Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/STJPPZXRubltD68N-S2vqEmtR5Y.cer
File: STJPPZXRubltD68N-S2vqEmtR5Y.cer (raw, json)
Hash identifier: DSZW7xVrycmR00Yp7bv5TpWTaPi4h32ah26EtfO606w=
Subject key identifier: 49:32:4F:3D:95:D1:B9:B9:6D:0F:AF:0D:F9:2D:AF:A8:49:AD:47:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856ED3E31D02343924BA0C240CCCD4C811
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/81/b8badc-b15d-4558-b58e-c6e68c8e8e3e/1/STJPPZXRubltD68N-S2vqEmtR5Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/81/b8badc-b15d-4558-b58e-c6e68c8e8e3e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 19:34:18 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 45.149.16.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d3:e3:1d:02:34:39:24:ba:0c:24:0c:cc:d4:c8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:34:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49324f3d95d1b9b96d0faf0df92dafa849ad4796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3d:fa:45:ec:49:3b:35:b6:33:fd:ba:5b:12:
31:2c:8c:53:80:2c:4e:76:eb:35:d2:39:28:79:b0:
75:4b:e2:32:0d:92:b6:d9:49:a4:ba:13:ba:86:08:
a8:22:af:b2:ba:44:bf:67:4c:ba:78:88:18:fa:f7:
1d:42:e7:a9:ec:3f:e3:e7:f3:d7:ca:f3:91:dd:22:
8b:52:16:38:c5:72:82:9c:1b:3b:30:b0:4f:30:d2:
ba:80:89:bc:a5:8a:c5:cd:66:e6:d4:32:84:21:a6:
5b:e6:fc:b7:00:33:89:dc:f2:51:2c:81:53:2b:f1:
45:39:fc:44:d4:19:23:d7:1d:14:ad:bc:73:43:d0:
ac:d3:c8:02:d2:3b:45:cf:58:8e:10:21:60:61:44:
50:83:27:f9:04:69:fb:7b:fb:49:c5:99:d6:33:4e:
44:2f:6d:d8:3e:dd:ef:9e:b5:2c:a3:ce:48:1b:b5:
d8:ae:fb:79:ca:be:2f:a6:52:75:6d:1e:dd:d2:d5:
c6:43:0a:40:05:31:c0:f5:f9:66:9d:c9:ef:1f:1a:
1e:88:48:87:8d:69:b2:24:5a:4b:ea:36:e2:5d:5b:
b2:9f:6d:56:b7:e7:f0:88:bc:bf:54:cd:41:8d:55:
0d:2e:75:99:00:21:85:09:b1:c5:37:88:2b:8e:62:
f8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:32:4F:3D:95:D1:B9:B9:6D:0F:AF:0D:F9:2D:AF:A8:49:AD:47:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b8badc-b15d-4558-b58e-c6e68c8e8e3e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b8badc-b15d-4558-b58e-c6e68c8e8e3e/1/STJPPZXRubltD68N-S2vqEmtR5Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.16.0/22
Signature Algorithm: sha256WithRSAEncryption
17:cf:13:84:83:0a:d7:b6:d4:70:7c:e0:e2:b2:51:a9:7f:1b:
d3:87:1f:e2:30:93:70:19:46:2f:b9:46:f0:ed:70:ea:07:36:
9e:68:84:85:5a:b5:c3:83:67:1f:1b:db:e5:12:9d:d5:6b:9f:
96:73:f4:94:f5:69:c1:1a:64:f1:6a:98:0d:a3:40:4c:ff:81:
e2:b7:46:9b:e2:48:99:80:d6:d0:ac:23:7e:70:66:71:c5:fa:
9d:c2:21:28:a7:5e:a9:30:4b:af:34:a8:85:e2:ba:74:ba:14:
2b:6e:e3:11:cb:01:75:6e:92:6b:e4:72:68:f8:26:99:71:42:
b9:c9:17:7c:00:4c:ce:9d:7a:7f:2b:6b:39:18:38:89:a8:8a:
87:2c:09:8c:61:ea:a6:76:fa:33:a7:30:7f:34:c2:81:bd:33:
e3:4d:40:c1:54:7f:d7:1b:69:7c:32:e6:07:1f:36:4b:3a:dc:
5f:cd:c1:17:d5:0e:b9:8e:26:61:6d:e7:6f:43:d5:7e:30:95:
f1:a9:10:78:eb:f4:1b:4f:79:30:22:c8:f7:49:cd:31:c0:05:
01:7b:7e:ce:69:39:25:17:e7:e0:c0:66:08:08:54:3d:b4:fc:
9e:98:25:12:8c:83:20:53:01:7a:25:ae:d0:10:c3:33:f5:a4:
7b:4b:2a:b1
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVu0+MdAjQ5JLoMJAzM1MgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMyNGYzZDk1ZDFiOWI5NmQwZmFmMGRmOTJkYWZhODQ5YWQ0Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj36RexJOzW2M/26WxIxLIxTgCxO
dus10jkoebB1S+IyDZK22UmkuhO6hgioIq+yukS/Z0y6eIgY+vcdQuep7D/j5/PX
yvOR3SKLUhY4xXKCnBs7MLBPMNK6gIm8pYrFzWbm1DKEIaZb5vy3ADOJ3PJRLIFT
K/FFOfxE1Bkj1x0UrbxzQ9Cs08gC0jtFz1iOECFgYURQgyf5BGn7e/tJxZnWM05E
L23YPt3vnrUso85IG7XYrvt5yr4vplJ1bR7d0tXGQwpABTHA9flmncnvHxoeiEiH
jWmyJFpL6jbiXVuyn21Wt+fwiLy/VM1BjVUNLnWZACGFCbHFN4grjmL4wwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFEkyTz2V0bm5bQ+vDfktr6hJrUeWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgxL2I4YmFk
Yy1iMTVkLTQ1NTgtYjU4ZS1jNmU2OGM4ZThlM2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvYjhiYWRj
LWIxNWQtNDU1OC1iNThlLWM2ZTY4YzhlOGUzZS8xL1NUSlBQWlhSdWJsdEQ2OE4t
UzJ2cUVtdFI1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCLZUQMA0GCSqGSIb3DQEBCwUAA4IBAQAXzxOE
gwrXttRwfODislGpfxvThx/iMJNwGUYvuUbw7XDqBzaeaISFWrXDg2cfG9vlEp3V
a5+Wc/SU9WnBGmTxapgNo0BM/4Hit0ab4kiZgNbQrCN+cGZxxfqdwiEop16pMEuv
NKiF4rp0uhQrbuMRywF1bpJr5HJo+CaZcUK5yRd8AEzOnXp/K2s5GDiJqIqHLAmM
YeqmdvozpzB/NMKBvTPjTUDBVH/XG2l8MuYHHzZLOtxfzcEX1Q65jiZhbedvQ9V+
MJXxqRB46/QbT3kwIsj3Sc0xwAUBe37OaTklF+fgwGYICFQ9tPyemCUSjIMgUwF6
Ja7QEMMz9aR7Syqx
-----END CERTIFICATE-----
Generated at Wed Mar 12 16:51:41 2025 by rpki-client