Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z47P7ZdNVhCBK9RsCFiF4XkoBmY.cer
File: Z47P7ZdNVhCBK9RsCFiF4XkoBmY.cer (raw, json)
Hash identifier: s1Ff342hJtta6j11S0OLy5tUEJn2R4CRGmcgU13kiog=
Subject key identifier: 67:8E:CF:ED:97:4D:56:10:81:2B:D4:6C:08:58:85:E1:79:28:06:66
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AA1074AB30
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/7e184c-79f0-44a1-8898-01a3d82835a5/1/Z47P7ZdNVhCBK9RsCFiF4XkoBmY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/7e184c-79f0-44a1-8898-01a3d82835a5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 15:04:17 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 2.56.60.0/22
IP: 2a09:bf40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 730420521776 (0xaa1074ab30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:04:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=678ecfed974d5610812bd46c085885e179280666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e2:6c:9e:0f:bd:76:fd:24:73:87:ea:a4:ed:
0e:1c:d1:bb:ba:5b:3e:32:cc:0c:8e:d1:78:c0:a1:
31:b6:8a:f6:23:e3:9e:99:ce:4b:7b:15:45:b4:93:
74:24:c9:c1:db:a8:a4:46:0e:5c:79:59:ea:0f:e8:
c5:b7:28:ee:be:2e:94:df:5e:10:a5:a3:3e:03:ed:
d0:ca:95:7c:af:2c:42:e6:e6:d5:f5:7f:80:f2:87:
aa:e1:b0:08:f4:d8:9c:1b:66:f5:33:9d:3e:1b:a8:
ae:ba:f4:45:2c:52:68:3c:a6:6f:99:6c:e1:a4:5b:
66:07:42:d3:a1:28:13:c9:70:fd:b5:d3:99:82:64:
17:90:97:c4:f6:21:80:91:2c:bf:73:93:0c:69:c9:
f4:2c:e0:e4:37:22:f2:25:d1:e3:28:e8:f9:2d:6c:
28:52:a4:5b:6c:80:77:61:49:b4:9c:97:06:c6:d7:
1a:e7:e7:57:6d:85:bd:83:83:50:87:71:df:60:79:
9f:20:6c:54:a7:95:83:8f:b3:be:65:59:66:95:72:
ef:8a:d0:18:f8:cd:28:c9:e6:99:90:f7:4a:7d:17:
f7:98:67:fd:d8:82:1b:36:40:aa:ab:5b:c7:7e:4a:
5f:97:2c:6f:1c:39:a9:09:9d:ac:2f:73:2e:4d:21:
ed:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8E:CF:ED:97:4D:56:10:81:2B:D4:6C:08:58:85:E1:79:28:06:66
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e184c-79f0-44a1-8898-01a3d82835a5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e184c-79f0-44a1-8898-01a3d82835a5/1/Z47P7ZdNVhCBK9RsCFiF4XkoBmY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.60.0/22
IPv6:
2a09:bf40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:5e:04:29:6e:60:53:69:44:75:18:77:0f:7c:41:c2:f5:83:
f9:c1:66:6e:52:a1:7e:50:7c:6d:df:6c:77:64:b1:91:59:17:
46:76:6d:6e:e4:ba:0c:b7:aa:0e:60:ee:f4:0f:42:56:87:29:
3e:6e:24:ac:c4:51:2d:40:ef:b8:00:14:22:be:94:b0:2e:eb:
de:29:a4:17:79:27:2f:4f:8f:9c:e5:ec:8a:32:a8:87:31:a8:
09:20:63:02:aa:27:d3:ff:2a:d2:ad:7d:47:6f:e4:2f:2c:65:
50:bb:ca:d9:4f:67:6f:cb:b4:48:ad:a3:ed:9c:a3:62:03:7d:
b1:b7:97:d8:91:7e:b0:24:0f:08:bc:0a:e9:bb:e3:a0:c9:53:
54:de:6d:b0:0d:71:d9:39:31:0e:60:20:b9:bb:2c:30:eb:83:
9e:9f:d8:87:ec:3a:d5:54:42:02:61:61:b2:4c:27:cf:fd:45:
6f:71:96:48:c1:69:8e:cf:28:4b:25:09:fa:5a:26:54:b5:e0:
ba:4b:d7:c3:1d:7f:91:96:c1:b9:4d:c1:c4:a6:ae:a1:94:18:
01:a8:fb:56:56:6c:b9:f6:68:3e:ac:9a:45:de:30:3c:fa:09:
c9:b6:74:ef:72:52:b5:ce:0a:58:c1:e8:e1:ec:a7:66:8a:d4:
72:84:eb:1c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKoQdKswMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTUwNDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NzhlY2ZlZDk3
NGQ1NjEwODEyYmQ0NmMwODU4ODVlMTc5MjgwNjY2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA5OJsng+9dv0kc4fqpO0OHNG7uls+MswMjtF4wKExtor2
I+Oemc5LexVFtJN0JMnB26ikRg5ceVnqD+jFtyjuvi6U314QpaM+A+3QypV8ryxC
5ubV9X+A8oeq4bAI9NicG2b1M50+G6iuuvRFLFJoPKZvmWzhpFtmB0LToSgTyXD9
tdOZgmQXkJfE9iGAkSy/c5MMacn0LODkNyLyJdHjKOj5LWwoUqRbbIB3YUm0nJcG
xtca5+dXbYW9g4NQh3HfYHmfIGxUp5WDj7O+ZVlmlXLvitAY+M0oyeaZkPdKfRf3
mGf92IIbNkCqq1vHfkpflyxvHDmpCZ2sL3MuTSHtNQIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFGeOz+2XTVYQgSvUbAhYheF5KAZmMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzdlMTg0Yy03OWYwLTQ0YTEt
ODg5OC0wMWEzZDgyODM1YTUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvN2UxODRjLTc5ZjAtNDRhMS04
ODk4LTAxYTNkODI4MzVhNS8xL1o0N1A3WmROVmhDQks5UnNDRmlGNFhrb0JtWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCAjg8MA0EAgACMAcDBQMqCb9AMA0GCSqGSIb3DQEBCwUAA4IBAQAN
XgQpbmBTaUR1GHcPfEHC9YP5wWZuUqF+UHxt32x3ZLGRWRdGdm1u5LoMt6oOYO70
D0JWhyk+biSsxFEtQO+4ABQivpSwLuveKaQXeScvT4+c5eyKMqiHMagJIGMCqifT
/yrSrX1Hb+QvLGVQu8rZT2dvy7RIraPtnKNiA32xt5fYkX6wJA8IvArpu+OgyVNU
3m2wDXHZOTEOYCC5uyww64Oen9iH7DrVVEICYWGyTCfP/UVvcZZIwWmOzyhLJQn6
WiZUteC6S9fDHX+RlsG5TcHEpq6hlBgBqPtWVmy59mg+rJpF3jA8+gnJtnTvclK1
zgpYwejh7KdmitRyhOsc
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:39:01 2025 by rpki-client