Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PINaQ5TgVNl6Bzs-gsdYRAPeM7M.cer
File: PINaQ5TgVNl6Bzs-gsdYRAPeM7M.cer (raw, json)
Hash identifier: IsCKS1zxG+tpsdbA7jNw6l9hU7T+ag3kOvtwD2KWg3Y=
Subject key identifier: 3C:83:5A:43:94:E0:54:D9:7A:07:3B:3E:82:C7:58:44:03:DE:33:B3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 99ED3869A9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3e/a63b65-2c52-4e12-93dd-cab2ad95c42a/1/PINaQ5TgVNl6Bzs-gsdYRAPeM7M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3e/a63b65-2c52-4e12-93dd-cab2ad95c42a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 01:03:21 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 35363
IP: 193.47.0.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 661109893545 (0x99ed3869a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:03:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c835a4394e054d97a073b3e82c7584403de33b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:04:3e:f5:fe:ed:bb:8b:56:41:10:a2:5b:
8f:92:33:a8:14:25:67:6c:ec:c9:f4:f2:14:3c:75:
00:b4:53:21:71:8a:48:48:b6:7e:a7:a6:cb:68:0e:
e8:0b:c2:02:03:b0:e7:4b:f9:61:a6:71:cf:dd:01:
89:30:a5:0a:18:fd:8e:53:ca:a5:1b:66:6a:a8:3f:
72:06:3a:6b:57:8b:9b:66:58:86:76:b7:46:3f:0e:
03:4f:d1:66:e8:fe:07:81:08:7a:c0:05:b5:23:ed:
16:75:71:ca:7e:1b:bb:bd:88:3c:3d:c9:0b:3e:4b:
a7:aa:d4:8d:6d:16:d6:c5:19:59:f0:00:31:d9:7e:
57:44:ba:d5:08:8f:91:e6:f8:72:e7:0a:7e:7c:23:
8b:22:24:45:6c:03:a6:ac:a4:8d:a0:b5:ef:fa:1f:
c1:4a:47:e9:b2:66:17:aa:87:92:87:d7:00:3c:45:
a9:1a:ce:63:ad:d9:7f:08:28:75:61:16:e5:27:98:
62:8d:10:fb:8a:7f:4f:8b:1e:33:45:f4:a2:af:a6:
53:f9:7d:af:fd:76:1e:3c:fe:91:ef:6d:39:27:4b:
6d:05:8b:e1:90:39:b1:e3:4b:36:aa:cd:29:71:99:
5f:a4:db:a9:a0:ce:3c:21:e5:55:9e:61:6d:dc:b0:
1b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:83:5A:43:94:E0:54:D9:7A:07:3B:3E:82:C7:58:44:03:DE:33:B3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/a63b65-2c52-4e12-93dd-cab2ad95c42a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/a63b65-2c52-4e12-93dd-cab2ad95c42a/1/PINaQ5TgVNl6Bzs-gsdYRAPeM7M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.0.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35363
Signature Algorithm: sha256WithRSAEncryption
6c:0f:38:2f:89:af:dc:6c:c1:cb:2b:f7:c8:ae:d7:bc:f3:3e:
4c:cf:fc:30:dd:87:51:7b:5c:4e:de:13:1e:40:3e:aa:63:af:
2b:89:4b:75:51:70:e8:c2:3d:28:d7:22:8e:14:18:25:22:d2:
7e:5f:f3:6e:9b:83:1b:24:5b:cd:70:b0:14:8f:cd:89:fe:39:
18:33:4c:62:71:d8:46:b4:4b:bb:43:31:03:f1:c5:25:c4:61:
45:07:01:88:fe:81:e4:a8:1f:1e:f0:42:0c:9c:da:1b:41:f3:
27:73:57:ca:b3:7f:e3:0c:b4:c7:38:ee:25:8b:d6:78:7b:06:
1a:d2:d3:9d:7e:52:38:73:cf:5a:9a:ab:dd:0b:0c:85:13:45:
27:e7:c1:56:4a:ea:1a:e0:34:6b:c6:10:86:9b:41:36:9d:20:
2d:c7:85:5e:dd:de:5f:b5:92:96:75:f8:cb:c5:4d:41:88:fe:
9f:0c:22:2b:06:c5:9e:68:dc:f0:c3:ce:c6:fa:78:1c:33:d9:
86:f4:93:e5:fc:3f:90:28:8f:63:22:60:8d:f7:54:f4:35:f0:
a0:f7:39:42:f2:58:63:b2:60:1a:5a:93:c1:59:c4:43:d0:a5:
fd:06:cc:b8:14:70:c3:d1:8b:76:c1:9f:c7:4c:be:15:45:4d:
7e:18:dd:74
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAJntOGmpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDEwMzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYzgzNWE0Mzk0
ZTA1NGQ5N2EwNzNiM2U4MmM3NTg0NDAzZGUzM2IzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo30EPvX+7buLVkEQoluPkjOoFCVnbOzJ9PIUPHUAtFMh
cYpISLZ+p6bLaA7oC8ICA7DnS/lhpnHP3QGJMKUKGP2OU8qlG2ZqqD9yBjprV4ub
ZliGdrdGPw4DT9Fm6P4HgQh6wAW1I+0WdXHKfhu7vYg8PckLPkunqtSNbRbWxRlZ
8AAx2X5XRLrVCI+R5vhy5wp+fCOLIiRFbAOmrKSNoLXv+h/BSkfpsmYXqoeSh9cA
PEWpGs5jrdl/CCh1YRblJ5hijRD7in9Pix4zRfSir6ZT+X2v/XYePP6R7205J0tt
BYvhkDmx40s2qs0pcZlfpNupoM48IeVVnmFt3LAb0wIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFDyDWkOU4FTZegc7PoLHWEQD3jOzMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNlL2E2M2I2NS0yYzUyLTRlMTIt
OTNkZC1jYWIyYWQ5NWM0MmEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvYTYzYjY1LTJjNTItNGUxMi05
M2RkLWNhYjJhZDk1YzQyYS8xL1BJTmFRNVRnVk5sNkJ6cy1nc2RZUkFQZU03TS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwS8AMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCKIzANBgkqhkiG
9w0BAQsFAAOCAQEAbA84L4mv3GzByyv3yK7XvPM+TM/8MN2HUXtcTt4THkA+qmOv
K4lLdVFw6MI9KNcijhQYJSLSfl/zbpuDGyRbzXCwFI/Nif45GDNMYnHYRrRLu0Mx
A/HFJcRhRQcBiP6B5KgfHvBCDJzaG0HzJ3NXyrN/4wy0xzjuJYvWeHsGGtLTnX5S
OHPPWpqr3QsMhRNFJ+fBVkrqGuA0a8YQhptBNp0gLceFXt3eX7WSlnX4y8VNQYj+
nwwiKwbFnmjc8MPOxvp4HDPZhvST5fw/kCiPYyJgjfdU9DXwoPc5QvJYY7JgGlqT
wVnEQ9Cl/QbMuBRww9GLdsGfx0y+FUVNfhjddA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:32:54 2025 by rpki-client