Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AoOaQaHyrbuNW2yth5V1ZAb8Stg.cer
File: AoOaQaHyrbuNW2yth5V1ZAb8Stg.cer (raw, json)
Hash identifier: sAi8hII5JENska4mDL9evRoAwCV9QmmnqrceXXPW0+c=
Subject key identifier: 02:83:9A:41:A1:F2:AD:BB:8D:5B:6C:AD:87:95:75:64:06:FC:4A:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01890B834F93543E0E639F6BC62274B2D292
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9a/408033-1af5-4669-9480-d676dc6e875e/1/AoOaQaHyrbuNW2yth5V1ZAb8Stg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9a/408033-1af5-4669-9480-d676dc6e875e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 30 Jun 2023 08:55:02 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.163.21.0/24
IP: 2a12:9a00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:83:4f:93:54:3e:0e:63:9f:6b:c6:22:74:b2:d2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 30 08:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02839a41a1f2adbb8d5b6cad8795756406fc4ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:2a:27:f9:ef:70:24:c4:53:90:3a:3d:73:
34:e7:8b:4f:30:7f:03:44:45:f0:4b:4d:f1:15:50:
20:bd:10:f8:a7:1d:b3:88:13:4a:4a:80:f4:29:72:
05:8a:95:8d:77:fe:93:8a:41:50:52:8b:b8:4b:2f:
53:71:c8:2c:f0:df:1e:ab:87:6b:89:4d:6d:f1:5a:
7e:f2:df:37:37:2b:c0:69:d6:ed:52:43:55:7b:d7:
e5:0c:27:3f:b8:f3:c9:f2:db:ff:46:a4:a4:31:3f:
44:b3:95:8e:d8:45:e2:a6:90:89:4d:21:91:26:ad:
b4:18:e9:9a:d1:db:20:1c:0a:b8:cc:00:4b:aa:ab:
67:ce:c7:8a:a1:c8:89:d4:1a:1c:a6:3b:87:b8:72:
ef:3e:f8:f0:70:bc:54:53:32:ae:27:5e:48:22:c6:
7c:80:2b:31:d3:29:af:92:6b:f5:dc:44:1a:61:04:
bf:61:28:6c:c3:42:be:ad:14:56:3c:a0:02:16:cb:
e4:b7:a7:0c:0a:45:dd:77:fe:39:a5:5b:aa:c3:96:
d6:db:f8:b1:c6:9f:22:52:9e:cf:6e:f4:cc:d2:02:
65:ad:de:cf:70:58:68:5f:47:80:bb:49:50:b5:06:
44:08:2d:2f:1f:6b:69:b2:e9:b0:9c:9d:65:47:06:
c1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:83:9A:41:A1:F2:AD:BB:8D:5B:6C:AD:87:95:75:64:06:FC:4A:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/408033-1af5-4669-9480-d676dc6e875e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/408033-1af5-4669-9480-d676dc6e875e/1/AoOaQaHyrbuNW2yth5V1ZAb8Stg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.21.0/24
IPv6:
2a12:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
a7:7c:c3:3c:13:08:4f:4e:96:d4:4d:d8:5b:6c:a8:9a:19:f1:
85:50:4f:a4:ec:e3:e2:89:9b:cb:46:17:0e:0b:e5:53:6c:6f:
ec:1a:40:15:71:ca:7d:cb:e8:52:4a:de:90:9f:32:ec:b0:02:
92:9a:ef:16:a7:c6:46:91:8b:16:8d:c4:4e:cf:66:2f:8a:72:
65:78:c1:83:ee:2f:00:40:5e:99:85:2e:d3:5a:69:1e:59:47:
36:58:c4:cf:b4:c8:54:e0:fd:68:50:36:ca:c3:68:e1:a2:5b:
ac:bf:28:97:60:d5:f6:f8:56:1b:f4:81:1f:78:68:51:db:02:
12:26:41:50:b2:54:52:47:da:23:1b:6c:12:ad:05:45:ad:4e:
0e:87:99:13:14:09:3c:79:7e:65:19:1c:bf:95:bd:02:2d:11:
88:43:ee:0b:4a:90:27:11:05:24:54:d5:6c:31:f1:d5:a6:0b:
a7:97:5c:4b:fc:3c:68:49:1a:fc:0a:81:13:41:10:e1:30:6d:
3b:fe:3b:db:84:e5:d1:48:97:f5:3b:52:80:13:ca:78:89:85:
06:bf:09:8a:9b:40:59:9f:5b:f2:53:72:84:5b:26:eb:b3:1d:
3a:c1:58:8c:66:77:c4:90:93:0a:c4:f6:1b:71:f5:2e:9b:5d:
04:e0:58:8f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYkLg0+TVD4OY59rxiJ0stKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwNjMwMDg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjgzOWE0MWExZjJhZGJiOGQ1YjZjYWQ4Nzk1NzU2NDA2ZmM0YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnwqJ/nvcCTEU5A6PXM054tPMH8D
REXwS03xFVAgvRD4px2ziBNKSoD0KXIFipWNd/6TikFQUou4Sy9Tccgs8N8eq4dr
iU1t8Vp+8t83NyvAadbtUkNVe9flDCc/uPPJ8tv/RqSkMT9Es5WO2EXippCJTSGR
Jq20GOma0dsgHAq4zABLqqtnzseKociJ1BocpjuHuHLvPvjwcLxUUzKuJ15IIsZ8
gCsx0ymvkmv13EQaYQS/YShsw0K+rRRWPKACFsvkt6cMCkXdd/45pVuqw5bW2/ix
xp8iUp7PbvTM0gJlrd7PcFhoX0eAu0lQtQZECC0vH2tpsumwnJ1lRwbBVQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFAKDmkGh8q27jVtsrYeVdWQG/ErYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhLzQwODAz
My0xYWY1LTQ2NjktOTQ4MC1kNjc2ZGM2ZTg3NWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvNDA4MDMz
LTFhZjUtNDY2OS05NDgwLWQ2NzZkYzZlODc1ZS8xL0FvT2FRYUh5cmJ1TlcyeXRo
NVYxWkFiOFN0Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwaMVMA0EAgACMAcDBQMqEpoAMA0GCSqGSIb3
DQEBCwUAA4IBAQCnfMM8EwhPTpbUTdhbbKiaGfGFUE+k7OPiiZvLRhcOC+VTbG/s
GkAVccp9y+hSSt6QnzLssAKSmu8Wp8ZGkYsWjcROz2YvinJleMGD7i8AQF6ZhS7T
WmkeWUc2WMTPtMhU4P1oUDbKw2jholusvyiXYNX2+FYb9IEfeGhR2wISJkFQslRS
R9ojG2wSrQVFrU4Oh5kTFAk8eX5lGRy/lb0CLRGIQ+4LSpAnEQUkVNVsMfHVpgun
l1xL/DxoSRr8CoETQRDhMG07/jvbhOXRSJf1O1KAE8p4iYUGvwmKm0BZn1vyU3KE
Wybrsx06wViMZnfEkJMKxPYbcfUum10E4FiP
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:32 2025 by rpki-client