Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oQy8eBVE1VV2p0DCY3DUr85QA0M.cer
File: oQy8eBVE1VV2p0DCY3DUr85QA0M.cer (raw, json)
Hash identifier: Axy07KSCuBkNxf87wQXrCo0mts1f71E8ybW+D4mxLcE=
Subject key identifier: A1:0C:BC:78:15:44:D5:55:76:A7:40:C2:63:70:D4:AF:CE:50:03:43
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A8C147CDFE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1d/305371-ad5f-4241-a1bb-46bccbd55fa1/1/oQy8eBVE1VV2p0DCY3DUr85QA0M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1d/305371-ad5f-4241-a1bb-46bccbd55fa1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:04:02 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 212127
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 724797214206 (0xa8c147cdfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a10cbc781544d55576a740c26370d4afce500343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:87:10:0e:f4:12:4a:b7:93:e9:2c:6d:55:c1:
b6:7f:05:d6:4c:51:82:92:76:03:11:1a:02:78:bc:
4f:fb:82:44:5e:bc:ac:db:38:5a:f7:e8:4b:a8:2f:
37:e4:c5:03:85:61:ef:c0:60:5a:ab:bf:f7:c0:31:
f8:b7:80:59:74:ad:1e:c5:42:64:1f:3c:16:ab:1b:
b3:71:c7:11:7d:0d:1f:2f:6b:3a:d3:42:dd:74:d9:
d1:1f:15:80:26:4a:aa:c7:78:53:2e:9e:b4:cd:6b:
b5:a0:80:12:d2:b5:12:2b:6f:d0:e6:52:b7:74:fc:
a4:f7:a7:8d:9b:1d:2b:f2:f1:57:13:8f:2f:bf:ab:
00:80:6c:c2:a5:12:e1:b0:d0:4f:36:33:13:ac:03:
25:eb:61:13:ab:b2:68:a5:29:75:97:8d:d3:de:c9:
89:22:9c:aa:9d:3b:f0:18:82:0a:64:38:fd:14:45:
a0:9a:2e:a2:4a:94:c6:25:82:85:db:1d:dc:97:e5:
af:b4:4c:24:6e:ad:e3:7d:2b:84:52:3a:0f:33:d1:
4c:7f:b5:84:c4:01:39:86:4d:bc:58:cc:74:90:1c:
2b:63:c6:7a:90:e8:30:e9:2f:89:b5:a1:1f:2c:65:
3c:e0:14:66:ae:b7:28:a6:03:c1:da:de:25:80:61:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0C:BC:78:15:44:D5:55:76:A7:40:C2:63:70:D4:AF:CE:50:03:43
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/305371-ad5f-4241-a1bb-46bccbd55fa1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/305371-ad5f-4241-a1bb-46bccbd55fa1/1/oQy8eBVE1VV2p0DCY3DUr85QA0M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212127
Signature Algorithm: sha256WithRSAEncryption
8c:d6:c6:a6:1d:a0:17:76:e7:80:78:90:96:aa:07:09:bf:ca:
2e:cb:95:61:d3:84:aa:c0:23:74:e5:58:14:3e:75:6b:07:f1:
30:02:2e:c6:98:55:62:df:31:5e:68:c0:be:0b:d5:4c:23:cb:
42:a3:5c:ae:a2:96:cd:f6:6d:bb:91:fa:b4:3d:cd:d4:5a:84:
9e:ff:51:09:9d:81:a7:f7:c6:c6:39:8c:bf:2b:bd:6a:2e:04:
dc:fb:e0:32:1e:20:6f:14:ef:6f:1d:6d:ce:95:76:be:3e:b2:
2b:ef:16:fb:20:33:2d:20:91:3e:92:18:b1:8a:a6:6a:5a:77:
de:27:ea:80:2b:ca:94:7c:1a:53:07:b0:2f:e5:45:8c:2d:bf:
b5:55:e0:e3:b0:56:4e:53:82:68:4e:33:84:3e:16:2a:12:1b:
24:ff:dd:26:bc:76:d7:c8:6f:00:b6:e2:b3:a7:78:ae:99:36:
cb:31:33:22:9c:36:b5:5f:5f:3c:ee:a1:74:30:b3:2f:15:5c:
f2:89:ce:c7:46:cc:de:8b:86:2d:25:83:4e:91:ef:70:bd:2a:
31:5d:b5:8d:fb:59:11:5c:34:76:f8:49:81:c7:49:06:9a:1a:
9a:12:d1:82:22:2d:db:9c:ea:a9:ef:45:86:b7:85:7e:5d:e0:
35:7a:0f:54
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIGAKjBR83+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMTBjYmM3ODE1
NDRkNTU1NzZhNzQwYzI2MzcwZDRhZmNlNTAwMzQzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAnIcQDvQSSreT6SxtVcG2fwXWTFGCknYDERoCeLxP+4JE
Xrys2zha9+hLqC835MUDhWHvwGBaq7/3wDH4t4BZdK0exUJkHzwWqxuzcccRfQ0f
L2s600LddNnRHxWAJkqqx3hTLp60zWu1oIAS0rUSK2/Q5lK3dPyk96eNmx0r8vFX
E48vv6sAgGzCpRLhsNBPNjMTrAMl62ETq7JopSl1l43T3smJIpyqnTvwGIIKZDj9
FEWgmi6iSpTGJYKF2x3cl+WvtEwkbq3jfSuEUjoPM9FMf7WExAE5hk28WMx0kBwr
Y8Z6kOgw6S+JtaEfLGU84BRmrrcopgPB2t4lgGG+EwIDAQABo4ICfzCCAnswHQYD
VR0OBBYEFKEMvHgVRNVVdqdAwmNw1K/OUANDMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFkLzMwNTM3MS1hZDVmLTQyNDEt
YTFiYi00NmJjY2JkNTVmYTEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvMzA1MzcxLWFkNWYtNDI0MS1h
MWJiLTQ2YmNjYmQ1NWZhMS8xL29ReThlQlZFMVZWMnAwRENZM0RVcjg1UUEwTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM8nzANBgkqhkiG9w0BAQsFAAOCAQEAjNbGph2gF3bngHiQlqoHCb/KLsuV
YdOEqsAjdOVYFD51awfxMAIuxphVYt8xXmjAvgvVTCPLQqNcrqKWzfZtu5H6tD3N
1FqEnv9RCZ2Bp/fGxjmMvyu9ai4E3PvgMh4gbxTvbx1tzpV2vj6yK+8W+yAzLSCR
PpIYsYqmalp33ifqgCvKlHwaUwewL+VFjC2/tVXg47BWTlOCaE4zhD4WKhIbJP/d
Jrx218hvALbis6d4rpk2yzEzIpw2tV9fPO6hdDCzLxVc8onOx0bM3ouGLSWDTpHv
cL0qMV21jftZEVw0dvhJgcdJBpoamhLRgiIt25zqqe9FhreFfl3gNXoPVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:02:34 2024 by rpki-client on console-fra.rpki-client.org