Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/h2s6g7PNnE5HUlmA2c5lwp1-O_Q.cer
File: h2s6g7PNnE5HUlmA2c5lwp1-O_Q.cer (raw, json)
Hash identifier: 4Eqhk4j7DBK0bDZc23As2tsOIq7dgNu8n5GErm0edNo=
Subject key identifier: 87:6B:3A:83:B3:CD:9C:4E:47:52:59:80:D9:CE:65:C2:9D:7E:3B:F4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018A50862183C6F879DBEDF03C74FBA6ACE8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c0/85b0e4-4ff3-4d3e-85b6-7f853ac06192/1/h2s6g7PNnE5HUlmA2c5lwp1-O_Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c0/85b0e4-4ff3-4d3e-85b6-7f853ac06192/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Sep 2023 11:34:42 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 216375
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:86:21:83:c6:f8:79:db:ed:f0:3c:74:fb:a6:ac:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 1 11:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=876b3a83b3cd9c4e47525980d9ce65c29d7e3bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c7:b7:fb:bd:9b:30:4a:3c:7e:d2:0b:e8:01:
c9:6d:25:1d:ee:ab:60:8c:11:2b:6c:a4:70:30:5d:
4c:de:58:02:02:8f:a2:f5:01:7f:78:1d:c9:93:2a:
aa:d5:4a:e6:78:3d:24:92:d4:00:94:29:0b:79:8f:
c2:38:fe:00:e6:fa:75:ba:2c:f9:60:38:60:3a:03:
19:2a:af:ec:bc:b2:04:22:f6:af:4b:28:74:bf:67:
35:8f:f1:c7:b3:74:be:33:a7:a1:f0:0c:54:82:e0:
4f:d1:68:40:e9:1e:76:13:fd:2b:2c:5b:90:30:48:
f1:a5:19:cc:5c:2c:76:87:13:06:77:5d:d3:aa:7c:
b2:70:34:45:ac:98:18:16:ae:67:2c:ef:9a:9a:ac:
d4:c8:b9:79:8c:f4:4c:1f:bc:d5:6f:fc:60:bf:b1:
97:a5:70:41:56:f9:d4:21:cb:44:dc:20:b4:5a:50:
c2:f9:4e:79:da:d6:7f:79:b9:2e:71:98:24:de:3b:
fe:70:d3:a0:ed:af:96:1d:39:4e:b6:92:cb:c8:e1:
1c:c4:b0:57:fe:e1:3c:ce:1e:d6:98:ec:5c:19:33:
f1:00:fc:b6:e4:54:e1:69:bd:ab:92:aa:67:83:4a:
df:18:6d:62:90:2a:ec:54:fc:d9:6c:7a:bb:d2:e5:
9a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6B:3A:83:B3:CD:9C:4E:47:52:59:80:D9:CE:65:C2:9D:7E:3B:F4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/85b0e4-4ff3-4d3e-85b6-7f853ac06192/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/85b0e4-4ff3-4d3e-85b6-7f853ac06192/1/h2s6g7PNnE5HUlmA2c5lwp1-O_Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
216375
Signature Algorithm: sha256WithRSAEncryption
74:52:47:c0:71:e9:da:0c:60:04:3b:31:1c:6d:14:a8:1e:98:
61:b7:23:3d:bd:47:4e:e2:f8:2b:df:8a:28:f8:5b:7d:42:e1:
be:67:b1:08:f7:4f:b4:41:2a:91:2f:e1:2f:1a:70:ec:9b:c8:
c7:34:1f:26:a4:b9:f5:27:74:a7:0c:16:79:47:c8:ed:eb:a5:
5b:b2:ca:65:c6:01:29:00:8e:31:9d:0a:03:19:4c:6b:b8:ae:
3f:d9:cf:88:73:ac:be:da:9f:30:aa:57:50:af:aa:f1:ae:5d:
9a:7d:f6:de:15:44:db:3b:94:5e:98:64:dd:57:2f:ed:4c:73:
17:ef:8d:82:44:fe:02:fd:2c:11:53:23:eb:b3:71:7b:c0:6a:
7f:37:49:5a:2e:d9:1f:47:de:7d:a0:7f:90:75:60:f0:64:72:
c6:ac:e8:2a:4d:fa:e2:9f:f0:92:38:07:9a:50:f8:78:fe:8e:
d1:f5:a1:68:93:c0:96:ef:f9:a9:ca:ae:80:30:e0:f0:a6:47:
e5:c1:c3:f6:a7:e9:37:3f:cd:58:88:c5:3a:c8:d3:c4:af:4f:
59:ec:15:78:ad:71:ce:75:36:ac:d1:01:0c:02:70:c3:90:01:
e7:6a:99:87:f5:d0:7c:a3:ad:5f:68:0f:23:d8:d1:dd:52:73:
af:0e:f4:e4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYpQhiGDxvh52+3wPHT7pqzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTAxMTEzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZiM2E4M2IzY2Q5YzRlNDc1MjU5ODBkOWNlNjVjMjlkN2UzYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArce3+72bMEo8ftIL6AHJbSUd7qtg
jBErbKRwMF1M3lgCAo+i9QF/eB3Jkyqq1UrmeD0kktQAlCkLeY/COP4A5vp1uiz5
YDhgOgMZKq/svLIEIvavSyh0v2c1j/HHs3S+M6eh8AxUguBP0WhA6R52E/0rLFuQ
MEjxpRnMXCx2hxMGd13TqnyycDRFrJgYFq5nLO+amqzUyLl5jPRMH7zVb/xgv7GX
pXBBVvnUIctE3CC0WlDC+U552tZ/ebkucZgk3jv+cNOg7a+WHTlOtpLLyOEcxLBX
/uE8zh7WmOxcGTPxAPy25FThab2rkqpng0rfGG1ikCrsVPzZbHq70uWaCwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFIdrOoOzzZxOR1JZgNnOZcKdfjv0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MwLzg1YjBl
NC00ZmYzLTRkM2UtODViNi03Zjg1M2FjMDYxOTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvODViMGU0
LTRmZjMtNGQzZS04NWI2LTdmODUzYWMwNjE5Mi8xL2gyczZnN1BObkU1SFVsbUEy
YzVsd3AxLU9fUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNNzANBgkqhkiG9w0BAQsFAAOCAQEAdFJHwHHp2gxg
BDsxHG0UqB6YYbcjPb1HTuL4K9+KKPhbfULhvmexCPdPtEEqkS/hLxpw7JvIxzQf
JqS59Sd0pwwWeUfI7eulW7LKZcYBKQCOMZ0KAxlMa7iuP9nPiHOsvtqfMKpXUK+q
8a5dmn323hVE2zuUXphk3Vcv7UxzF++NgkT+Av0sEVMj67Nxe8BqfzdJWi7ZH0fe
faB/kHVg8GRyxqzoKk364p/wkjgHmlD4eP6O0fWhaJPAlu/5qcqugDDg8KZH5cHD
9qfpNz/NWIjFOsjTxK9PWewVeK1xznU2rNEBDAJww5AB52qZh/XQfKOtX2gPI9jR
3VJzrw705A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:19 2025 by rpki-client