Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/k_hGBiV_LdvfqYO2LO-8EDfNc8Q.cer
File: k_hGBiV_LdvfqYO2LO-8EDfNc8Q.cer (raw, json)
Hash identifier: fRinjxmireSF+OySWMpuNXHmwaDoBemLdurhpVArZgg=
Subject key identifier: 93:F8:46:06:25:7F:2D:DB:DF:A9:83:B6:2C:EF:BC:10:37:CD:73:C4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A424F9A699
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/42/8b78a0-d9bb-4470-9d13-6818df7975e9/1/k_hGBiV_LdvfqYO2LO-8EDfNc8Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/42/8b78a0-d9bb-4470-9d13-6818df7975e9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:01:36 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 194.53.88.0/21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 704994977433 (0xa424f9a699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93f84606257f2ddbdfa983b62cefbc1037cd73c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:37:07:de:75:bb:cd:84:15:5e:4d:3a:00:0a:
90:73:dc:8c:56:cc:41:58:91:e6:8d:dc:3a:15:67:
39:ee:63:8d:6a:27:90:5e:d2:01:25:56:a9:1e:89:
a9:5b:44:b3:ca:76:76:5f:72:27:98:6a:95:ed:cf:
9b:29:45:20:79:7d:72:4f:81:d8:00:e1:13:00:85:
ef:1e:1c:3c:e6:38:54:df:67:a2:a7:1a:59:6f:dd:
61:1d:30:e4:80:a0:9b:f5:11:2e:59:e6:c2:ed:e8:
2a:64:1a:c2:ff:ed:9c:4b:6f:2a:f5:1b:93:7e:ed:
54:4d:6b:25:13:29:28:c3:71:ec:3a:36:d2:75:1e:
df:47:df:39:bc:d5:d4:1f:f5:8c:fc:11:df:11:f1:
90:61:75:3c:64:db:84:55:eb:cc:ac:63:f8:c8:8c:
0b:b3:f0:9c:bf:c9:50:07:9c:aa:80:48:b8:76:22:
69:7c:f4:f2:3d:7f:6b:34:6b:5c:27:1f:f0:f1:03:
a2:c5:5a:18:d6:8a:23:28:cf:b6:25:bf:24:3f:2b:
52:80:b4:e3:fa:73:10:0f:23:f6:b5:b3:d9:44:24:
e5:66:a3:96:64:53:5c:8d:be:98:a9:09:f4:22:2a:
ab:c5:7e:e9:fe:6f:e8:fa:77:d0:92:e9:f9:1a:16:
4d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F8:46:06:25:7F:2D:DB:DF:A9:83:B6:2C:EF:BC:10:37:CD:73:C4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8b78a0-d9bb-4470-9d13-6818df7975e9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8b78a0-d9bb-4470-9d13-6818df7975e9/1/k_hGBiV_LdvfqYO2LO-8EDfNc8Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.88.0/21
Signature Algorithm: sha256WithRSAEncryption
88:1c:40:17:a8:9c:5c:34:16:f2:d2:83:4a:1f:f3:9a:b7:94:
e1:3e:a7:bb:51:04:6b:2f:19:e6:5d:ed:eb:8e:7d:ef:8e:cb:
77:64:e5:8a:c5:ef:60:c4:1f:93:7b:5b:94:55:8e:47:7d:69:
7c:a4:45:cd:9e:64:64:98:cd:d5:99:94:ca:2c:88:49:47:38:
93:20:97:25:e1:34:f0:d6:21:2e:11:7a:39:31:c0:aa:a8:3f:
71:6e:72:66:27:35:01:39:79:02:14:41:83:fb:6c:03:73:94:
8e:34:b3:bc:7b:0b:22:d1:ce:df:6b:90:f3:30:cf:a8:e1:68:
2f:fe:ca:12:08:cc:6e:a5:f8:3c:1d:69:e3:b5:f2:ee:eb:89:
1e:33:2f:92:7a:b3:ee:ff:36:10:67:ab:3c:1d:bb:da:9b:41:
c3:7d:fc:e2:df:22:83:51:72:0c:7d:19:a7:1c:4a:d4:a9:43:
9f:45:53:0c:06:2c:0a:77:8f:8c:9f:9a:3e:dd:82:d2:6e:03:
9c:61:dd:0e:67:5b:66:b3:2f:8a:b9:ac:dc:5c:d5:7c:a6:94:
77:ad:59:54:34:04:82:fb:da:ec:1d:4b:60:a5:92:28:92:5b:
64:75:cd:14:3d:27:19:6b:b6:58:da:54:7a:d4:70:46:f6:9a:
68:4a:73:f3
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKQk+aaZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTAwMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5M2Y4NDYwNjI1
N2YyZGRiZGZhOTgzYjYyY2VmYmMxMDM3Y2Q3M2M0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA4TcH3nW7zYQVXk06AAqQc9yMVsxBWJHmjdw6FWc57mON
aieQXtIBJVapHompW0SzynZ2X3InmGqV7c+bKUUgeX1yT4HYAOETAIXvHhw85jhU
32eipxpZb91hHTDkgKCb9REuWebC7egqZBrC/+2cS28q9RuTfu1UTWslEykow3Hs
OjbSdR7fR985vNXUH/WM/BHfEfGQYXU8ZNuEVevMrGP4yIwLs/Ccv8lQB5yqgEi4
diJpfPTyPX9rNGtcJx/w8QOixVoY1oojKM+2Jb8kPytSgLTj+nMQDyP2tbPZRCTl
ZqOWZFNcjb6YqQn0IiqrxX7p/m/o+nfQkun5GhZNKQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFJP4RgYlfy3b36mDtizvvBA3zXPEMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzhiNzhhMC1kOWJiLTQ0NzAt
OWQxMy02ODE4ZGY3OTc1ZTkvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvOGI3OGEwLWQ5YmItNDQ3MC05
ZDEzLTY4MThkZjc5NzVlOS8xL2tfaEdCaVZfTGR2ZnFZTzJMTy04RURmTmM4US5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDwjVYMA0GCSqGSIb3DQEBCwUAA4IBAQCIHEAXqJxcNBby0oNKH/Oa
t5ThPqe7UQRrLxnmXe3rjn3vjst3ZOWKxe9gxB+Te1uUVY5HfWl8pEXNnmRkmM3V
mZTKLIhJRziTIJcl4TTw1iEuEXo5McCqqD9xbnJmJzUBOXkCFEGD+2wDc5SONLO8
ewsi0c7fa5DzMM+o4Wgv/soSCMxupfg8HWnjtfLu64keMy+SerPu/zYQZ6s8Hbva
m0HDffzi3yKDUXIMfRmnHErUqUOfRVMMBiwKd4+Mn5o+3YLSbgOcYd0OZ1tmsy+K
uazcXNV8ppR3rVlUNASC+9rsHUtgpZIokltkdc0UPScZa7ZY2lR61HBG9ppoSnPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:55:52 2024 by rpki-client on console-ams.rpki-client.org