18:7f:b8:bc:52:44:3d:22:ff:6c:f4:c9:bc:ea:
75:bc:1a:c1:f0:2e:34:64:f6:d9:14:39:50:ae:85:ec:3b:3b:
0e:f8:43:c3:e9:c5:34:41:56:04:07:5b:23:e0:23:c1:19:60:
72:48:48:cb:1d:c3:41:dc:a0:84:19:29:d1:f1:2c:29:6d:c1:
fb:ff:1e:17:e1:cc:12:11:56:9f:35:bf:ce:a7:fb:7e:e6:2d:
a8:52:82:6f:72:fd:a9:7f:5f:9a:ce:c0:38:1d:7b:70:88:41:
e6:9a:73:2e:c2:15:b0:06:da:05:87:29:70:6d:55:68:20:e4:
0a:af:af:5e:c0:1e:17:ea:a9:03:a5:c7:ad:87:33:05:58:f0:
5d:93:bf:ed:09:fe:67:e1:4f:18:35:0f:41:43:df:88:f2:e6:
5d:33:c5:35:bb:fe:66:3b:c8:95:4c:49:ae:cc:9e:2b:2e:c0:
31:3f:ed:40:f1:d2:3e:dd:c0:bb:cb:d7:dd:8d:69:38:fc:8a:
71:8b:a6:b4:27:40:62:8a:f3:0a:7e:33:cd:c8:33:0b:a8:96:
40:9a:50:b4:2e:d5:53:37:1a:11:51:6d:25:34:ec:0d:ee:b2:
06:7e:16:1a:a6:48:2d:60:04:c8:95:77:97:8e:90:b6:a1:1e:
9a:0d:ae:b6
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgIGAKVUsxnzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTEwMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZjU5ZjM4MjYy
MzQ2ODAwZDNlNTZlMjRkZWUyZWY5ZmNkNWMyZjY4MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAsl789xVuJvnydlRbOPRm6/1YMr4LAnrAoTYT1+8BU8ae
euzJ4BqLehqiVeJ96CB90iz115HTkslOoXlBHUj9p7DXIk7vjpzKq0LLi5ZjV2xQ
6k81QHCHvninr1x/zyYJmEpsNOglldtvasiXy3mJZbQh8o4v6vMk9IXBy0ncV7q3
3/tJTIUPKW2HjHTvb3brR11DcqaC4xHGioe+WKwmAHrLfRYnG9QDcOOg1d5V9nTn
8/rU3N9dApidSRb1nCEV/WtmfQxZo3WbcNaPgzNn079bacfoA/6Lu8cJIET5E5s5
Y3bDkux5fjRhrar+9A0wH10mKSYm2FC9ZJVMUs7tZwIDAQABo4ICfjCCAnowHQYD
VR0OBBYEFA9Z84JiNGgA0+VuJN7i75/NXC9oMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E0L2FjOTNiNC0wMjhhLTQ1Mjkt
OGM2Mi1hMjQ0MzkxNzNhOGUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQvYWM5M2I0LTAyOGEtNDUyOS04
YzYyLWEyNDQzOTE3M2E4ZS8xL0QxbnpnbUkwYUFEVDVXNGszdUx2bjgxY0wyZy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBkGCCsGAQUFBwEIAQH/BAowCKAG
MAQCAlAZMA0GCSqGSIb3DQEBCwUAA4IBAQCZXl6OGH+4vFJEPSL/bPTJvOp1vBrB
8C40ZPbZFDlQroXsOzsO+EPD6cU0QVYEB1sj4CPBGWBySEjLHcNB3KCEGSnR8Swp
bcH7/x4X4cwSEVafNb/Op/t+5i2oUoJvcv2pf1+azsA4HXtwiEHmmnMuwhWwBtoF
hylwbVVoIOQKr69ewB4X6qkDpcethzMFWPBdk7/tCf5n4U8YNQ9BQ9+I8uZdM8U1
u/5mO8iVTEmuzJ4rLsAxP+1A8dI+3cC7y9fdjWk4/Ipxi6a0J0BiivMKfjPNyDML
qJZAmlC0LtVTNxoRUW0lNOwN7rIGfhYapkgtYATIlXeXjpC2oR6aDa62
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:15 2025 by rpki-client