Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2GD28sMYVZ5llZzV8o0VmghC1yo.cer
File: 2GD28sMYVZ5llZzV8o0VmghC1yo.cer (raw, json)
Hash identifier: bGujCzaEfxjv36PcLK9JDVPmKOlppFhYJzn2vDXqFXI=
Subject key identifier: D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856BD112F3320A59B83C88997E95AAC9D3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/2GD28sMYVZ5llZzV8o0VmghC1yo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 05:32:22 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.234.12.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d1:12:f3:32:0a:59:b8:3c:88:99:7e:95:aa:c9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d860f6f2c318559e65959cd5f28d159a0842d72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c8:b8:fe:aa:40:aa:83:39:6c:80:d9:ca:45:
af:59:34:2c:f3:33:93:ad:b8:4e:3a:16:29:25:01:
4c:0c:8d:8f:08:33:b4:ac:5d:cc:63:56:ce:8d:58:
92:de:81:09:4e:47:72:e3:cd:f2:ca:84:d3:b5:72:
fb:6f:23:6c:83:65:0c:97:a9:ec:38:f5:50:cf:5e:
bb:68:4b:c4:95:29:05:72:d0:64:2e:62:bc:54:13:
f9:6f:15:f6:f0:46:1f:09:a9:db:b5:5b:1a:e2:98:
b3:6c:af:09:8c:98:c8:f6:aa:ba:43:a4:4e:f6:e4:
67:fa:c1:33:c4:f1:62:45:e4:3c:34:ea:e4:53:eb:
a0:e0:ab:ba:6c:9d:4a:e9:dc:69:3b:a8:73:43:0c:
eb:1c:93:23:4c:25:fb:30:05:41:52:13:5a:72:fa:
89:03:29:68:a3:c3:6c:ff:89:37:f5:95:26:ef:d3:
e6:52:28:b7:62:4b:51:90:20:58:95:eb:fe:dd:15:
65:47:de:2f:d1:06:af:02:8f:88:2c:ae:0a:29:ed:
72:b2:61:76:10:29:2a:82:85:15:06:54:b1:5a:38:
81:69:d7:b9:0b:e0:00:86:8c:c3:40:68:1e:f4:14:
dc:49:17:13:62:38:86:22:77:47:b9:b1:42:9a:2c:
15:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/2GD28sMYVZ5llZzV8o0VmghC1yo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.12.0/24
Signature Algorithm: sha256WithRSAEncryption
58:6b:3e:f1:53:cd:82:f1:4b:14:ce:94:c9:a1:13:ec:16:b9:
b9:80:30:6d:b2:b9:1a:5b:05:a5:ae:bb:e0:bf:46:89:ff:05:
c0:ac:7b:50:3c:f3:c5:2e:6e:93:3f:93:12:5b:a1:8e:86:28:
b6:7b:d9:26:73:d5:4a:5f:08:9f:77:32:14:45:89:15:9e:79:
eb:7a:0a:0c:19:7c:1e:e8:c5:ff:14:a6:32:62:b1:f3:f4:bb:
31:97:72:2f:b9:2e:27:24:7d:14:74:3d:16:0d:58:4f:71:bc:
11:02:dd:f5:8d:05:d2:8d:5c:c1:87:3a:d4:d8:42:75:2b:4e:
09:90:ac:5c:df:c6:22:a4:a3:88:be:6b:ed:fc:a8:c7:ea:ea:
d2:11:f9:6f:a0:12:df:94:99:2d:3f:19:81:ea:43:4b:f6:0a:
1c:02:69:4c:c9:fd:df:04:0c:73:42:7a:6b:0a:5a:ba:b7:23:
c5:9d:be:f4:30:80:6f:9a:a2:f2:fe:50:2e:42:be:03:e4:b6:
95:d7:52:a7:65:ef:9b:b8:60:62:31:f1:9c:6d:7d:4d:5f:6b:
e0:d4:ad:3a:08:db:4b:6e:50:eb:ee:3b:b6:c6:cb:b5:c5:9e:
6a:c5:f1:b3:a4:5d:a6:83:df:4d:67:8b:d4:ee:ea:a4:62:a5:
6e:a4:0a:f8
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVr0RLzMgpZuDyImX6VqsnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDUzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYwZjZmMmMzMTg1NTllNjU5NTljZDVmMjhkMTU5YTA4NDJkNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwci4/qpAqoM5bIDZykWvWTQs8zOT
rbhOOhYpJQFMDI2PCDO0rF3MY1bOjViS3oEJTkdy483yyoTTtXL7byNsg2UMl6ns
OPVQz167aEvElSkFctBkLmK8VBP5bxX28EYfCanbtVsa4pizbK8JjJjI9qq6Q6RO
9uRn+sEzxPFiReQ8NOrkU+ug4Ku6bJ1K6dxpO6hzQwzrHJMjTCX7MAVBUhNacvqJ
Ayloo8Ns/4k39ZUm79PmUii3YktRkCBYlev+3RVlR94v0QavAo+ILK4KKe1ysmF2
ECkqgoUVBlSxWjiBade5C+AAhozDQGge9BTcSRcTYjiGIndHubFCmiwVWwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNhg9vLDGFWeZZWc1fKNFZoIQtcqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzc2NjAy
Yy1jMWFjLTQ2YTMtODFiYy1kZWVmZjNiMmFlOGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvNzY2MDJj
LWMxYWMtNDZhMy04MWJjLWRlZWZmM2IyYWU4YS8xLzJHRDI4c01ZVlo1bGxaelY4
bzBWbWdoQzF5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAueoMMA0GCSqGSIb3DQEBCwUAA4IBAQBYaz7x
U82C8UsUzpTJoRPsFrm5gDBtsrkaWwWlrrvgv0aJ/wXArHtQPPPFLm6TP5MSW6GO
hii2e9kmc9VKXwifdzIURYkVnnnregoMGXwe6MX/FKYyYrHz9Lsxl3IvuS4nJH0U
dD0WDVhPcbwRAt31jQXSjVzBhzrU2EJ1K04JkKxc38YipKOIvmvt/KjH6urSEflv
oBLflJktPxmB6kNL9gocAmlMyf3fBAxzQnprClq6tyPFnb70MIBvmqLy/lAuQr4D
5LaV11KnZe+buGBiMfGcbX1NX2vg1K06CNtLblDr7ju2xsu1xZ5qxfGzpF2mg99N
Z4vU7uqkYqVupAr4
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:16:44 2025 by rpki-client