Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/R9Zh5oOiiRC5NwTeo0k9yfjvPxc.cer
File: R9Zh5oOiiRC5NwTeo0k9yfjvPxc.cer (raw, json)
Hash identifier: wWWbQMjAasAV91/PW5GpevseQNQjx6Osb0yyPQ36sD4=
Subject key identifier: 47:D6:61:E6:83:A2:89:10:B9:37:04:DE:A3:49:3D:C9:F8:EF:3F:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01831798D6217AD3B1BA2A1F88DB3C822AD0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/9eaa79-cbf3-4689-be3f-fe9994c7b95f/1/R9Zh5oOiiRC5NwTeo0k9yfjvPxc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/9eaa79-cbf3-4689-be3f-fe9994c7b95f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 07 Sep 2022 10:57:15 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.233.35.0/24
IP: 2001:67c:2688::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:98:d6:21:7a:d3:b1:ba:2a:1f:88:db:3c:82:2a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 7 10:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47d661e683a28910b93704dea3493dc9f8ef3f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f8:32:13:2e:ac:22:fb:66:82:6e:de:fb:83:
a4:c5:c1:c0:ff:19:1f:84:dd:a8:bd:22:a9:0f:bd:
4c:0c:14:f8:97:09:52:6a:08:38:c5:ad:7d:1f:1d:
31:4a:a6:f2:1e:70:f7:77:40:c6:7a:27:32:1c:50:
b9:47:1c:ad:01:b2:99:ce:c8:86:39:07:1a:11:50:
7e:48:95:ff:2c:72:1f:d6:66:7c:30:61:99:ab:2a:
79:75:32:b7:e2:82:ef:90:e5:18:a5:a4:b8:cf:1e:
2b:a8:22:c8:e6:c4:14:9a:67:85:3e:88:19:e6:f5:
cb:f3:a7:24:a3:d3:f2:3c:55:c9:ca:36:b9:3b:38:
fb:9a:1e:ed:c0:10:8b:c8:9c:74:ed:44:5c:9a:2d:
80:1f:ef:2f:a2:9c:0a:8f:6d:35:46:4c:fb:10:93:
99:2f:6b:95:df:55:c7:e1:92:32:04:64:b1:e3:fa:
fe:f1:12:81:14:96:22:72:20:ca:88:05:8a:bf:cb:
70:f4:45:7a:68:4e:f3:c9:10:3b:a3:73:11:d3:ea:
e4:e4:87:49:96:46:7a:dd:a5:ad:76:9f:4d:03:ad:
8f:3f:d9:65:6a:3a:f6:e6:8a:72:06:6f:04:31:04:
7b:5c:be:07:ec:9e:d2:e3:00:1b:9a:6e:9f:ae:8d:
82:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D6:61:E6:83:A2:89:10:B9:37:04:DE:A3:49:3D:C9:F8:EF:3F:17
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/9eaa79-cbf3-4689-be3f-fe9994c7b95f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/9eaa79-cbf3-4689-be3f-fe9994c7b95f/1/R9Zh5oOiiRC5NwTeo0k9yfjvPxc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.35.0/24
IPv6:
2001:67c:2688::/48
Signature Algorithm: sha256WithRSAEncryption
91:22:81:b5:09:a5:d2:13:c1:87:8f:28:ef:99:c6:d8:ef:fd:
ee:63:5b:8b:9b:0e:24:f2:71:7e:eb:3f:02:a1:77:7e:28:5e:
9c:9b:35:8e:ac:3c:ea:b8:5f:92:81:c6:fa:82:8d:ce:57:a5:
c1:bd:ab:9c:73:b7:58:55:e8:30:40:e6:fb:8a:67:5f:f3:e2:
79:c9:a3:dd:35:83:81:6a:bd:07:8f:a5:4f:01:f8:56:7d:a6:
18:06:06:3a:50:85:f6:2a:a4:68:b0:33:01:72:c4:4c:24:cd:
ca:e8:25:76:0b:b7:61:fb:e7:dd:53:6c:30:71:11:65:0b:9b:
1b:39:7f:9a:17:19:4c:15:1a:15:09:87:c1:7b:7c:9c:53:ad:
3a:36:be:ff:74:4f:61:31:bc:3e:50:3f:2e:8c:40:de:3e:d3:
c4:c1:ab:cd:c5:49:e8:29:8f:50:c1:97:f6:39:f7:8c:33:b3:
6c:59:be:9f:90:05:fa:56:38:19:b2:c6:eb:f7:c2:a2:48:f6:
69:f2:1a:13:d6:9c:7f:08:eb:5c:2c:48:c4:f5:51:be:89:3b:
50:c8:91:2a:97:80:e8:e8:ea:b0:b2:d9:a4:b4:13:1b:53:e5:
da:f9:9f:d1:ea:b1:f1:6b:bb:42:0c:83:41:d2:2e:ff:a3:66:
24:cc:04:93
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYMXmNYhetOxuiofiNs8girQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIwOTA3MTA1NzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Q2NjFlNjgzYTI4OTEwYjkzNzA0ZGVhMzQ5M2RjOWY4ZWYzZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/gyEy6sIvtmgm7e+4OkxcHA/xkf
hN2ovSKpD71MDBT4lwlSagg4xa19Hx0xSqbyHnD3d0DGeicyHFC5RxytAbKZzsiG
OQcaEVB+SJX/LHIf1mZ8MGGZqyp5dTK34oLvkOUYpaS4zx4rqCLI5sQUmmeFPogZ
5vXL86cko9PyPFXJyja5Ozj7mh7twBCLyJx07URcmi2AH+8vopwKj201Rkz7EJOZ
L2uV31XH4ZIyBGSx4/r+8RKBFJYiciDKiAWKv8tw9EV6aE7zyRA7o3MR0+rk5IdJ
lkZ63aWtdp9NA62PP9llajr25opyBm8EMQR7XL4H7J7S4wAbmm6fro2CIwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFEfWYeaDookQuTcE3qNJPcn47z8XMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2LzllYWE3
OS1jYmYzLTQ2ODktYmUzZi1mZTk5OTRjN2I5NWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvOWVhYTc5
LWNiZjMtNDY4OS1iZTNmLWZlOTk5NGM3Yjk1Zi8xL1I5Wmg1b09paVJDNU53VGVv
MGs5eWZqdlB4Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW+kjMA8EAgACMAkDBwAgAQZ8JogwDQYJKoZI
hvcNAQELBQADggEBAJEigbUJpdITwYePKO+Zxtjv/e5jW4ubDiTycX7rPwKhd34o
XpybNY6sPOq4X5KBxvqCjc5XpcG9q5xzt1hV6DBA5vuKZ1/z4nnJo901g4FqvQeP
pU8B+FZ9phgGBjpQhfYqpGiwMwFyxEwkzcroJXYLt2H7591TbDBxEWULmxs5f5oX
GUwVGhUJh8F7fJxTrTo2vv90T2ExvD5QPy6MQN4+08TBq83FSegpj1DBl/Y594wz
s2xZvp+QBfpWOBmyxuv3wqJI9mnyGhPWnH8I61wsSMT1Ub6JO1DIkSqXgOjo6rCy
2aS0ExtT5dr5n9HqsfFru0IMg0HSLv+jZiTMBJM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:28 2023 by rpki-client on console.sobornost.net