Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.cer
File: LyHK6Gy_EJmsz5HgIjWdJIbLpp0.cer (raw, json)
Hash identifier: t7AEFuvFmz7cKfHUSyjCIxNRKZCY8UfgLwX+Xpjry3A=
Subject key identifier: 2F:21:CA:E8:6C:BF:10:99:AC:CF:91:E0:22:35:9D:24:86:CB:A6:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018693084449A2BAE1E8AFBD075D064F9E34
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 27 Feb 2023 13:20:37 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.145.233.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:08:44:49:a2:ba:e1:e8:af:bd:07:5d:06:4f:9e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 27 13:20:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f21cae86cbf1099accf91e022359d2486cba69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:75:96:a5:76:97:d2:01:b1:f7:66:63:f9:11:
87:3d:b9:ff:41:cf:b2:a8:b5:ea:f6:f2:b5:8b:fa:
3a:73:4d:8d:50:5c:6a:aa:ec:1e:9a:12:17:36:3a:
7b:a2:89:5f:86:9c:d2:99:bf:10:51:a5:8c:e5:e4:
71:34:84:c6:a9:0b:fb:ff:2a:c8:64:a2:76:6a:d5:
4d:f6:21:07:43:64:a5:98:50:15:4d:18:5d:2b:7c:
c0:97:59:cf:11:d0:42:a9:4a:a2:fa:0f:98:89:9f:
b3:de:5e:7f:7d:aa:64:49:26:46:58:22:98:7a:70:
29:00:14:5a:06:74:ee:dd:9d:4e:43:ec:a5:55:ce:
92:3b:37:29:77:c5:61:b2:29:3d:20:be:03:f1:1b:
30:17:9d:15:61:90:fa:ba:a5:1e:c6:b5:0a:1d:27:
05:5e:36:ea:88:91:94:16:71:7f:5e:a3:40:fd:73:
64:49:0a:f7:d7:2f:57:07:6b:2c:a0:2c:63:31:1d:
9d:56:17:4a:3a:22:03:b7:a5:ad:fb:f7:25:4e:88:
22:29:8f:0f:54:f2:3e:93:eb:6f:da:95:2d:23:5a:
dc:79:7d:e0:77:ea:ac:c2:a3:b3:07:cc:7f:4b:fb:
28:66:31:b0:f8:48:2f:5e:80:b5:57:8d:eb:ea:89:
05:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:21:CA:E8:6C:BF:10:99:AC:CF:91:E0:22:35:9D:24:86:CB:A6:9D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/69fa0f-4414-4a69-acd1-6cf3c3c26006/1/LyHK6Gy_EJmsz5HgIjWdJIbLpp0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.233.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7f:53:aa:fb:ff:bd:c2:23:6a:43:c8:90:fd:41:94:e5:23:
06:c7:f6:a8:d1:db:63:e2:42:0e:3d:be:3b:34:2a:b3:5e:c1:
ca:76:82:fd:2a:54:d6:8b:e6:3f:37:03:f1:c7:2a:bb:1a:f7:
f7:5b:1b:e3:df:f3:ad:f5:32:6c:7f:c5:30:f2:3a:d2:35:09:
c3:6b:b3:b5:87:55:69:b1:e5:b3:78:d5:4a:ef:93:6e:06:27:
eb:c2:68:fe:66:9a:5b:5c:9f:b7:5e:12:d6:03:78:41:d7:ab:
4c:84:9a:a8:21:74:51:5a:fc:dd:90:e1:0a:de:c6:bc:09:3f:
62:80:4e:71:6c:02:22:93:fd:32:81:01:7a:73:82:e7:4d:35:
6f:05:f9:61:00:a4:bf:2a:28:4a:a2:76:53:4f:77:1d:70:f9:
77:7c:c7:2b:f4:ff:2f:69:c5:66:c7:c0:8f:69:cd:06:dc:71:
3b:7f:f4:50:ad:28:d8:96:a2:08:38:11:d4:61:0c:26:5d:54:
50:d6:62:0e:d0:ac:cd:54:58:4c:e3:b3:f3:0f:33:9e:21:8e:
10:68:11:18:19:46:29:3d:b9:b5:c6:04:75:62:6e:2c:2f:84:
3b:b8:e8:84:ef:72:c7:7d:10:f3:ae:ab:ba:f7:c6:58:a4:9a:
15:e2:c1:07
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYaTCERJorrh6K+9B10GT540MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMjI3MTMyMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjIxY2FlODZjYmYxMDk5YWNjZjkxZTAyMjM1OWQyNDg2Y2JhNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3WWpXaX0gGx92Zj+RGHPbn/Qc+y
qLXq9vK1i/o6c02NUFxqquwemhIXNjp7oolfhpzSmb8QUaWM5eRxNITGqQv7/yrI
ZKJ2atVN9iEHQ2SlmFAVTRhdK3zAl1nPEdBCqUqi+g+YiZ+z3l5/fapkSSZGWCKY
enApABRaBnTu3Z1OQ+ylVc6SOzcpd8Vhsik9IL4D8RswF50VYZD6uqUexrUKHScF
XjbqiJGUFnF/XqNA/XNkSQr31y9XB2ssoCxjMR2dVhdKOiIDt6Wt+/clTogiKY8P
VPI+k+tv2pUtI1rceX3gd+qswqOzB8x/S/soZjGw+EgvXoC1V43r6okF8QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFC8hyuhsvxCZrM+R4CI1nSSGy6adMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE0LzY5ZmEw
Zi00NDE0LTRhNjktYWNkMS02Y2YzYzNjMjYwMDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQvNjlmYTBm
LTQ0MTQtNGE2OS1hY2QxLTZjZjNjM2MyNjAwNi8xL0x5SEs2R3lfRUptc3o1SGdJ
aldkSkliTHBwMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuZHpMA0GCSqGSIb3DQEBCwUAA4IBAQBNf1Oq
+/+9wiNqQ8iQ/UGU5SMGx/ao0dtj4kIOPb47NCqzXsHKdoL9KlTWi+Y/NwPxxyq7
Gvf3Wxvj3/Ot9TJsf8Uw8jrSNQnDa7O1h1VpseWzeNVK75NuBifrwmj+ZppbXJ+3
XhLWA3hB16tMhJqoIXRRWvzdkOEK3sa8CT9igE5xbAIik/0ygQF6c4LnTTVvBflh
AKS/KihKonZTT3cdcPl3fMcr9P8vacVmx8CPac0G3HE7f/RQrSjYlqIIOBHUYQwm
XVRQ1mIO0KzNVFhM47PzDzOeIY4QaBEYGUYpPbm1xgR1Ym4sL4Q7uOiE73LHfRDz
rqu698ZYpJoV4sEH
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:36:46 2025 by rpki-client