Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5IDLAQoGoaMsJZO9KyjxqRD5ee0.cer
File: 5IDLAQoGoaMsJZO9KyjxqRD5ee0.cer (raw, json)
Hash identifier: pqx/5RZ1lKkTIdcH/UVcUaw4LET5x4L71UTJjQBN+wA=
Subject key identifier: E4:80:CB:01:0A:06:A1:A3:2C:25:93:BD:2B:28:F1:A9:10:F9:79:ED
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A5025832AB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3a/f01c68-e1e9-4549-9881-91b4ee2537be/1/5IDLAQoGoaMsJZO9KyjxqRD5ee0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3a/f01c68-e1e9-4549-9881-91b4ee2537be/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:57:27 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 206126
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 708708938411 (0xa5025832ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e480cb010a06a1a32c2593bd2b28f1a910f979ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:46:1d:38:26:91:78:8f:fd:36:cc:ef:d5:6f:
73:6a:2d:12:f3:99:d9:16:1b:29:bf:21:64:c1:3a:
c5:0d:70:b6:12:ac:14:8c:63:b2:a6:77:62:a4:a3:
4c:b0:ce:fe:ee:e1:36:c5:5e:2e:c0:8d:09:56:22:
02:fa:a8:fd:68:8a:0e:eb:26:f4:0d:ae:24:e2:5c:
0a:11:fe:2a:95:3f:4d:18:aa:43:47:a3:39:0a:8f:
15:a5:e8:27:0e:c8:7b:d1:68:a5:c3:7f:84:6e:e1:
b1:15:8c:51:44:ba:64:d2:96:82:fe:68:19:e5:49:
44:48:61:4d:1f:e7:53:d9:f5:36:3c:e2:07:58:1f:
0e:90:6d:e2:8d:8f:c7:0e:1b:6a:41:15:61:88:73:
40:37:fa:b5:7f:e7:96:0e:19:c7:76:a4:46:59:e2:
01:ce:f4:eb:d9:c8:6b:d5:41:12:20:a7:95:b1:02:
66:7a:04:3f:c7:c3:da:7a:70:74:65:80:00:2e:e3:
0a:d9:f0:41:b3:61:cb:08:b5:fe:fa:4f:07:40:10:
fd:6c:c6:6d:ff:5e:74:06:42:a5:0a:7e:88:dd:5b:
4c:d1:20:e9:93:c1:3c:14:dc:f8:fb:20:3d:7f:9a:
16:7a:f8:0c:46:7a:c3:85:01:b8:85:b5:da:7b:b3:
0c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:80:CB:01:0A:06:A1:A3:2C:25:93:BD:2B:28:F1:A9:10:F9:79:ED
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f01c68-e1e9-4549-9881-91b4ee2537be/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f01c68-e1e9-4549-9881-91b4ee2537be/1/5IDLAQoGoaMsJZO9KyjxqRD5ee0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206126
Signature Algorithm: sha256WithRSAEncryption
28:75:10:f6:32:f3:fb:10:db:b0:33:08:0f:44:f4:8b:77:7f:
67:30:4f:0d:67:a0:3d:80:d1:85:a2:ad:12:5d:a1:ed:b8:3f:
a1:7b:95:44:1e:23:8d:a8:81:6e:94:f1:18:80:65:a8:52:72:
64:41:d8:ef:f7:18:c6:81:72:6b:e0:59:34:14:b5:3b:7b:6f:
d5:77:8c:37:c6:40:e7:d0:a6:8f:8a:a2:a6:9a:e0:ec:1a:16:
85:8f:fb:6c:46:be:a6:e8:04:5d:b7:e9:d6:dd:e2:a1:94:3a:
07:98:c8:37:83:e2:e4:57:5f:c8:f6:77:d8:8c:26:65:d7:b7:
e5:99:a7:f7:08:07:86:ce:47:98:84:ca:e1:24:a2:57:08:e5:
e8:6c:32:a7:ef:6c:21:6f:2e:f1:6e:17:60:3b:68:e0:c5:05:
f6:26:34:de:2d:5d:6a:1e:60:21:53:74:cc:63:a2:02:12:69:
8c:1b:63:b2:f3:44:e1:54:66:43:45:c9:c3:de:14:0f:a6:33:
8f:13:28:80:c6:58:c3:4f:c8:5b:1d:c8:0c:1f:59:6c:f4:8a:
84:5d:75:54:45:55:fe:e2:13:43:72:6c:cf:59:59:fd:46:57:
81:fc:a0:92:f1:3f:60:27:42:60:56:dd:96:7e:c9:90:c0:8b:
62:f7:67:34
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIGAKUCWDKrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTA1NzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNDgwY2IwMTBh
MDZhMWEzMmMyNTkzYmQyYjI4ZjFhOTEwZjk3OWVkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAskYdOCaReI/9Nszv1W9zai0S85nZFhspvyFkwTrFDXC2
EqwUjGOypndipKNMsM7+7uE2xV4uwI0JViIC+qj9aIoO6yb0Da4k4lwKEf4qlT9N
GKpDR6M5Co8VpegnDsh70Wilw3+EbuGxFYxRRLpk0paC/mgZ5UlESGFNH+dT2fU2
POIHWB8OkG3ijY/HDhtqQRVhiHNAN/q1f+eWDhnHdqRGWeIBzvTr2chr1UESIKeV
sQJmegQ/x8PaenB0ZYAALuMK2fBBs2HLCLX++k8HQBD9bMZt/150BkKlCn6I3VtM
0SDpk8E8FNz4+yA9f5oWevgMRnrDhQG4hbXae7MMFwIDAQABo4ICfzCCAnswHQYD
VR0OBBYEFOSAywEKBqGjLCWTvSso8akQ+XntMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNhL2YwMWM2OC1lMWU5LTQ1NDkt
OTg4MS05MWI0ZWUyNTM3YmUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2EvZjAxYzY4LWUxZTktNDU0OS05
ODgxLTkxYjRlZTI1MzdiZS8xLzVJRExBUW9Hb2FNc0paTzlLeWp4cVJENWVlMC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMlLjANBgkqhkiG9w0BAQsFAAOCAQEAKHUQ9jLz+xDbsDMID0T0i3d/ZzBP
DWegPYDRhaKtEl2h7bg/oXuVRB4jjaiBbpTxGIBlqFJyZEHY7/cYxoFya+BZNBS1
O3tv1XeMN8ZA59Cmj4qipprg7BoWhY/7bEa+pugEXbfp1t3ioZQ6B5jIN4Pi5Fdf
yPZ32IwmZde35Zmn9wgHhs5HmITK4SSiVwjl6Gwyp+9sIW8u8W4XYDto4MUF9iY0
3i1dah5gIVN0zGOiAhJpjBtjsvNE4VRmQ0XJw94UD6YzjxMogMZYw0/IWx3IDB9Z
bPSKhF11VEVV/uITQ3Jsz1lZ/UZXgfygkvE/YCdCYFbdln7JkMCLYvdnNA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:36:35 2025 by rpki-client