Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yXhtY8h9hdRBFGck7PrJNSfvb9U.cer
File: yXhtY8h9hdRBFGck7PrJNSfvb9U.cer (raw, json)
Hash identifier: UT5ZZLQgXeik9aSni8LViBJea/E/uL86guZBH2E2kn0=
Subject key identifier: C9:78:6D:63:C8:7D:85:D4:41:14:67:24:EC:FA:C9:35:27:EF:6F:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 98B9E78F57
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.roa.net/rrdp/xTom/33/C9786D63C87D85D441146724ECFAC93527EF6FD5.mft
caRepository: rsync://rpki.roa.net/rrdp/xTom/33
Notify URL: https://rpki.roa.net/rrdp/notification.xml
Certificate not before: Sat 01 Jan 2022 00:01:18 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 192.109.228.0/23
IP: 192.109.232.0/23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 655953989463 (0x98b9e78f57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9786d63c87d85d441146724ecfac93527ef6fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:4e:0e:a0:bf:c4:b1:49:e2:52:59:5b:7c:
47:fc:f4:93:97:30:62:a5:01:c9:88:88:2f:eb:36:
98:31:e1:d0:9f:d1:b2:fb:0b:9a:74:16:e7:5c:06:
11:96:2a:a0:88:0f:f8:c2:65:74:f5:ce:d8:eb:49:
6c:f5:4b:94:fe:04:6b:85:9e:dc:0b:46:0f:d3:23:
6a:44:a4:22:67:e3:52:05:3c:e5:53:cf:b9:f5:2b:
cf:e8:e1:aa:b4:0b:d7:28:d6:8e:89:ca:f4:00:f8:
fb:f9:37:6f:62:91:ab:91:bd:e4:ee:38:21:51:73:
e3:01:f8:f4:2c:0b:8c:06:39:e9:d1:2f:ef:4c:73:
1e:c6:8d:9b:0f:ab:e6:89:22:d5:5c:67:21:5c:56:
3f:eb:7f:3f:78:84:c9:3d:9b:bc:86:db:0b:96:a4:
43:2e:1e:cb:5e:b5:50:78:e8:b6:03:f5:96:28:3e:
d5:e3:80:8f:3b:86:5b:d5:c6:52:65:d4:96:e5:62:
ab:16:91:95:5c:3c:ea:10:6e:23:c7:db:9e:42:e4:
05:ff:63:da:51:94:a2:c8:06:1c:a3:6c:ac:c0:d9:
b7:9d:e1:bb:c7:f3:08:4d:cf:7b:be:f2:f9:0a:58:
b0:e4:ea:e7:9f:f1:5f:61:33:da:3e:c9:8a:61:40:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:78:6D:63:C8:7D:85:D4:41:14:67:24:EC:FA:C9:35:27:EF:6F:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/33
RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/33/C9786D63C87D85D441146724ECFAC93527EF6FD5.mft
RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.228.0/23
192.109.232.0/23
Signature Algorithm: sha256WithRSAEncryption
13:12:8d:57:a0:b5:d0:23:e3:03:77:17:b9:ba:a4:08:19:cb:
56:e2:5b:96:38:47:99:3b:91:a5:b2:64:4d:0c:24:82:3f:0b:
18:67:be:79:4f:e6:7a:01:76:b5:95:65:a1:f1:2d:45:49:7e:
f5:6a:b9:d0:b3:29:9f:a8:b8:0e:9d:19:0a:51:cb:ec:92:7a:
69:ed:43:cd:d8:b9:db:fd:18:ad:df:15:0f:a9:fe:4e:2c:44:
08:be:d0:ba:73:3c:97:92:86:42:12:16:57:20:e3:03:b1:d1:
72:a8:69:5c:44:b5:de:ed:56:5d:a5:44:82:83:d2:6b:51:c5:
e8:fa:11:95:e9:2d:52:34:9d:b7:0b:8c:65:8c:19:36:8c:90:
cf:ca:c9:3f:e8:17:1c:0e:54:e1:0a:f1:e7:42:75:9a:c0:53:
da:68:9b:27:49:39:1d:7c:1e:7b:15:4b:df:5b:dd:9c:6c:29:
e0:e9:c0:41:5a:86:3e:10:62:a7:7a:e4:16:db:69:eb:c4:f5:
a9:1b:64:e5:90:21:9c:d8:fc:09:3c:84:ab:7e:e7:ca:0e:d1:
68:aa:c2:c9:87:be:2c:79:27:98:a5:3f:bc:9f:fd:b4:82:98:
ac:24:0f:1d:0a:7a:07:41:07:a6:05:20:d1:49:c0:95:35:d1:
6f:d3:cb:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIGAJi5549XMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDAwMTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjOTc4NmQ2M2M4
N2Q4NWQ0NDExNDY3MjRlY2ZhYzkzNTI3ZWY2ZmQ1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAvk5ODqC/xLFJ4lJZW3xH/PSTlzBipQHJiIgv6zaYMeHQ
n9Gy+wuadBbnXAYRliqgiA/4wmV09c7Y60ls9UuU/gRrhZ7cC0YP0yNqRKQiZ+NS
BTzlU8+59SvP6OGqtAvXKNaOicr0APj7+TdvYpGrkb3k7jghUXPjAfj0LAuMBjnp
0S/vTHMexo2bD6vmiSLVXGchXFY/638/eITJPZu8htsLlqRDLh7LXrVQeOi2A/WW
KD7V44CPO4Zb1cZSZdSW5WKrFpGVXDzqEG4jx9ueQuQF/2PaUZSiyAYco2yswNm3
neG7x/MITc97vvL5Cliw5Ornn/FfYTPaPsmKYUBrMQIDAQABo4ICOTCCAjUwHQYD
VR0OBBYEFMl4bWPIfYXUQRRnJOz6yTUn72/VMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
gdMGCCsGAQUFBwELBIHGMIHDMC0GCCsGAQUFBzAFhiFyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vMzMwWgYIKwYBBQUHMAqGTnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS8zMy9DOTc4NkQ2M0M4N0Q4NUQ0NDExNDY3MjRFQ0ZBQzkz
NTI3RUY2RkQ1Lm1mdDA2BggrBgEFBQcwDYYqaHR0cHM6Ly9ycGtpLnJvYS5uZXQv
cnJkcC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8v
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpu
SEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsG
AQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwG3kAwQBwG3oMA0GCSqGSIb3DQEBCwUA
A4IBAQATEo1XoLXQI+MDdxe5uqQIGctW4luWOEeZO5GlsmRNDCSCPwsYZ755T+Z6
AXa1lWWh8S1FSX71arnQsymfqLgOnRkKUcvsknpp7UPN2Lnb/Rit3xUPqf5OLEQI
vtC6czyXkoZCEhZXIOMDsdFyqGlcRLXe7VZdpUSCg9JrUcXo+hGV6S1SNJ23C4xl
jBk2jJDPysk/6BccDlThCvHnQnWawFPaaJsnSTkdfB57FUvfW92cbCng6cBBWoY+
EGKneuQW22nrxPWpG2TlkCGc2PwJPISrfufKDtFoqsLJh74seSeYpT+8n/20gpis
JA8dCnoHQQemBSDRScCVNdFv08vB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:28 2024 by rpki-client on console-ams.rpki-client.org