Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EXUdefJpu2QAd2S2mprpx9d85bw.cer
File: EXUdefJpu2QAd2S2mprpx9d85bw.cer (raw, json)
Hash identifier: X8N/5H1vPf2m6sWOzyd2bEOMhjiVxrCPVPEjYplfevo=
Subject key identifier: 11:75:1D:79:F2:69:BB:64:00:77:64:B6:9A:9A:E9:C7:D7:7C:E5:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A883CF1F42
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b7/bb0dda-3dee-4c2c-88ae-8f709e427f9d/1/EXUdefJpu2QAd2S2mprpx9d85bw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b7/bb0dda-3dee-4c2c-88ae-8f709e427f9d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 14:00:00 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.114.64.0/22
IP: 2a09:8fc0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 723765894978 (0xa883cf1f42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11751d79f269bb64007764b69a9ae9c7d77ce5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8b:97:73:cf:ba:b5:f2:3e:57:74:e8:a4:71:
38:f9:0e:dc:3c:df:ba:05:d4:96:c6:ab:2d:a4:96:
6f:92:ab:8d:05:0e:ad:2c:9a:b2:8d:3c:96:db:02:
dd:c8:88:53:92:14:ce:44:c5:c6:e6:55:21:06:0c:
c4:c0:cb:17:22:79:8c:d1:e7:a9:81:0d:6f:65:c0:
f6:f3:dc:0b:73:bb:4a:b3:25:7b:12:2e:9f:df:83:
26:e8:3a:a6:e2:2d:25:15:03:da:be:87:1a:1f:2e:
7b:21:8d:af:e7:ee:50:56:10:fa:57:2d:37:ed:f2:
6d:01:74:08:0f:e6:75:f2:2c:54:35:26:6a:b3:e1:
9e:6c:c6:4b:60:c0:cb:1f:a6:fc:f5:c1:e5:55:b3:
6f:54:c6:85:a0:2f:9a:93:c8:1f:a8:41:2c:96:11:
2a:53:46:42:8a:72:b9:92:7a:5d:58:f9:fa:94:c5:
56:09:fa:91:da:44:f0:24:c9:9d:70:cb:b8:d2:fc:
3b:c8:13:0b:48:a9:f0:4f:bc:c4:e0:af:02:9a:bc:
67:71:db:6f:aa:a0:e7:51:c7:0d:43:6a:0b:83:bf:
20:02:d6:d6:19:54:1c:c8:5a:62:af:ff:73:12:ff:
8a:98:4c:b7:a6:d3:56:48:1d:11:bc:06:c3:01:ab:
88:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:75:1D:79:F2:69:BB:64:00:77:64:B6:9A:9A:E9:C7:D7:7C:E5:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bb0dda-3dee-4c2c-88ae-8f709e427f9d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bb0dda-3dee-4c2c-88ae-8f709e427f9d/1/EXUdefJpu2QAd2S2mprpx9d85bw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.64.0/22
IPv6:
2a09:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:b5:de:8c:a0:9d:90:93:49:f3:5d:84:6f:2c:f0:47:9e:3c:
26:26:27:7f:cd:26:3c:1b:c1:c6:91:50:72:21:a5:4b:a2:6b:
77:4b:ab:5b:a1:55:16:79:48:40:4d:60:77:9e:52:1d:af:39:
d1:22:de:4e:82:af:86:11:e8:84:40:4e:84:c4:68:97:c9:e0:
00:48:04:22:38:fa:c5:25:21:33:72:91:ee:ed:1c:72:f2:a5:
cd:32:2f:4d:36:b6:ce:22:cb:b8:93:16:7c:81:73:ca:f4:af:
ea:19:21:21:42:fe:ed:a7:c2:0a:77:2d:da:40:bf:a5:39:8d:
30:64:bd:51:73:89:6d:7d:be:54:3d:a0:16:10:de:c2:0a:14:
eb:fa:28:75:7a:03:44:0e:b1:5b:69:87:6b:0b:2f:45:8d:9d:
f5:eb:70:9a:61:23:ce:7b:45:32:72:e1:3a:dd:0b:47:64:73:
f9:cf:9a:a8:60:c2:22:5c:56:a8:03:a4:ba:a0:1d:bc:82:1b:
e2:2a:bc:ba:a1:13:c8:19:fa:e5:3c:2b:c9:24:13:d3:c3:f4:
57:5c:99:0d:4c:07:dd:10:20:8d:cb:bd:1f:fc:aa:6d:9b:f6:
17:d8:44:28:1f:39:62:0f:17:bd:f9:fe:3b:86:c3:52:33:e8:
13:68:66:44
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKiDzx9CMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTQwMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxMTc1MWQ3OWYy
NjliYjY0MDA3NzY0YjY5YTlhZTljN2Q3N2NlNWJjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlYuXc8+6tfI+V3TopHE4+Q7cPN+6BdSWxqstpJZvkquN
BQ6tLJqyjTyW2wLdyIhTkhTORMXG5lUhBgzEwMsXInmM0eepgQ1vZcD289wLc7tK
syV7Ei6f34Mm6Dqm4i0lFQPavocaHy57IY2v5+5QVhD6Vy037fJtAXQID+Z18ixU
NSZqs+GebMZLYMDLH6b89cHlVbNvVMaFoC+ak8gfqEEslhEqU0ZCinK5knpdWPn6
lMVWCfqR2kTwJMmdcMu40vw7yBMLSKnwT7zE4K8CmrxncdtvqqDnUccNQ2oLg78g
AtbWGVQcyFpir/9zEv+KmEy3ptNWSB0RvAbDAauIBQIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFBF1HXnyabtkAHdktpqa6cfXfOW8MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I3L2JiMGRkYS0zZGVlLTRjMmMt
ODhhZS04ZjcwOWU0MjdmOWQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcvYmIwZGRhLTNkZWUtNGMyYy04
OGFlLThmNzA5ZTQyN2Y5ZC8xL0VYVWRlZkpwdTJRQWQyUzJtcHJweDlkODVidy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCuXJAMA0EAgACMAcDBQMqCY/AMA0GCSqGSIb3DQEBCwUAA4IBAQAB
td6MoJ2Qk0nzXYRvLPBHnjwmJid/zSY8G8HGkVByIaVLomt3S6tboVUWeUhATWB3
nlIdrznRIt5Ogq+GEeiEQE6ExGiXyeAASAQiOPrFJSEzcpHu7Rxy8qXNMi9NNrbO
Isu4kxZ8gXPK9K/qGSEhQv7tp8IKdy3aQL+lOY0wZL1Rc4ltfb5UPaAWEN7CChTr
+ih1egNEDrFbaYdrCy9FjZ3163CaYSPOe0UycuE63QtHZHP5z5qoYMIiXFaoA6S6
oB28ghviKry6oRPIGfrlPCvJJBPTw/RXXJkNTAfdECCNy70f/Kptm/YX2EQoHzli
Dxe9+f47hsNSM+gTaGZE
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:41:28 2025 by rpki-client