Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lYLDxo2tUpYTZ8eV6xvP0iE9V9s.cer
File: lYLDxo2tUpYTZ8eV6xvP0iE9V9s.cer (raw, json)
Hash identifier: XWaJAgAOh70N2anen9JmU/CDRSIWKuK4zeb3YkKipJk=
Subject key identifier: 95:82:C3:C6:8D:AD:52:96:13:67:C7:95:EB:1B:CF:D2:21:3D:57:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018ADB09C544542F44E513CDC7964486A82A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft
caRepository: rsync://rpki.roa.net/rrdp/xTom/49/
Notify URL: https://rpki.roa.net/rrdp/notification.xml
Certificate not before: Thu 28 Sep 2023 09:06:05 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.198.71.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:09:c5:44:54:2f:44:e5:13:cd:c7:96:44:86:a8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 28 09:06:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9582c3c68dad52961367c795eb1bcfd2213d57db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:e3:f0:a8:78:3b:f4:a5:73:59:33:69:2c:
d5:5c:17:3a:a7:db:06:f1:79:96:3a:e1:88:11:e3:
e4:5f:80:a8:cc:92:8d:f3:d0:66:c0:50:d4:45:bb:
b7:ec:01:9b:c4:fd:32:42:a0:33:76:a3:ea:89:fb:
77:c4:b3:32:47:17:2f:7a:b0:ff:e8:78:b1:ca:c4:
f2:95:cf:bf:b8:38:8f:26:7b:77:c4:88:99:8e:6c:
a7:42:12:90:e4:5b:5f:44:33:3d:19:81:dc:69:21:
ba:5f:3c:5f:92:58:89:ee:45:c7:b6:94:f9:34:ad:
a1:ad:b9:3f:54:05:45:ae:53:67:30:06:c5:9d:5b:
4f:2e:e0:21:9e:0d:9c:74:f2:1d:a7:59:c7:82:5f:
df:e2:c6:11:ec:b7:1a:4e:f3:c0:a3:6a:5c:6d:b2:
0c:bb:c7:23:6b:45:61:cf:4e:7e:e8:db:23:08:80:
b3:89:82:bc:19:25:fc:87:22:56:53:97:1a:10:74:
fc:f6:86:01:43:47:57:84:79:12:a3:71:a5:1e:57:
8b:97:85:58:af:00:e5:e3:51:46:5e:dc:c1:6a:87:
af:b7:9e:8b:3c:df:5a:51:44:f7:58:13:24:8f:30:
49:bd:99:81:0d:d3:27:1d:6e:e4:58:6c:a8:4e:f3:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:82:C3:C6:8D:AD:52:96:13:67:C7:95:EB:1B:CF:D2:21:3D:57:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/49/
RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft
RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.71.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:6d:88:14:1d:56:01:d5:d9:f8:41:fc:92:8c:2b:62:26:95:
21:fa:73:a0:60:34:f1:68:59:76:3b:de:47:bc:91:e9:ff:39:
a3:b6:c8:b0:04:b0:04:c1:70:3c:b4:12:f0:c5:8f:c5:c2:19:
b5:36:af:06:d8:be:44:58:b4:cc:1f:03:5c:b8:21:90:36:ee:
cb:12:94:43:1b:47:07:07:4a:f4:b7:6a:31:f2:ea:41:4f:8c:
2a:26:30:19:86:62:7d:90:40:2d:4d:fd:88:83:f4:25:30:68:
79:85:23:93:af:43:cc:07:72:e2:9a:4b:ad:cc:f7:9e:3e:8b:
36:09:06:a5:c9:92:51:ed:41:80:e7:12:de:bc:49:5b:01:27:
5d:1e:76:df:00:68:4d:36:22:76:47:d8:ba:18:d0:1a:21:34:
4c:cd:06:51:93:8d:50:f7:2c:08:a6:61:40:9e:8b:44:6c:90:
dc:44:9c:f1:f3:84:ef:7f:d7:bb:cd:fe:cd:74:d3:fc:3b:a9:
66:66:fa:27:b5:1b:a1:b7:b2:f6:bc:37:09:e8:a2:9b:ba:ce:
64:f0:85:5f:60:f7:8c:1f:f7:f1:38:ba:4e:ba:d2:a6:29:9f:
0c:8d:48:6d:cb:07:01:41:f8:35:fd:9b:cf:99:d1:6c:07:a1:
e5:e3:5c:8e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYrbCcVEVC9E5RPNx5ZEhqgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTI4MDkwNjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTgyYzNjNjhkYWQ1Mjk2MTM2N2M3OTVlYjFiY2ZkMjIxM2Q1N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzHj8Kh4O/Slc1kzaSzVXBc6p9sG
8XmWOuGIEePkX4CozJKN89BmwFDURbu37AGbxP0yQqAzdqPqift3xLMyRxcverD/
6HixysTylc+/uDiPJnt3xIiZjmynQhKQ5FtfRDM9GYHcaSG6XzxfkliJ7kXHtpT5
NK2hrbk/VAVFrlNnMAbFnVtPLuAhng2cdPIdp1nHgl/f4sYR7LcaTvPAo2pcbbIM
u8cja0Vhz05+6NsjCICziYK8GSX8hyJWU5caEHT89oYBQ0dXhHkSo3GlHleLl4VY
rwDl41FGXtzBaoevt56LPN9aUUT3WBMkjzBJvZmBDdMnHW7kWGyoTvMpVwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFJWCw8aNrVKWE2fHlesbz9IhPVfbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdQGCCsGAQUFBwELBIHHMIHEMC4GCCsGAQUFBzAFhiJyc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDkvMFoGCCsGAQUFBzAKhk5yc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDkvOTU4MkMzQzY4REFENTI5NjEz
NjdDNzk1RUIxQkNGRDIyMTNENTdEQi5tZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8v
cnBraS5yb2EubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0tw
U28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnGRzANBgkqhkiG
9w0BAQsFAAOCAQEAqW2IFB1WAdXZ+EH8kowrYiaVIfpzoGA08WhZdjveR7yR6f85
o7bIsASwBMFwPLQS8MWPxcIZtTavBti+RFi0zB8DXLghkDbuyxKUQxtHBwdK9Ldq
MfLqQU+MKiYwGYZifZBALU39iIP0JTBoeYUjk69DzAdy4ppLrcz3nj6LNgkGpcmS
Ue1BgOcS3rxJWwEnXR523wBoTTYidkfYuhjQGiE0TM0GUZONUPcsCKZhQJ6LRGyQ
3ESc8fOE73/Xu83+zXTT/DupZmb6J7Ubobey9rw3Ceiim7rOZPCFX2D3jB/38Ti6
TrrSpimfDI1IbcsHAUH4Nf2bz5nRbAeh5eNcjg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:01:54 2025 by rpki-client