Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lZow_FyMMSBLoi_lKk2pdZm9zLw.cer
File: lZow_FyMMSBLoi_lKk2pdZm9zLw.cer (raw, json)
Hash identifier: 9fl7WEnxTJ/QfenFwcmivmTeloNO9J8wX25rQ3yLBsk=
Subject key identifier: 95:9A:30:FC:5C:8C:31:20:4B:A2:2F:E5:2A:4D:A9:75:99:BD:CC:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018571D66D6F3E9A68DF18758C8FA677965A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3b/5e9084-4ffe-476a-937e-01f7f8ed2736/1/lZow_FyMMSBLoi_lKk2pdZm9zLw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3b/5e9084-4ffe-476a-937e-01f7f8ed2736/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 09:35:56 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 62.233.47.0/24
IP: 2a11:a1c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d6:6d:6f:3e:9a:68:df:18:75:8c:8f:a6:77:96:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=959a30fc5c8c31204ba22fe52a4da97599bdccbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a4:dc:63:96:86:7a:a8:a4:e7:03:36:09:25:
62:26:fe:ec:00:f6:ac:87:fb:f4:0e:c8:b1:b7:7f:
de:04:89:8c:0b:5e:c8:88:ba:cb:8e:25:40:34:49:
f4:e5:ab:ce:61:01:e2:1a:84:95:fe:fd:b0:40:f2:
b0:ad:32:6b:98:1f:0b:48:2c:2b:da:46:36:8b:cf:
ac:6d:17:db:07:c4:a4:f6:a0:e9:4d:11:5d:1a:5c:
a0:7d:8a:f4:96:17:33:16:9f:63:4a:b3:75:01:1b:
34:1f:93:7d:0b:b9:92:e9:87:6c:72:76:b1:7a:38:
04:15:71:ff:f0:4a:ae:cf:0c:cd:8b:59:75:c5:3a:
78:2e:0c:c2:a8:f0:30:06:fb:2d:78:c8:14:a5:d4:
fd:3f:cc:be:2e:9f:db:03:60:44:ed:06:c6:2c:21:
56:c5:b6:54:5d:2d:29:f1:7c:72:d3:38:8f:82:9f:
33:f4:19:67:63:9c:02:7f:c0:d9:37:f8:30:97:03:
98:14:88:0e:5c:0d:e9:9d:9e:92:94:24:86:b9:da:
a4:9e:cd:df:91:45:d5:63:b1:b9:0f:ff:41:52:0d:
48:a6:7f:73:32:21:53:ff:74:25:bb:da:7a:74:c0:
35:f0:5d:2a:1a:6b:9b:18:3c:12:93:6b:e9:49:4e:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9A:30:FC:5C:8C:31:20:4B:A2:2F:E5:2A:4D:A9:75:99:BD:CC:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5e9084-4ffe-476a-937e-01f7f8ed2736/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5e9084-4ffe-476a-937e-01f7f8ed2736/1/lZow_FyMMSBLoi_lKk2pdZm9zLw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.47.0/24
IPv6:
2a11:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:4f:7d:30:cc:29:b5:d8:a1:35:cd:26:8f:10:c8:b4:38:75:
8f:c3:ad:94:c5:5d:93:f5:3a:ec:9d:b8:4a:c9:c3:f9:b4:20:
06:a7:10:71:5d:b9:59:f7:f9:51:ac:94:67:cd:09:f7:76:30:
12:b6:14:81:7a:9a:e3:d3:9c:f2:67:fe:18:0e:27:4b:d0:ff:
bb:d5:94:9d:2a:59:2a:af:43:72:3f:12:43:b5:f8:3a:23:87:
0e:78:81:5e:9e:eb:53:70:84:e3:10:26:89:30:2b:f9:5e:af:
34:6c:02:be:a5:f5:e3:41:18:19:d5:69:c8:78:ff:e8:f1:95:
cf:11:f2:40:f3:f0:41:8d:d3:1c:c4:e5:91:d2:42:41:c1:e0:
1e:df:46:8b:9b:21:7c:f9:ec:86:ba:8d:90:a0:ea:9a:9c:e9:
5f:23:17:15:9b:77:d6:63:a2:f8:45:ce:86:c4:f2:b7:90:51:
3c:43:bb:2e:6b:5c:0c:cf:c6:c5:b0:36:ef:ba:0f:fd:d8:3e:
e5:1c:de:80:cc:3c:ca:19:5f:50:c9:be:9a:d3:71:a8:ac:42:
09:b3:e8:7e:77:43:a5:17:ec:15:9e:c6:76:b7:26:02:2b:4e:
2d:e5:a5:57:ce:ca:c4:dd:11:32:ca:c7:3f:6b:78:6a:ac:64:
1c:3c:70:29
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVx1m1vPppo3xh1jI+md5ZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDkzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlhMzBmYzVjOGMzMTIwNGJhMjJmZTUyYTRkYTk3NTk5YmRjY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraTcY5aGeqik5wM2CSViJv7sAPas
h/v0Dsixt3/eBImMC17IiLrLjiVANEn05avOYQHiGoSV/v2wQPKwrTJrmB8LSCwr
2kY2i8+sbRfbB8Sk9qDpTRFdGlygfYr0lhczFp9jSrN1ARs0H5N9C7mS6Ydscnax
ejgEFXH/8EquzwzNi1l1xTp4LgzCqPAwBvsteMgUpdT9P8y+Lp/bA2BE7QbGLCFW
xbZUXS0p8Xxy0ziPgp8z9BlnY5wCf8DZN/gwlwOYFIgOXA3pnZ6SlCSGudqkns3f
kUXVY7G5D/9BUg1Ipn9zMiFT/3Qlu9p6dMA18F0qGmubGDwSk2vpSU7sNQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJWaMPxcjDEgS6Iv5SpNqXWZvcy8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiLzVlOTA4
NC00ZmZlLTQ3NmEtOTM3ZS0wMWY3ZjhlZDI3MzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvNWU5MDg0
LTRmZmUtNDc2YS05MzdlLTAxZjdmOGVkMjczNi8xL2xab3dfRnlNTVNCTG9pX2xL
azJwZFptOXpMdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAPukvMA0EAgACMAcDBQMqEaHAMA0GCSqGSIb3
DQEBCwUAA4IBAQChT30wzCm12KE1zSaPEMi0OHWPw62UxV2T9TrsnbhKycP5tCAG
pxBxXblZ9/lRrJRnzQn3djASthSBeprj05zyZ/4YDidL0P+71ZSdKlkqr0NyPxJD
tfg6I4cOeIFenutTcITjECaJMCv5Xq80bAK+pfXjQRgZ1WnIeP/o8ZXPEfJA8/BB
jdMcxOWR0kJBweAe30aLmyF8+eyGuo2QoOqanOlfIxcVm3fWY6L4Rc6GxPK3kFE8
Q7sua1wMz8bFsDbvug/92D7lHN6AzDzKGV9Qyb6a03GorEIJs+h+d0OlF+wVnsZ2
tyYCK04t5aVXzsrE3REyysc/a3hqrGQcPHAp
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:06:40 2025 by rpki-client