Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YYnHSVAuVTZqNQvqlzVPaZfDwyE.cer
File: YYnHSVAuVTZqNQvqlzVPaZfDwyE.cer (raw, json)
Hash identifier: yrV/k6jdE3kGiU8Ki9DXkLGWaPNITC8/ZUXjEnB5kmM=
Subject key identifier: 61:89:C7:49:50:2E:55:36:6A:35:0B:EA:97:35:4F:69:97:C3:C3:21
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A98728B3F7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/febb37-d2fe-444c-87db-bd6c99e7e2da/1/YYnHSVAuVTZqNQvqlzVPaZfDwyE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/febb37-d2fe-444c-87db-bd6c99e7e2da/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:58:18 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 171.22.28.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 728117064695 (0xa98728b3f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:58:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6189c749502e55366a350bea97354f6997c3c321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8c:de:d7:d1:28:a2:c4:20:df:a9:d0:8b:d0:
dd:27:71:02:58:aa:36:2d:50:23:66:ab:12:09:e0:
22:1b:10:31:20:f5:ee:8e:73:a6:b2:fa:8c:87:a6:
17:ae:bc:9f:23:44:ea:6a:46:1e:4a:00:b0:a2:63:
1f:02:99:76:f5:ff:35:72:f5:92:40:29:44:aa:80:
a6:93:e0:46:63:d1:61:28:ef:49:f2:40:9f:c1:22:
90:ab:f0:a4:70:69:7a:cf:b6:ef:cf:35:d8:75:25:
1c:09:63:8a:ee:d7:29:63:c5:23:f5:f4:30:2b:ab:
c3:69:dd:01:6f:e8:10:61:12:48:1c:33:11:d3:fc:
0c:3c:65:e7:44:03:61:8f:c8:dc:b8:20:43:e7:a1:
06:38:aa:e7:1f:a6:8b:9e:f2:9c:32:6a:8a:43:b6:
77:c6:69:a8:55:19:46:b6:ee:d0:52:7c:8d:05:23:
5a:a3:da:64:51:7d:8c:6a:87:fa:9c:2d:19:e5:19:
4b:49:31:c0:88:50:be:73:9b:78:4a:fb:47:d6:65:
dc:4b:00:e0:9e:37:63:fd:f3:57:bc:e5:63:1f:06:
f7:ad:6c:4d:85:fd:01:d4:6a:0d:58:f3:a6:96:f6:
ee:79:f7:da:df:8e:4a:f1:60:f9:5a:ab:68:16:53:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:89:C7:49:50:2E:55:36:6A:35:0B:EA:97:35:4F:69:97:C3:C3:21
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/febb37-d2fe-444c-87db-bd6c99e7e2da/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/febb37-d2fe-444c-87db-bd6c99e7e2da/1/YYnHSVAuVTZqNQvqlzVPaZfDwyE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.28.0/22
Signature Algorithm: sha256WithRSAEncryption
21:04:8b:5f:c2:ef:a9:89:1b:16:82:6e:e5:67:51:77:3f:2a:
8a:76:29:70:5a:ad:da:29:c2:43:8a:69:23:ee:d3:55:9b:7c:
8c:50:27:03:9b:7e:b9:24:9b:dd:aa:ed:28:28:e8:9d:a3:81:
39:6f:3a:55:34:5f:25:ac:6e:38:cc:d9:80:d9:74:08:31:75:
01:c6:7e:ff:b7:09:8c:5b:85:f5:ac:43:80:af:31:8c:f7:36:
d2:73:26:18:6e:8d:7d:49:12:ae:c0:fd:78:70:56:85:7f:96:
22:43:8d:34:c7:a6:21:e9:2a:b1:07:90:1b:5e:13:a0:bb:28:
25:6b:5a:57:79:4a:59:5b:aa:82:26:25:64:0c:8c:77:ce:f5:
ca:50:5c:0c:05:fe:58:68:6e:a2:0f:e0:6c:0c:67:85:5f:7b:
ce:7b:ac:9d:c1:28:37:ea:00:36:4f:db:b0:9d:90:58:95:af:
b1:b5:d9:03:60:f4:aa:d1:8a:c5:9e:7b:06:ad:b6:de:02:17:
dc:ef:36:d7:ad:0f:27:21:bc:41:84:a7:91:fe:2c:9c:56:db:
1d:67:6d:a2:e7:96:73:c9:5e:cf:46:cb:ef:ca:a8:0e:3a:ab:
16:08:e2:78:7e:5c:66:7a:39:09:ed:ba:a1:e2:bc:cf:e8:a7:
28:d8:fd:2b
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKmHKLP3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQ1ODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MTg5Yzc0OTUw
MmU1NTM2NmEzNTBiZWE5NzM1NGY2OTk3YzNjMzIxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAy4ze19EoosQg36nQi9DdJ3ECWKo2LVAjZqsSCeAiGxAx
IPXujnOmsvqMh6YXrryfI0TqakYeSgCwomMfApl29f81cvWSQClEqoCmk+BGY9Fh
KO9J8kCfwSKQq/CkcGl6z7bvzzXYdSUcCWOK7tcpY8Uj9fQwK6vDad0Bb+gQYRJI
HDMR0/wMPGXnRANhj8jcuCBD56EGOKrnH6aLnvKcMmqKQ7Z3xmmoVRlGtu7QUnyN
BSNao9pkUX2Maof6nC0Z5RlLSTHAiFC+c5t4SvtH1mXcSwDgnjdj/fNXvOVjHwb3
rWxNhf0B1GoNWPOmlvbueffa345K8WD5WqtoFlPXAwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFGGJx0lQLlU2ajUL6pc1T2mXw8MhMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmL2ZlYmIzNy1kMmZlLTQ0NGMt
ODdkYi1iZDZjOTllN2UyZGEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvZmViYjM3LWQyZmUtNDQ0Yy04
N2RiLWJkNmM5OWU3ZTJkYS8xL1lZbkhTVkF1VlRacU5RdnFselZQYVpmRHd5RS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCqxYcMA0GCSqGSIb3DQEBCwUAA4IBAQAhBItfwu+piRsWgm7lZ1F3
PyqKdilwWq3aKcJDimkj7tNVm3yMUCcDm365JJvdqu0oKOido4E5bzpVNF8lrG44
zNmA2XQIMXUBxn7/twmMW4X1rEOArzGM9zbScyYYbo19SRKuwP14cFaFf5YiQ400
x6Yh6SqxB5AbXhOguygla1pXeUpZW6qCJiVkDIx3zvXKUFwMBf5YaG6iD+BsDGeF
X3vOe6ydwSg36gA2T9uwnZBYla+xtdkDYPSq0YrFnnsGrbbeAhfc7zbXrQ8nIbxB
hKeR/iycVtsdZ22i55ZzyV7PRsvvyqgOOqsWCOJ4flxmejkJ7bqh4rzP6Kco2P0r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:34:55 2024 by rpki-client on console-ams.rpki-client.org