Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/RIOMfyPEt9F8dN6RTZnihng5rto.cer
File: RIOMfyPEt9F8dN6RTZnihng5rto.cer (raw, json)
Hash identifier: ncvbXTywniMRkBBU/zXzDIlBaq4pzs8QAr7Hg9h4qcM=
Subject key identifier: 44:83:8C:7F:23:C4:B7:D1:7C:74:DE:91:4D:99:E2:86:78:39:AE:DA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A64B010CBB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/RIOMfyPEt9F8dN6RTZnihng5rto.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:00:29 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 85.8.144.0/22
IP: 2a09:7b00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714222931131 (0xa64b010cbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44838c7f23c4b7d17c74de914d99e2867839aeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2f:9f:b9:f5:a9:50:d6:50:c9:07:1c:ab:84:
8e:a0:72:47:0f:ac:2f:9c:c3:64:c2:cb:12:b9:4c:
1e:1f:62:de:1d:2c:dc:55:42:e0:47:1f:db:8f:bd:
32:25:15:34:12:53:af:dd:73:c6:56:7d:d6:ab:94:
8e:21:fb:01:ff:df:bc:1b:9c:b3:ae:5c:ec:e2:f0:
52:b4:aa:76:87:97:b7:83:3d:7f:66:e3:8c:5b:61:
2b:1e:38:d3:b3:18:c7:93:5f:f8:01:08:36:75:01:
24:68:be:a4:76:a8:a9:ec:a6:f6:24:b2:14:b3:80:
cb:8c:4f:73:1b:08:1d:c2:f2:78:49:3b:d8:cf:da:
e5:85:f7:6c:3d:d2:3a:6d:ee:f1:bc:c4:ff:93:54:
a8:21:bb:fe:54:ec:a0:c5:f5:46:ed:12:45:ef:1b:
e8:ff:41:b7:26:b8:1c:8c:ad:73:31:18:e6:a6:eb:
b5:ff:d4:45:1b:44:74:fd:77:f6:04:7d:44:69:c2:
74:2e:c9:a6:36:7c:de:7d:94:fb:cb:ab:14:18:fc:
65:a8:02:19:21:2b:f1:04:fe:08:ab:92:06:f3:b1:
66:4f:f4:5e:bf:fd:ab:0c:a4:1a:86:4e:7a:e6:ca:
fb:74:2b:d0:18:e4:9d:37:f5:81:2b:b9:fb:ec:4f:
77:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:83:8C:7F:23:C4:B7:D1:7C:74:DE:91:4D:99:E2:86:78:39:AE:DA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/324d8f-4c20-4682-a114-89e8859cfae2/1/RIOMfyPEt9F8dN6RTZnihng5rto.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.144.0/22
IPv6:
2a09:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
7e:67:bf:37:ef:72:1e:44:d8:c8:e4:10:c5:0a:b0:e5:37:7b:
12:ad:78:7e:4e:5a:6d:13:0c:d2:12:d9:7f:bc:8a:f9:b6:1b:
96:b8:b9:b6:16:24:87:af:43:ce:0c:15:21:22:a3:97:5c:1f:
01:a2:6d:05:39:5b:81:a6:15:c0:df:52:82:29:0b:77:a7:df:
30:a7:9d:81:fc:15:26:80:86:fd:43:f3:ec:0e:98:8a:d6:dc:
80:cd:ac:de:f0:8d:12:9a:1b:3c:32:bb:a2:ec:ab:ad:0c:85:
71:b2:d0:5f:1d:e8:dc:11:e4:83:41:48:70:75:9b:4a:9f:1c:
18:bc:94:4e:9c:a1:8d:f1:55:dd:10:f3:5a:b7:54:f0:f6:0e:
c7:c9:36:aa:59:f7:a3:e7:f0:96:df:02:e1:b6:11:ce:65:7a:
ba:f6:35:cf:ea:c9:79:22:25:c8:4f:de:e1:94:f3:4c:1d:bd:
7d:44:0c:85:18:39:dd:8a:cd:11:18:e4:b1:43:a3:c9:2f:ba:
db:bd:e0:7d:e3:f6:10:d0:bd:25:d2:7f:6e:2c:5d:60:bb:ff:
94:24:4b:39:39:bb:b2:4f:d4:6a:2e:b7:fa:a6:5e:cb:82:d5:
53:d5:cc:68:bb:ab:d4:da:57:4c:b5:a5:50:d0:bc:ac:f9:f2:
87:91:ae:5c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKZLAQy7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NDgzOGM3ZjIz
YzRiN2QxN2M3NGRlOTE0ZDk5ZTI4Njc4MzlhZWRhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoS+fufWpUNZQyQccq4SOoHJHD6wvnMNkwssSuUweH2Le
HSzcVULgRx/bj70yJRU0ElOv3XPGVn3Wq5SOIfsB/9+8G5yzrlzs4vBStKp2h5e3
gz1/ZuOMW2ErHjjTsxjHk1/4AQg2dQEkaL6kdqip7Kb2JLIUs4DLjE9zGwgdwvJ4
STvYz9rlhfdsPdI6be7xvMT/k1SoIbv+VOygxfVG7RJF7xvo/0G3JrgcjK1zMRjm
puu1/9RFG0R0/Xf2BH1EacJ0LsmmNnzefZT7y6sUGPxlqAIZISvxBP4Iq5IG87Fm
T/Rev/2rDKQahk565sr7dCvQGOSdN/WBK7n77E93RwIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFESDjH8jxLfRfHTekU2Z4oZ4Oa7aMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNjLzMyNGQ4Zi00YzIwLTQ2ODIt
YTExNC04OWU4ODU5Y2ZhZTIvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2MvMzI0ZDhmLTRjMjAtNDY4Mi1h
MTE0LTg5ZTg4NTljZmFlMi8xL1JJT01meVBFdDlGOGRONlJUWm5paG5nNXJ0by5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCVQiQMA0EAgACMAcDBQMqCXsAMA0GCSqGSIb3DQEBCwUAA4IBAQB+
Z78373IeRNjI5BDFCrDlN3sSrXh+TlptEwzSEtl/vIr5thuWuLm2FiSHr0PODBUh
IqOXXB8Bom0FOVuBphXA31KCKQt3p98wp52B/BUmgIb9Q/PsDpiK1tyAzaze8I0S
mhs8Mrui7KutDIVxstBfHejcEeSDQUhwdZtKnxwYvJROnKGN8VXdEPNat1Tw9g7H
yTaqWfej5/CW3wLhthHOZXq69jXP6sl5IiXIT97hlPNMHb19RAyFGDndis0RGOSx
Q6PJL7rbveB94/YQ0L0l0n9uLF1gu/+UJEs5ObuyT9RqLrf6pl7LgtVT1cxou6vU
2ldMtaVQ0Lys+fKHka5c
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:29 2023 by rpki-client on console.sobornost.net