Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I6CD9qCQ47i2UV_r1VSZR_y8h4k.cer
File: I6CD9qCQ47i2UV_r1VSZR_y8h4k.cer (raw, json)
Hash identifier: jUOD7JTcV32MgR1zE5BsGjdfXvLA/mMJrmJlHiKVNCQ=
Subject key identifier: 23:A0:83:F6:A0:90:E3:B8:B6:51:5F:EB:D5:54:99:47:FC:BC:87:89
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A398FDF2EC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f9/26536a-dd3f-4cac-ac83-65914109c34d/1/I6CD9qCQ47i2UV_r1VSZR_y8h4k.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f9/26536a-dd3f-4cac-ac83-65914109c34d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 09:55:22 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 52000
IP: 185.15.208.0/22
IP: 185.142.32.0/22
IP: 2a03:afc0::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 702646448876 (0xa398fdf2ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23a083f6a090e3b8b6515febd5549947fcbc8789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:da:2c:7b:b1:07:91:f8:00:bc:46:55:30:5d:
02:4f:b5:9a:37:31:66:dd:7f:82:32:6b:23:fb:f3:
d8:64:55:b4:c5:34:e9:7d:b1:07:52:d2:de:20:d7:
b9:f2:3c:a6:b7:09:db:ea:a6:8a:d0:84:eb:f2:5f:
52:2c:94:85:cf:03:c0:d0:a8:21:8a:11:d0:f8:ec:
2e:fc:78:4c:e4:bc:67:de:f3:b7:1e:bc:bf:bf:d2:
08:52:d3:a0:d3:28:37:ee:9a:5f:39:7d:e2:37:2a:
f3:6a:f9:58:b9:f2:d0:d7:81:05:94:b8:8f:a1:51:
ba:5b:a3:60:b8:9d:cb:0a:33:ab:b0:b8:45:db:1a:
f2:ff:6a:37:c5:f9:6a:5a:e5:10:2a:eb:28:e6:bb:
a6:89:b9:b7:8f:77:13:7a:85:87:7f:1e:44:cc:51:
27:77:72:ab:08:c8:4d:f7:e3:23:b5:dc:cd:a3:73:
c3:05:a6:99:ba:b0:9a:cb:f9:dc:41:1c:9b:64:1e:
2b:05:6a:40:7b:43:24:67:c7:a3:5b:99:1b:9d:74:
8c:58:04:3c:4d:49:f7:c0:98:cd:8f:17:8d:52:0b:
f6:b3:e1:84:80:a2:23:5d:9e:64:15:7a:d9:f4:61:
f1:c8:41:f2:07:ab:7b:f0:63:f9:4d:ef:77:9d:47:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A0:83:F6:A0:90:E3:B8:B6:51:5F:EB:D5:54:99:47:FC:BC:87:89
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/26536a-dd3f-4cac-ac83-65914109c34d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/26536a-dd3f-4cac-ac83-65914109c34d/1/I6CD9qCQ47i2UV_r1VSZR_y8h4k.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.208.0/22
185.142.32.0/22
IPv6:
2a03:afc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
52000
Signature Algorithm: sha256WithRSAEncryption
90:92:ec:0e:47:ea:86:2a:38:23:b9:89:1a:b7:a7:ad:03:f3:
d4:ba:ff:78:a6:99:32:f2:04:d1:a4:10:28:53:c9:75:88:a3:
80:84:e4:0c:41:67:3b:67:85:6e:62:c3:66:67:b2:39:5b:79:
6a:69:a3:c1:c0:79:ce:e9:6a:ad:5f:ec:20:2e:0d:a7:59:3d:
d8:67:91:d2:01:96:be:af:eb:9a:b6:7a:2c:76:4c:92:d1:3b:
3e:6b:46:46:0b:7b:00:75:aa:fc:24:9b:13:a2:26:4d:c1:5f:
a6:c5:20:63:02:36:11:6b:87:ee:55:f8:86:e6:af:b1:51:bb:
4d:01:3b:1f:8d:64:ff:90:8d:20:e7:ad:7b:69:33:02:ed:ab:
99:d5:4f:b3:2e:37:2e:1e:2f:8c:c3:26:d9:72:0d:32:6b:24:
9f:77:ff:4f:1c:7d:e0:9c:4e:48:1d:5e:fe:97:87:bb:bd:47:
09:90:54:91:92:b0:73:73:03:41:94:e0:4a:50:8c:a7:ed:82:
d7:dc:cb:33:b8:e5:07:35:72:b1:d5:7e:53:78:fb:05:e8:98:
be:cb:15:c2:17:71:a5:32:4f:68:67:4b:14:52:1b:04:47:84:
15:30:ed:80:0f:04:fa:b8:17:7c:15:40:fe:0f:77:ec:80:da:
76:24:17:7b
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIGAKOY/fLsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDk1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyM2EwODNmNmEw
OTBlM2I4YjY1MTVmZWJkNTU0OTk0N2ZjYmM4Nzg5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEApdose7EHkfgAvEZVMF0CT7WaNzFm3X+CMmsj+/PYZFW0
xTTpfbEHUtLeINe58jymtwnb6qaK0ITr8l9SLJSFzwPA0KghihHQ+Owu/HhM5Lxn
3vO3Hry/v9IIUtOg0yg37ppfOX3iNyrzavlYufLQ14EFlLiPoVG6W6NguJ3LCjOr
sLhF2xry/2o3xflqWuUQKuso5rumibm3j3cTeoWHfx5EzFEnd3KrCMhN9+MjtdzN
o3PDBaaZurCay/ncQRybZB4rBWpAe0MkZ8ejW5kbnXSMWAQ8TUn3wJjNjxeNUgv2
s+GEgKIjXZ5kFXrZ9GHxyEHyB6t78GP5Te93nUe/dQIDAQABo4ICtTCCArEwHQYD
VR0OBBYEFCOgg/agkOO4tlFf69VUmUf8vIeJMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5LzI2NTM2YS1kZDNmLTRjYWMt
YWM4My02NTkxNDEwOWMzNGQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvMjY1MzZhLWRkM2YtNGNhYy1h
YzgzLTY1OTE0MTA5YzM0ZC8xL0k2Q0Q5cUNRNDdpMlVWX3IxVlNaUl95OGg0ay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQCuQ/QAwQCuY4gMA0EAgACMAcDBQAqA6/AMBoGCCsGAQUFBwEIAQH/
BAswCaAHMAUCAwDLIDANBgkqhkiG9w0BAQsFAAOCAQEAkJLsDkfqhio4I7mJGren
rQPz1Lr/eKaZMvIE0aQQKFPJdYijgITkDEFnO2eFbmLDZmeyOVt5ammjwcB5zulq
rV/sIC4Np1k92GeR0gGWvq/rmrZ6LHZMktE7PmtGRgt7AHWq/CSbE6ImTcFfpsUg
YwI2EWuH7lX4huavsVG7TQE7H41k/5CNIOete2kzAu2rmdVPsy43Lh4vjMMm2XIN
Mmskn3f/Txx94JxOSB1e/peHu71HCZBUkZKwc3MDQZTgSlCMp+2C19zLM7jlBzVy
sdV+U3j7BeiYvssVwhdxpTJPaGdLFFIbBEeEFTDtgA8E+rgXfBVA/g937IDadiQX
ew==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:26 2025 by rpki-client