Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
File: XN9YiHkCahtIPXmajow2OLYhrls.cer (raw, json)
Hash identifier: TP6XwmEdZSpzIVaKkny3dkFyNHLX38AHRTgP06nzu80=
Subject key identifier: 5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018570FAC49D7EF629CDC83B3F25A2B906CE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 05:36:00 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 195.96.146.0/24
IP: 2a12:c00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fa:c4:9d:7e:f6:29:cd:c8:3b:3f:25:a2:b9:06:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:33:76:06:21:b0:3d:a4:29:f7:2b:1b:bf:ab:
ea:3c:10:2d:80:5b:4d:ab:ae:2f:4c:46:e4:91:ed:
9f:22:23:31:16:bc:3b:07:84:44:77:fc:33:cd:32:
58:05:c5:34:dd:e2:d7:f4:80:22:f6:e6:82:c1:97:
e2:7d:cb:ad:fd:eb:b9:aa:30:a3:81:5c:6f:78:c8:
af:13:4a:ed:f7:50:2a:d0:20:38:d7:e7:a5:08:64:
4a:04:51:b1:16:84:c4:37:ea:4e:e7:8d:40:54:67:
fa:df:5a:e9:bf:68:d1:57:26:31:f3:7d:68:ba:4d:
55:d8:2d:5e:19:89:c9:c5:88:29:bd:60:a3:10:89:
56:eb:c3:45:19:e6:7a:e4:67:b1:c0:d8:14:04:09:
3d:9f:9f:bb:27:08:65:c2:5c:d4:6f:ec:a4:1b:f0:
f2:84:39:e1:51:d0:9d:43:1b:86:21:a3:96:c9:97:
7e:8e:51:19:f9:ee:89:a9:51:bd:f5:fd:ff:d7:cc:
6f:aa:c7:03:0d:ba:d0:6d:6d:c6:45:f7:e7:5a:c1:
7d:a1:0e:3a:3c:0a:3f:e0:41:2f:7c:fd:e2:5b:65:
04:72:e9:7b:83:ef:23:d5:3b:e7:89:f9:f5:01:86:
0c:3c:d8:06:a1:12:5f:66:2d:5f:1c:ed:10:6c:ad:
15:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.146.0/24
IPv6:
2a12:c00::/29
Signature Algorithm: sha256WithRSAEncryption
17:6a:9e:f8:3d:6d:6e:1d:f9:8a:31:84:51:b2:c7:9f:33:8f:
30:71:65:62:17:0f:8e:c2:89:51:31:8b:31:10:fb:81:28:29:
be:42:dd:9e:21:ba:00:da:fc:ad:b5:04:40:47:f4:a1:a4:14:
41:6c:29:4b:95:83:86:7c:0c:6b:ab:1f:20:09:11:07:d0:02:
da:d3:99:88:8a:dc:42:b6:62:48:57:34:bb:2d:77:59:8f:d4:
8a:b4:da:26:99:04:71:5a:ae:31:ea:53:b6:b3:27:10:f2:fd:
e3:b7:b6:3f:80:5a:db:a3:ce:2e:45:3b:67:c5:d3:c7:26:9a:
29:f3:ef:c7:42:01:cd:49:0e:5e:a9:6e:0f:08:1a:04:37:5b:
6c:6b:b2:42:9d:a4:ca:b4:5e:f8:37:26:46:7f:f5:b8:c5:e7:
2d:21:de:9d:ef:69:b1:91:9b:96:00:ff:8b:a7:5a:27:6c:b7:
b4:7c:d8:3b:d0:ef:9d:05:95:b2:a6:80:39:2f:77:9c:7d:9d:
a4:5a:22:a3:68:28:e2:0e:e1:c8:fb:1c:c6:59:c2:22:7d:74:
b0:88:a2:29:91:88:dd:38:f9:9e:0f:aa:ec:22:6e:6d:47:f5:
69:c1:6a:f9:81:dd:22:77:6f:9f:30:9a:ca:44:95:e6:ff:36:
e8:e7:15:53
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVw+sSdfvYpzcg7PyWiuQbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDUzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RmNTg4ODc5MDI2YTFiNDgzZDc5OWE4ZThjMzYzOGI2MjFhZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDN2BiGwPaQp9ysbv6vqPBAtgFtN
q64vTEbkke2fIiMxFrw7B4REd/wzzTJYBcU03eLX9IAi9uaCwZfifcut/eu5qjCj
gVxveMivE0rt91Aq0CA41+elCGRKBFGxFoTEN+pO541AVGf631rpv2jRVyYx831o
uk1V2C1eGYnJxYgpvWCjEIlW68NFGeZ65GexwNgUBAk9n5+7JwhlwlzUb+ykG/Dy
hDnhUdCdQxuGIaOWyZd+jlEZ+e6JqVG99f3/18xvqscDDbrQbW3GRffnWsF9oQ46
PAo/4EEvfP3iW2UEcul7g+8j1Tvnifn1AYYMPNgGoRJfZi1fHO0QbK0V2QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFzfWIh5AmobSD15mo6MNji2Ia5bMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcwL2E4MTcw
Ny00MTUyLTQyYmItYTM4Yy0yYmYzYjZjZTEwMWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvYTgxNzA3
LTQxNTItNDJiYi1hMzhjLTJiZjNiNmNlMTAxYi8xL1hOOVlpSGtDYWh0SVBYbWFq
b3cyT0xZaHJscy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAw2CSMA0EAgACMAcDBQMqEgwAMA0GCSqGSIb3
DQEBCwUAA4IBAQAXap74PW1uHfmKMYRRssefM48wcWViFw+OwolRMYsxEPuBKCm+
Qt2eIboA2vyttQRAR/ShpBRBbClLlYOGfAxrqx8gCREH0ALa05mIitxCtmJIVzS7
LXdZj9SKtNommQRxWq4x6lO2sycQ8v3jt7Y/gFrbo84uRTtnxdPHJpop8+/HQgHN
SQ5eqW4PCBoEN1tsa7JCnaTKtF74NyZGf/W4xectId6d72mxkZuWAP+Lp1onbLe0
fNg70O+dBZWypoA5L3ecfZ2kWiKjaCjiDuHI+xzGWcIifXSwiKIpkYjdOPmeD6rs
Im5tR/VpwWr5gd0id2+fMJrKRJXm/zbo5xVT
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:36 2025 by rpki-client