Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sU3eTR1EPo38Bj2Ai0EM7fD3q08.cer
File: sU3eTR1EPo38Bj2Ai0EM7fD3q08.cer (raw, json)
Hash identifier: O3fZUn70JsguCsDvy45OdzgzEDsPX3t8YuZtPGRvRXU=
Subject key identifier: B1:4D:DE:4D:1D:44:3E:8D:FC:06:3D:80:8B:41:0C:ED:F0:F7:AB:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01831139FDA7BC79F2DDCB5CC6C71BB07BED
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.caramelfox.net/repo/caramelfox/0/B14DDE4D1D443E8DFC063D808B410CEDF0F7AB4F.mft
caRepository: rsync://rpki.caramelfox.net/repo/caramelfox/0/
Notify URL: https://rpki.caramelfox.net/rrpdp/notification.xml
Certificate not before: Tue 06 Sep 2022 05:15:56 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 211169
IP: 2001:678:f68::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:11:39:fd:a7:bc:79:f2:dd:cb:5c:c6:c7:1b:b0:7b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 6 05:15:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b14dde4d1d443e8dfc063d808b410cedf0f7ab4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:60:32:22:b4:1d:3b:73:97:20:1a:09:01:
7b:f6:87:a5:90:cc:66:7a:34:ec:0a:52:f9:69:01:
a5:2a:e0:93:d8:4b:05:74:ba:cd:52:19:f1:42:b1:
bc:6c:e5:07:be:19:d7:a1:d8:ae:2c:9a:66:c5:6d:
bb:59:ec:45:01:d5:0d:ce:f2:61:0f:cd:d6:6d:c4:
e9:f7:40:a3:cf:49:6d:18:2a:76:08:51:5c:7d:7e:
55:69:b8:72:ca:9f:b4:51:e8:14:23:22:47:8b:60:
cc:bc:9f:1c:db:e8:dd:b0:bd:f6:8f:fc:38:f0:e8:
2c:84:13:7c:c6:df:e0:28:e4:bd:ac:31:01:5c:da:
a0:33:f3:5e:42:c1:4f:e7:9d:b3:93:09:b0:e0:50:
fa:7d:24:c3:69:47:c3:86:d2:12:5b:46:ef:3d:41:
40:cb:b2:a7:38:13:b4:ef:82:37:80:54:c1:c5:f2:
33:52:71:91:78:40:b3:6b:38:51:34:42:44:a5:d3:
6b:30:f8:69:e5:20:7c:5d:ba:50:b9:b0:ba:67:60:
32:9c:68:97:a3:92:32:40:21:7d:df:ef:9e:09:e2:
36:39:00:09:96:5d:c4:4f:9e:6a:33:f4:fd:b2:b6:
c7:ee:45:15:22:9e:d6:3e:cc:51:9a:63:38:cc:36:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4D:DE:4D:1D:44:3E:8D:FC:06:3D:80:8B:41:0C:ED:F0:F7:AB:4F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.caramelfox.net/repo/caramelfox/0
RPKI Manifest - URI:rsync://rpki.caramelfox.net/repo/caramelfox/0/B14DDE4D1D443E8DFC063D808B410CEDF0F7AB4F.mft
RPKI Notify - URI:https://rpki.caramelfox.net/rrpdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f68::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
211169
Signature Algorithm: sha256WithRSAEncryption
47:10:cf:46:65:ba:be:80:f0:4c:d1:ec:ef:0f:39:43:c6:50:
15:31:62:68:4d:89:31:23:a5:97:a0:9a:06:ac:97:db:1b:21:
