Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/StNbrYf7vCPk3aC8ry4ymhRDLlg.cer
File: StNbrYf7vCPk3aC8ry4ymhRDLlg.cer (raw, json)
Hash identifier: dyRXNNYbGlE/3FXMtlfygrX8LgNDRsytS5Fkap/9ZwQ=
Subject key identifier: 4A:D3:5B:AD:87:FB:BC:23:E4:DD:A0:BC:AF:2E:32:9A:14:43:2E:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018572462C211926F54D8E382B04A53F0BB3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/77/b9230f-fbf1-4272-b217-156204897e89/1/StNbrYf7vCPk3aC8ry4ymhRDLlg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/77/b9230f-fbf1-4272-b217-156204897e89/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 11:37:59 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.202.16.0/24
IP: 2a11:d440::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:2c:21:19:26:f5:4d:8e:38:2b:04:a5:3f:0b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ad35bad87fbbc23e4dda0bcaf2e329a14432e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:08:98:7a:51:82:e5:bc:42:aa:f8:54:ee:
5f:d2:08:80:f3:bd:0c:bc:b7:44:14:97:87:aa:ed:
d6:27:c2:c8:95:49:25:49:4e:98:c9:26:19:33:92:
27:b4:36:bd:11:0a:8a:1b:fc:04:ea:49:88:26:cf:
4b:c6:d6:1e:a2:30:97:e9:05:9b:69:d6:34:06:9e:
59:83:17:97:ab:73:cb:1b:4b:f5:64:21:2c:78:c9:
a1:05:df:f4:2e:da:94:ec:49:6a:80:b6:7d:33:02:
09:50:64:8b:a7:95:dd:f9:ad:9b:4c:c7:d4:ba:6b:
c6:17:1b:c2:15:a6:0a:47:2c:d6:fa:b7:b8:30:a8:
49:b0:2f:d5:9b:87:3c:68:69:45:66:65:aa:7f:0b:
ea:5f:9e:36:62:cd:0c:0b:e4:9b:c8:39:5f:10:35:
02:73:ae:c7:2c:62:7f:4b:0f:11:cd:92:3b:d6:d4:
56:2a:5f:2b:44:7f:da:65:db:34:85:3b:bb:84:c5:
56:a4:db:3e:89:26:00:93:05:b8:38:1e:9b:f0:26:
cc:b9:bf:73:a2:c8:ea:7f:31:72:14:dd:d3:c0:96:
af:fe:d2:4e:28:d9:43:d6:e3:d1:4e:60:f3:02:36:
fc:50:eb:e5:25:1c:3b:df:cf:bb:d0:08:e5:fa:a0:
70:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D3:5B:AD:87:FB:BC:23:E4:DD:A0:BC:AF:2E:32:9A:14:43:2E:58
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b9230f-fbf1-4272-b217-156204897e89/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b9230f-fbf1-4272-b217-156204897e89/1/StNbrYf7vCPk3aC8ry4ymhRDLlg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.16.0/24
IPv6:
2a11:d440::/29
Signature Algorithm: sha256WithRSAEncryption
29:dc:3e:c4:87:eb:91:c2:b8:22:8c:39:4c:5c:de:e5:4f:95:
7a:67:4f:2e:9b:4c:a2:e4:01:16:58:b1:7e:0d:61:93:b8:02:
5b:07:1b:5a:8a:dc:1e:66:7f:17:50:71:09:1b:06:55:85:52:
5c:38:cb:0c:36:54:b0:de:e7:5c:49:9f:d8:87:bf:57:5d:1d:
95:5d:9a:67:50:3d:0d:f7:bf:03:8c:d7:66:90:bf:2c:2a:24:
b5:08:c1:de:3f:94:af:8f:7e:59:fb:15:51:17:f6:94:1a:ca:
c9:3e:8a:e0:ae:49:38:8a:83:6e:a1:9b:15:2b:ae:5f:c6:fd:
cd:a8:b9:e0:85:64:45:25:7f:f0:d8:bc:cc:51:39:78:bf:1f:
a0:37:98:42:60:03:52:22:36:2b:8b:95:74:ba:d4:df:91:85:
3a:ab:4e:b7:e0:56:34:1c:27:67:11:2f:9a:96:59:cf:7c:e8:
c7:5c:d3:d3:92:ca:39:c2:9d:93:18:e7:70:24:4f:91:e4:54:
97:3e:fb:09:45:32:80:40:77:4d:ed:f6:3e:a8:c0:e5:c5:46:
2a:7c:ab:f4:70:a0:bb:35:13:cd:76:4f:75:7a:9a:ec:f0:31:
1b:df:53:76:af:35:5d:50:b9:1c:9f:3d:5b:2b:7d:41:ff:35:
4d:da:ac:33
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVyRiwhGSb1TY44KwSlPwuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMTEzNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQzNWJhZDg3ZmJiYzIzZTRkZGEwYmNhZjJlMzI5YTE0NDMyZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3AImHpRguW8Qqr4VO5f0giA870M
vLdEFJeHqu3WJ8LIlUklSU6YySYZM5IntDa9EQqKG/wE6kmIJs9LxtYeojCX6QWb
adY0Bp5ZgxeXq3PLG0v1ZCEseMmhBd/0LtqU7ElqgLZ9MwIJUGSLp5Xd+a2bTMfU
umvGFxvCFaYKRyzW+re4MKhJsC/Vm4c8aGlFZmWqfwvqX542Ys0MC+SbyDlfEDUC
c67HLGJ/Sw8RzZI71tRWKl8rRH/aZds0hTu7hMVWpNs+iSYAkwW4OB6b8CbMub9z
osjqfzFyFN3TwJav/tJOKNlD1uPRTmDzAjb8UOvlJRw738+70Ajl+qBwKwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFErTW62H+7wj5N2gvK8uMpoUQy5YMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc3L2I5MjMw
Zi1mYmYxLTQyNzItYjIxNy0xNTYyMDQ4OTdlODkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcvYjkyMzBm
LWZiZjEtNDI3Mi1iMjE3LTE1NjIwNDg5N2U4OS8xL1N0TmJyWWY3dkNQazNhQzhy
eTR5bWhSRExsZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwcoQMA0EAgACMAcDBQMqEdRAMA0GCSqGSIb3
DQEBCwUAA4IBAQAp3D7Eh+uRwrgijDlMXN7lT5V6Z08um0yi5AEWWLF+DWGTuAJb
BxtaitweZn8XUHEJGwZVhVJcOMsMNlSw3udcSZ/Yh79XXR2VXZpnUD0N978DjNdm
kL8sKiS1CMHeP5Svj35Z+xVRF/aUGsrJPorgrkk4ioNuoZsVK65fxv3NqLnghWRF
JX/w2LzMUTl4vx+gN5hCYANSIjYri5V0utTfkYU6q0634FY0HCdnES+allnPfOjH
XNPTkso5wp2TGOdwJE+R5FSXPvsJRTKAQHdN7fY+qMDlxUYqfKv0cKC7NRPNdk91
eprs8DEb31N2rzVdULkcnz1bK31B/zVN2qwz
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:57:04 2025 by rpki-client