Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RyOkO4YKkhUPcS7SD8t7ft-8-3s.cer
File: RyOkO4YKkhUPcS7SD8t7ft-8-3s.cer (raw, json)
Hash identifier: qvsWya08Kw3eH0SKp2E8gtp0JQW3RHpQjP0P9Hljgss=
Subject key identifier: 47:23:A4:3B:86:0A:92:15:0F:71:2E:D2:0F:CB:7B:7E:DF:BC:FB:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A999E73430
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6d/0a0665-07a2-4407-94ba-4a5ce0d7d00c/1/RyOkO4YKkhUPcS7SD8t7ft-8-3s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6d/0a0665-07a2-4407-94ba-4a5ce0d7d00c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:59:03 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 83.136.221.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 728431539248 (0xa999e73430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4723a43b860a92150f712ed20fcb7b7edfbcfb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:f4:49:2a:66:d0:af:5c:6a:b7:8a:e7:6c:
9c:6c:49:4a:87:25:0c:a8:9e:e2:04:2f:ca:51:83:
19:b5:79:68:88:51:70:8e:c5:c3:d2:ba:05:a7:a7:
73:6d:d0:69:d2:04:e8:91:4d:67:0a:76:89:32:d6:
6e:f9:66:95:4c:b9:72:8d:76:90:8a:18:71:28:be:
80:ad:fe:d1:ad:93:0a:42:04:ce:82:53:ef:7e:04:
d9:10:5a:b5:69:7d:f9:fd:bd:51:98:59:e6:73:38:
cb:67:13:1c:af:84:29:3c:32:fd:20:1e:81:d0:5a:
f4:88:dd:58:39:6a:1a:53:f9:d3:45:ba:d3:bb:87:
2e:91:53:65:74:d0:76:9a:a1:2b:04:cc:02:02:8f:
23:b6:16:19:28:3e:d4:52:dd:0d:67:c5:1c:90:3d:
ea:66:e6:10:bc:36:0d:ed:da:7f:41:f3:4e:25:dd:
b2:30:d8:28:1d:4a:94:66:b7:31:2d:46:53:ad:0d:
a7:35:28:27:64:44:2b:4d:48:2a:6f:ae:79:aa:7c:
42:41:f7:85:83:1c:d8:f0:49:a3:52:5a:36:13:c6:
32:5a:2f:67:38:07:27:16:63:f2:e2:4a:39:49:c9:
a0:25:63:05:d2:fc:a6:13:13:ab:ca:f4:16:bb:c5:
21:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:23:A4:3B:86:0A:92:15:0F:71:2E:D2:0F:CB:7B:7E:DF:BC:FB:7B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0a0665-07a2-4407-94ba-4a5ce0d7d00c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0a0665-07a2-4407-94ba-4a5ce0d7d00c/1/RyOkO4YKkhUPcS7SD8t7ft-8-3s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:da:8d:f0:80:a0:c1:38:60:5b:96:73:e8:22:fd:da:37:b2:
b0:54:f6:06:90:a9:ea:a4:e9:04:c1:52:9b:f4:88:60:35:c0:
b9:cf:dc:08:fb:09:29:ab:83:e2:69:cc:f5:e8:8c:b1:ed:b0:
86:ef:30:4f:cb:13:00:7f:59:62:ec:66:3c:21:8f:91:1c:00:
b1:41:69:44:59:27:c2:da:80:8b:6f:be:f1:16:2e:c9:9f:96:
51:72:37:a4:f0:57:5b:cf:75:29:95:02:74:69:e6:6d:52:74:
bc:2d:04:59:4e:57:c3:9e:3e:9b:54:56:a7:09:fe:e4:8b:40:
27:b7:0a:fd:66:7b:12:c0:3b:10:7b:81:bc:7c:f8:35:da:8c:
91:ab:4a:68:5f:2c:0d:4b:3f:52:a5:e4:d3:1f:ae:b8:f4:2f:
d2:06:f3:68:1c:83:e6:6a:ae:9d:1c:b7:b8:85:2a:8c:83:56:
cc:7c:f1:f7:13:aa:f5:25:00:8f:2a:ab:43:65:b3:95:3f:17:
85:20:ab:b1:ac:3f:61:7a:ee:02:a2:f0:19:51:1a:c0:2f:80:
97:e8:82:1a:b9:1e:ff:fa:f0:dd:36:74:01:2d:d8:b9:b2:10:
4b:c7:29:d5:46:3f:72:d6:d4:3d:1b:44:10:c0:c3:49:a4:81:
4c:14:d7:07
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKmZ5zQwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQ1OTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NzIzYTQzYjg2
MGE5MjE1MGY3MTJlZDIwZmNiN2I3ZWRmYmNmYjdiMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArCL0SSpm0K9careK52ycbElKhyUMqJ7iBC/KUYMZtXlo
iFFwjsXD0roFp6dzbdBp0gTokU1nCnaJMtZu+WaVTLlyjXaQihhxKL6Arf7RrZMK
QgTOglPvfgTZEFq1aX35/b1RmFnmczjLZxMcr4QpPDL9IB6B0Fr0iN1YOWoaU/nT
RbrTu4cukVNldNB2mqErBMwCAo8jthYZKD7UUt0NZ8UckD3qZuYQvDYN7dp/QfNO
Jd2yMNgoHUqUZrcxLUZTrQ2nNSgnZEQrTUgqb655qnxCQfeFgxzY8EmjUlo2E8Yy
Wi9nOAcnFmPy4ko5ScmgJWMF0vymExOryvQWu8UhFQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFEcjpDuGCpIVD3Eu0g/Le37fvPt7MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZkLzBhMDY2NS0wN2EyLTQ0MDct
OTRiYS00YTVjZTBkN2QwMGMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQvMGEwNjY1LTA3YTItNDQwNy05
NGJhLTRhNWNlMGQ3ZDAwYy8xL1J5T2tPNFlLa2hVUGNTN1NEOHQ3ZnQtOC0zcy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAU4jdMA0GCSqGSIb3DQEBCwUAA4IBAQCc2o3wgKDBOGBblnPoIv3a
N7KwVPYGkKnqpOkEwVKb9IhgNcC5z9wI+wkpq4Piacz16Iyx7bCG7zBPyxMAf1li
7GY8IY+RHACxQWlEWSfC2oCLb77xFi7Jn5ZRcjek8Fdbz3UplQJ0aeZtUnS8LQRZ
TlfDnj6bVFanCf7ki0Antwr9ZnsSwDsQe4G8fPg12oyRq0poXywNSz9SpeTTH664
9C/SBvNoHIPmaq6dHLe4hSqMg1bMfPH3E6r1JQCPKqtDZbOVPxeFIKuxrD9heu4C
ovAZURrAL4CX6IIauR7/+vDdNnQBLdi5shBLxynVRj9y1tQ9G0QQwMNJpIFMFNcH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:43 2025 by rpki-client