Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/g-8XbmvfvhFUCQHvtlc0NY2VNHY.cer
File: g-8XbmvfvhFUCQHvtlc0NY2VNHY.cer (raw, json)
Hash identifier: 2zle0Z6SqvRnjHMtAQ7+P31MOS0g21ubi2ffxGBg6rI=
Subject key identifier: 83:EF:17:6E:6B:DF:BE:11:54:09:01:EF:B6:57:34:35:8D:95:34:76
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856ED33A511C0C6556CB7B5B7DA4B0E042
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/f7053e-a918-4f54-b3ab-486d1db9c00b/1/g-8XbmvfvhFUCQHvtlc0NY2VNHY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/f7053e-a918-4f54-b3ab-486d1db9c00b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 19:33:34 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 58022
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d3:3a:51:1c:0c:65:56:cb:7b:5b:7d:a4:b0:e0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:33:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83ef176e6bdfbe11540901efb65734358d953476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:a7:b4:f9:3b:8c:fb:0a:62:98:b8:72:77:
72:8f:35:f3:e4:3e:a8:6c:87:b6:7f:b4:15:05:f9:
20:dc:9d:c3:2b:ee:9e:2e:5c:39:db:df:7e:52:74:
79:d8:46:99:f5:bc:ec:1a:a6:96:bc:08:3c:8a:c0:
d2:93:99:c1:73:9a:e1:99:64:11:f7:c9:fd:f7:6a:
1e:40:c5:fd:9b:98:7d:ba:2e:20:25:22:2f:26:77:
c8:9a:d9:d8:3b:79:54:ed:89:45:26:8a:8c:33:2f:
c7:5e:03:4a:eb:cb:b0:f9:0a:7a:d5:7b:3c:b8:69:
f2:d0:f0:0f:64:5f:e2:fe:3d:74:6c:d3:3f:eb:a1:
64:02:88:d4:55:4e:fc:48:22:e5:54:ac:15:5a:7d:
bb:e4:95:f1:07:e9:37:e9:cc:1d:06:ee:24:90:42:
40:13:15:ae:7b:21:24:2d:68:54:c6:68:00:4d:16:
46:b3:32:d1:6e:52:db:f5:49:f7:14:0c:4b:de:35:
b9:1a:33:5c:c7:f7:3b:60:be:b8:40:5b:1b:cd:13:
29:e1:8f:a2:21:28:19:cc:36:00:7f:cd:78:a0:7c:
85:69:6e:e7:bf:db:08:81:3e:5c:17:33:5a:46:91:
a7:91:76:f2:12:4a:7d:f1:b1:25:11:e9:26:c8:cf:
21:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EF:17:6E:6B:DF:BE:11:54:09:01:EF:B6:57:34:35:8D:95:34:76
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f7053e-a918-4f54-b3ab-486d1db9c00b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f7053e-a918-4f54-b3ab-486d1db9c00b/1/g-8XbmvfvhFUCQHvtlc0NY2VNHY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58022
Signature Algorithm: sha256WithRSAEncryption
32:eb:a1:23:6c:cf:ef:7f:de:4d:0f:8a:78:68:44:77:e4:f2:
15:9c:1c:45:95:2a:08:aa:07:43:4e:7e:7e:31:a4:e6:3e:26:
e0:65:cd:6d:18:63:7e:49:f3:05:c1:32:2e:8d:b9:e4:2e:19:
f1:62:0c:62:d0:97:65:ef:c8:75:63:1e:51:6d:39:7c:04:fe:
5d:52:af:54:af:92:2f:a0:e4:9e:43:85:c5:b4:6c:b3:86:76:
8f:00:0f:ff:55:fb:d9:63:c1:2d:53:3a:0c:ca:ee:33:64:90:
01:8d:5d:5e:20:07:c8:ed:a4:f4:a8:63:e4:54:56:0a:3f:80:
ec:cb:59:b0:1f:26:7f:83:59:35:93:ba:55:25:4a:e7:72:2f:
00:b6:23:54:c2:66:36:47:9a:6c:80:48:0d:91:49:4b:9b:8f:
5e:6f:62:e8:e1:1f:06:65:9e:a4:63:94:2e:d8:c6:4c:f6:46:
4f:d0:f1:74:29:54:47:05:f2:8c:89:ce:3d:69:c2:1e:57:13:
b5:1f:00:d8:eb:ad:9f:14:d3:46:16:e5:08:a1:e8:6e:af:10:
28:06:8c:e5:b9:4c:37:67:aa:d9:fe:8d:b5:68:05:8f:3c:b0:
ec:ad:30:2c:21:7f:e8:90:11:25:b0:ed:90:1f:2e:73:04:ad:
92:2b:fb:be
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYVu0zpRHAxlVst7W32ksOBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzMzM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2VmMTc2ZTZiZGZiZTExNTQwOTAxZWZiNjU3MzQzNThkOTUzNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL+ntPk7jPsKYpi4cndyjzXz5D6o
bIe2f7QVBfkg3J3DK+6eLlw5299+UnR52EaZ9bzsGqaWvAg8isDSk5nBc5rhmWQR
98n992oeQMX9m5h9ui4gJSIvJnfImtnYO3lU7YlFJoqMMy/HXgNK68uw+Qp61Xs8
uGny0PAPZF/i/j10bNM/66FkAojUVU78SCLlVKwVWn275JXxB+k36cwdBu4kkEJA
ExWueyEkLWhUxmgATRZGszLRblLb9Un3FAxL3jW5GjNcx/c7YL64QFsbzRMp4Y+i
ISgZzDYAf814oHyFaW7nv9sIgT5cFzNaRpGnkXbyEkp98bElEekmyM8hZQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFIPvF25r374RVAkB77ZXNDWNlTR2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmL2Y3MDUz
ZS1hOTE4LTRmNTQtYjNhYi00ODZkMWRiOWMwMGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvZjcwNTNl
LWE5MTgtNGY1NC1iM2FiLTQ4NmQxZGI5YzAwYi8xL2ctOFhibXZmdmhGVUNRSHZ0
bGMwTlkyVk5IWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDipjANBgkqhkiG9w0BAQsFAAOCAQEAMuuhI2zP73/e
TQ+KeGhEd+TyFZwcRZUqCKoHQ05+fjGk5j4m4GXNbRhjfknzBcEyLo255C4Z8WIM
YtCXZe/IdWMeUW05fAT+XVKvVK+SL6DknkOFxbRss4Z2jwAP/1X72WPBLVM6DMru
M2SQAY1dXiAHyO2k9Khj5FRWCj+A7MtZsB8mf4NZNZO6VSVK53IvALYjVMJmNkea
bIBIDZFJS5uPXm9i6OEfBmWepGOULtjGTPZGT9DxdClURwXyjInOPWnCHlcTtR8A
2OutnxTTRhblCKHobq8QKAaM5blMN2eq2f6NtWgFjzyw7K0wLCF/6JARJbDtkB8u
cwStkiv7vg==
-----END CERTIFICATE-----
Generated at Wed Mar 12 17:37:41 2025 by rpki-client