Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hsuAQ1-tPkviaL7fVam-G8na1Q8.cer
File: hsuAQ1-tPkviaL7fVam-G8na1Q8.cer (raw, json)
Hash identifier: FbVGHk5FMDBh3OT7yG0ItsY/sJrjxVRuezUavGWrCrc=
Subject key identifier: 86:CB:80:43:5F:AD:3E:4B:E2:68:BE:DF:55:A9:BE:1B:C9:DA:D5:0F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A4C9F8E033
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/148cda-d5e7-42e1-b2fd-71fa7772a74a/1/hsuAQ1-tPkviaL7fVam-G8na1Q8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/148cda-d5e7-42e1-b2fd-71fa7772a74a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:55:34 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.176.96.0/21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 707763167283 (0xa4c9f8e033)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86cb80435fad3e4be268bedf55a9be1bc9dad50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:36:27:07:3d:c5:04:2d:0b:54:af:c3:4c:
b0:96:1c:7c:69:e2:9d:be:b3:b0:49:49:fb:31:9b:
d2:ce:57:c3:3f:5c:bc:30:8c:fb:65:1a:ec:ca:4e:
37:4f:f5:24:18:70:3e:54:5d:be:5a:f0:7d:2c:14:
54:3d:3f:bc:68:03:8d:18:bc:e1:bf:0c:ec:dd:d7:
a3:79:56:1a:df:30:29:f0:6c:cf:c3:9b:b0:79:0b:
fe:3e:e6:1f:97:ec:b2:cb:d6:92:f5:eb:04:c8:83:
f1:8c:97:73:81:51:18:e7:df:78:1e:b4:73:34:f1:
19:7a:ff:b4:1c:5a:26:34:60:5c:d9:24:57:ad:ae:
9b:1a:0b:42:2c:01:fc:e4:0b:5c:3f:f6:ab:75:f6:
50:84:1b:e3:07:d7:5c:b4:15:27:70:8b:32:ac:e4:
81:ff:ec:e6:f5:dd:86:25:d1:22:3e:6e:f7:35:d5:
ca:02:68:20:3c:e6:f3:03:51:d6:90:08:7f:ad:2e:
6c:d3:a4:50:e9:4a:ad:4d:df:b6:cb:b7:71:84:14:
38:ad:b3:56:27:af:03:8e:4c:55:4f:9a:44:ee:2c:
10:73:ae:03:45:97:0a:cb:df:86:bf:8c:c4:76:28:
71:2d:10:89:e9:de:e8:dd:cc:83:2a:1a:5d:9c:1d:
64:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CB:80:43:5F:AD:3E:4B:E2:68:BE:DF:55:A9:BE:1B:C9:DA:D5:0F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/148cda-d5e7-42e1-b2fd-71fa7772a74a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/148cda-d5e7-42e1-b2fd-71fa7772a74a/1/hsuAQ1-tPkviaL7fVam-G8na1Q8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.96.0/21
Signature Algorithm: sha256WithRSAEncryption
35:9b:96:bc:7e:a4:38:56:9b:6f:6c:6c:31:c3:b4:66:29:ec:
49:b4:70:27:ba:33:99:fe:b7:2f:ca:48:d7:90:b8:f1:28:3c:
ee:cf:e0:ca:cc:9e:64:f5:38:6d:d9:68:10:9e:5a:e2:2e:f6:
0f:50:8d:5d:04:04:16:5a:83:62:9d:b5:68:7e:c5:51:55:3c:
03:be:35:5c:37:d3:cb:c6:2b:ca:ae:3e:e9:a7:8d:07:6c:74:
8a:b7:bb:ab:7c:0e:d3:90:b3:a3:bb:ce:9b:42:e6:e5:20:44:
66:a0:af:5f:4f:ad:8c:59:d3:9e:94:6e:2e:04:2d:50:03:35:
5c:87:6a:62:cb:97:e3:da:6e:6b:a4:fe:fc:2e:56:c5:4f:c9:
d4:23:af:dc:31:ac:33:88:3c:3c:d0:b0:3c:96:62:89:6c:d3:
72:e5:a9:e6:df:77:fc:68:23:0b:98:f6:2b:cf:8e:7b:58:a9:
71:b2:56:7e:08:22:f5:9a:64:80:28:a5:71:2c:15:e0:2c:57:
39:9f:01:9d:9b:c8:2f:74:ad:c9:27:f7:6b:44:0a:06:f1:06:
6f:73:79:2d:8f:69:bc:fe:ca:dc:73:f7:84:09:20:e3:52:2e:
0c:3f:76:32:84:18:80:30:49:9d:3c:85:76:54:40:6d:bf:4e:
9e:c7:74:23
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKTJ+OAzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTA1NTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4NmNiODA0MzVm
YWQzZTRiZTI2OGJlZGY1NWE5YmUxYmM5ZGFkNTBmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAr3k2Jwc9xQQtC1Svw0ywlhx8aeKdvrOwSUn7MZvSzlfD
P1y8MIz7ZRrsyk43T/UkGHA+VF2+WvB9LBRUPT+8aAONGLzhvwzs3dejeVYa3zAp
8GzPw5uweQv+PuYfl+yyy9aS9esEyIPxjJdzgVEY5994HrRzNPEZev+0HFomNGBc
2SRXra6bGgtCLAH85AtcP/ardfZQhBvjB9dctBUncIsyrOSB/+zm9d2GJdEiPm73
NdXKAmggPObzA1HWkAh/rS5s06RQ6UqtTd+2y7dxhBQ4rbNWJ68DjkxVT5pE7iwQ
c64DRZcKy9+Gv4zEdihxLRCJ6d7o3cyDKhpdnB1k6wIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFIbLgENfrT5L4mi+31WpvhvJ2tUPMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzE0OGNkYS1kNWU3LTQyZTEt
YjJmZC03MWZhNzc3MmE3NGEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMTQ4Y2RhLWQ1ZTctNDJlMS1i
MmZkLTcxZmE3NzcyYTc0YS8xL2hzdUFRMS10UGt2aWFMN2ZWYW0tRzhuYTFROC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDwbBgMA0GCSqGSIb3DQEBCwUAA4IBAQA1m5a8fqQ4VptvbGwxw7Rm
KexJtHAnujOZ/rcvykjXkLjxKDzuz+DKzJ5k9Tht2WgQnlriLvYPUI1dBAQWWoNi
nbVofsVRVTwDvjVcN9PLxivKrj7pp40HbHSKt7urfA7TkLOju86bQublIERmoK9f
T62MWdOelG4uBC1QAzVch2piy5fj2m5rpP78LlbFT8nUI6/cMawziDw80LA8lmKJ
bNNy5anm33f8aCMLmPYrz457WKlxslZ+CCL1mmSAKKVxLBXgLFc5nwGdm8gvdK3J
J/drRAoG8QZvc3ktj2m8/srcc/eECSDjUi4MP3YyhBiAMEmdPIV2VEBtv06ex3Qj
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:53:58 2025 by rpki-client