Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yI5YRFZWbsU6aADyz1XrJqKILhI.cer
File: yI5YRFZWbsU6aADyz1XrJqKILhI.cer (raw, json)
Hash identifier: wy/TudQXp08v3FKbHjXC33xe437FzYJtKBT74L4rBOs=
Subject key identifier: C8:8E:58:44:56:56:6E:C5:3A:68:00:F2:CF:55:EB:26:A2:88:2E:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9B0072C91A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e4/b14d71-3c10-4cab-9c35-e8da5a2410ee/1/yI5YRFZWbsU6aADyz1XrJqKILhI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e4/b14d71-3c10-4cab-9c35-e8da5a2410ee/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 02:00:53 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.104.31.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665727453466 (0x9b0072c91a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c88e584456566ec53a6800f2cf55eb26a2882e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ac:f0:62:43:b6:ea:3e:5b:18:c6:a5:66:d0:
ed:8d:e4:27:57:29:17:31:f2:7b:d1:14:1c:90:8d:
c4:e9:42:a8:8e:30:fa:32:28:c6:b2:f3:e8:35:28:
15:6e:c0:e9:ea:0b:af:f2:1a:89:f5:81:45:af:6b:
10:c4:b6:b4:5d:97:4a:95:20:a1:a7:e7:1f:4d:e3:
94:88:bf:7f:51:20:58:0c:6b:c5:df:76:f3:7a:4e:
8d:e5:7e:22:af:63:8f:73:b0:a4:08:3d:d1:75:40:
90:91:ae:12:40:90:3d:be:13:75:23:2c:d5:1c:01:
d4:ed:e0:b6:6b:81:ee:f6:a4:b3:0a:80:17:e0:46:
80:88:41:b9:98:cc:e8:35:20:55:b9:e6:32:17:1c:
3c:d8:bb:d3:6e:21:9d:8e:a3:58:d4:a6:1e:14:b5:
1a:26:1e:a8:6a:08:90:e5:b4:f6:06:94:d1:4d:db:
11:6f:b5:9d:f9:21:43:4e:75:24:02:ab:0f:f5:2e:
ce:0b:5e:04:10:3e:81:d0:3c:b9:38:7f:1e:cd:0b:
21:84:74:09:23:5d:79:fa:48:a9:78:e1:ca:7b:18:
3f:2a:52:f9:22:48:0e:82:24:e1:2e:24:35:76:4d:
2d:27:80:c0:cf:b7:d5:85:1b:f0:b9:de:6e:80:3f:
bd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8E:58:44:56:56:6E:C5:3A:68:00:F2:CF:55:EB:26:A2:88:2E:12
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14d71-3c10-4cab-9c35-e8da5a2410ee/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14d71-3c10-4cab-9c35-e8da5a2410ee/1/yI5YRFZWbsU6aADyz1XrJqKILhI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.31.0/24
Signature Algorithm: sha256WithRSAEncryption
71:82:70:59:ab:96:45:59:eb:4e:55:cf:09:f7:12:11:1e:0b:
c2:c9:79:f1:5b:b8:63:3c:11:78:e4:67:0c:23:ac:71:fa:8a:
82:24:70:18:d3:8e:08:77:72:2b:b2:2c:4b:53:76:d5:ef:eb:
64:a0:3f:5e:4b:55:6f:bc:3d:24:40:7c:95:7a:37:4b:7b:46:
cb:7f:63:39:32:82:2d:a7:fb:61:43:60:3d:8b:21:b0:c7:65:
27:16:0c:79:15:a0:4b:15:f2:32:f7:94:10:cf:df:26:4f:98:
17:d8:23:dc:ae:08:ae:98:e3:61:a3:11:a3:38:29:57:08:e2:
1a:dd:6c:14:23:0d:93:e3:2b:6f:e4:4f:d4:88:8f:4b:f2:fd:
73:91:9b:ab:6c:ad:ae:11:e0:c9:2d:4a:38:8c:e5:47:f9:4c:
05:af:44:82:34:c8:b0:a4:d7:41:fc:32:26:7b:6b:3b:d1:98:
85:38:d5:75:c6:b6:7a:94:5b:e7:f6:fc:26:45:01:f8:73:9f:
f9:13:0f:a8:6d:77:b8:93:b8:79:1e:b1:31:7e:ec:64:3f:7d:
67:16:e9:a7:65:14:79:5b:ff:26:c7:6a:81:94:38:cf:33:0c:
6a:b6:56:3f:c3:5e:e4:a9:60:d6:7f:94:7b:b0:cb:a0:53:6d:
fb:be:7a:3e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAJsAcskaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDIwMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjODhlNTg0NDU2
NTY2ZWM1M2E2ODAwZjJjZjU1ZWIyNmEyODgyZTEyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAh6zwYkO26j5bGMalZtDtjeQnVykXMfJ70RQckI3E6UKo
jjD6MijGsvPoNSgVbsDp6guv8hqJ9YFFr2sQxLa0XZdKlSChp+cfTeOUiL9/USBY
DGvF33bzek6N5X4ir2OPc7CkCD3RdUCQka4SQJA9vhN1IyzVHAHU7eC2a4Hu9qSz
CoAX4EaAiEG5mMzoNSBVueYyFxw82LvTbiGdjqNY1KYeFLUaJh6oagiQ5bT2BpTR
TdsRb7Wd+SFDTnUkAqsP9S7OC14EED6B0Dy5OH8ezQshhHQJI115+kipeOHKexg/
KlL5IkgOgiThLiQ1dk0tJ4DAz7fVhRvwud5ugD+9ZwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFMiOWERWVm7FOmgA8s9V6yaiiC4SMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U0L2IxNGQ3MS0zYzEwLTRjYWIt
OWMzNS1lOGRhNWEyNDEwZWUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvYjE0ZDcxLTNjMTAtNGNhYi05
YzM1LWU4ZGE1YTI0MTBlZS8xL3lJNVlSRlpXYnNVNmFBRHl6MVhySnFLSUxoSS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwWgfMA0GCSqGSIb3DQEBCwUAA4IBAQBxgnBZq5ZFWetOVc8J9xIR
HgvCyXnxW7hjPBF45GcMI6xx+oqCJHAY044Id3IrsixLU3bV7+tkoD9eS1VvvD0k
QHyVejdLe0bLf2M5MoItp/thQ2A9iyGwx2UnFgx5FaBLFfIy95QQz98mT5gX2CPc
rgiumONhoxGjOClXCOIa3WwUIw2T4ytv5E/UiI9L8v1zkZurbK2uEeDJLUo4jOVH
+UwFr0SCNMiwpNdB/DIme2s70ZiFONV1xrZ6lFvn9vwmRQH4c5/5Ew+obXe4k7h5
HrExfuxkP31nFumnZRR5W/8mx2qBlDjPMwxqtlY/w17kqWDWf5R7sMugU237vno+
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:27:51 2025 by rpki-client