Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2JAa_0o09ocBuqmFRcLTkNekRjo.cer
File: 2JAa_0o09ocBuqmFRcLTkNekRjo.cer (raw, json)
Hash identifier: IN4Ei1f+PbuxecEXBVlA0U5m0P65/SPKuq5y7aj8vM4=
Subject key identifier: D8:90:1A:FF:4A:34:F6:87:01:BA:A9:85:45:C2:D3:90:D7:A4:46:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018C319C86C7782B6D3AB5F1528126B7A5EE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.rp.ki/repo/misakaio/4/D8901AFF4A34F68701BAA98545C2D390D7A4463A.mft
caRepository: rsync://rsync.rp.ki/repo/misakaio/4/
Notify URL: https://rrdp.rp.ki/notification.xml
Certificate not before: Sun 03 Dec 2023 21:36:30 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 194.45.101.0/24
IP: 2a12:8d00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:31:9c:86:c7:78:2b:6d:3a:b5:f1:52:81:26:b7:a5:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Dec 3 21:36:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8901aff4a34f68701baa98545c2d390d7a4463a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9d:47:a4:6e:18:42:68:af:1e:33:d1:75:9b:
3d:5f:fc:24:90:46:d4:8c:83:38:65:c9:45:46:0f:
67:b4:fe:f3:87:eb:40:d6:5e:28:b9:ca:4b:9d:d0:
2f:b2:50:5c:ca:07:bc:5e:3a:0b:b7:21:d5:8b:ee:
ea:05:bf:f8:60:4a:65:88:0b:36:b8:8a:ac:a4:bd:
f5:60:02:70:03:2a:2a:bf:d0:d9:2e:24:9a:0d:ba:
ae:4c:99:ff:d8:c8:d5:41:e3:46:9e:ee:10:ac:7c:
36:ca:ff:39:e2:2e:14:72:08:32:75:d7:30:89:34:
29:3f:e5:42:2f:15:71:4b:01:c2:ac:1b:d3:24:1b:
46:2b:0b:7f:3a:b4:5a:aa:e8:2b:40:16:d5:bb:9b:
07:9a:99:db:ca:ce:23:dd:f4:17:66:d1:98:bc:dd:
de:c2:aa:78:c6:04:2a:64:67:d7:4b:01:2e:22:cc:
2a:19:e4:17:b0:29:61:c0:2a:33:81:51:6d:f4:ef:
72:64:db:ec:21:1a:50:fc:77:9a:3b:5b:a8:70:39:
4e:d6:0b:2a:bb:e7:40:83:05:60:a3:7f:74:f4:2f:
f9:99:01:e3:b3:a3:1a:a8:ff:af:01:f0:6c:1b:ac:
df:f0:a9:12:c4:19:97:af:4c:ee:9a:b5:ee:51:25:
01:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:90:1A:FF:4A:34:F6:87:01:BA:A9:85:45:C2:D3:90:D7:A4:46:3A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.rp.ki/repo/misakaio/4/
RPKI Manifest - URI:rsync://rsync.rp.ki/repo/misakaio/4/D8901AFF4A34F68701BAA98545C2D390D7A4463A.mft
RPKI Notify - URI:https://rrdp.rp.ki/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.45.101.0/24
IPv6:
2a12:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
1e:43:ee:b2:22:b5:69:9a:0f:45:3d:67:df:c1:4f:02:1c:a9:
72:61:15:70:d5:25:41:b5:c9:03:eb:96:f7:3a:e1:41:f1:ca:
94:6a:2d:7a:bb:4f:c5:f7:94:f0:50:cb:61:19:44:1f:ff:02:
51:f7:d2:4b:e6:cb:60:c2:66:e5:71:ff:70:cb:10:78:a7:f7:
45:99:5d:8e:70:7d:bc:29:e2:30:46:d2:ee:ac:72:b2:66:a8:
64:ef:46:b6:d5:66:86:55:a4:c6:93:77:32:4c:0d:f7:e5:dc:
08:73:e5:50:11:ae:3a:63:f8:f8:53:18:7d:44:df:20:6f:56:
62:fc:67:49:6b:f5:fb:1a:52:4c:d5:95:07:8a:e8:ee:2d:11:
d8:88:d9:5b:ac:e4:f6:47:77:ff:98:15:45:ee:ae:a6:e6:b2:
e6:ac:ce:48:fe:78:ca:cf:7c:a6:a7:e7:49:f4:d7:19:07:76:
b6:7a:2b:3b:f2:57:5e:2d:32:f3:a6:77:aa:5e:62:6a:ff:f4:
84:de:c2:62:00:8a:0a:2c:33:3a:eb:fa:cb:f1:21:04:3e:71:
13:7a:56:73:d2:09:97:6d:c8:62:e9:bc:b8:42:91:76:ca:04:
8d:cc:c2:4e:9a:97:69:6e:99:c6:d6:49:d2:c8:1a:fe:3f:ed:
ad:de:cf:12
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYwxnIbHeCttOrXxUoEmt6XuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMjAzMjEzNjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODkwMWFmZjRhMzRmNjg3MDFiYWE5ODU0NWMyZDM5MGQ3YTQ0NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy51HpG4YQmivHjPRdZs9X/wkkEbU
jIM4ZclFRg9ntP7zh+tA1l4oucpLndAvslBcyge8XjoLtyHVi+7qBb/4YEpliAs2
uIqspL31YAJwAyoqv9DZLiSaDbquTJn/2MjVQeNGnu4QrHw2yv854i4Ucggyddcw
iTQpP+VCLxVxSwHCrBvTJBtGKwt/OrRaqugrQBbVu5sHmpnbys4j3fQXZtGYvN3e
wqp4xgQqZGfXSwEuIswqGeQXsClhwCozgVFt9O9yZNvsIRpQ/HeaO1uocDlO1gsq
u+dAgwVgo3909C/5mQHjs6MaqP+vAfBsG6zf8KkSxBmXr0zumrXuUSUBVQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNiQGv9KNPaHAbqphUXC05DXpEY6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdEGCCsGAQUFBwELBIHEMIHBMDAGCCsGAQUFBzAFhiRyc3lu
YzovL3JzeW5jLnJwLmtpL3JlcG8vbWlzYWthaW8vNC8wXAYIKwYBBQUHMAqGUHJz
eW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby80L0Q4OTAxQUZGNEEzNEY2
ODcwMUJBQTk4NTQ1QzJEMzkwRDdBNDQ2M0EubWZ0MC8GCCsGAQUFBzANhiNodHRw
czovL3JyZHAucnAua2kvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBK
hkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28z
VlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMItZTANBAIAAjAHAwUD
KhKNADANBgkqhkiG9w0BAQsFAAOCAQEAHkPusiK1aZoPRT1n38FPAhypcmEVcNUl
QbXJA+uW9zrhQfHKlGotertPxfeU8FDLYRlEH/8CUffSS+bLYMJm5XH/cMsQeKf3
RZldjnB9vCniMEbS7qxysmaoZO9GttVmhlWkxpN3MkwN9+XcCHPlUBGuOmP4+FMY
fUTfIG9WYvxnSWv1+xpSTNWVB4ro7i0R2IjZW6zk9kd3/5gVRe6upuay5qzOSP54
ys98pqfnSfTXGQd2tnorO/JXXi0y86Z3ql5iav/0hN7CYgCKCiwzOuv6y/EhBD5x
E3pWc9IJl23IYum8uEKRdsoEjczCTpqXaW6ZxtZJ0sga/j/trd7PEg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:00:06 2025 by rpki-client