Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tTa9gbOMcL8fslm8l1Lqzr5Vtzg.cer
File: tTa9gbOMcL8fslm8l1Lqzr5Vtzg.cer (raw, json)
Hash identifier: NmXA43wY3UhkMlFAxBz09ujTgmp/vEOzywZK5y3wtPI=
Subject key identifier: B5:36:BD:81:B3:8C:70:BF:1F:B2:59:BC:97:52:EA:CE:BE:55:B7:38
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01867DF8E00575931008FD278A4BC99ADEFB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/2a4b7d-0372-41bf-bf38-796b059a3b93/1/tTa9gbOMcL8fslm8l1Lqzr5Vtzg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/2a4b7d-0372-41bf-bf38-796b059a3b93/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 23 Feb 2023 11:11:47 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 2a0c:f5c0::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:f8:e0:05:75:93:10:08:fd:27:8a:4b:c9:9a:de:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 23 11:11:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b536bd81b38c70bf1fb259bc9752eacebe55b738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:e6:e5:92:83:fe:b5:6b:84:af:85:ca:c2:
b1:d4:57:e5:1b:50:8a:be:38:d5:e3:b0:61:c5:2f:
b6:8d:dc:e2:0c:50:ad:1c:11:f0:33:f5:22:27:35:
ee:ae:ee:eb:90:b3:ed:3d:d1:e0:44:c7:87:e8:6b:
99:d6:37:2d:65:89:f9:2b:8d:b8:8a:2d:98:d3:7b:
5b:8d:b0:d3:9d:86:e0:15:d3:42:89:89:7c:96:9f:
f2:74:69:47:91:11:8b:63:88:ab:af:3b:83:6f:10:
9b:d8:b9:b1:ff:0e:89:7d:dd:8b:76:84:cb:7b:13:
70:f2:58:e1:9f:ba:e9:c9:d4:9c:e2:f4:d8:94:0c:
a8:d4:a0:c5:af:80:33:aa:01:16:d8:58:7d:c5:09:
86:7b:ac:21:94:a0:16:ef:f0:6b:db:e0:e3:63:07:
c5:81:2f:53:fc:8e:27:3f:92:bb:3b:bb:ee:44:8e:
44:df:59:45:78:18:bc:d4:e8:c9:61:98:11:ec:5c:
53:2c:65:77:47:49:7a:cc:c4:74:e2:82:78:b7:33:
87:b4:95:23:e3:be:d7:56:30:4c:29:c3:dc:be:69:
65:76:ab:b6:09:23:95:87:94:83:60:2e:f4:b0:54:
9c:05:bc:f9:01:ca:29:17:6e:0f:f3:65:ae:c7:6f:
b7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:36:BD:81:B3:8C:70:BF:1F:B2:59:BC:97:52:EA:CE:BE:55:B7:38
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2a4b7d-0372-41bf-bf38-796b059a3b93/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2a4b7d-0372-41bf-bf38-796b059a3b93/1/tTa9gbOMcL8fslm8l1Lqzr5Vtzg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
60:9a:d8:4a:00:2a:3b:44:c1:24:29:4e:a7:a1:a4:0a:e2:ea:
da:2c:31:c9:1f:f6:af:4a:43:ba:19:1d:c2:44:2a:98:8b:f1:
e4:bb:fb:99:05:bc:f5:fb:0f:42:86:f6:8d:3e:45:83:43:a1:
da:87:9a:53:98:0b:d2:80:b6:c9:76:01:dd:53:b2:85:d5:f2:
ed:d9:23:bb:8c:59:85:f3:c5:99:c9:f6:7d:ef:de:5f:b0:4f:
8e:fd:60:98:a5:35:a0:03:49:ce:5e:d0:74:c0:70:d9:76:f5:
01:3a:57:c0:29:3e:1b:03:0d:dd:54:3c:5f:94:0a:6c:bf:37:
22:0d:28:c5:4d:7f:eb:d3:37:f1:a9:04:87:d8:48:93:82:97:
dd:24:2e:7b:c0:86:bb:03:4b:e6:5d:93:16:fe:e7:15:64:c9:
61:8d:9b:a0:89:bc:5e:e6:92:3a:70:c2:49:9a:49:fe:34:4b:
20:26:84:87:14:95:70:33:bf:6b:e9:64:ea:e8:10:66:19:b3:
3c:95:0e:7d:14:9e:2d:84:78:ff:7d:84:60:3e:52:8d:84:97:
16:9c:dc:94:0c:82:7c:69:3b:43:d2:33:fb:71:f7:3d:b6:21:
e8:ea:d0:2b:bc:8b:b1:c9:05:5b:7d:d8:86:19:54:03:c4:b2:
6d:f1:f8:b3
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYZ9+OAFdZMQCP0nikvJmt77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMjIzMTExMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM2YmQ4MWIzOGM3MGJmMWZiMjU5YmM5NzUyZWFjZWJlNTViNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Grm5ZKD/rVrhK+FysKx1FflG1CK
vjjV47BhxS+2jdziDFCtHBHwM/UiJzXuru7rkLPtPdHgRMeH6GuZ1jctZYn5K424
ii2Y03tbjbDTnYbgFdNCiYl8lp/ydGlHkRGLY4irrzuDbxCb2Lmx/w6Jfd2LdoTL
exNw8ljhn7rpydSc4vTYlAyo1KDFr4AzqgEW2Fh9xQmGe6whlKAW7/Br2+DjYwfF
gS9T/I4nP5K7O7vuRI5E31lFeBi81OjJYZgR7FxTLGV3R0l6zMR04oJ4tzOHtJUj
477XVjBMKcPcvmlldqu2CSOVh5SDYC70sFScBbz5AcopF24P82Wux2+3OQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLU2vYGzjHC/H7JZvJdS6s6+Vbc4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzJhNGI3
ZC0wMzcyLTQxYmYtYmYzOC03OTZiMDU5YTNiOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMmE0Yjdk
LTAzNzItNDFiZi1iZjM4LTc5NmIwNTlhM2I5My8xL3RUYTlnYk9NY0w4ZnNsbThs
MUxxenI1VnR6Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUAKgz1wDANBgkqhkiG9w0BAQsFAAOCAQEAYJrY
SgAqO0TBJClOp6GkCuLq2iwxyR/2r0pDuhkdwkQqmIvx5Lv7mQW89fsPQob2jT5F
g0Oh2oeaU5gL0oC2yXYB3VOyhdXy7dkju4xZhfPFmcn2fe/eX7BPjv1gmKU1oANJ
zl7QdMBw2Xb1ATpXwCk+GwMN3VQ8X5QKbL83Ig0oxU1/69M38akEh9hIk4KX3SQu
e8CGuwNL5l2TFv7nFWTJYY2boIm8XuaSOnDCSZpJ/jRLICaEhxSVcDO/a+lk6ugQ
ZhmzPJUOfRSeLYR4/32EYD5SjYSXFpzclAyCfGk7Q9Iz+3H3PbYh6OrQK7yLsckF
W33YhhlUA8SybfH4sw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:09:24 2025 by rpki-client