Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yeZiA3A3N68SVeSsbWgvL6jGawk.cer
File: yeZiA3A3N68SVeSsbWgvL6jGawk.cer (raw, json)
Hash identifier: HKF803ckvC3FcLH7tOHDqCZ4zUvgs0m4ue01OvPqAQs=
Subject key identifier: C9:E6:62:03:70:37:37:AF:12:55:E4:AC:6D:68:2F:2F:A8:C6:6B:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856EFBE5B8DE6FD368CE422370DB7FEEFF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2b/f2cde0-d435-4f41-921d-af898c15ceda/1/yeZiA3A3N68SVeSsbWgvL6jGawk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2b/f2cde0-d435-4f41-921d-af898c15ceda/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 20:18:00 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 62.3.27.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:fb:e5:b8:de:6f:d3:68:ce:42:23:70:db:7f:ee:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:18:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9e66203703737af1255e4ac6d682f2fa8c66b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d6:af:43:ae:40:ba:71:78:d0:3f:69:0e:67:
7a:39:7c:87:15:6f:88:41:6f:f2:a8:23:45:4c:6e:
b0:f0:4d:cd:fd:18:be:91:f8:67:7f:6f:fb:d3:7a:
e1:83:2b:3b:4e:8a:73:44:e1:23:59:ae:b6:05:22:
66:7e:e8:b1:49:7d:26:c3:4b:a5:71:66:14:1c:b1:
e3:da:77:ed:ed:4d:a2:f7:16:f3:98:4b:a2:46:30:
b8:cb:8a:e5:04:be:f5:33:92:70:36:6e:b0:80:9f:
7d:75:44:d3:5e:29:b1:a0:0f:7c:24:bd:52:22:30:
35:5b:3e:a5:78:b2:36:66:97:34:64:d4:d9:91:ae:
3d:41:b3:c4:dc:a7:f5:6b:e0:da:4a:20:3b:29:56:
c1:81:26:c5:a1:31:16:95:0c:bf:0a:ae:3b:c5:47:
1a:e2:98:ec:39:49:32:fc:c6:5a:9e:e9:3a:7e:67:
12:da:49:81:be:f9:75:8a:1c:9c:42:56:c9:cd:c2:
7b:06:c1:b1:d2:fb:c7:a7:88:4e:45:77:ea:e3:e4:
69:cf:50:cc:27:d5:7f:d6:a5:f9:5a:d0:d9:6a:f6:
34:df:1a:5e:50:3a:a8:d2:cb:8a:4f:86:52:1d:af:
2e:0b:ed:a9:7a:d0:a7:cd:c3:f5:06:fc:9e:41:9d:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E6:62:03:70:37:37:AF:12:55:E4:AC:6D:68:2F:2F:A8:C6:6B:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f2cde0-d435-4f41-921d-af898c15ceda/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/f2cde0-d435-4f41-921d-af898c15ceda/1/yeZiA3A3N68SVeSsbWgvL6jGawk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.27.0/24
Signature Algorithm: sha256WithRSAEncryption
04:da:8e:68:f1:fa:d3:25:db:86:93:ae:e9:14:1d:35:72:73:
86:41:0a:68:7c:7a:25:f9:8d:8d:cb:c6:c2:f1:eb:18:0b:67:
55:0d:95:ab:cd:47:38:02:1d:3e:d3:1c:2d:ed:bd:64:28:6a:
b6:4b:2b:91:9b:c4:2a:e7:dc:b2:fb:a8:76:20:66:58:3d:07:
8f:4a:59:83:34:32:66:3e:86:f7:98:b6:1e:81:bf:7b:cf:61:
bb:87:7d:c1:5f:28:94:89:31:90:02:45:8b:9e:57:c5:39:2c:
63:70:98:21:e0:12:ba:05:17:75:e4:39:83:98:72:a2:c3:ad:
49:e8:b6:5b:0a:73:1e:ca:98:a0:8c:a2:77:91:6f:6c:8c:13:
8e:12:e5:e3:cf:0f:b1:d9:07:ed:15:a1:44:de:dd:d6:86:cf:
21:82:0c:af:47:3f:61:b2:a7:4e:b4:1e:39:d4:aa:e1:d1:34:
f8:f6:81:8f:d7:f8:50:21:fe:51:62:31:b2:c2:5d:38:fa:0f:
11:d1:f1:ea:59:69:43:5e:3f:ec:33:4b:2e:81:19:c0:5e:cc:
9a:fe:ef:14:0d:e1:12:19:05:ea:b0:9b:0c:aa:70:eb:6c:5c:
66:44:17:c9:f2:08:ed:02:53:7b:17:6f:77:7e:38:38:88:21:
13:ab:16:5d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVu++W43m/TaM5CI3Dbf+7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjAxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU2NjIwMzcwMzczN2FmMTI1NWU0YWM2ZDY4MmYyZmE4YzY2YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNavQ65AunF40D9pDmd6OXyHFW+I
QW/yqCNFTG6w8E3N/Ri+kfhnf2/703rhgys7TopzROEjWa62BSJmfuixSX0mw0ul
cWYUHLHj2nft7U2i9xbzmEuiRjC4y4rlBL71M5JwNm6wgJ99dUTTXimxoA98JL1S
IjA1Wz6leLI2Zpc0ZNTZka49QbPE3Kf1a+DaSiA7KVbBgSbFoTEWlQy/Cq47xUca
4pjsOUky/MZanuk6fmcS2kmBvvl1ihycQlbJzcJ7BsGx0vvHp4hORXfq4+Rpz1DM
J9V/1qX5WtDZavY03xpeUDqo0suKT4ZSHa8uC+2petCnzcP1BvyeQZ2N/wIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMnmYgNwNzevElXkrG1oLy+oxmsJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiL2YyY2Rl
MC1kNDM1LTRmNDEtOTIxZC1hZjg5OGMxNWNlZGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZjJjZGUw
LWQ0MzUtNGY0MS05MjFkLWFmODk4YzE1Y2VkYS8xL3llWmlBM0EzTjY4U1ZlU3Ni
V2d2TDZqR2F3ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAPgMbMA0GCSqGSIb3DQEBCwUAA4IBAQAE2o5o
8frTJduGk67pFB01cnOGQQpofHol+Y2Ny8bC8esYC2dVDZWrzUc4Ah0+0xwt7b1k
KGq2SyuRm8Qq59yy+6h2IGZYPQePSlmDNDJmPob3mLYegb97z2G7h33BXyiUiTGQ
AkWLnlfFOSxjcJgh4BK6BRd15DmDmHKiw61J6LZbCnMeypigjKJ3kW9sjBOOEuXj
zw+x2QftFaFE3t3Whs8hggyvRz9hsqdOtB451Krh0TT49oGP1/hQIf5RYjGywl04
+g8R0fHqWWlDXj/sM0sugRnAXsya/u8UDeESGQXqsJsMqnDrbFxmRBfJ8gjtAlN7
F293fjg4iCETqxZd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:05 2025 by rpki-client