
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NATKHWaj6cdvpgNFTNxz9oZG0dE.cer
File: NATKHWaj6cdvpgNFTNxz9oZG0dE.cer (raw, json)
Hash identifier: WogSK2s0nOFgmkscEJmT1IaRQng+4o5SJAAaPhOqWPo=
Subject key identifier: 34:04:CA:1D:66:A3:E9:C7:6F:A6:03:45:4C:DC:73:F6:86:46:D1:D1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 7533520E1D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://nostromo.heficed.net/repo/1123661/0/3404CA1D66A3E9C76FA603454CDC73F68646D1D1.mft
caRepository: rsync://nostromo.heficed.net/repo/1123661/0/
Notify URL: https://nostromo.heficed.net/rrdp/notification.xml
Certificate not before: Fri 01 Jan 2021 00:01:32 +0000
Certificate not after: Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources: IP: 185.172.56.0/22
IP: 2a0b:300::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503372189213 (0x7533520e1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:01:32 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=3404ca1d66a3e9c76fa603454cdc73f68646d1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:59:97:c2:a0:df:0f:5b:85:a3:67:6e:b7:
0f:d5:94:84:75:2b:8b:b6:50:a7:9e:e1:de:62:59:
69:e7:db:38:34:06:a1:a8:f0:7f:9a:63:d4:ea:19:
7d:59:9e:4e:f1:dc:f8:5c:5d:14:71:ae:0d:9b:00:
36:bf:9a:b0:74:e4:14:67:17:59:ec:7a:d7:37:d8:
b4:11:5b:2f:e2:4b:de:bf:bb:56:ec:04:66:91:6d:
62:a6:cd:a8:9d:36:2d:52:e8:78:b9:5d:12:08:14:
c5:e9:37:34:ce:99:34:9e:db:7f:97:93:9e:da:2e:
21:80:43:45:11:05:a6:ca:9e:7f:77:c7:d3:0a:aa:
8b:f0:f0:10:f3:8d:39:a7:4c:45:a1:1c:52:f3:3c:
79:26:b1:27:5a:3b:76:14:ce:38:80:06:b4:e3:0d:
5d:49:b1:27:57:c9:7d:f4:b8:8e:ea:60:e7:7e:5b:
43:be:8d:c9:49:f3:16:c2:f9:55:fc:5c:69:a9:31:
40:76:10:40:79:20:93:48:bb:7d:d5:99:d3:ed:2c:
5c:a8:d2:dd:05:e2:07:97:5d:17:83:c5:c5:f9:6c:
35:ae:1d:6d:b5:85:8b:f6:fb:97:21:cf:8a:c0:15:
31:45:f7:b4:47:d8:b9:e8:9e:f8:61:30:09:15:b0:
04:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:04:CA:1D:66:A3:E9:C7:6F:A6:03:45:4C:DC:73:F6:86:46:D1:D1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://nostromo.heficed.net/repo/1123661/0/
RPKI Manifest - URI:rsync://nostromo.heficed.net/repo/1123661/0/3404CA1D66A3E9C76FA603454CDC73F68646D1D1.mft
RPKI Notify - URI:https://nostromo.heficed.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.56.0/22
IPv6:
2a0b:300::/29
Signature Algorithm: sha256WithRSAEncryption
77:56:14:7d:8b:08:32:2f:94:a1:b6:5f:3a:e3:09:cf:ce:d9:
4e:9a:3a:0a:5f:bb:6e:4b:e7:e2:b1:e9:a5:c2:09:dd:61:fb:
e3:17:b9:91:09:79:de:e7:39:b6:7a:54:9f:40:f7:44:36:dc:
