Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qnh2_O3zMiJByi0PEv-pL0TuMBQ.cer
File: Qnh2_O3zMiJByi0PEv-pL0TuMBQ.cer (raw, json)
Hash identifier: 5Je06jzpKqDyI1rDPrP9u66afYbl3v4BBAo533Wwra8=
Subject key identifier: 42:78:76:FC:ED:F3:32:22:41:CA:2D:0F:12:FF:A9:2F:44:EE:30:14
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0183184E545BFA4AC935AA65C8214BB9CF61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6e/ac6a15-7264-4555-a497-840e6a5bec47/1/Qnh2_O3zMiJByi0PEv-pL0TuMBQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6e/ac6a15-7264-4555-a497-840e6a5bec47/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 07 Sep 2022 14:15:30 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.142.68.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:4e:54:5b:fa:4a:c9:35:aa:65:c8:21:4b:b9:cf:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 7 14:15:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=427876fcedf3322241ca2d0f12ffa92f44ee3014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:78:d2:b6:1f:a9:bc:73:d0:29:4d:9a:a3:40:
30:58:db:18:15:9b:e8:93:51:17:f9:de:82:b7:a8:
05:f1:70:7d:58:32:1d:87:ec:c5:f4:dd:4e:77:49:
26:5e:63:a3:8f:0b:61:75:40:99:0a:f1:83:7d:84:
9f:9f:2a:c2:07:2a:cb:42:1a:90:bd:7a:a4:36:e9:
ff:e9:48:30:5f:7c:d5:88:ee:eb:a9:f1:4e:3c:8e:
ac:30:ce:0c:70:4b:45:ae:24:d8:34:c9:37:71:30:
07:94:df:e6:fc:71:85:28:fd:70:55:74:9c:74:c0:
69:22:9d:6c:a4:9a:b9:6e:4a:52:fe:34:3e:ac:fe:
95:17:2d:d4:96:e5:0e:84:72:72:94:69:4c:21:9f:
42:11:d3:05:dd:69:81:f7:c2:4f:e6:71:97:32:98:
85:02:c6:f9:45:b8:0f:0c:cc:a8:68:39:b1:3e:e6:
de:16:a6:4a:5d:33:82:46:fe:0c:8b:9c:7e:71:18:
dd:81:65:ff:d3:95:db:4a:f9:6a:bc:3d:80:f5:68:
a6:8f:0e:ec:1a:2d:14:d9:d9:bb:93:ce:56:47:99:
fa:2d:42:a0:6f:74:50:eb:17:19:b0:4e:53:8b:5a:
84:f6:77:40:c6:ad:43:97:c6:fe:c4:01:3b:5e:41:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:78:76:FC:ED:F3:32:22:41:CA:2D:0F:12:FF:A9:2F:44:EE:30:14
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ac6a15-7264-4555-a497-840e6a5bec47/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ac6a15-7264-4555-a497-840e6a5bec47/1/Qnh2_O3zMiJByi0PEv-pL0TuMBQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.68.0/22
Signature Algorithm: sha256WithRSAEncryption
59:95:30:85:d0:84:70:a3:25:8a:18:78:68:c0:b7:75:22:f2:
8b:e6:0e:32:d0:d7:91:41:c2:c3:de:a7:10:35:62:42:0d:10:
a5:ae:12:b0:b2:c0:93:4c:7f:0d:47:4a:af:a6:33:45:af:0c:
9e:68:90:b9:4a:90:2b:a2:4c:4f:2f:2a:7e:cd:98:72:80:52:
3f:90:a0:d6:a1:6c:e7:7f:a4:11:00:49:7c:78:43:c2:9b:34:
3a:d2:0a:89:5d:1b:9f:d7:0e:fd:98:58:0e:a3:49:b7:49:47:
25:c9:fb:32:b9:f0:c8:5d:e3:43:67:54:05:21:65:ab:a3:e8:
6a:64:a7:14:d3:4f:e8:16:9a:18:30:2c:1c:c8:be:b5:60:73:
38:d9:aa:be:29:e4:3b:af:a4:3d:bf:73:8f:bd:66:37:8d:10:
75:f6:f8:43:2f:70:8b:1e:46:83:48:87:99:cd:5f:a9:39:8e:
fb:15:9e:15:ec:79:86:b6:32:6d:45:ec:ff:48:ac:51:e6:f6:
a3:8a:20:0d:64:ae:2c:f7:69:e0:23:c7:39:24:cb:64:b0:dd:
52:ee:da:d3:30:9b:ba:29:74:be:54:86:34:7c:3c:6d:0f:38:
10:b1:af:86:a2:d1:81:0c:27:43:ed:9d:a2:2f:06:00:d5:86:
a3:b6:d5:57
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYMYTlRb+krJNaplyCFLuc9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIwOTA3MTQxNTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc4NzZmY2VkZjMzMjIyNDFjYTJkMGYxMmZmYTkyZjQ0ZWUzMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HjSth+pvHPQKU2ao0AwWNsYFZvo
k1EX+d6Ct6gF8XB9WDIdh+zF9N1Od0kmXmOjjwthdUCZCvGDfYSfnyrCByrLQhqQ
vXqkNun/6UgwX3zViO7rqfFOPI6sMM4McEtFriTYNMk3cTAHlN/m/HGFKP1wVXSc
dMBpIp1spJq5bkpS/jQ+rP6VFy3UluUOhHJylGlMIZ9CEdMF3WmB98JP5nGXMpiF
Asb5RbgPDMyoaDmxPubeFqZKXTOCRv4Mi5x+cRjdgWX/05XbSvlqvD2A9Wimjw7s
Gi0U2dm7k85WR5n6LUKgb3RQ6xcZsE5Ti1qE9ndAxq1Dl8b+xAE7XkHeNQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFEJ4dvzt8zIiQcotDxL/qS9E7jAUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZlL2FjNmEx
NS03MjY0LTQ1NTUtYTQ5Ny04NDBlNmE1YmVjNDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUvYWM2YTE1
LTcyNjQtNDU1NS1hNDk3LTg0MGU2YTViZWM0Ny8xL1FuaDJfTzN6TWlKQnlpMFBF
di1wTDBUdU1CUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCLY5EMA0GCSqGSIb3DQEBCwUAA4IBAQBZlTCF
0IRwoyWKGHhowLd1IvKL5g4y0NeRQcLD3qcQNWJCDRClrhKwssCTTH8NR0qvpjNF
rwyeaJC5SpArokxPLyp+zZhygFI/kKDWoWznf6QRAEl8eEPCmzQ60gqJXRuf1w79
mFgOo0m3SUclyfsyufDIXeNDZ1QFIWWro+hqZKcU00/oFpoYMCwcyL61YHM42aq+
KeQ7r6Q9v3OPvWY3jRB19vhDL3CLHkaDSIeZzV+pOY77FZ4V7HmGtjJtRez/SKxR
5vajiiANZK4s92ngI8c5JMtksN1S7trTMJu6KXS+VIY0fDxtDzgQsa+GotGBDCdD
7Z2iLwYA1YajttVX
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:37:33 2025 by rpki-client