Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IWdHufa_2lp0B4NJV_EBlRdGDtE.cer
File: IWdHufa_2lp0B4NJV_EBlRdGDtE.cer (raw, json)
Hash identifier: ZqfVFW1hgbdkjMEkVYzRcmNG6HUA4oAqIqeH1sYvHk4=
Subject key identifier: 21:67:47:B9:F6:BF:DA:5A:74:07:83:49:57:F1:01:95:17:46:0E:D1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A63A34AEA1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8a/52983a-3777-44bf-9771-bc84f3efe573/1/IWdHufa_2lp0B4NJV_EBlRdGDtE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8a/52983a-3777-44bf-9771-bc84f3efe573/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:59:09 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 2001:67c:28b4::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 713941102241 (0xa63a34aea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=216747b9f6bfda5a7407834957f1019517460ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0d:0d:74:b4:48:21:7e:e0:0a:1d:63:ec:47:
28:37:df:41:8d:b1:27:ec:4a:c9:18:bd:82:0b:0a:
93:0b:3c:d4:12:d0:dc:fc:4b:9d:9c:88:fc:3b:84:
33:96:44:71:dd:fd:82:29:a1:5c:23:c2:82:03:33:
37:3b:5f:4a:13:b1:59:95:0e:ca:7a:64:c6:ac:ec:
1d:c6:5d:46:00:04:7d:11:ac:fe:8c:7c:20:45:e5:
1c:27:72:ca:1f:2c:3c:3b:f5:54:95:2c:db:a2:07:
46:fa:19:96:ad:30:6c:87:f8:09:72:bf:f0:e1:50:
7e:28:61:03:13:ab:57:3c:33:af:46:15:35:aa:8d:
76:80:31:aa:5f:cf:3e:a7:f3:80:41:9d:16:a5:a8:
5c:c0:a3:79:3b:0e:34:73:23:ff:bb:30:c7:74:36:
a7:fc:f8:75:65:b5:db:3a:c1:59:49:96:5f:e6:6a:
ea:73:7d:05:f4:d1:72:06:2a:a1:09:22:e3:4c:b4:
31:90:0c:87:03:1a:20:9e:6e:a5:b0:b4:eb:09:71:
df:fb:6b:77:a3:69:41:f0:32:00:13:60:1e:d9:49:
f9:c3:3e:8c:23:b7:f2:df:a9:be:bc:0a:b7:a0:a6:
36:1b:4a:08:69:07:79:89:20:0c:16:7e:77:35:f5:
c1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:67:47:B9:F6:BF:DA:5A:74:07:83:49:57:F1:01:95:17:46:0E:D1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/52983a-3777-44bf-9771-bc84f3efe573/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/52983a-3777-44bf-9771-bc84f3efe573/1/IWdHufa_2lp0B4NJV_EBlRdGDtE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:28b4::/48
Signature Algorithm: sha256WithRSAEncryption
82:5a:e8:2d:10:19:e6:30:9c:bf:46:18:2a:a3:cb:54:aa:67:
89:7c:c7:34:2f:04:d2:f4:bc:a1:4a:9c:2a:be:a6:11:61:20:
46:a6:62:38:a9:b6:6d:57:1c:78:d6:9c:13:51:4b:14:10:eb:
84:33:31:98:b8:7b:b7:80:f6:3e:03:b7:f1:07:45:e5:56:b4:
6b:e5:e9:7c:b3:b8:80:73:36:42:25:77:8f:6f:bb:52:3a:dc:
aa:1e:d8:9d:84:23:df:3b:aa:cb:ca:43:f9:8a:3f:33:68:bf:
f2:08:fd:12:ad:05:81:74:f9:46:f7:25:c1:4f:a9:b7:c3:34:
2e:50:61:dd:05:35:97:41:8a:03:fc:c9:c5:82:e5:60:e6:86:
c8:2e:89:68:a6:8b:19:ba:79:a8:5b:8b:b4:5d:0c:33:1b:4f:
c4:e8:b5:98:85:e0:c3:70:f0:44:73:e1:89:68:bb:4f:85:04:
5e:89:85:f3:c3:e8:4f:bc:22:64:30:61:c8:ec:40:81:b0:88:
9a:8a:4f:ed:0d:73:27:56:6b:78:a1:2b:42:a4:69:a3:43:e0:
e4:4a:29:53:ac:98:bf:32:80:64:68:9b:10:28:e7:90:10:24:
ce:7a:ac:c1:4b:ed:b0:a0:fe:78:be:0d:19:82:ca:27:02:61:
70:ed:7b:40
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIGAKY6NK6hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTE1OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMTY3NDdiOWY2
YmZkYTVhNzQwNzgzNDk1N2YxMDE5NTE3NDYwZWQxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoQ0NdLRIIX7gCh1j7EcoN99BjbEn7ErJGL2CCwqTCzzU
EtDc/EudnIj8O4QzlkRx3f2CKaFcI8KCAzM3O19KE7FZlQ7KemTGrOwdxl1GAAR9
Eaz+jHwgReUcJ3LKHyw8O/VUlSzbogdG+hmWrTBsh/gJcr/w4VB+KGEDE6tXPDOv
RhU1qo12gDGqX88+p/OAQZ0WpahcwKN5Ow40cyP/uzDHdDan/Ph1ZbXbOsFZSZZf
5mrqc30F9NFyBiqhCSLjTLQxkAyHAxognm6lsLTrCXHf+2t3o2lB8DIAE2Ae2Un5
wz6MI7fy36m+vAq3oKY2G0oIaQd5iSAMFn53NfXBvwIDAQABo4IChzCCAoMwHQYD
VR0OBBYEFCFnR7n2v9padAeDSVfxAZUXRg7RMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhLzUyOTgzYS0zNzc3LTQ0YmYt
OTc3MS1iYzg0ZjNlZmU1NzMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEvNTI5ODNhLTM3NzctNDRiZi05
NzcxLWJjODRmM2VmZTU3My8xL0lXZEh1ZmFfMmxwMEI0TkpWX0VCbFJkR0R0RS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEGfCi0MA0GCSqGSIb3DQEBCwUAA4IBAQCCWugtEBnmMJy/Rhgq
o8tUqmeJfMc0LwTS9LyhSpwqvqYRYSBGpmI4qbZtVxx41pwTUUsUEOuEMzGYuHu3
gPY+A7fxB0XlVrRr5el8s7iAczZCJXePb7tSOtyqHtidhCPfO6rLykP5ij8zaL/y
CP0SrQWBdPlG9yXBT6m3wzQuUGHdBTWXQYoD/MnFguVg5obILoloposZunmoW4u0
XQwzG0/E6LWYheDDcPBEc+GJaLtPhQReiYXzw+hPvCJkMGHI7ECBsIiaik/tDXMn
Vmt4oStCpGmjQ+DkSilTrJi/MoBkaJsQKOeQECTOeqzBS+2woP54vg0ZgsonAmFw
7XtA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:29:39 2024 by rpki-client on console-ams.rpki-client.org