Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer
File: Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.cer (raw, json)
Hash identifier: N81NXPtq+aud5iT6MpgN/7y1dwfzmT/ZBE7H4JsTJEI=
Subject key identifier: 23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856EFB5E1E6BC63684CAA02F5A905A4AFF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 20:17:25 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.234.14.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:fb:5e:1e:6b:c6:36:84:ca:a0:2f:5a:90:5a:4a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:17:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=231d9096ef96ec16cb0ae68aa39671051f4f285a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:51:e1:70:a2:cb:7e:34:65:28:29:59:af:eb:
3c:fa:7a:41:8e:83:dd:c0:93:60:e5:fc:fd:2a:86:
f1:ea:94:6b:81:d0:f3:f3:e9:a5:38:41:85:ee:d8:
4d:51:58:bf:35:ec:c9:b8:1b:99:38:cf:ba:d7:47:
c9:5f:ad:21:8f:71:89:e2:36:9c:fd:ad:2b:6f:71:
3f:70:10:32:0d:cc:85:9c:82:fc:46:9b:83:e8:82:
94:85:83:61:1e:19:df:4e:ee:36:4a:20:22:18:31:
95:6b:16:dd:96:62:52:d7:71:5c:c6:24:04:97:c7:
b1:8a:37:35:a6:77:b0:bf:da:ef:f7:66:d8:a4:f3:
fb:4c:71:5d:02:15:43:fe:85:bf:07:12:b6:f1:49:
89:19:82:7b:10:15:5e:e6:07:1e:69:14:eb:23:a7:
3c:99:bc:72:90:51:80:a3:32:3e:6a:72:cc:51:f6:
c2:51:07:78:d2:ff:8c:9e:31:e0:0a:21:0d:f0:34:
1e:bd:0f:16:66:f0:d2:96:cf:08:f0:0d:78:49:6e:
c1:1d:86:97:ed:70:f6:62:8a:0a:17:6b:5e:6a:be:
00:87:12:08:a1:4a:42:0a:98:0c:7e:57:2d:b1:12:
ba:e5:e0:0d:4d:f4:b6:07:1e:de:bd:1c:a1:29:5a:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1D:90:96:EF:96:EC:16:CB:0A:E6:8A:A3:96:71:05:1F:4F:28:5A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/90f022-2efd-459d-8e22-cee4437961be/1/Ix2Qlu-W7BbLCuaKo5ZxBR9PKFo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.14.0/24
Signature Algorithm: sha256WithRSAEncryption
89:fe:f4:5d:23:7e:eb:2d:f5:7a:93:9f:eb:77:33:d3:48:78:
5c:8f:ec:4e:4b:c0:bf:50:4c:2e:a2:a7:86:89:9b:3e:d2:d7:
4a:cf:ae:ff:36:a0:6c:c0:48:8b:78:1c:a0:49:32:d0:b2:95:
fc:ae:81:88:24:bb:c9:65:bf:71:57:fe:ac:be:41:44:38:d9:
72:b0:6f:33:47:30:88:1d:ed:65:e1:ff:ed:8e:9a:9b:41:7d:
7e:76:00:8e:8d:77:23:c4:46:f4:59:d5:a0:cf:7d:4d:7a:06:
76:74:2e:a0:c2:16:f5:72:a6:c9:33:68:f3:7d:37:20:39:9d:
b6:12:d1:1b:dc:dd:72:94:52:ee:fd:8a:30:60:b6:6d:81:81:
83:e4:72:4c:87:8b:f2:4b:a1:a4:d1:c6:4b:e2:b6:41:7e:55:
81:a2:c9:77:49:22:55:d2:01:ba:84:aa:79:5e:9d:35:ac:8c:
c9:72:39:55:8b:2d:ee:82:e5:43:1e:82:93:1c:f9:9c:62:8e:
43:a7:ab:c8:7d:82:53:7c:d1:4f:8a:e2:29:0e:ff:84:59:3b:
a8:b8:81:38:fb:9d:b4:46:c1:ee:bd:92:08:8a:83:87:25:76:
3f:b9:16:47:71:db:23:64:06:4d:cb:6e:f4:ee:79:7a:ff:c6:
5f:5e:d4:52
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVu+14ea8Y2hMqgL1qQWkr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjAxNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFkOTA5NmVmOTZlYzE2Y2IwYWU2OGFhMzk2NzEwNTFmNGYyODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FHhcKLLfjRlKClZr+s8+npBjoPd
wJNg5fz9Kobx6pRrgdDz8+mlOEGF7thNUVi/NezJuBuZOM+610fJX60hj3GJ4jac
/a0rb3E/cBAyDcyFnIL8RpuD6IKUhYNhHhnfTu42SiAiGDGVaxbdlmJS13FcxiQE
l8exijc1pnewv9rv92bYpPP7THFdAhVD/oW/BxK28UmJGYJ7EBVe5gceaRTrI6c8
mbxykFGAozI+anLMUfbCUQd40v+MnjHgCiEN8DQevQ8WZvDSls8I8A14SW7BHYaX
7XD2YooKF2tear4AhxIIoUpCCpgMflctsRK65eANTfS2Bx7evRyhKVoMywIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFCMdkJbvluwWywrmiqOWcQUfTyhaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzkwZjAy
Mi0yZWZkLTQ1OWQtOGUyMi1jZWU0NDM3OTYxYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvOTBmMDIy
LTJlZmQtNDU5ZC04ZTIyLWNlZTQ0Mzc5NjFiZS8xL0l4MlFsdS1XN0JiTEN1YUtv
NVp4QlI5UEtGby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAueoOMA0GCSqGSIb3DQEBCwUAA4IBAQCJ/vRd
I37rLfV6k5/rdzPTSHhcj+xOS8C/UEwuoqeGiZs+0tdKz67/NqBswEiLeBygSTLQ
spX8roGIJLvJZb9xV/6svkFEONlysG8zRzCIHe1l4f/tjpqbQX1+dgCOjXcjxEb0
WdWgz31NegZ2dC6gwhb1cqbJM2jzfTcgOZ22EtEb3N1ylFLu/YowYLZtgYGD5HJM
h4vyS6Gk0cZL4rZBflWBosl3SSJV0gG6hKp5Xp01rIzJcjlViy3uguVDHoKTHPmc
Yo5Dp6vIfYJTfNFPiuIpDv+EWTuouIE4+520RsHuvZIIioOHJXY/uRZHcdsjZAZN
y2707nl6/8ZfXtRS
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:53:05 2025 by rpki-client