f9:33:bc:4a:8e:7a:bd:b0:e6:eb:28:39:67:ea:df:a1:5a:3b:
96:ee:52:52:fe:7a:da:3d:be:4e:98:2d:92:0d:68:1b:55:8f:
49:c3:b6:1e:13:b8:c3:87:b2:54:22:2f:00:40:ad:76:0a:4a:
49:bd:bd:ea:69:76:d7:f7:ce:59:8a:e4:cf:56:1b:58:d4:b8:
fc:a9:bb:0f:dd:73:da:f2:ed:52:1a:7b:38:58:5f:c4:fe:92:
82:61:ee:4f:ea:6b:34:a7:3d:1f:18:4d:ae:13:6d:d2:d6:96:
47:1a:63:82:d9:a1:3f:75:78:92:b6:d2:b0:2d:41:4f:39:3a:
63:8d:73:a3:b0:90:dd:8c:a4:0f:b9:78:dc:de:be:e5:78:80:
09:14:8e:8f:bb:5b:30:8a:08:71:64:fd:f0:47:37:ed:c8:e0:
cc:44:50:28:13:db:1c:9b:d5:f1:e1:9f:94:cc:e0:53:e7:17:
4c:57:0e:9d:a3:4c:2d:7d:e7:84:80:bc:4c:c4:6a:ce:ee:9e:
a5:94:b4:09:3a:74:fe:76:06:7f:b6:e1:ec:82:4e:f6:36:82:
af:1d:b2:41
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYMROf2nvHny3ctcxscbsHvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIwOTA2MDUxNTU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTRkZGU0ZDFkNDQzZThkZmMwNjNkODA4YjQxMGNlZGYwZjdhYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FtgMiK0HTtzlyAaCQF79oelkMxm
ejTsClL5aQGlKuCT2EsFdLrNUhnxQrG8bOUHvhnXodiuLJpmxW27WexFAdUNzvJh
D83WbcTp90Cjz0ltGCp2CFFcfX5Vabhyyp+0UegUIyJHi2DMvJ8c2+jdsL32j/w4
8OgshBN8xt/gKOS9rDEBXNqgM/NeQsFP552zkwmw4FD6fSTDaUfDhtISW0bvPUFA
y7KnOBO074I3gFTBxfIzUnGReECzazhRNEJEpdNrMPhp5SB8XbpQubC6Z2AynGiX
o5IyQCF93++eCeI2OQAJll3ET55qM/T9srbH7kUVIp7WPsxRmmM4zDaf8wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFLFN3k0dRD6N/AY9gItBDO3w96tPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgfMGCCsGAQUFBwELBIHmMIHjMDkGCCsGAQUFBzAFhi1yc3lu
YzovL3Jwa2kuY2FyYW1lbGZveC5uZXQvcmVwby9jYXJhbWVsZm94LzAwZgYIKwYB
BQUHMAqGWnJzeW5jOi8vcnBraS5jYXJhbWVsZm94Lm5ldC9yZXBvL2NhcmFtZWxm
b3gvMC9CMTREREU0RDFENDQzRThERkMwNjNEODA4QjQxMENFREYwRjdBQjRGLm1m
dDA+BggrBgEFBQcwDYYyaHR0cHM6Ly9ycGtpLmNhcmFtZWxmb3gubmV0L3JycGRw
L25vdGlmaWNhdGlvbi54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtp
LnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJR
SFZWM2Q1bWsuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUH
AQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4D2gwGgYIKwYBBQUHAQgBAf8ECzAJoAcw
BQIDAzjhMA0GCSqGSIb3DQEBCwUAA4IBAQBHEM9GZbq+gPBM0ezvDzlDxlAVMWJo
TYkxI6WXoJoGrJfbGyH5M7xKjnq9sObrKDln6t+hWjuW7lJS/nraPb5OmC2SDWgb
VY9Jw7YeE7jDh7JUIi8AQK12CkpJvb3qaXbX985ZiuTPVhtY1Lj8qbsP3XPa8u1S
Gns4WF/E/pKCYe5P6ms0pz0fGE2uE23S1pZHGmOC2aE/dXiSttKwLUFPOTpjjXOj
sJDdjKQPuXjc3r7leIAJFI6Pu1swighxZP3wRzftyODMRFAoE9scm9Xx4Z+UzOBT
5xdMVw6do0wtfeeEgLxMxGrO7p6llLQJOnT+dgZ/tuHsgk72NoKvHbJB
-----END CERTIFICATE-----
Generated at Tue May 13 23:40:28 2025 by rpki-client