86:55:7b:e0:e8:80:f7:b8:d5:9f:1f:7e:3c:1c:12:11:13:95:
1d:5e:72:6f:8d:52:04:3c:9f:df:56:b2:46:e0:fa:28:05:1a:
16:7c:14:d4:86:f5:f9:4e:c5:a0:c0:b3:29:f3:73:1b:bd:0a:
f1:45:3a:07:fd:38:5e:df:56:ed:cd:4d:94:e1:d6:07:29:c8:
0b:5a:df:df:19:58:4d:85:55:3c:2b:ee:9d:f9:7c:18:8e:4f:
66:19:4c:d7:1c:0e:ea:72:a8:8d:a8:eb:6e:5c:31:c0:59:6a:
cc:a4:9c:b1:81:67:82:62:77:6b:d2:03:2d:49:bb:9e:7e:12:
50:bc:94:79:e1:79:e6:e0:d3:2b:c3:91:de:7a:89:73:91:8b:
5c:18:ab:d1:6d:06:6c:54:7a:a0:52:10:2d:67:94:c5:5f:82:
21:ea:b6:ca:eb:a0:33:a3:04:c4:46:be:9f:69:23:2f:b3:63:
b1:7f:6a:57:c1:8a:3f:12:44:d5:9e:73:8a:7b:0c:83:36:b2:
ef:b9:92:29
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIFdTNSDh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
MmE5NGE4ZGQ1NTRhZTcwMTA3MjA5OWM3MGI2NDA3NTU1ZGRkZTY2OTAeFw0yMTAx
MDEwMDAxMzJaFw0yMjA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDM0MDRjYTFkNjZh
M2U5Yzc2ZmE2MDM0NTRjZGM3M2Y2ODY0NmQxZDEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCn5FmXwqDfD1uFo2dutw/VlIR1K4u2UKee4d5iWWnn2zg0
BqGo8H+aY9TqGX1Znk7x3PhcXRRxrg2bADa/mrB05BRnF1nsetc32LQRWy/iS96/
u1bsBGaRbWKmzaidNi1S6Hi5XRIIFMXpNzTOmTSe23+Xk57aLiGAQ0URBabKnn93
x9MKqovw8BDzjTmnTEWhHFLzPHkmsSdaO3YUzjiABrTjDV1JsSdXyX30uI7qYOd+
W0O+jclJ8xbC+VX8XGmpMUB2EEB5IJNIu33VmdPtLFyo0t0F4geXXReDxcX5bDWu
HW21hYv2+5chz4rAFTFF97RH2LnonvhhMAkVsAQNAgMBAAGjggJfMIICWzAdBgNV
HQ4EFgQUNATKHWaj6cdvpgNFTNxz9oZG0dEwHwYDVR0jBBgwFoAUKpSo3VVK5wEH
IJnHC2QHVV3d5mkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwYAYI
KwYBBQUHAQEEVDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9hY2EvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNlcjCB
8AYIKwYBBQUHAQsEgeMwgeAwOAYIKwYBBQUHMAWGLHJzeW5jOi8vbm9zdHJvbW8u
aGVmaWNlZC5uZXQvcmVwby8xMTIzNjYxLzAvMGQGCCsGAQUFBzAKhlhyc3luYzov
L25vc3Ryb21vLmhlZmljZWQubmV0L3JlcG8vMTEyMzY2MS8wLzM0MDRDQTFENjZB
M0U5Qzc2RkE2MDM0NTRDREM3M0Y2ODY0NkQxRDEubWZ0MD4GCCsGAQUFBzANhjJo
dHRwczovL25vc3Ryb21vLmhlZmljZWQubmV0L3JyZHAvbm90aWZpY2F0aW9uLnht
bDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEw
BgMEArmsODANBAIAAjAHAwUDKgsDADANBgkqhkiG9w0BAQsFAAOCAQEAd1YUfYsI
Mi+UobZfOuMJz87ZTpo6Cl+7bkvn4rHppcIJ3WH74xe5kQl53uc5tnpUn0D3RDbc
hlV74OiA97jVnx9+PBwSEROVHV5yb41SBDyf31ayRuD6KAUaFnwU1Ib1+U7FoMCz
KfNzG70K8UU6B/04Xt9W7c1NlOHWBynIC1rf3xlYTYVVPCvunfl8GI5PZhlM1xwO
6nKojajrblwxwFlqzKScsYFngmJ3a9IDLUm7nn4SULyUeeF55uDTK8OR3nqJc5GL
XBir0W0GbFR6oFIQLWeUxV+CIeq2yuugM6MExEa+n2kjL7NjsX9qV8GKPxJE1Z5z
insMgzay77mSKQ==
-----END CERTIFICATE-----
Generated at Sun Jul 6 23:49:24 2025 by rpki-client