Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/SFBt4DKZBsu0eXzOMNuqfhnVRZQ.cer
File: SFBt4DKZBsu0eXzOMNuqfhnVRZQ.cer (raw, json)
Hash identifier: uxB6XFnp8o8ESTlAvgO8Bel0DG2NqupPdthg10lnmCw=
Subject key identifier: 48:50:6D:E0:32:99:06:CB:B4:79:7C:CE:30:DB:AA:7E:19:D5:45:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A140CFFFCB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/aa/8d0fe3-b736-4117-9af7-6663b5c73ae4/1/SFBt4DKZBsu0eXzOMNuqfhnVRZQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/aa/8d0fe3-b736-4117-9af7-6663b5c73ae4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 07:54:17 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 194.105.158.0/23
IP: 194.106.196.0/23
IP: 2a0f:26c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692577107915 (0xa140cfffcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:54:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48506de0329906cbb4797cce30dbaa7e19d54594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:22:fe:43:fb:63:bd:60:09:f8:ac:25:9e:3d:
33:63:ec:fb:7b:4a:36:31:64:ac:ab:1e:f6:40:3d:
17:f2:3d:ca:b5:c1:7e:60:61:d4:8f:03:ab:ba:b3:
4e:ee:31:9b:28:25:ce:e2:25:72:3b:ad:fc:34:df:
2a:f2:83:7e:dc:23:42:53:e5:b9:05:df:50:4a:6a:
aa:7a:9c:84:2e:37:29:e8:0d:a2:86:54:76:92:88:
90:7b:e5:1c:2f:1d:7d:37:69:1d:73:2f:7e:e0:cb:
f8:df:c5:40:62:2a:c1:71:34:36:ea:de:d8:61:ab:
57:06:f3:a6:91:d5:22:cc:15:fe:3b:99:9e:37:bf:
9d:11:7b:af:c2:ca:ed:ad:08:74:aa:1e:35:3f:7b:
13:9f:db:37:d3:85:14:07:ba:a1:35:84:cb:b6:47:
2b:01:4f:42:98:cb:b7:0b:ef:0d:71:bd:06:e0:c9:
08:d7:3f:bf:41:68:44:da:13:59:20:d5:17:2d:0b:
b9:4d:58:28:5a:9a:f5:b8:f5:5e:54:b7:b0:eb:a8:
d3:ae:08:fa:5c:e5:ed:9f:69:f3:e7:5e:a9:47:f9:
2c:2e:17:5e:c8:80:3f:ea:9e:ac:4f:07:37:87:7f:
c9:22:02:86:c2:fc:22:1a:cc:45:5a:a6:12:26:61:
2e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:50:6D:E0:32:99:06:CB:B4:79:7C:CE:30:DB:AA:7E:19:D5:45:94
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8d0fe3-b736-4117-9af7-6663b5c73ae4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8d0fe3-b736-4117-9af7-6663b5c73ae4/1/SFBt4DKZBsu0eXzOMNuqfhnVRZQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.158.0/23
194.106.196.0/23
IPv6:
2a0f:26c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:c4:33:92:12:8e:af:95:fe:50:25:56:1d:de:ea:98:ed:e0:
f6:cf:fe:30:59:38:d8:cd:3b:92:8b:9e:6e:48:81:a4:06:80:
df:ca:f6:7b:b5:59:4b:0b:a5:59:bf:97:e6:a4:f8:48:05:a2:
83:6d:33:d9:e6:68:29:4a:ce:32:63:97:c8:71:4d:93:bb:b4:
1d:bc:36:ea:c7:e2:c7:74:d0:86:4b:5a:b5:f7:36:c1:71:e3:
d8:12:ca:e7:7c:4a:f6:0e:21:dc:d7:41:ba:66:b9:7c:c4:3b:
07:c9:ea:0b:59:11:47:c1:f1:f5:8b:1c:c0:ac:6e:13:84:a3:
d9:52:9c:a9:77:d9:fb:0f:59:9f:bb:7d:1d:ca:17:d1:2e:13:
75:5c:5a:d7:50:0f:28:4b:9f:62:a7:a5:97:e1:30:8f:7a:69:
08:6e:87:7f:6e:59:87:fb:f1:4c:2c:93:e0:b1:b5:5d:e9:a8:
a6:91:d4:96:02:20:6c:53:87:76:dc:5c:2e:7b:78:96:00:b7:
37:70:29:e0:b6:77:3a:d0:5c:c7:4c:1d:53:a2:2e:48:29:41:
d5:d7:dc:e6:14:56:4a:bb:61:d8:aa:57:bb:ef:c8:ff:36:66:
97:84:38:10:97:ac:5b:72:c9:dc:52:50:7c:81:4c:63:a6:79:
56:08:2e:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIGAKFAz//LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDc1NDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0ODUwNmRlMDMy
OTkwNmNiYjQ3OTdjY2UzMGRiYWE3ZTE5ZDU0NTk0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAiiL+Q/tjvWAJ+Kwlnj0zY+z7e0o2MWSsqx72QD0X8j3K
tcF+YGHUjwOrurNO7jGbKCXO4iVyO638NN8q8oN+3CNCU+W5Bd9QSmqqepyELjcp
6A2ihlR2koiQe+UcLx19N2kdcy9+4Mv438VAYirBcTQ26t7YYatXBvOmkdUizBX+
O5meN7+dEXuvwsrtrQh0qh41P3sTn9s304UUB7qhNYTLtkcrAU9CmMu3C+8Ncb0G
4MkI1z+/QWhE2hNZINUXLQu5TVgoWpr1uPVeVLew66jTrgj6XOXtn2nz516pR/ks
LhdeyIA/6p6sTwc3h3/JIgKGwvwiGsxFWqYSJmEumwIDAQABo4ICmTCCApUwHQYD
VR0OBBYEFEhQbeAymQbLtHl8zjDbqn4Z1UWUMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FhLzhkMGZlMy1iNzM2LTQxMTct
OWFmNy02NjYzYjVjNzNhZTQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEvOGQwZmUzLWI3MzYtNDExNy05
YWY3LTY2NjNiNWM3M2FlNC8xL1NGQnQ0REtaQnN1MGVYek9NTnVxZmhuVlJaUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQBwmmeAwQBwmrEMA0EAgACMAcDBQMqDybAMA0GCSqGSIb3DQEBCwUA
A4IBAQAoxDOSEo6vlf5QJVYd3uqY7eD2z/4wWTjYzTuSi55uSIGkBoDfyvZ7tVlL
C6VZv5fmpPhIBaKDbTPZ5mgpSs4yY5fIcU2Tu7QdvDbqx+LHdNCGS1q19zbBcePY
EsrnfEr2DiHc10G6Zrl8xDsHyeoLWRFHwfH1ixzArG4ThKPZUpypd9n7D1mfu30d
yhfRLhN1XFrXUA8oS59ip6WX4TCPemkIbod/blmH+/FMLJPgsbVd6aimkdSWAiBs
U4d23Fwue3iWALc3cCngtnc60FzHTB1Toi5IKUHV19zmFFZKu2HYqle778j/NmaX
hDgQl6xbcsncUlB8gUxjpnlWCC51
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:41 2024 by rpki-client on console-fra.rpki-client.org