Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KxPz5KPHXPvAWcnZXFnd-OQc6oY.cer
File: KxPz5KPHXPvAWcnZXFnd-OQc6oY.cer (raw, json)
Hash identifier: QsUqfC/fCkSSjC+Afx4TDF40arE83vHXqaL4FukMlLs=
Subject key identifier: 2B:13:F3:E4:A3:C7:5C:FB:C0:59:C9:D9:5C:59:DD:F8:E4:1C:EA:86
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018297001FADA9DA3F3A0F1AF53866F38590
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/abe205-bf81-4945-9d42-0bcddf3e5e57/1/KxPz5KPHXPvAWcnZXFnd-OQc6oY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/abe205-bf81-4945-9d42-0bcddf3e5e57/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 13 Aug 2022 11:39:03 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 85.8.156.0/22
IP: 2a09:7300::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:97:00:1f:ad:a9:da:3f:3a:0f:1a:f5:38:66:f3:85:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 13 11:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b13f3e4a3c75cfbc059c9d95c59ddf8e41cea86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:79:a3:b6:d5:6e:33:d0:b2:8a:ca:b4:94:c2:
2d:8c:61:c7:78:c0:80:b7:06:25:df:2a:c1:22:f0:
07:c3:c5:45:61:e7:6c:e0:4b:e0:b2:bd:de:3d:d8:
e9:0e:70:5c:77:9d:0f:d0:c4:e7:0e:59:56:f9:ae:
60:68:d5:b6:4b:8e:68:d1:40:23:4b:ee:b9:57:7e:
56:21:35:93:d2:8f:aa:b9:df:4a:2c:69:e5:cd:a1:
3c:44:45:f7:a4:f7:96:b4:91:0c:98:9e:6d:e6:15:
ed:50:ac:ab:17:b9:8a:5a:44:9e:04:ef:0b:41:b8:
72:9a:54:9e:47:61:85:47:34:da:d5:55:14:8e:25:
3b:96:3d:96:de:d5:1d:68:98:27:0a:35:fb:15:76:
84:27:a9:3b:db:cd:70:1c:c9:ce:40:38:33:27:1d:
bb:f9:a5:aa:0c:8b:2c:9c:96:c2:28:17:53:90:ab:
03:5f:e8:fb:44:af:dc:3b:e0:79:81:59:90:34:63:
0b:fa:34:44:03:fb:63:aa:6a:6c:5f:3e:14:80:e0:
c4:49:9f:90:35:45:35:48:7d:8b:c7:1a:bd:0b:0f:
c9:e9:cc:7c:53:27:59:d2:0e:55:f8:fc:c7:5d:c1:
96:21:df:59:bb:52:7a:2b:f6:86:c5:63:97:30:1d:
38:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:13:F3:E4:A3:C7:5C:FB:C0:59:C9:D9:5C:59:DD:F8:E4:1C:EA:86
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/abe205-bf81-4945-9d42-0bcddf3e5e57/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/abe205-bf81-4945-9d42-0bcddf3e5e57/1/KxPz5KPHXPvAWcnZXFnd-OQc6oY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.156.0/22
IPv6:
2a09:7300::/29
Signature Algorithm: sha256WithRSAEncryption
66:52:1e:76:35:9b:8c:2d:3d:9c:27:2e:60:1c:08:07:0e:d2:
df:64:a0:c9:94:a6:9f:d4:bf:80:28:4d:e5:4b:49:79:2d:d8:
60:59:39:56:fa:3c:1d:d2:42:65:66:1e:9b:ce:d0:18:8e:7a:
c1:3a:e7:7e:6d:97:42:a2:8e:63:67:16:2d:5b:14:93:53:6f:
e4:d4:87:78:0e:fe:24:21:88:82:d4:ac:20:eb:d1:05:c6:e0:
e4:98:bc:57:b0:05:0e:92:4b:2b:ef:9d:1c:53:33:c9:de:57:
4d:77:c7:0c:be:76:fb:1f:85:21:86:6a:03:6d:1a:8b:bb:f5:
d6:db:c0:b5:46:c0:5a:9f:af:d5:19:50:ec:a0:85:ec:6a:f5:
be:a5:0c:b2:20:1e:2b:f2:35:14:da:2f:fe:0d:d0:f9:f6:5a:
12:6d:f6:3f:52:33:75:93:9d:4a:ce:ea:9a:2f:b2:98:40:4b:
38:b4:81:53:78:b6:9b:b8:24:a1:7d:fd:5c:55:d0:9e:8c:8e:
11:24:26:a3:44:4b:13:58:51:38:7f:32:c2:4a:7e:4d:c7:ba:
bc:1e:b9:35:d7:66:47:e8:45:4c:01:22:87:10:43:4d:68:41:
18:87:a2:24:c5:dd:a9:a3:41:2e:5f:5d:76:e4:9d:04:db:07:
17:63:1a:df
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYKXAB+tqdo/Og8a9Thm84WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIwODEzMTEzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjEzZjNlNGEzYzc1Y2ZiYzA1OWM5ZDk1YzU5ZGRmOGU0MWNlYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHmjttVuM9Cyisq0lMItjGHHeMCA
twYl3yrBIvAHw8VFYeds4Evgsr3ePdjpDnBcd50P0MTnDllW+a5gaNW2S45o0UAj
S+65V35WITWT0o+qud9KLGnlzaE8REX3pPeWtJEMmJ5t5hXtUKyrF7mKWkSeBO8L
QbhymlSeR2GFRzTa1VUUjiU7lj2W3tUdaJgnCjX7FXaEJ6k7281wHMnOQDgzJx27
+aWqDIssnJbCKBdTkKsDX+j7RK/cO+B5gVmQNGML+jREA/tjqmpsXz4UgODESZ+Q
NUU1SH2Lxxq9Cw/J6cx8UydZ0g5V+PzHXcGWId9Zu1J6K/aGxWOXMB04ZQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFCsT8+Sjx1z7wFnJ2VxZ3fjkHOqGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2FiZTIw
NS1iZjgxLTQ5NDUtOWQ0Mi0wYmNkZGYzZTVlNTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvYWJlMjA1
LWJmODEtNDk0NS05ZDQyLTBiY2RkZjNlNWU1Ny8xL0t4UHo1S1BIWFB2QVdjblpY
Rm5kLU9RYzZvWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCVQicMA0EAgACMAcDBQMqCXMAMA0GCSqGSIb3
DQEBCwUAA4IBAQBmUh52NZuMLT2cJy5gHAgHDtLfZKDJlKaf1L+AKE3lS0l5Ldhg
WTlW+jwd0kJlZh6bztAYjnrBOud+bZdCoo5jZxYtWxSTU2/k1Id4Dv4kIYiC1Kwg
69EFxuDkmLxXsAUOkksr750cUzPJ3ldNd8cMvnb7H4UhhmoDbRqLu/XW28C1RsBa
n6/VGVDsoIXsavW+pQyyIB4r8jUU2i/+DdD59loSbfY/UjN1k51KzuqaL7KYQEs4
tIFTeLabuCShff1cVdCejI4RJCajREsTWFE4fzLCSn5Nx7q8Hrk112ZH6EVMASKH
EENNaEEYh6Ikxd2po0EuX1125J0E2wcXYxrf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:54 2024 by rpki-client on console-fra.rpki-client.org