Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hZxtwhPBvuYUgZxr0sYH4vXYy2I.cer
File: hZxtwhPBvuYUgZxr0sYH4vXYy2I.cer (raw, json)
Hash identifier: ztfR4Hp/Z0dHJuZQAiWliBqnnMl8xBeoIDWTrm4lSwQ=
Subject key identifier: 85:9C:6D:C2:13:C1:BE:E6:14:81:9C:6B:D2:C6:07:E2:F5:D8:CB:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A8349A5B38
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4d/d70da6-6a81-4e91-b453-e5ea3e731c27/1/hZxtwhPBvuYUgZxr0sYH4vXYy2I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4d/d70da6-6a81-4e91-b453-e5ea3e731c27/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:56:07 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.3.231.0/24
IP: 2a10:6140::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 722437036856 (0xa8349a5b38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=859c6dc213c1bee614819c6bd2c607e2f5d8cb62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6f:78:b2:58:9e:3b:ff:8e:3c:7a:70:d1:69:
f6:ac:ba:50:b9:fc:a5:c4:af:65:7b:e3:2c:87:27:
bf:97:52:f9:73:b7:48:48:fb:5f:00:12:46:3d:e1:
c7:f6:04:6f:a4:43:58:29:b2:6f:e7:b7:7a:a6:00:
a6:9f:18:43:94:0f:ac:cf:27:e4:20:47:a3:87:ce:
5e:c6:46:fb:b4:07:a5:62:48:2d:37:14:76:35:7d:
fc:34:74:da:88:bd:7f:ca:ee:30:bd:9f:f7:94:20:
27:3d:10:a0:02:c9:03:99:53:8c:3e:ce:af:6f:fa:
77:30:26:04:7d:4c:f8:d7:ea:30:ab:70:02:20:8b:
3e:77:db:a2:b7:5c:9e:c5:bc:f2:02:98:64:95:28:
da:93:7c:8c:0e:8a:d2:e2:98:54:60:bc:15:cc:a4:
94:9d:93:20:aa:3a:41:b4:73:84:fe:ed:3e:a3:cf:
f3:13:bb:ed:00:27:fa:64:e3:bc:47:eb:96:0f:13:
03:b5:65:7c:6a:35:7a:f1:a9:cb:46:ab:bb:26:d2:
46:4a:6e:1b:7d:51:a0:78:ea:9c:cb:ce:08:7f:a4:
84:41:9c:48:40:bf:67:75:2d:e2:87:b7:86:4b:e7:
2e:94:09:49:95:17:3c:94:cd:6d:4a:d6:1a:14:f3:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:6D:C2:13:C1:BE:E6:14:81:9C:6B:D2:C6:07:E2:F5:D8:CB:62
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d70da6-6a81-4e91-b453-e5ea3e731c27/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d70da6-6a81-4e91-b453-e5ea3e731c27/1/hZxtwhPBvuYUgZxr0sYH4vXYy2I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.231.0/24
IPv6:
2a10:6140::/29
Signature Algorithm: sha256WithRSAEncryption
41:2e:d3:39:42:d9:b5:77:8f:4b:3d:40:74:e8:55:ff:2d:0b:
0a:9b:d1:c8:a6:99:8f:e9:af:68:5e:6d:67:a4:2c:0f:76:e3:
ac:56:b0:ad:dc:c7:76:49:d0:c5:1f:d2:4a:46:25:1e:34:d7:
bb:89:63:cc:1c:a4:2e:10:8c:2a:a0:04:b4:fb:4b:39:63:ab:
37:30:85:24:a0:5b:67:92:14:f0:7a:94:2e:24:e0:ac:e8:78:
05:a1:ff:8f:76:00:72:62:3d:8a:f2:94:40:74:b3:73:15:e4:
b1:1c:22:d6:e0:ba:d7:18:e4:e8:28:ad:d5:66:f4:ce:0f:c6:
6e:72:00:99:8e:c9:26:c9:8f:d2:e8:26:64:a0:2c:89:f0:a4:
3e:38:41:15:6c:e6:8c:34:5b:05:eb:ea:79:db:30:bc:f8:e1:
77:c3:1b:d8:22:eb:51:02:64:ca:78:e2:f1:bf:f7:a9:f0:71:
35:2f:a8:63:d3:f5:2a:f6:f6:8d:46:24:c1:40:b7:7a:09:8f:
ba:2a:97:f3:be:5d:28:3c:24:9d:4c:3b:5d:ed:b3:b1:9a:a8:
d3:5d:74:c1:06:c2:a3:ff:06:88:39:66:06:a9:3e:ff:cb:d5:
77:52:74:03:09:a7:5f:52:42:eb:e2:76:e7:8f:9c:74:fb:65:
0c:9f:e5:fe
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKg0mls4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTM1NjA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NTljNmRjMjEz
YzFiZWU2MTQ4MTljNmJkMmM2MDdlMmY1ZDhjYjYyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA1294slieO/+OPHpw0Wn2rLpQufylxK9le+Mshye/l1L5
c7dISPtfABJGPeHH9gRvpENYKbJv57d6pgCmnxhDlA+szyfkIEejh85exkb7tAel
YkgtNxR2NX38NHTaiL1/yu4wvZ/3lCAnPRCgAskDmVOMPs6vb/p3MCYEfUz41+ow
q3ACIIs+d9uit1yexbzyAphklSjak3yMDorS4phUYLwVzKSUnZMgqjpBtHOE/u0+
o8/zE7vtACf6ZOO8R+uWDxMDtWV8ajV68anLRqu7JtJGSm4bfVGgeOqcy84If6SE
QZxIQL9ndS3ih7eGS+culAlJlRc8lM1tStYaFPMt8wIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFIWcbcITwb7mFIGca9LGB+L12MtiMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkL2Q3MGRhNi02YTgxLTRlOTEt
YjQ1My1lNWVhM2U3MzFjMjcvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvZDcwZGE2LTZhODEtNGU5MS1i
NDUzLWU1ZWEzZTczMWMyNy8xL2haeHR3aFBCdnVZVWdaeHIwc1lINHZYWXkySS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQAwQPnMA0EAgACMAcDBQMqEGFAMA0GCSqGSIb3DQEBCwUAA4IBAQBB
LtM5Qtm1d49LPUB06FX/LQsKm9HIppmP6a9oXm1npCwPduOsVrCt3Md2SdDFH9JK
RiUeNNe7iWPMHKQuEIwqoAS0+0s5Y6s3MIUkoFtnkhTwepQuJOCs6HgFof+PdgBy
Yj2K8pRAdLNzFeSxHCLW4LrXGOToKK3VZvTOD8ZucgCZjskmyY/S6CZkoCyJ8KQ+
OEEVbOaMNFsF6+p52zC8+OF3wxvYIutRAmTKeOLxv/ep8HE1L6hj0/Uq9vaNRiTB
QLd6CY+6Kpfzvl0oPCSdTDtd7bOxmqjTXXTBBsKj/waIOWYGqT7/y9V3UnQDCadf
UkLr4nbnj5x0+2UMn+X+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:34 2024 by rpki-client on console-fra.rpki-client.org