Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer
File: 4lwd3M2gkJnjlmIoaPSvzI6LVrw.cer (raw, json)
Hash identifier: jatDSIXWVagxfpfp0/mlpJXCQzX1SsKr0UJePbo+wSg=
Subject key identifier: E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018B7F92073B83FCAA8C3D08B57523ED773C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/4lwd3M2gkJnjlmIoaPSvzI6LVrw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 30 Oct 2023 07:52:38 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 2a0b:ba00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:92:07:3b:83:fc:aa:8c:3d:08:b5:75:23:ed:77:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 30 07:52:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e25c1ddccda09099e396622868f4afcc8e8b56bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f8:b7:16:34:1c:66:ad:c0:df:c9:0f:45:9b:
84:6e:00:71:0f:dd:6f:ce:2e:5f:03:4d:8a:a9:31:
c4:26:bd:45:11:c0:fe:be:bd:3d:42:ff:d2:97:77:
73:1a:9f:76:6c:39:b8:2d:96:cf:42:14:cd:ed:ab:
64:90:13:57:83:74:ed:3f:1b:57:a6:90:eb:36:e9:
b6:6b:8d:e6:67:ab:82:18:5f:c2:27:59:55:72:8e:
c6:25:97:e0:4b:7f:f9:9b:cb:7d:b4:69:4f:42:4f:
a5:65:53:2b:98:69:d8:e3:ef:9f:0f:fd:fa:7d:3e:
e2:2f:03:b9:58:f8:77:35:ad:6b:c6:81:b7:e4:9d:
71:7c:d4:d5:a6:88:9e:06:47:f9:47:54:5e:38:6d:
ea:c9:a4:05:74:90:f2:19:64:1d:53:a8:33:6a:13:
52:5b:a4:6b:c6:03:65:54:6b:f7:01:c7:cd:b3:3e:
33:59:17:33:65:53:10:74:1a:4c:7b:eb:66:d9:f9:
df:a7:6f:51:14:72:40:33:6b:c0:eb:19:66:56:54:
06:f2:04:2e:73:2f:c5:97:eb:a2:de:38:71:1f:36:
fa:95:55:3e:5d:2b:a5:c8:e8:59:fd:24:68:90:d3:
06:0b:b0:67:1c:c5:b8:ab:2e:14:03:a6:ed:ad:dd:
ec:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5C:1D:DC:CD:A0:90:99:E3:96:62:28:68:F4:AF:CC:8E:8B:56:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/37b585-0e3d-4bf6-b9fe-db8e9aef9fb0/1/4lwd3M2gkJnjlmIoaPSvzI6LVrw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ba00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:3a:f8:b6:ba:09:b6:2b:eb:d1:5e:26:7a:12:d2:74:e5:4d:
3e:dd:ff:94:cb:83:b8:30:70:ab:01:2d:98:05:07:db:9d:c3:
af:da:92:99:20:e2:94:fe:56:69:c2:7a:d0:f1:a0:e6:59:77:
f8:2d:48:1e:75:a5:26:ee:e9:ca:04:65:07:c5:af:53:1b:37:
33:ae:0c:82:ab:ee:38:fd:81:86:0d:a5:4e:0a:c2:8b:d9:61:
ad:d4:92:51:0d:e5:6d:ff:e8:19:e6:b1:bd:43:29:ed:f4:8f:
4b:ec:4b:ca:12:b5:05:6a:05:d4:20:75:8b:7d:3e:69:18:97:
76:2f:42:95:c2:da:b8:63:9b:d7:20:19:d8:3a:17:89:23:1f:
8a:86:b2:5f:9f:4a:9d:5f:3f:a5:96:69:32:28:3a:d3:28:d7:
a3:64:b0:05:20:45:61:59:4e:9f:8e:bc:f8:bb:86:71:86:00:
78:cf:4a:3d:85:ea:08:e1:06:e9:bf:b3:7e:b2:d7:1a:3d:b9:
17:dc:43:63:f5:17:96:7d:a7:78:46:95:ed:aa:66:ce:c3:41:
1d:4d:8f:69:91:6e:02:20:95:4f:b9:a7:b2:a9:48:6d:10:ba:
28:7f:f7:82:71:a0:a3:83:be:ff:63:15:6e:7a:3d:0e:01:7c:
62:d7:8e:a9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYt/kgc7g/yqjD0ItXUj7Xc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMDMwMDc1MjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVjMWRkY2NkYTA5MDk5ZTM5NjYyMjg2OGY0YWZjYzhlOGI1NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/i3FjQcZq3A38kPRZuEbgBxD91v
zi5fA02KqTHEJr1FEcD+vr09Qv/Sl3dzGp92bDm4LZbPQhTN7atkkBNXg3TtPxtX
ppDrNum2a43mZ6uCGF/CJ1lVco7GJZfgS3/5m8t9tGlPQk+lZVMrmGnY4++fD/36
fT7iLwO5WPh3Na1rxoG35J1xfNTVpoieBkf5R1ReOG3qyaQFdJDyGWQdU6gzahNS
W6RrxgNlVGv3AcfNsz4zWRczZVMQdBpMe+tm2fnfp29RFHJAM2vA6xlmVlQG8gQu
cy/Fl+ui3jhxHzb6lVU+XSulyOhZ/SRokNMGC7BnHMW4qy4UA6btrd3scwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOJcHdzNoJCZ45ZiKGj0r8yOi1a8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzM3YjU4
NS0wZTNkLTRiZjYtYjlmZS1kYjhlOWFlZjlmYjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvMzdiNTg1
LTBlM2QtNGJmNi1iOWZlLWRiOGU5YWVmOWZiMC8xLzRsd2QzTTJna0puamxtSW9h
UFN2ekk2TFZydy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKgu6ADANBgkqhkiG9w0BAQsFAAOCAQEAHDr4
troJtivr0V4mehLSdOVNPt3/lMuDuDBwqwEtmAUH253Dr9qSmSDilP5WacJ60PGg
5ll3+C1IHnWlJu7pygRlB8WvUxs3M64MgqvuOP2Bhg2lTgrCi9lhrdSSUQ3lbf/o
GeaxvUMp7fSPS+xLyhK1BWoF1CB1i30+aRiXdi9ClcLauGOb1yAZ2DoXiSMfioay
X59KnV8/pZZpMig60yjXo2SwBSBFYVlOn468+LuGcYYAeM9KPYXqCOEG6b+zfrLX
Gj25F9xDY/UXln2neEaV7apmzsNBHU2PaZFuAiCVT7mnsqlIbRC6KH/3gnGgo4O+
/2MVbno9DgF8YteOqQ==
-----END CERTIFICATE-----
Generated at Sun May 11 15:11:46 2025 by rpki-client