Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6TTtMCkhLIVjJRwhO3QzrIrvxB0.cer
File: 6TTtMCkhLIVjJRwhO3QzrIrvxB0.cer (raw, json)
Hash identifier: Lvay+2EjVFiWr6Nu0JYhW/sF8kVJcRaaTzM/RX/9n2Y=
Subject key identifier: E9:34:ED:30:29:21:2C:85:63:25:1C:21:3B:74:33:AC:8A:EF:C4:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01896478659A4F0A3F4CCDAA024AA99D0B8F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/016795-1a0d-4246-906e-b9c811dd7b90/1/6TTtMCkhLIVjJRwhO3QzrIrvxB0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/016795-1a0d-4246-906e-b9c811dd7b90/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 17 Jul 2023 15:29:19 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 77.72.84.0/24
IP: 2a11:d700::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:65:9a:4f:0a:3f:4c:cd:aa:02:4a:a9:9d:0b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 17 15:29:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e934ed3029212c8563251c213b7433ac8aefc41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:c3:b8:a8:31:84:27:83:7e:51:2b:7d:cc:
af:87:e0:06:61:5d:50:65:7d:48:d9:20:fa:14:cc:
73:28:aa:44:67:3e:d7:62:8d:1b:23:5b:8c:68:57:
b2:97:10:a5:0f:f4:2a:49:a5:3a:27:35:36:5d:0c:
98:85:bf:b8:81:06:a2:6e:81:b8:04:08:17:0c:f4:
5c:4b:75:96:e4:1c:13:7c:41:8b:b4:0c:10:c2:73:
f6:10:13:2d:86:80:68:20:48:7a:a9:41:a7:41:ae:
27:ae:dc:9c:d3:b4:f5:9c:cd:8e:65:e5:c3:d6:6f:
5d:e7:3e:12:9c:14:90:40:32:60:ca:c6:3c:94:5b:
74:06:e4:4a:16:2c:5d:51:0a:ee:d2:ed:16:4b:59:
f0:f5:b8:da:4d:26:b6:bc:a8:fa:b1:91:97:ec:68:
1d:d4:34:82:9a:06:ca:f6:9e:de:3b:8e:af:18:1a:
5e:1a:bb:29:10:fd:15:39:55:b2:91:e4:0e:40:d1:
b7:16:eb:5a:b3:ae:d0:d8:bb:38:6b:77:01:56:26:
ce:65:9d:0d:5f:d1:b8:ea:f4:d4:6b:54:80:4a:9f:
bf:28:a6:fd:77:2c:2f:7f:3b:fe:8c:a6:b1:61:2a:
9d:ab:09:de:ca:69:4f:ab:79:a0:7b:5c:23:f0:85:
84:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:34:ED:30:29:21:2C:85:63:25:1C:21:3B:74:33:AC:8A:EF:C4:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/016795-1a0d-4246-906e-b9c811dd7b90/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/016795-1a0d-4246-906e-b9c811dd7b90/1/6TTtMCkhLIVjJRwhO3QzrIrvxB0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.84.0/24
IPv6:
2a11:d700::/29
Signature Algorithm: sha256WithRSAEncryption
8b:ad:0b:bd:ab:78:d6:1a:94:33:f7:e4:d1:d5:2f:97:d4:11:
30:23:fa:d2:15:ee:b1:02:c5:b3:63:01:15:d6:06:18:d7:3c:
7a:7b:05:b7:9c:6b:e9:e6:65:2e:a9:89:09:35:98:51:0e:96:
34:4b:90:09:dc:f4:80:10:5c:c9:c3:89:74:65:fb:0c:91:03:
98:bf:0b:63:91:5b:55:17:7a:8a:90:89:ab:f0:63:3a:a4:25:
34:b4:f9:9a:c6:25:20:18:6f:65:b3:2c:dd:c2:1d:fe:99:97:
f7:1d:09:3a:a7:c6:7c:9c:24:49:94:67:f9:3b:54:a7:d6:43:
2d:92:36:e8:8a:b4:4e:bc:ff:21:e6:ab:dd:ad:dd:59:bf:dc:
59:20:ad:8f:b5:04:4b:22:6c:34:1f:83:39:27:a0:17:ba:d3:
e5:56:d5:0c:99:d6:3b:0f:0a:d6:b9:22:39:06:10:9e:ca:93:
b5:39:a2:34:bf:e7:5a:c6:da:eb:2a:94:6e:a6:0e:d1:06:6a:
a8:48:38:e5:69:a7:e8:24:81:91:f8:fc:d3:f8:99:6c:2a:64:
9f:f4:ad:a3:ce:78:38:5b:1c:fc:11:71:76:d8:48:f3:ff:b2:
48:56:d1:04:da:44:a0:5b:af:37:be:4b:f6:a7:cb:47:53:59:
64:c4:7e:4e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYlkeGWaTwo/TM2qAkqpnQuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNzE3MTUyOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTM0ZWQzMDI5MjEyYzg1NjMyNTFjMjEzYjc0MzNhYzhhZWZjNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM7DuKgxhCeDflErfcyvh+AGYV1Q
ZX1I2SD6FMxzKKpEZz7XYo0bI1uMaFeylxClD/QqSaU6JzU2XQyYhb+4gQaiboG4
BAgXDPRcS3WW5BwTfEGLtAwQwnP2EBMthoBoIEh6qUGnQa4nrtyc07T1nM2OZeXD
1m9d5z4SnBSQQDJgysY8lFt0BuRKFixdUQru0u0WS1nw9bjaTSa2vKj6sZGX7Ggd
1DSCmgbK9p7eO46vGBpeGrspEP0VOVWykeQOQNG3Futas67Q2Ls4a3cBVibOZZ0N
X9G46vTUa1SASp+/KKb9dywvfzv+jKaxYSqdqwneymlPq3mge1wj8IWEHQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFOk07TApISyFYyUcITt0M6yK78QdMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmLzAxNjc5
NS0xYTBkLTQyNDYtOTA2ZS1iOWM4MTFkZDdiOTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvMDE2Nzk1
LTFhMGQtNDI0Ni05MDZlLWI5YzgxMWRkN2I5MC8xLzZUVHRNQ2toTElWakpSd2hP
M1F6cklydnhCMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQATUhUMA0EAgACMAcDBQMqEdcAMA0GCSqGSIb3
DQEBCwUAA4IBAQCLrQu9q3jWGpQz9+TR1S+X1BEwI/rSFe6xAsWzYwEV1gYY1zx6
ewW3nGvp5mUuqYkJNZhRDpY0S5AJ3PSAEFzJw4l0ZfsMkQOYvwtjkVtVF3qKkImr
8GM6pCU0tPmaxiUgGG9lsyzdwh3+mZf3HQk6p8Z8nCRJlGf5O1Sn1kMtkjboirRO
vP8h5qvdrd1Zv9xZIK2PtQRLImw0H4M5J6AXutPlVtUMmdY7DwrWuSI5BhCeypO1
OaI0v+daxtrrKpRupg7RBmqoSDjlaafoJIGR+PzT+JlsKmSf9K2jzng4Wxz8EXF2
2Ejz/7JIVtEE2kSgW683vkv2p8tHU1lkxH5O
-----END CERTIFICATE-----
Generated at Wed Mar 12 17:51:42 2025 by rpki-client