Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O2QqDnSsPSb98b9msXeMNIiEtXc.cer
File: O2QqDnSsPSb98b9msXeMNIiEtXc.cer (raw, json)
Hash identifier: JZ7kj1RFTMb8afQfoeAplXFov3pfwvKSzfJm4c4QvT4=
Subject key identifier: 3B:64:2A:0E:74:AC:3D:26:FD:F1:BF:66:B1:77:8C:34:88:84:B5:77
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A4E9B43BEA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/03160f-1f57-4d02-86e7-78d09b48be06/1/O2QqDnSsPSb98b9msXeMNIiEtXc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/03160f-1f57-4d02-86e7-78d09b48be06/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 10:56:40 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 152.89.236.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 708295539690 (0xa4e9b43bea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b642a0e74ac3d26fdf1bf66b1778c348884b577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:0e:eb:ba:05:f3:de:2b:56:6e:96:a3:b2:
53:b5:a1:77:5e:24:60:df:6e:bc:7c:72:13:a4:18:
9e:04:27:28:83:b0:98:ec:0a:e0:d5:a5:c8:d6:fe:
f3:68:c8:0f:1c:be:fd:0a:05:57:d6:1e:06:6b:f1:
aa:31:c4:1c:d0:75:cf:6e:d2:a5:1a:9c:5b:3e:49:
45:f1:9b:ec:92:07:fc:ab:90:cd:25:91:9d:43:9c:
93:37:d7:01:46:be:35:09:5c:cc:2c:b4:2e:c2:68:
f7:54:49:3b:18:40:0b:6a:e4:13:50:14:47:5b:4f:
4e:e1:90:33:ee:53:16:35:af:4e:a0:0b:5f:d7:8d:
ac:f3:10:b1:b0:b9:d9:5e:6b:76:3b:cd:ba:9e:d3:
68:35:3b:41:fc:f4:c8:25:04:b3:b9:ff:ec:b0:ac:
d9:05:6e:d4:88:ae:7d:ac:39:f7:fa:30:09:4f:96:
f1:50:35:7a:b7:49:1f:a2:a4:ab:59:eb:20:77:cd:
73:65:3d:ea:d4:9e:34:5f:1c:38:d2:59:1f:a8:81:
4d:5f:7b:99:0e:68:f3:84:20:97:97:df:46:4b:13:
2a:a4:39:97:77:5f:55:f8:97:1c:e3:d5:09:9c:a1:
60:e0:e6:e3:b4:28:dc:ad:94:15:96:93:cc:a0:7e:
9a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:64:2A:0E:74:AC:3D:26:FD:F1:BF:66:B1:77:8C:34:88:84:B5:77
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/03160f-1f57-4d02-86e7-78d09b48be06/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/03160f-1f57-4d02-86e7-78d09b48be06/1/O2QqDnSsPSb98b9msXeMNIiEtXc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.236.0/22
Signature Algorithm: sha256WithRSAEncryption
58:f2:f9:96:af:82:22:43:50:cc:20:be:73:0f:fe:88:06:ac:
64:2e:8b:64:8a:d6:27:b9:8a:38:15:07:19:22:64:c3:43:5f:
f4:32:ea:ac:54:49:8d:df:6e:9b:97:de:6f:cf:1b:fe:df:eb:
09:e3:d8:10:c9:0f:c0:56:f6:e4:a9:cb:82:a0:0b:1b:47:e2:
6e:8d:94:3e:68:7b:94:b4:5b:50:ae:8a:aa:87:c0:3d:26:97:
7f:8a:4d:72:fb:fa:02:e1:87:c0:da:fc:7d:8f:30:75:0f:7d:
ec:96:65:44:7e:00:46:7a:a3:b0:d7:a4:a2:3b:96:92:74:6f:
61:a9:99:54:80:ac:db:97:70:b7:56:01:fc:3a:22:cc:29:de:
e2:b7:66:56:e8:00:d7:f7:cd:24:bf:5d:e2:b6:6d:a5:d5:7c:
a6:89:d0:0e:93:e3:84:8e:36:38:8d:23:c7:08:20:dc:16:07:
75:1f:23:e5:41:e2:13:0d:82:95:84:cf:51:7e:f5:dd:43:0e:
ac:fb:cd:d7:0d:63:4e:4b:c2:28:c2:b8:69:a0:1f:f2:bb:cc:
35:ab:27:0f:a6:eb:52:22:d5:69:f7:5a:d7:ce:b0:cb:57:32:
f3:f6:06:d3:3e:33:7a:25:8a:a9:ae:7b:d1:a5:12:16:44:5e:
9c:53:c1:d4
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKTptDvqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTA1NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYjY0MmEwZTc0
YWMzZDI2ZmRmMWJmNjZiMTc3OGMzNDg4ODRiNTc3MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAxt0O67oF894rVm6Wo7JTtaF3XiRg3268fHITpBieBCco
g7CY7Arg1aXI1v7zaMgPHL79CgVX1h4Ga/GqMcQc0HXPbtKlGpxbPklF8Zvskgf8
q5DNJZGdQ5yTN9cBRr41CVzMLLQuwmj3VEk7GEALauQTUBRHW09O4ZAz7lMWNa9O
oAtf142s8xCxsLnZXmt2O826ntNoNTtB/PTIJQSzuf/ssKzZBW7UiK59rDn3+jAJ
T5bxUDV6t0kfoqSrWesgd81zZT3q1J40Xxw40lkfqIFNX3uZDmjzhCCXl99GSxMq
pDmXd19V+Jcc49UJnKFg4ObjtCjcrZQVlpPMoH6a9wIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFDtkKg50rD0m/fG/ZrF3jDSIhLV3MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzAzMTYwZi0xZjU3LTRkMDIt
ODZlNy03OGQwOWI0OGJlMDYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvMDMxNjBmLTFmNTctNGQwMi04
NmU3LTc4ZDA5YjQ4YmUwNi8xL08yUXFEblNzUFNiOThiOW1zWGVNTklpRXRYYy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCmFnsMA0GCSqGSIb3DQEBCwUAA4IBAQBY8vmWr4IiQ1DMIL5zD/6I
BqxkLotkitYnuYo4FQcZImTDQ1/0MuqsVEmN326bl95vzxv+3+sJ49gQyQ/AVvbk
qcuCoAsbR+JujZQ+aHuUtFtQroqqh8A9Jpd/ik1y+/oC4YfA2vx9jzB1D33slmVE
fgBGeqOw16SiO5aSdG9hqZlUgKzbl3C3VgH8OiLMKd7it2ZW6ADX980kv13itm2l
1XymidAOk+OEjjY4jSPHCCDcFgd1HyPlQeITDYKVhM9RfvXdQw6s+83XDWNOS8Io
wrhpoB/yu8w1qycPputSItVp91rXzrDLVzLz9gbTPjN6JYqprnvRpRIWRF6cU8HU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:47 2025 by rpki-client