Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lFGzJi_XU62BB8nKEnqS8NA3WHc.cer
File: lFGzJi_XU62BB8nKEnqS8NA3WHc.cer (raw, json)
Hash identifier: enoSY7C1K5kwWL+/oLofEl9OjhqzhvLq74HWWGXWrLs=
Subject key identifier: 94:51:B3:26:2F:D7:53:AD:81:07:C9:CA:12:7A:92:F0:D0:37:58:77
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A4CEF54C6D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5d/e37f95-91d9-44ca-81b5-15cf404dc925/1/lFGzJi_XU62BB8nKEnqS8NA3WHc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5d/e37f95-91d9-44ca-81b5-15cf404dc925/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:55:47 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.53.170.0 -- 193.53.199.255
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 707846818925 (0xa4cef54c6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9451b3262fd753ad8107c9ca127a92f0d0375877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:42:6e:79:23:e6:5e:1d:4a:d0:84:68:5b:8b:
28:3f:1e:a7:4f:30:14:74:52:eb:3c:3a:9f:9f:e3:
ec:67:84:5d:a3:9c:96:0c:32:74:7b:e0:eb:ff:6f:
5c:17:d5:bf:1a:06:78:c7:e6:52:6c:11:f7:99:95:
14:49:8c:95:dd:fd:e7:4c:a1:02:c0:42:8c:fc:90:
e6:c6:11:cc:5a:7d:ff:ef:b6:60:d9:5a:91:13:26:
6e:cd:e8:55:9c:df:29:53:b9:43:d2:aa:01:93:4f:
72:59:6a:bf:4a:47:ae:9e:c7:b7:5c:18:12:b4:03:
13:8a:3a:a7:68:48:17:62:d1:13:ea:99:36:a9:bf:
ad:9d:79:ff:b5:dc:04:44:e2:f0:2d:af:e8:ee:44:
81:20:c8:9e:93:3d:a7:0b:27:4d:d6:49:63:00:6d:
87:68:02:7c:a4:8f:13:8f:fb:d7:4c:3c:4a:90:50:
b6:ff:8f:fc:07:a1:a4:bb:18:12:aa:6c:3c:38:06:
89:38:c0:19:00:8e:ff:5e:93:7c:20:78:a6:92:50:
a7:77:d7:42:43:bf:ce:07:63:d3:0d:41:5d:1f:e9:
b2:23:82:59:3a:6c:d1:07:4c:5f:fa:bc:10:1f:42:
67:05:41:c7:68:90:0d:82:5f:f4:54:db:01:08:f6:
b8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:51:B3:26:2F:D7:53:AD:81:07:C9:CA:12:7A:92:F0:D0:37:58:77
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e37f95-91d9-44ca-81b5-15cf404dc925/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e37f95-91d9-44ca-81b5-15cf404dc925/1/lFGzJi_XU62BB8nKEnqS8NA3WHc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.170.0-193.53.199.255
Signature Algorithm: sha256WithRSAEncryption
99:b9:1a:37:af:21:8b:bc:b8:37:b6:4d:6f:5e:63:8d:83:f4:
75:29:ce:a2:86:52:bb:71:de:1d:6d:44:04:b3:41:a1:38:63:
82:de:0d:de:80:65:ce:95:5f:72:fa:12:00:f4:64:df:26:17:
28:f2:fd:0a:f2:9f:6e:d1:ee:6b:ed:41:85:5b:14:6a:43:f9:
e6:ae:cc:77:11:4f:e1:b4:24:84:69:14:42:a0:3a:70:bd:5a:
41:6a:1e:dc:ea:7b:aa:0b:e8:e2:74:29:15:20:b4:31:5e:7c:
6a:07:d0:e7:6d:97:2b:85:61:d0:14:c3:ea:1a:c4:88:c4:e7:
8f:68:81:ec:4b:b6:dc:93:76:3a:cd:79:57:de:8d:fa:ef:b4:
c8:d1:36:04:34:9b:0d:9f:04:dd:6d:22:63:4b:91:18:74:d6:
d5:28:8b:e5:16:88:5f:fb:d5:a2:fb:36:71:3c:bf:88:48:da:
ce:17:90:de:67:0f:06:e6:06:32:26:93:15:8b:ea:0a:19:1e:
21:f8:79:d6:1c:d7:9e:88:a0:99:c9:9a:f8:fe:33:45:77:2b:
eb:9e:0b:28:1a:a4:97:4b:47:35:92:15:55:3c:d7:f7:b8:b0:
0b:2e:3a:33:c3:36:0a:c6:a0:ef:fc:3f:f0:75:28:59:56:df:
45:4d:f8:bc
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIGAKTO9UxtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTA1NTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NDUxYjMyNjJm
ZDc1M2FkODEwN2M5Y2ExMjdhOTJmMGQwMzc1ODc3MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmEJueSPmXh1K0IRoW4soPx6nTzAUdFLrPDqfn+PsZ4Rd
o5yWDDJ0e+Dr/29cF9W/GgZ4x+ZSbBH3mZUUSYyV3f3nTKECwEKM/JDmxhHMWn3/
77Zg2VqREyZuzehVnN8pU7lD0qoBk09yWWq/Skeunse3XBgStAMTijqnaEgXYtET
6pk2qb+tnXn/tdwEROLwLa/o7kSBIMiekz2nCydN1kljAG2HaAJ8pI8Tj/vXTDxK
kFC2/4/8B6GkuxgSqmw8OAaJOMAZAI7/XpN8IHimklCnd9dCQ7/OB2PTDUFdH+my
I4JZOmzRB0xf+rwQH0JnBUHHaJANgl/0VNsBCPa4BwIDAQABo4ICjDCCAogwHQYD
VR0OBBYEFJRRsyYv11OtgQfJyhJ6kvDQN1h3MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVkL2UzN2Y5NS05MWQ5LTQ0Y2Et
ODFiNS0xNWNmNDA0ZGM5MjUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQvZTM3Zjk1LTkxZDktNDRjYS04
MWI1LTE1Y2Y0MDRkYzkyNS8xL2xGR3pKaV9YVTYyQkI4bktFbnFTOE5BM1dIYy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAU
BAIAATAOMAwDBAHBNaoDBAPBNcAwDQYJKoZIhvcNAQELBQADggEBAJm5GjevIYu8
uDe2TW9eY42D9HUpzqKGUrtx3h1tRASzQaE4Y4LeDd6AZc6VX3L6EgD0ZN8mFyjy
/Qryn27R7mvtQYVbFGpD+eauzHcRT+G0JIRpFEKgOnC9WkFqHtzqe6oL6OJ0KRUg
tDFefGoH0OdtlyuFYdAUw+oaxIjE549ogexLttyTdjrNeVfejfrvtMjRNgQ0mw2f
BN1tImNLkRh01tUoi+UWiF/71aL7NnE8v4hI2s4XkN5nDwbmBjImkxWL6goZHiH4
edYc156IoJnJmvj+M0V3K+ueCygapJdLRzWSFVU81/e4sAsuOjPDNgrGoO/8P/B1
KFlW30VN+Lw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:34 2025 by rpki-client