Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ishati1JL-da6VK0hhvxb2Tsgo4.cer
File: Ishati1JL-da6VK0hhvxb2Tsgo4.cer (raw, json)
Hash identifier: LTy59MruCYEdjoZfosrCiM9lpOVyJiqbIP0TnHW4jx0=
Subject key identifier: 22:C8:5A:B6:2D:49:2F:E7:5A:E9:52:B4:86:1B:F1:6F:64:EC:82:8E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AA6533A6BF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/08/ad27de-fe18-42f0-8df0-a5e9a76d0047/1/Ishati1JL-da6VK0hhvxb2Tsgo4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/08/ad27de-fe18-42f0-8df0-a5e9a76d0047/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 15:55:22 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 194.176.123.0/24
IP: 194.180.12.0/24
IP: 194.180.16.0/24
IP: 194.180.19.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 731842324159 (0xaa6533a6bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22c85ab62d492fe75ae952b4861bf16f64ec828e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:a0:d4:bb:e9:f9:8b:08:d8:95:08:a9:4d:
db:e5:ff:d8:79:30:38:a4:58:20:6b:7d:7e:2d:0d:
cc:99:95:f7:a9:e3:16:80:5d:60:4d:fd:fd:2c:71:
f0:d7:63:47:52:53:20:2a:b6:e8:04:b7:ec:ec:7c:
94:af:25:26:e6:d8:80:d5:e2:26:b1:45:77:3a:ac:
ef:35:62:cb:40:be:85:cd:02:1a:32:a6:3f:33:fc:
1a:69:de:34:42:55:5d:5d:6b:c4:17:df:c4:6a:19:
d5:13:e0:d7:e4:fa:bd:5b:90:37:13:1c:1f:61:79:
b4:77:d4:e0:54:69:0b:32:d2:36:a4:8c:f5:f6:b7:
be:bb:58:36:6f:68:af:b1:03:cb:d3:53:11:8b:ad:
80:b3:e3:83:17:c5:63:cd:55:05:44:c1:87:b7:23:
d2:e2:d8:87:c3:25:99:2a:0e:f7:03:a1:60:5c:47:
e4:77:13:0c:6d:2f:79:a8:5d:2c:ee:35:7a:2f:dc:
b0:01:e0:b6:b9:33:37:11:53:65:0c:be:6a:98:1f:
19:00:dc:07:72:c7:da:e3:59:d6:7b:bb:2b:e2:43:
e3:21:01:a6:c8:00:96:55:98:6f:7c:42:72:d2:31:
2e:e0:b3:73:03:d2:39:10:42:13:1d:75:aa:44:01:
d5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C8:5A:B6:2D:49:2F:E7:5A:E9:52:B4:86:1B:F1:6F:64:EC:82:8E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad27de-fe18-42f0-8df0-a5e9a76d0047/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ad27de-fe18-42f0-8df0-a5e9a76d0047/1/Ishati1JL-da6VK0hhvxb2Tsgo4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.123.0/24
194.180.12.0/24
194.180.16.0/24
194.180.19.0/24
Signature Algorithm: sha256WithRSAEncryption
19:31:9f:bb:f9:36:7c:57:70:14:f9:44:41:84:28:1b:b4:d8:
07:05:32:37:72:80:57:a5:b4:71:36:35:43:88:d7:c2:d7:59:
f9:fb:ff:9e:ea:cf:9e:80:ef:b4:95:e9:69:b5:1a:96:d3:82:
2f:85:3c:25:39:f5:95:57:78:90:df:1b:54:44:7a:a5:2b:35:
43:38:37:9f:65:3c:c2:8b:7b:2f:b8:cd:60:f2:b4:85:41:1f:
8e:2a:91:05:3c:8b:9f:53:ad:71:fd:59:18:8a:ea:e0:19:d8:
58:54:a6:b3:01:63:f3:b2:54:07:5a:8e:f8:2c:e9:37:fe:e4:
48:b3:ed:9c:c2:1e:81:7d:4d:13:85:ae:0b:3a:05:21:82:c1:
77:5d:53:75:24:8c:e4:8f:2f:b2:ad:93:c9:c1:97:53:27:eb:
d4:1d:7c:f8:5a:b4:7a:2d:a1:d9:0c:44:11:12:c7:a2:55:41:
50:c1:90:e8:23:7f:1b:5f:f5:6a:5e:e9:ff:29:79:5e:28:7e:
a4:76:d8:3e:14:ec:20:72:da:ae:23:f2:92:f0:95:9c:a3:29:
96:d4:1c:78:eb:01:2b:b6:95:3d:4a:9e:42:4e:8f:14:bc:c6:
85:1f:00:80:4b:9b:d7:32:85:b6:17:61:84:ca:0d:02:52:c2:
eb:73:6b:bf
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIGAKplM6a/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTU1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMmM4NWFiNjJk
NDkyZmU3NWFlOTUyYjQ4NjFiZjE2ZjY0ZWM4MjhlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArc+g1Lvp+YsI2JUIqU3b5f/YeTA4pFgga31+LQ3MmZX3
qeMWgF1gTf39LHHw12NHUlMgKrboBLfs7HyUryUm5tiA1eImsUV3OqzvNWLLQL6F
zQIaMqY/M/waad40QlVdXWvEF9/EahnVE+DX5Pq9W5A3ExwfYXm0d9TgVGkLMtI2
pIz19re+u1g2b2ivsQPL01MRi62As+ODF8VjzVUFRMGHtyPS4tiHwyWZKg73A6Fg
XEfkdxMMbS95qF0s7jV6L9ywAeC2uTM3EVNlDL5qmB8ZANwHcsfa41nWe7sr4kPj
IQGmyACWVZhvfEJy0jEu4LNzA9I5EEITHXWqRAHVsQIDAQABo4ICljCCApIwHQYD
VR0OBBYEFCLIWrYtSS/nWulStIYb8W9k7IKOMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA4L2FkMjdkZS1mZTE4LTQyZjAt
OGRmMC1hNWU5YTc2ZDAwNDcvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgvYWQyN2RlLWZlMTgtNDJmMC04
ZGYwLWE1ZTlhNzZkMDA0Ny8xL0lzaGF0aTFKTC1kYTZWSzBoaHZ4YjJUc2dvNC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAe
BAIAATAYAwQAwrB7AwQAwrQMAwQAwrQQAwQAwrQTMA0GCSqGSIb3DQEBCwUAA4IB
AQAZMZ+7+TZ8V3AU+URBhCgbtNgHBTI3coBXpbRxNjVDiNfC11n5+/+e6s+egO+0
lelptRqW04IvhTwlOfWVV3iQ3xtURHqlKzVDODefZTzCi3svuM1g8rSFQR+OKpEF
PIufU61x/VkYiurgGdhYVKazAWPzslQHWo74LOk3/uRIs+2cwh6BfU0Tha4LOgUh
gsF3XVN1JIzkjy+yrZPJwZdTJ+vUHXz4WrR6LaHZDEQREseiVUFQwZDoI38bX/Vq
Xun/KXleKH6kdtg+FOwgctquI/KS8JWcoymW1Bx46wErtpU9Sp5CTo8UvMaFHwCA
S5vXMoW2F2GEyg0CUsLrc2u/
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:49:34 2025 by rpki-client