Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q0XXPoLz_9cV5i9Qa_uPPB7UX8k.cer
File: Q0XXPoLz_9cV5i9Qa_uPPB7UX8k.cer (raw, json)
Hash identifier: XxK1NyMEFUBMPqWc+/b5D/xjazs72N7W6Wcn49ilJH8=
Subject key identifier: 43:45:D7:3E:82:F3:FF:D7:15:E6:2F:50:6B:FB:8F:3C:1E:D4:5F:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A58B1ADDD7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/7f2ba9-b94c-402e-8ecc-23bfb271d598/1/Q0XXPoLz_9cV5i9Qa_uPPB7UX8k.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/7f2ba9-b94c-402e-8ecc-23bfb271d598/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 11:03:22 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 206753
IP: 185.177.52.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 711003397591 (0xa58b1addd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:03:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4345d73e82f3ffd715e62f506bfb8f3c1ed45fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:1e:7e:b8:ec:ce:57:5a:1c:4b:18:a6:cc:
f5:09:53:ff:d0:fb:f0:89:f5:d7:75:2d:cc:b3:51:
7e:a9:a0:75:4b:e5:bf:a9:aa:6e:ec:83:48:9b:bc:
2c:e9:d7:5c:e3:20:b7:48:0f:da:e6:18:ef:29:92:
57:11:86:af:07:01:59:5b:37:11:7e:c4:82:fa:c1:
18:8d:1c:bc:ae:8e:2a:1c:40:9f:2a:82:79:ef:a1:
ef:82:d9:91:10:8d:c2:0b:d5:ff:97:25:1c:c3:c6:
b7:df:19:23:93:f9:2f:96:21:d6:94:b2:69:7c:2d:
08:ab:6f:b4:9d:54:cb:da:f3:c9:b6:6a:74:41:b7:
ad:f6:39:81:05:e3:20:f0:f9:ef:db:1b:74:53:aa:
a2:ce:83:24:24:84:52:c2:ba:e9:cf:d5:90:8e:e4:
5b:5f:f7:b2:d4:58:1b:c5:9a:33:03:f2:71:20:ff:
54:d5:d5:0c:8c:4f:9c:3a:5f:bf:a8:5e:07:42:63:
c3:fd:83:16:4d:66:97:00:7a:ae:14:53:de:1a:63:
a9:24:be:29:77:c8:43:2b:05:c6:68:6e:02:f7:07:
62:d2:23:c2:22:1e:7a:87:18:db:16:80:1b:09:01:
32:88:2d:8e:60:81:9b:bc:19:e4:f8:ab:95:b4:c9:
17:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:45:D7:3E:82:F3:FF:D7:15:E6:2F:50:6B:FB:8F:3C:1E:D4:5F:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7f2ba9-b94c-402e-8ecc-23bfb271d598/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/7f2ba9-b94c-402e-8ecc-23bfb271d598/1/Q0XXPoLz_9cV5i9Qa_uPPB7UX8k.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.52.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206753
Signature Algorithm: sha256WithRSAEncryption
36:29:42:82:3d:4d:a4:bd:7e:20:a9:22:9e:d2:1a:52:9d:30:
53:4c:92:c8:48:52:12:5f:ce:38:ad:15:b9:6c:61:c9:d9:d8:
b4:4c:c5:e7:37:0e:8b:09:35:0b:9b:40:cc:86:60:eb:92:72:
40:b8:b3:6a:19:02:cd:97:77:8b:f1:6c:73:d5:42:59:3a:3d:
2c:f0:2d:4c:2a:e5:19:9a:8f:45:d9:55:48:34:c8:76:cc:31:
7d:cd:c9:8c:b0:f1:21:a6:68:d1:2b:03:e5:a0:52:fc:f0:bc:
50:9d:32:b9:ea:c1:90:2d:67:79:63:67:b6:c4:65:ba:b3:2f:
72:2a:a7:53:37:2d:cd:ef:6e:34:1e:05:d9:8b:33:1e:77:aa:
46:d0:a3:e4:2c:9e:d4:a2:62:f3:9c:79:cb:d3:47:72:0e:3a:
18:fc:06:3e:43:cd:3c:59:92:53:2a:4f:06:d4:98:f9:59:de:
61:6e:a7:34:2e:42:13:ac:a9:50:dd:23:35:c6:85:d4:bc:09:
46:4d:88:03:e2:15:86:17:c0:37:41:d8:41:7f:fd:6c:46:ac:
1a:c5:19:be:46:04:4e:35:5c:76:64:51:61:d6:bc:61:6f:e0:
78:e5:fd:a7:72:eb:f0:2d:6c:54:00:0d:65:82:b5:1e:74:af:
ee:01:93:ad
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAKWLGt3XMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTEwMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MzQ1ZDczZTgy
ZjNmZmQ3MTVlNjJmNTA2YmZiOGYzYzFlZDQ1ZmM5MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAragefrjszldaHEsYpsz1CVP/0PvwifXXdS3Ms1F+qaB1
S+W/qapu7INIm7ws6ddc4yC3SA/a5hjvKZJXEYavBwFZWzcRfsSC+sEYjRy8ro4q
HECfKoJ576HvgtmREI3CC9X/lyUcw8a33xkjk/kvliHWlLJpfC0Iq2+0nVTL2vPJ
tmp0Qbet9jmBBeMg8Pnv2xt0U6qizoMkJIRSwrrpz9WQjuRbX/ey1FgbxZozA/Jx
IP9U1dUMjE+cOl+/qF4HQmPD/YMWTWaXAHquFFPeGmOpJL4pd8hDKwXGaG4C9wdi
0iPCIh56hxjbFoAbCQEyiC2OYIGbvBnk+KuVtMkX6wIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFENF1z6C8//XFeYvUGv7jzwe1F/JMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzLzdmMmJhOS1iOTRjLTQwMmUt
OGVjYy0yM2JmYjI3MWQ1OTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvN2YyYmE5LWI5NGMtNDAyZS04
ZWNjLTIzYmZiMjcxZDU5OC8xL1EwWFhQb0x6XzljVjVpOVFhX3VQUEI3VVg4ay5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCubE0MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMnoTANBgkqhkiG
9w0BAQsFAAOCAQEANilCgj1NpL1+IKkintIaUp0wU0ySyEhSEl/OOK0VuWxhydnY
tEzF5zcOiwk1C5tAzIZg65JyQLizahkCzZd3i/Fsc9VCWTo9LPAtTCrlGZqPRdlV
SDTIdswxfc3JjLDxIaZo0SsD5aBS/PC8UJ0yuerBkC1neWNntsRlurMvciqnUzct
ze9uNB4F2YszHneqRtCj5Cye1KJi85x5y9NHcg46GPwGPkPNPFmSUypPBtSY+Vne
YW6nNC5CE6ypUN0jNcaF1LwJRk2IA+IVhhfAN0HYQX/9bEasGsUZvkYETjVcdmRR
Yda8YW/geOX9p3Lr8C1sVAANZYK1HnSv7gGTrQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:51:59 2025 by rpki-client