Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.cer
File: TyHFOT2T_M8LjgzM3I1Ul-LWkgk.cer (raw, json)
Hash identifier: QFaFAJ6Xy0kBYXm9vL1WAmNxNe6CdmKnuHBMvkSGCOI=
Subject key identifier: 4F:21:C5:39:3D:93:FC:CF:0B:8E:0C:CC:DC:8D:54:97:E2:D6:92:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01840F8C432E9E49C777F3A336C15F371889
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 25 Oct 2022 14:29:21 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 195.74.88.0/23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:8c:43:2e:9e:49:c7:77:f3:a3:36:c1:5f:37:18:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 25 14:29:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f21c5393d93fccf0b8e0cccdc8d5497e2d69209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6c:5c:6b:7a:bf:be:63:c3:20:d5:b1:65:82:
7e:de:92:6f:33:23:01:57:b7:e7:c2:df:ef:8b:c7:
c5:da:cf:4f:f5:eb:be:0b:79:02:b8:17:6f:22:d3:
33:00:6f:9e:d7:1c:e7:06:f0:d5:43:68:25:58:be:
96:56:32:ea:0a:b8:1b:a4:ad:48:9e:64:f3:7e:2c:
bf:de:4e:ec:bf:9f:ce:30:a0:ac:e6:5c:6d:8e:f8:
e3:0c:e6:73:4e:3f:fd:02:5b:2b:a4:2e:f0:c8:2f:
32:aa:30:32:7a:60:a8:73:5e:25:f6:49:fa:eb:4c:
79:14:0c:e7:b8:b1:43:b2:eb:f3:6d:4e:50:0f:de:
36:83:0f:a8:a8:c6:ab:ba:ca:6c:54:7f:99:f6:1e:
4c:09:ff:36:d7:67:0c:fc:b7:55:b7:33:bd:fc:0f:
c3:ed:ba:04:68:13:c9:6d:23:12:51:0b:9c:d6:48:
ba:d9:91:23:4d:d1:bd:09:9b:1f:28:57:14:f3:9e:
04:af:48:c7:fb:f6:79:15:19:17:3b:c4:8a:21:e6:
40:80:3c:cb:93:ac:5f:8c:88:a0:34:a4:0b:37:65:
ab:22:52:74:e3:d8:35:51:74:0f:ba:7d:a8:2d:cb:
f7:6c:1c:87:84:51:48:b9:da:ca:f6:f5:44:f5:d6:
e0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:C5:39:3D:93:FC:CF:0B:8E:0C:CC:DC:8D:54:97:E2:D6:92:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/df15d5-a0d0-4fab-bc96-ed21f80886a3/1/TyHFOT2T_M8LjgzM3I1Ul-LWkgk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.74.88.0/23
Signature Algorithm: sha256WithRSAEncryption
84:89:d5:f4:1c:8a:2b:ab:9e:b1:e6:34:ca:ba:65:19:45:3d:
0f:d3:eb:29:87:3d:ab:69:ad:e2:f5:cf:6d:51:7c:0c:45:52:
a6:aa:30:db:66:79:60:24:fb:e4:a0:7e:d0:6b:d4:35:33:c2:
57:f1:0b:7d:33:f0:de:7d:bf:48:d4:36:bd:4f:71:56:8b:1b:
fc:4a:57:74:e6:e5:4e:d7:3f:8a:9a:00:96:8c:6e:7e:b0:a1:
8c:63:62:49:17:52:44:d4:10:51:1b:fd:31:6c:94:d9:f1:ec:
d4:c3:30:b2:12:ba:11:0f:ec:2a:69:b2:3d:11:2a:7d:04:e4:
92:35:e7:1f:9d:d2:67:72:f1:ce:0a:fb:a1:a3:8d:d6:ed:57:
36:19:d5:e0:28:a4:f5:79:67:af:43:87:78:3f:97:d1:a6:d8:
dd:92:58:ce:a7:14:08:37:f5:9b:7d:4d:05:38:29:1d:cc:9e:
00:40:bc:7a:76:f5:b5:58:ff:1c:9e:c7:a3:6c:ba:34:84:75:
88:dd:a8:fb:ba:3d:f3:be:30:7f:5d:bd:ed:94:6c:d5:04:4b:
96:ca:fe:1e:b7:50:7d:13:96:3f:77:cb:18:b7:65:19:ff:56:
67:2c:01:54:96:da:d7:c1:c5:9a:d0:85:59:60:bc:ac:8c:8e:
0b:a8:63:21
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYQPjEMunknHd/OjNsFfNxiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIxMDI1MTQyOTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxYzUzOTNkOTNmY2NmMGI4ZTBjY2NkYzhkNTQ5N2UyZDY5MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomxca3q/vmPDINWxZYJ+3pJvMyMB
V7fnwt/vi8fF2s9P9eu+C3kCuBdvItMzAG+e1xznBvDVQ2glWL6WVjLqCrgbpK1I
nmTzfiy/3k7sv5/OMKCs5lxtjvjjDOZzTj/9AlsrpC7wyC8yqjAyemCoc14l9kn6
60x5FAznuLFDsuvzbU5QD942gw+oqMaruspsVH+Z9h5MCf8212cM/LdVtzO9/A/D
7boEaBPJbSMSUQuc1ki62ZEjTdG9CZsfKFcU854Er0jH+/Z5FRkXO8SKIeZAgDzL
k6xfjIigNKQLN2WrIlJ049g1UXQPun2oLcv3bByHhFFIudrK9vVE9dbgjQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFE8hxTk9k/zPC44MzNyNVJfi1pIJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkL2RmMTVk
NS1hMGQwLTRmYWItYmM5Ni1lZDIxZjgwODg2YTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvZGYxNWQ1
LWEwZDAtNGZhYi1iYzk2LWVkMjFmODA4ODZhMy8xL1R5SEZPVDJUX004TGpnek0z
STFVbC1MV2tnay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBw0pYMA0GCSqGSIb3DQEBCwUAA4IBAQCEidX0
HIorq56x5jTKumUZRT0P0+sphz2raa3i9c9tUXwMRVKmqjDbZnlgJPvkoH7Qa9Q1
M8JX8Qt9M/Defb9I1Da9T3FWixv8Sld05uVO1z+KmgCWjG5+sKGMY2JJF1JE1BBR
G/0xbJTZ8ezUwzCyEroRD+wqabI9ESp9BOSSNecfndJncvHOCvuho43W7Vc2GdXg
KKT1eWevQ4d4P5fRptjdkljOpxQIN/WbfU0FOCkdzJ4AQLx6dvW1WP8cnsejbLo0
hHWI3aj7uj3zvjB/Xb3tlGzVBEuWyv4et1B9E5Y/d8sYt2UZ/1ZnLAFUltrXwcWa
0IVZYLysjI4LqGMh
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:47 2023 by rpki-client on console.sobornost.net