Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KVvOWx426oDwZZguWNrvDZnzhDg.cer
File: KVvOWx426oDwZZguWNrvDZnzhDg.cer (raw, json)
Hash identifier: 3XiUOZ9XIUtn1Lxfzv69m/h6hGBskKWkj8xbbVMen4c=
Subject key identifier: 29:5B:CE:5B:1E:36:EA:80:F0:65:98:2E:58:DA:EF:0D:99:F3:84:38
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185701D8BA061754EDC5E7A6AFF3BB6986C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/0e23b0-f557-46f5-8cf3-5fc3a9391c3d/1/KVvOWx426oDwZZguWNrvDZnzhDg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/0e23b0-f557-46f5-8cf3-5fc3a9391c3d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 01:34:22 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 194.48.205.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1d:8b:a0:61:75:4e:dc:5e:7a:6a:ff:3b:b6:98:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:34:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=295bce5b1e36ea80f065982e58daef0d99f38438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:df:37:c6:2d:18:2d:3a:11:dc:15:a0:96:51:
4c:9c:f0:98:45:f3:d9:b2:18:6c:9a:3e:11:43:7b:
15:6f:77:c1:cc:fc:04:3b:16:d5:0c:64:6b:6d:e7:
3b:92:d0:a2:8a:3b:f9:28:4d:90:fd:c9:bd:4e:4a:
43:52:aa:4e:18:32:46:5e:c7:81:a4:d6:c7:9f:87:
30:40:87:6a:ca:98:66:c3:14:bc:d5:1c:17:e0:f0:
ad:42:92:2f:c2:95:fa:b0:9f:b3:fe:8f:a8:91:4f:
c8:2d:f3:70:c8:54:f5:ac:07:ea:18:d1:7d:ef:da:
14:3a:cf:d3:89:ba:74:76:a8:e0:7e:b0:9a:d2:7f:
f5:ee:c2:f7:1e:e3:88:68:8b:d3:4f:78:3e:6e:31:
a0:cc:47:04:14:c0:37:96:a8:64:77:08:47:7a:67:
a4:72:00:9a:ef:70:75:b6:93:8c:f6:75:54:0e:cd:
0b:92:9e:56:20:29:ac:92:af:cf:60:ad:6a:2a:81:
99:c1:f4:0d:b1:a8:70:97:8b:5a:ca:28:04:0b:86:
bb:79:9a:bb:72:22:29:e9:50:f2:9d:9b:44:19:29:
31:60:90:20:51:d6:86:cc:00:97:c5:f1:39:b9:b5:
2e:95:46:92:47:2e:e1:28:73:8f:6e:57:4a:b6:a4:
30:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5B:CE:5B:1E:36:EA:80:F0:65:98:2E:58:DA:EF:0D:99:F3:84:38
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0e23b0-f557-46f5-8cf3-5fc3a9391c3d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0e23b0-f557-46f5-8cf3-5fc3a9391c3d/1/KVvOWx426oDwZZguWNrvDZnzhDg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.205.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d7:0a:ab:78:81:0c:c2:bd:32:77:d4:e9:b0:97:12:f9:57:
0e:d6:58:87:2f:62:4d:a2:a7:e6:c9:d6:e2:7e:c3:8f:43:4f:
7e:cc:1d:1c:df:f0:86:d9:b3:7b:10:d7:0c:da:4e:61:17:cc:
f4:9f:66:67:94:d5:d3:f2:9b:5d:77:5d:37:e3:84:5d:f9:8e:
e8:29:fd:2b:b2:74:f4:17:d5:67:e1:f9:02:52:97:cc:a7:64:
0c:5b:62:65:c3:74:18:8b:d4:c3:e9:4a:a4:3d:ba:d3:cd:62:
d4:ad:62:b8:b6:a3:1d:9f:b3:4e:6a:71:5d:5a:1f:25:39:9b:
77:9e:3a:86:76:9d:17:61:68:e9:d2:58:ee:4c:2f:72:c1:e0:
e4:e5:ee:71:19:05:72:1d:c3:b4:c8:72:ed:e7:b6:eb:2d:ec:
2d:db:df:a4:77:37:e6:fa:09:2d:dd:14:bc:86:b8:f9:59:86:
25:fa:d6:58:5d:0a:84:84:b9:35:5a:d4:e8:2d:08:b4:cc:cb:
8b:ae:07:c3:da:0f:0b:78:66:c1:f9:63:90:f4:cd:ee:b3:60:
0d:4e:be:d7:c5:8a:64:17:80:5a:e1:20:4e:6a:c9:3b:9a:fb:
54:2e:0b:cf:57:84:dd:69:f2:58:78:0f:6e:89:9f:2d:50:db:
9a:85:20:07
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVwHYugYXVO3F56av87tphsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTViY2U1YjFlMzZlYTgwZjA2NTk4MmU1OGRhZWYwZDk5ZjM4NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN83xi0YLToR3BWgllFMnPCYRfPZ
shhsmj4RQ3sVb3fBzPwEOxbVDGRrbec7ktCiijv5KE2Q/cm9TkpDUqpOGDJGXseB
pNbHn4cwQIdqyphmwxS81RwX4PCtQpIvwpX6sJ+z/o+okU/ILfNwyFT1rAfqGNF9
79oUOs/Tibp0dqjgfrCa0n/17sL3HuOIaIvTT3g+bjGgzEcEFMA3lqhkdwhHemek
cgCa73B1tpOM9nVUDs0Lkp5WICmskq/PYK1qKoGZwfQNsahwl4tayigEC4a7eZq7
ciIp6VDynZtEGSkxYJAgUdaGzACXxfE5ubUulUaSRy7hKHOPbldKtqQwLwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFClbzlseNuqA8GWYLlja7w2Z84Q4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwLzBlMjNi
MC1mNTU3LTQ2ZjUtOGNmMy01ZmMzYTkzOTFjM2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvMGUyM2Iw
LWY1NTctNDZmNS04Y2YzLTVmYzNhOTM5MWMzZC8xL0tWdk9XeDQyNm9Ed1paZ3VX
TnJ2RFpuemhEZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwjDNMA0GCSqGSIb3DQEBCwUAA4IBAQB/1wqr
eIEMwr0yd9TpsJcS+VcO1liHL2JNoqfmydbifsOPQ09+zB0c3/CG2bN7ENcM2k5h
F8z0n2ZnlNXT8ptdd10344Rd+Y7oKf0rsnT0F9Vn4fkCUpfMp2QMW2Jlw3QYi9TD
6UqkPbrTzWLUrWK4tqMdn7NOanFdWh8lOZt3njqGdp0XYWjp0ljuTC9yweDk5e5x
GQVyHcO0yHLt57brLewt29+kdzfm+gkt3RS8hrj5WYYl+tZYXQqEhLk1WtToLQi0
zMuLrgfD2g8LeGbB+WOQ9M3us2ANTr7XxYpkF4Ba4SBOask7mvtULgvPV4TdafJY
eA9uiZ8tUNuahSAH
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:35 2025 by rpki-client