Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DnuYT7FY-Vs2zbfuiDTfnLQhcIo.cer
File: DnuYT7FY-Vs2zbfuiDTfnLQhcIo.cer (raw, json)
Hash identifier: TnU0yTBzNVTx0vwVT5xUVINRMV/nm7WXT66R8UZ4YFg=
Subject key identifier: 0E:7B:98:4F:B1:58:F9:5B:36:CD:B7:EE:88:34:DF:9C:B4:21:70:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A428E652AE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3f/d33d3a-807d-47c1-b9e8-df15998f9fb6/1/DnuYT7FY-Vs2zbfuiDTfnLQhcIo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3f/d33d3a-807d-47c1-b9e8-df15998f9fb6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:01:46 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 57957
IP: 2001:67c:2800::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705060819630 (0xa428e652ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e7b984fb158f95b36cdb7ee8834df9cb421708a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:a0:a6:76:a7:ba:9f:f0:3e:bd:eb:8b:18:
3e:c7:75:8f:a5:d6:c4:c3:e4:1a:71:b9:5b:b1:02:
f1:f2:28:f3:b0:c2:01:b1:65:32:ef:ed:f6:9d:b5:
df:95:fb:cb:9e:b8:ee:81:d1:66:e7:cf:75:99:0f:
fc:f4:2f:9a:3c:cc:be:cc:f3:10:e3:e1:2b:d5:66:
96:21:c1:a1:6d:3e:71:7b:22:42:16:72:72:48:3c:
29:bb:5a:d5:8c:b2:f8:11:cd:e2:87:5c:c6:3f:e8:
e9:79:c8:e7:86:a3:53:ea:87:8c:95:98:4e:f2:2d:
51:15:4e:42:82:af:9e:2f:23:c5:e8:c6:96:7e:b4:
d4:18:de:82:d9:64:ae:0d:2c:c0:72:5c:62:88:1a:
4a:7e:e4:e2:73:a9:0c:42:c0:9b:69:fd:37:34:29:
93:b4:d3:39:02:0a:ca:34:a6:f7:31:86:23:67:a3:
92:8f:60:3e:4a:7b:0e:1d:31:bd:d7:4e:63:da:b2:
fb:6c:2f:38:1b:41:23:70:97:08:32:2d:22:05:48:
c6:f7:03:23:79:2e:6f:81:e0:5a:cd:db:d3:f3:88:
7a:fc:a3:c8:cf:86:e1:7b:87:0c:53:e9:35:f1:68:
e1:77:99:1e:56:b7:7d:02:d3:a2:18:24:ea:64:8e:
08:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7B:98:4F:B1:58:F9:5B:36:CD:B7:EE:88:34:DF:9C:B4:21:70:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d33d3a-807d-47c1-b9e8-df15998f9fb6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d33d3a-807d-47c1-b9e8-df15998f9fb6/1/DnuYT7FY-Vs2zbfuiDTfnLQhcIo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2800::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57957
Signature Algorithm: sha256WithRSAEncryption
5a:88:e9:1a:5d:89:94:89:17:9a:83:f8:3f:e4:04:56:cc:7a:
60:72:21:71:da:3c:c4:88:f4:cc:84:23:bf:dc:c3:c2:00:6e:
d9:2b:2a:62:ea:06:bb:77:ba:c7:53:40:ab:51:5c:bd:0e:0c:
0e:e7:81:70:4d:f6:e8:13:bb:3c:90:24:e0:44:55:1f:de:cb:
74:33:84:2f:9f:80:aa:d7:bb:9f:06:7c:b4:6a:09:39:1c:31:
fa:a8:e7:1c:9f:58:40:12:51:ac:4a:92:83:1a:ca:56:d0:09:
e8:04:38:05:70:5c:2b:36:b9:99:1a:a3:28:db:aa:23:47:6f:
7a:ff:aa:32:2f:09:e5:dd:8b:21:ab:f5:d2:a6:68:8f:88:28:
40:db:09:30:7f:19:65:75:f0:e3:2b:ea:f5:9f:f6:94:e0:09:
55:f3:e9:ab:69:03:dd:76:65:d7:df:b8:de:79:82:52:c8:36:
92:4d:8d:c6:de:19:28:a4:eb:bf:fa:c4:4b:54:d5:18:c5:86:
39:df:e2:ed:3f:74:6e:d1:01:3e:7c:63:7e:b2:9a:f8:3b:79:
b3:9e:9b:21:82:c9:c0:d3:fc:29:30:41:61:94:df:e5:50:57:
25:4f:0b:e2:fd:f7:b2:42:ff:4d:ab:91:a0:e0:ea:b2:83:f4:
78:fa:e2:95
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIGAKQo5lKuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZTdiOTg0ZmIx
NThmOTViMzZjZGI3ZWU4ODM0ZGY5Y2I0MjE3MDhhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAt2Ogpnanup/wPr3rixg+x3WPpdbEw+QacblbsQLx8ijz
sMIBsWUy7+32nbXflfvLnrjugdFm5891mQ/89C+aPMy+zPMQ4+Er1WaWIcGhbT5x
eyJCFnJySDwpu1rVjLL4Ec3ih1zGP+jpecjnhqNT6oeMlZhO8i1RFU5Cgq+eLyPF
6MaWfrTUGN6C2WSuDSzAclxiiBpKfuTic6kMQsCbaf03NCmTtNM5AgrKNKb3MYYj
Z6OSj2A+SnsOHTG9105j2rL7bC84G0EjcJcIMi0iBUjG9wMjeS5vgeBazdvT84h6
/KPIz4bhe4cMU+k18Wjhd5keVrd9AtOiGCTqZI4IpQIDAQABo4ICozCCAp8wHQYD
VR0OBBYEFA57mE+xWPlbNs237og035y0IXCKMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNmL2QzM2QzYS04MDdkLTQ3YzEt
YjllOC1kZjE1OTk4ZjlmYjYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvZDMzZDNhLTgwN2QtNDdjMS1i
OWU4LWRmMTU5OThmOWZiNi8xL0RudVlUN0ZZLVZzMnpiZnVpRFRmbkxRaGNJby5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEGfCgAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDiZTANBgkq
hkiG9w0BAQsFAAOCAQEAWojpGl2JlIkXmoP4P+QEVsx6YHIhcdo8xIj0zIQjv9zD
wgBu2SsqYuoGu3e6x1NAq1FcvQ4MDueBcE326BO7PJAk4ERVH97LdDOEL5+Aqte7
nwZ8tGoJORwx+qjnHJ9YQBJRrEqSgxrKVtAJ6AQ4BXBcKza5mRqjKNuqI0dvev+q
Mi8J5d2LIav10qZoj4goQNsJMH8ZZXXw4yvq9Z/2lOAJVfPpq2kD3XZl19+43nmC
Usg2kk2Nxt4ZKKTrv/rES1TVGMWGOd/i7T90btEBPnxjfrKa+Dt5s56bIYLJwNP8
KTBBYZTf5VBXJU8L4v33skL/TauRoODqsoP0ePrilQ==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:42:27 2025 by rpki-client