Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cYFjnIDFBoufQo2QmX47tG1vJEY.cer
File: cYFjnIDFBoufQo2QmX47tG1vJEY.cer (raw, json)
Hash identifier: CJ+m0lKPCzv5pPLSOPDTYPav543xfg+sNNZwUFmR+L8=
Subject key identifier: 71:81:63:9C:80:C5:06:8B:9F:42:8D:90:99:7E:3B:B4:6D:6F:24:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856B6339D6D88104A3C8AEF5D84B287432
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6e/bcca4c-6b61-4a9e-a82e-a50a313b4519/1/cYFjnIDFBoufQo2QmX47tG1vJEY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6e/bcca4c-6b61-4a9e-a82e-a50a313b4519/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 03:32:23 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 209061
IP: 84.21.180.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:63:39:d6:d8:81:04:a3:c8:ae:f5:d8:4b:28:74:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:32:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7181639c80c5068b9f428d90997e3bb46d6f2446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:90:27:ea:c0:74:72:80:90:d2:b4:14:51:bb:
80:80:9a:87:86:98:e8:76:80:35:9a:9a:29:97:08:
c9:71:6e:4f:d5:39:1c:0e:a1:dd:a4:90:b3:21:6b:
18:91:99:8f:12:c1:57:69:01:77:35:c9:12:15:6c:
d0:67:dc:90:c9:0b:63:1e:a6:39:e1:99:fe:74:7b:
0e:70:00:9b:ef:09:ae:64:d9:cf:09:b6:e9:c3:65:
4c:4a:64:52:2f:c1:47:b6:0b:0d:00:17:c5:ad:df:
f4:36:13:f2:69:0c:fb:7c:98:e7:08:3e:be:0a:1d:
e7:37:26:64:c1:b6:e2:15:10:8f:b8:f6:71:cf:e6:
d1:be:bd:1f:90:98:05:3b:b3:26:73:55:7a:09:85:
03:bd:e8:6f:4e:c3:9b:94:e0:a8:b1:16:c9:44:e1:
71:aa:06:42:7f:6f:da:f7:ed:8b:ef:ef:b8:21:58:
20:52:94:25:eb:53:2e:fe:75:e7:22:29:a4:05:5c:
3a:25:74:a5:63:7b:f9:c7:82:50:bf:7d:01:c7:58:
4f:40:69:96:74:0b:a7:55:1c:b4:4c:c8:85:14:62:
7b:a4:31:c0:84:fd:ec:36:56:31:52:f7:0c:5e:eb:
3d:eb:07:8a:2f:94:d1:ee:a7:e8:6f:95:6c:e5:e0:
b5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:81:63:9C:80:C5:06:8B:9F:42:8D:90:99:7E:3B:B4:6D:6F:24:46
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/bcca4c-6b61-4a9e-a82e-a50a313b4519/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/bcca4c-6b61-4a9e-a82e-a50a313b4519/1/cYFjnIDFBoufQo2QmX47tG1vJEY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.180.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209061
Signature Algorithm: sha256WithRSAEncryption
04:f6:f5:0c:45:ae:1f:d7:d7:87:a3:2f:64:b5:b5:a2:70:ba:
62:54:fd:14:d1:5f:6c:24:33:7d:1c:0f:50:f4:c9:ba:05:0e:
85:b8:10:92:5a:57:e2:12:1c:f9:a9:3f:a6:a7:85:02:40:34:
75:18:49:13:e0:46:2d:b9:ce:8a:8b:32:21:f5:9b:73:a7:05:
96:a7:83:3e:97:39:5f:d6:f9:54:73:75:12:27:06:1f:1e:cc:
e3:e0:f7:3b:13:e0:44:2e:03:7f:ed:cd:79:5e:36:b2:59:75:
cc:aa:b4:b3:ae:75:fb:f3:f7:ac:29:9a:40:e4:8a:d4:c6:3b:
69:fa:7b:72:cd:d3:73:60:80:da:ed:85:c1:94:f3:9d:45:46:
91:c9:61:df:4f:cf:e0:a3:1c:f8:18:91:d8:56:bf:ae:99:74:
dd:7a:f5:22:d6:f7:61:e0:c3:f0:22:1d:77:75:18:2d:66:0c:
95:c8:b4:ac:23:d0:84:f6:bf:cb:fd:df:95:9e:2f:cd:03:8e:
4d:f7:b9:48:ee:39:00:b6:7d:54:9d:0e:cc:36:dc:dd:3f:63:
48:ef:e4:d9:12:02:57:58:e0:2c:4b:1d:a7:bc:a8:2a:37:57:
e4:8a:a4:c5:f8:14:9f:ea:52:2b:85:a3:1b:4a:ad:82:c1:13:
ec:40:44:08
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVrYznW2IEEo8iu9dhLKHQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDMzMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTgxNjM5YzgwYzUwNjhiOWY0MjhkOTA5OTdlM2JiNDZkNmYyNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZAn6sB0coCQ0rQUUbuAgJqHhpjo
doA1mpoplwjJcW5P1TkcDqHdpJCzIWsYkZmPEsFXaQF3NckSFWzQZ9yQyQtjHqY5
4Zn+dHsOcACb7wmuZNnPCbbpw2VMSmRSL8FHtgsNABfFrd/0NhPyaQz7fJjnCD6+
Ch3nNyZkwbbiFRCPuPZxz+bRvr0fkJgFO7Mmc1V6CYUDvehvTsOblOCosRbJROFx
qgZCf2/a9+2L7++4IVggUpQl61Mu/nXnIimkBVw6JXSlY3v5x4JQv30Bx1hPQGmW
dAunVRy0TMiFFGJ7pDHAhP3sNlYxUvcMXus96weKL5TR7qfob5Vs5eC1pQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFHGBY5yAxQaLn0KNkJl+O7RtbyRGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZlL2JjY2E0
Yy02YjYxLTRhOWUtYTgyZS1hNTBhMzEzYjQ1MTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUvYmNjYTRj
LTZiNjEtNGE5ZS1hODJlLWE1MGEzMTNiNDUxOS8xL2NZRmpuSURGQm91ZlFvMlFt
WDQ3dEcxdkpFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCVBW0MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMwpTANBgkqhkiG9w0BAQsFAAOCAQEABPb1DEWuH9fXh6MvZLW1onC6YlT9FNFf
bCQzfRwPUPTJugUOhbgQklpX4hIc+ak/pqeFAkA0dRhJE+BGLbnOiosyIfWbc6cF
lqeDPpc5X9b5VHN1EicGHx7M4+D3OxPgRC4Df+3NeV42sll1zKq0s651+/P3rCma
QOSK1MY7afp7cs3Tc2CA2u2FwZTznUVGkclh30/P4KMc+BiR2Fa/rpl03Xr1Itb3
YeDD8CIdd3UYLWYMlci0rCPQhPa/y/3flZ4vzQOOTfe5SO45ALZ9VJ0OzDbc3T9j
SO/k2RICV1jgLEsdp7yoKjdX5IqkxfgUn+pSK4WjG0qtgsET7EBECA==
-----END CERTIFICATE-----
Generated at Thu May 8 15:18:02 2025 by rpki-client