Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cfd9LuRDoI0OBswvkxAKT7c3HdI.cer
File: cfd9LuRDoI0OBswvkxAKT7c3HdI.cer (raw, json)
Hash identifier: F0R2PrQAIcsI5yak3IVny12imMBe6yjSLmyuDkEjLaM=
Subject key identifier: 71:F7:7D:2E:E4:43:A0:8D:0E:06:CC:2F:93:10:0A:4F:B7:37:1D:D2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7BB8DC459
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/67/50538c-059b-41e3-ac6e-433a458a2d53/1/cfd9LuRDoI0OBswvkxAKT7c3HdI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/67/50538c-059b-41e3-ac6e-433a458a2d53/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:04:41 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 198644
IP: 91.239.96.0/23
IP: 2001:67c:27e4::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 720406168665 (0xa7bb8dc459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71f77d2ee443a08d0e06cc2f93100a4fb7371dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:3c:27:45:75:39:55:30:38:f4:4d:56:d0:
48:07:28:d9:01:78:e1:af:8e:15:8c:aa:d0:7b:27:
00:07:ee:e1:96:e0:a2:c6:06:34:ab:d0:af:bb:e8:
21:ef:f2:9d:49:bc:8a:8a:9c:91:36:06:03:d2:81:
82:96:44:2a:0d:42:72:95:64:c3:dd:a9:be:9d:a1:
67:12:50:7f:a3:65:82:5c:80:18:7e:aa:ac:3f:ff:
25:a3:58:cf:67:3a:39:7c:b9:eb:f5:ce:2a:4b:37:
5e:ed:a4:2e:0c:14:60:43:40:4d:a4:f3:67:89:9d:
eb:ee:88:db:88:c3:38:97:d0:e8:e9:81:70:9d:9f:
76:b4:b5:fc:8f:d7:66:77:bf:db:e6:ad:15:63:1e:
3d:57:f8:67:8b:28:74:c3:58:f2:9a:b4:db:0e:d1:
75:1c:54:db:49:b9:c6:d2:a6:a3:6a:40:9c:3f:39:
7b:98:bc:4d:ca:e0:59:e8:78:2e:d7:22:91:84:f9:
26:0a:84:f4:bd:a3:4f:25:b1:ac:ae:f5:09:b8:9c:
2c:fd:dc:3c:a7:07:b4:fe:93:5a:7e:e5:83:c5:24:
5b:30:ca:0d:53:4a:17:06:17:30:94:bf:0c:5b:e6:
e2:3d:5c:c6:77:62:31:5c:93:78:3a:cd:c3:1d:1c:
10:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F7:7D:2E:E4:43:A0:8D:0E:06:CC:2F:93:10:0A:4F:B7:37:1D:D2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/50538c-059b-41e3-ac6e-433a458a2d53/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/50538c-059b-41e3-ac6e-433a458a2d53/1/cfd9LuRDoI0OBswvkxAKT7c3HdI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.96.0/23
IPv6:
2001:67c:27e4::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198644
Signature Algorithm: sha256WithRSAEncryption
ab:dc:e4:f6:76:50:8f:23:ec:68:6f:d2:1e:87:3f:8c:30:dd:
84:41:fc:4b:43:71:e3:a5:5c:45:7a:f8:5c:98:82:81:c5:49:
2f:f6:0d:bb:73:1c:75:22:5c:eb:1b:3c:d3:8a:be:ca:8c:f4:
4e:5a:0e:a0:be:ec:77:79:0f:25:32:8c:2a:de:53:bf:d0:22:
2a:35:eb:cc:af:fc:34:ee:04:20:f8:d1:bb:5e:70:5f:67:f8:
3e:b6:4d:94:37:d0:7d:76:88:b1:70:09:bf:17:08:62:46:2d:
1f:da:d1:63:69:a8:d7:c4:6c:9a:b3:37:00:cb:38:ee:b0:bb:
1b:b4:c0:03:f5:8c:76:90:eb:da:5c:bf:ac:8f:20:3e:11:2b:
5b:23:bb:5a:0f:85:7a:fe:93:73:82:57:64:d7:99:7c:e2:ed:
45:13:dc:43:f7:35:e8:c7:0f:23:b8:17:ef:16:f1:be:27:b5:
1f:09:b3:9a:88:0d:64:15:71:49:69:f3:7a:df:ae:82:2d:19:
f0:b1:59:e2:72:74:54:c0:8a:46:78:de:1b:e1:ef:ce:d9:7f:
ad:56:7b:e4:21:ac:49:fa:45:bb:6b:31:42:2e:b4:b0:03:66:
2a:39:de:e9:41:39:aa:be:74:88:f0:22:a7:8a:29:39:26:a4:
64:f3:1b:f3
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIGAKe7jcRZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MWY3N2QyZWU0
NDNhMDhkMGUwNmNjMmY5MzEwMGE0ZmI3MzcxZGQyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAyjw8J0V1OVUwOPRNVtBIByjZAXjhr44VjKrQeycAB+7h
luCixgY0q9Cvu+gh7/KdSbyKipyRNgYD0oGClkQqDUJylWTD3am+naFnElB/o2WC
XIAYfqqsP/8lo1jPZzo5fLnr9c4qSzde7aQuDBRgQ0BNpPNniZ3r7ojbiMM4l9Do
6YFwnZ92tLX8j9dmd7/b5q0VYx49V/hniyh0w1jymrTbDtF1HFTbSbnG0qajakCc
Pzl7mLxNyuBZ6Hgu1yKRhPkmCoT0vaNPJbGsrvUJuJws/dw8pwe0/pNafuWDxSRb
MMoNU0oXBhcwlL8MW+biPVzGd2IxXJN4Os3DHRwQFwIDAQABo4ICsTCCAq0wHQYD
VR0OBBYEFHH3fS7kQ6CNDgbML5MQCk+3Nx3SMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY3LzUwNTM4Yy0wNTliLTQxZTMt
YWM2ZS00MzNhNDU4YTJkNTMvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcvNTA1MzhjLTA1OWItNDFlMy1h
YzZlLTQzM2E0NThhMmQ1My8xL2NmZDlMdVJEb0kwT0Jzd3ZreEFLVDdjM0hkSS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQBW+9gMA8EAgACMAkDBwAgAQZ8J+QwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAwf0MA0GCSqGSIb3DQEBCwUAA4IBAQCr3OT2dlCPI+xob9Iehz+MMN2E
QfxLQ3HjpVxFevhcmIKBxUkv9g27cxx1IlzrGzzTir7KjPROWg6gvux3eQ8lMowq
3lO/0CIqNevMr/w07gQg+NG7XnBfZ/g+tk2UN9B9doixcAm/FwhiRi0f2tFjaajX
xGyaszcAyzjusLsbtMAD9Yx2kOvaXL+sjyA+EStbI7taD4V6/pNzgldk15l84u1F
E9xD9zXoxw8juBfvFvG+J7UfCbOaiA1kFXFJafN6366CLRnwsVnicnRUwIpGeN4b
4e/O2X+tVnvkIaxJ+kW7azFCLrSwA2YqOd7pQTmqvnSI8CKniik5JqRk8xvz
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:04:13 2025 by rpki-client