Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9foFybv0WKX1RWYS1r-4HxdmXY.cer
File: a9foFybv0WKX1RWYS1r-4HxdmXY.cer (raw, json)
Hash identifier: 1hi8YtNTgAtRGZycD6oSYrYq1B6PegsjGujhHp50sOk=
Subject key identifier: 6B:D7:E8:17:26:EF:D1:62:97:D5:15:98:4B:5A:FE:E0:7C:5D:99:76
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AFD97F1C99
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/59/01468a-9874-419f-a5b6-76daee3845c4/1/a9foFybv0WKX1RWYS1r-4HxdmXY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/59/01468a-9874-419f-a5b6-76daee3845c4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 08 Apr 2022 10:13:47 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 2a0f:b440::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 755268263065 (0xafd97f1c99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 8 10:13:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bd7e81726efd16297d515984b5afee07c5d9976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:c2:18:fa:ad:c5:41:1a:1c:0d:d8:82:9f:
75:15:9b:ed:f2:2f:83:a6:98:97:09:5b:f8:dd:c6:
c6:1b:8e:9c:71:ef:a9:50:7e:52:cb:5f:85:a4:92:
15:02:83:6b:34:c8:32:4d:3c:af:70:e6:47:00:29:
ea:e2:02:b9:cc:22:d3:ec:20:c5:2d:8f:44:85:24:
14:d4:82:b0:77:d5:53:f5:b2:13:70:9a:8c:ed:93:
37:91:29:e1:ba:a0:18:70:30:2c:fc:e2:af:0f:5a:
f3:23:22:43:45:60:db:23:15:fb:bd:4a:4e:e1:6c:
e2:4b:5c:2b:e9:3c:0a:e4:c9:c7:ff:1c:fb:84:fd:
35:88:51:ce:e9:1d:bb:8d:dd:00:22:27:66:7b:ea:
67:cf:1c:75:43:0b:df:73:5e:42:80:1d:1f:ae:1f:
f7:40:fe:ac:8c:ab:5c:d4:98:71:27:6c:34:db:c8:
e7:aa:fb:65:c9:43:bf:cb:41:8e:7c:e2:31:d6:a1:
2a:0f:20:b3:bf:c2:80:09:46:b6:d7:16:d7:2a:62:
c4:b0:bd:cd:fd:07:c5:82:63:59:9f:16:6d:4c:02:
82:05:f0:6f:65:b8:df:a1:db:b6:a5:b8:d2:f1:ae:
61:67:5c:63:f9:7f:1c:8e:3d:e5:54:b3:7b:99:8c:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D7:E8:17:26:EF:D1:62:97:D5:15:98:4B:5A:FE:E0:7C:5D:99:76
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/01468a-9874-419f-a5b6-76daee3845c4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/01468a-9874-419f-a5b6-76daee3845c4/1/a9foFybv0WKX1RWYS1r-4HxdmXY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b440::/29
Signature Algorithm: sha256WithRSAEncryption
58:b4:ac:1e:21:c9:b8:ea:e0:98:df:97:d2:4d:71:b1:34:8b:
e0:45:0a:34:f5:ec:2f:8c:8e:84:8b:ec:49:fc:b9:55:fe:32:
d0:0d:d7:50:7a:51:a8:93:04:c7:1c:90:77:67:ae:67:43:d7:
fd:15:c1:fc:30:be:35:fd:d6:73:f4:3b:88:fb:ef:72:ea:d1:
64:35:b9:41:68:dd:c9:e9:a5:c0:cc:08:36:fc:f9:d2:16:e5:
48:98:6a:09:ea:24:03:4e:5a:54:70:a3:72:39:22:a0:8f:28:
9b:01:6b:f6:1b:3e:92:b9:41:44:c2:3e:de:7b:4b:6f:91:6a:
f5:6a:06:c0:98:39:09:06:f1:2c:5a:79:c4:f2:72:8a:81:31:
c6:36:4b:42:15:02:60:86:5b:fb:a9:ab:fd:5e:87:b4:a2:74:
6e:2c:7a:b3:35:b7:ae:02:60:04:ff:96:d4:5c:8f:27:35:3d:
4b:79:c7:84:34:db:bc:38:7a:06:97:11:b5:c4:c7:d4:86:38:
6a:f4:28:6d:ca:1c:c5:04:23:42:4e:d9:42:fe:7b:05:1f:37:
a5:a8:63:3f:f6:7f:d1:13:cb:00:e0:01:dd:af:e2:fe:c9:43:
dc:94:79:96:c3:a8:ab:5e:32:23:fb:e8:ee:2c:8d:54:dc:78:
c4:26:d6:2e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIGAK/ZfxyZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NDA4MTAxMzQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YmQ3ZTgxNzI2
ZWZkMTYyOTdkNTE1OTg0YjVhZmVlMDdjNWQ5OTc2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuKjCGPqtxUEaHA3Ygp91FZvt8i+DppiXCVv43cbGG46c
ce+pUH5Sy1+FpJIVAoNrNMgyTTyvcOZHACnq4gK5zCLT7CDFLY9EhSQU1IKwd9VT
9bITcJqM7ZM3kSnhuqAYcDAs/OKvD1rzIyJDRWDbIxX7vUpO4WziS1wr6TwK5MnH
/xz7hP01iFHO6R27jd0AIidme+pnzxx1Qwvfc15CgB0frh/3QP6sjKtc1JhxJ2w0
28jnqvtlyUO/y0GOfOIx1qEqDyCzv8KACUa21xbXKmLEsL3N/QfFgmNZnxZtTAKC
BfBvZbjfodu2pbjS8a5hZ1xj+X8cjj3lVLN7mYy8kwIDAQABo4IChTCCAoEwHQYD
VR0OBBYEFGvX6Bcm79Fil9UVmEta/uB8XZl2MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU5LzAxNDY4YS05ODc0LTQxOWYt
YTViNi03NmRhZWUzODQ1YzQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvMDE0NjhhLTk4NzQtNDE5Zi1h
NWI2LTc2ZGFlZTM4NDVjNC8xL2E5Zm9GeWJ2MFdLWDFSV1lTMXItNEh4ZG1YWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUDKg+0QDANBgkqhkiG9w0BAQsFAAOCAQEAWLSsHiHJuOrgmN+X0k1x
sTSL4EUKNPXsL4yOhIvsSfy5Vf4y0A3XUHpRqJMExxyQd2euZ0PX/RXB/DC+Nf3W
c/Q7iPvvcurRZDW5QWjdyemlwMwINvz50hblSJhqCeokA05aVHCjcjkioI8omwFr
9hs+krlBRMI+3ntLb5Fq9WoGwJg5CQbxLFp5xPJyioExxjZLQhUCYIZb+6mr/V6H
tKJ0bix6szW3rgJgBP+W1FyPJzU9S3nHhDTbvDh6BpcRtcTH1IY4avQobcocxQQj
Qk7ZQv57BR83pahjP/Z/0RPLAOAB3a/i/slD3JR5lsOoq14yI/vo7iyNVNx4xCbW
Lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:28 2024 by rpki-client on console-ams.rpki-client.org