Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aPaR6YUykgtJ9jz4SlCaGzyowPA.cer
File: aPaR6YUykgtJ9jz4SlCaGzyowPA.cer (raw, json)
Hash identifier: Jf5eOLWteUrwPsYp3mMzKCAUWTXYu/UelayQzYLpvVE=
Subject key identifier: 68:F6:91:E9:85:32:92:0B:49:F6:3C:F8:4A:50:9A:1B:3C:A8:C0:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856DF7DE11A74FFD1D190CD42D6ED3666F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/aPaR6YUykgtJ9jz4SlCaGzyowPA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 15:33:58 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.232.167.0/24
IP: 2a11:e800::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:f7:de:11:a7:4f:fd:1d:19:0c:d4:2d:6e:d3:66:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:33:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f691e98532920b49f63cf84a509a1b3ca8c0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f6:eb:f5:e4:4c:51:52:ab:fc:bc:75:cc:1b:
56:ed:93:b8:f3:bd:6f:50:a2:4c:02:d5:f9:c7:ca:
cd:6d:fc:ed:fc:f8:1e:ec:a2:44:ef:fa:c7:78:24:
b4:ce:20:d1:e1:e2:6a:83:12:c5:c3:e7:5d:86:19:
e6:8b:6a:41:93:30:7d:af:f5:69:7b:5b:46:e7:30:
34:67:93:b6:ba:3a:0a:16:43:b6:84:c2:db:92:3e:
ff:e1:76:7d:6f:b2:9b:13:33:cb:7b:fe:ea:0b:e3:
9d:e9:8a:5a:97:c4:b0:3e:9f:35:a8:f3:95:86:e3:
59:6d:83:17:1a:28:1c:7b:14:1a:b8:1c:ff:1a:2d:
cc:0f:7f:68:3e:c3:1f:95:28:e3:0b:9c:7f:d8:65:
64:6a:12:e0:70:f9:44:cf:1b:e6:fc:db:6b:00:3f:
1c:f9:cd:4a:8f:69:f6:46:d0:48:77:d1:27:31:5e:
d8:88:cf:bc:92:81:18:58:31:e7:20:3c:1d:66:d8:
6c:60:5c:92:de:a2:81:ec:53:2e:f0:91:6d:0e:4d:
bc:13:f6:9f:32:29:3d:55:c5:29:f7:21:1f:36:bd:
f9:e0:91:91:93:19:87:b3:98:2e:44:95:d4:cf:9f:
75:1d:d2:73:48:05:59:45:6b:a6:80:06:7a:33:02:
78:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F6:91:E9:85:32:92:0B:49:F6:3C:F8:4A:50:9A:1B:3C:A8:C0:F0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/aPaR6YUykgtJ9jz4SlCaGzyowPA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.167.0/24
IPv6:
2a11:e800::/29
Signature Algorithm: sha256WithRSAEncryption
7b:70:3c:a2:8a:32:e3:e2:d3:ca:31:2e:cc:fd:7b:15:97:b5:
68:ef:e7:5d:e8:c0:c4:ba:50:08:c0:e2:2b:38:8d:9f:dc:c3:
2e:7f:ea:a4:cd:f8:04:09:90:36:26:4a:c0:63:64:cb:75:78:
ba:da:34:57:9e:da:70:f8:05:7b:82:18:dc:08:42:10:21:3d:
03:c4:d4:50:c9:5e:86:8e:50:6f:c6:cb:18:61:1e:c8:bb:96:
4f:9a:63:6d:08:50:ec:49:74:f9:a2:2f:33:da:ef:53:a8:be:
3d:fe:e1:2b:fe:af:c3:71:f2:49:c4:ca:52:a4:ba:88:80:c2:
e6:e7:04:43:27:2d:9a:3e:82:ff:87:f8:51:18:2f:25:9f:fb:
00:76:7c:a8:e1:fd:64:d6:b5:98:02:2e:1f:dd:9d:8d:1d:3e:
5c:c7:57:38:44:c0:27:bf:24:a1:24:45:b0:f3:b7:1d:79:4b:
35:73:7d:53:90:e2:14:29:6b:04:ec:08:94:a0:b5:2f:c0:0a:
36:65:54:02:80:1c:d9:d5:b7:22:42:12:80:34:34:83:9a:f7:
16:78:25:f4:3e:f1:02:8c:ed:f4:95:a2:d4:aa:ae:e5:a0:c6:
36:68:f2:86:90:55:02:db:d5:8f:52:99:db:48:29:b5:c4:54:
51:54:1f:98
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVt994Rp0/9HRkM1C1u02ZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY2OTFlOTg1MzI5MjBiNDlmNjNjZjg0YTUwOWExYjNjYThjMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvbr9eRMUVKr/Lx1zBtW7ZO4871v
UKJMAtX5x8rNbfzt/Pge7KJE7/rHeCS0ziDR4eJqgxLFw+ddhhnmi2pBkzB9r/Vp
e1tG5zA0Z5O2ujoKFkO2hMLbkj7/4XZ9b7KbEzPLe/7qC+Od6Ypal8SwPp81qPOV
huNZbYMXGigcexQauBz/Gi3MD39oPsMflSjjC5x/2GVkahLgcPlEzxvm/NtrAD8c
+c1Kj2n2RtBId9EnMV7YiM+8koEYWDHnIDwdZthsYFyS3qKB7FMu8JFtDk28E/af
Mik9VcUp9yEfNr354JGRkxmHs5guRJXUz591HdJzSAVZRWumgAZ6MwJ45wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFGj2kemFMpILSfY8+EpQmhs8qMDwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QzLzE4NzVh
Yy1hMjc0LTQ3OWUtYTY3Ni1iMDI1ZjQwMDM5NDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMvMTg3NWFj
LWEyNzQtNDc5ZS1hNjc2LWIwMjVmNDAwMzk0My8xL2FQYVI2WVV5a2d0SjlqejRT
bENhR3p5b3dQQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAueinMA0EAgACMAcDBQMqEegAMA0GCSqGSIb3
DQEBCwUAA4IBAQB7cDyiijLj4tPKMS7M/XsVl7Vo7+dd6MDEulAIwOIrOI2f3MMu
f+qkzfgECZA2JkrAY2TLdXi62jRXntpw+AV7ghjcCEIQIT0DxNRQyV6GjlBvxssY
YR7Iu5ZPmmNtCFDsSXT5oi8z2u9TqL49/uEr/q/DcfJJxMpSpLqIgMLm5wRDJy2a
PoL/h/hRGC8ln/sAdnyo4f1k1rWYAi4f3Z2NHT5cx1c4RMAnvyShJEWw87cdeUs1
c31TkOIUKWsE7AiUoLUvwAo2ZVQCgBzZ1bciQhKANDSDmvcWeCX0PvECjO30laLU
qq7loMY2aPKGkFUC29WPUpnbSCm1xFRRVB+Y
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:43:49 2025 by rpki-client