Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UPzOmN7vc56gU7Xk6HBJUzRzvxw.cer
File: UPzOmN7vc56gU7Xk6HBJUzRzvxw.cer (raw, json)
Hash identifier: 1Yga7tMTJyDYRIu3/F146bKZ035Z9L2dJT1/kIsNe1Q=
Subject key identifier: 50:FC:CE:98:DE:EF:73:9E:A0:53:B5:E4:E8:70:49:53:34:73:BF:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A3A29C7897
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4b/d6fed8-532d-4910-8d2a-5828cdbc2d88/1/UPzOmN7vc56gU7Xk6HBJUzRzvxw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4b/d6fed8-532d-4910-8d2a-5828cdbc2d88/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 09:55:46 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 185.229.44.0/22
IP: 185.229.96.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 702807832727 (0xa3a29c7897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:55:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50fcce98deef739ea053b5e4e87049533473bf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8c:fd:b9:b9:19:9e:a7:cd:96:ba:94:58:9a:
e3:ac:e7:3b:83:fa:23:03:e4:c6:46:29:b7:73:f5:
96:c5:90:f6:a4:84:3f:f8:38:3f:a6:35:c2:4a:97:
15:44:6b:8a:16:c7:0c:df:52:83:e6:93:81:35:7c:
f7:78:fa:38:b2:6b:23:ab:fa:8b:ca:d6:1f:00:9b:
35:e0:d7:71:b4:3f:19:74:22:3b:41:71:6c:be:da:
22:d1:9a:75:82:5b:8b:c4:39:c4:9f:10:6b:66:fe:
f9:d3:7c:aa:34:d8:7f:7a:dc:1d:1c:e9:90:24:f8:
84:d7:e9:63:ec:2d:0e:b6:a3:20:b4:6a:41:09:eb:
7d:c3:29:b5:79:f1:e8:aa:41:dc:c2:df:7c:d3:80:
61:1d:91:e5:2a:e4:0d:4c:6b:f1:54:bf:0b:e7:54:
28:0e:bc:f8:13:50:e0:99:38:eb:43:1a:f6:aa:5a:
4b:e1:a3:51:d4:ed:db:07:73:27:2c:cd:5b:b6:6d:
b7:b0:06:24:04:9e:a6:d0:a0:93:3c:d9:10:dd:47:
04:d1:79:26:40:2e:92:a7:42:9a:fe:2e:cd:48:d6:
f8:9c:41:b3:55:2a:6f:49:a2:cb:e9:f5:ae:a2:d6:
87:7e:8f:d6:b4:02:03:97:2f:87:47:b0:ea:76:25:
4c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FC:CE:98:DE:EF:73:9E:A0:53:B5:E4:E8:70:49:53:34:73:BF:1C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d6fed8-532d-4910-8d2a-5828cdbc2d88/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d6fed8-532d-4910-8d2a-5828cdbc2d88/1/UPzOmN7vc56gU7Xk6HBJUzRzvxw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.44.0/22
185.229.96.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:fd:7e:d0:fd:0c:9f:d2:c4:94:d9:be:f3:99:4e:80:9e:91:
ff:97:a8:d9:40:3c:b9:ea:c2:9c:56:6f:80:2d:6a:ca:ca:4b:
5e:e6:67:91:2f:7d:d0:2d:4f:05:a4:6f:4a:55:5e:1f:30:50:
18:13:1f:08:de:61:24:2f:58:53:44:e6:d4:55:dc:d6:81:15:
d7:80:65:ca:46:6a:d9:aa:76:0f:e5:22:79:5f:52:e2:2a:74:
6e:0f:6d:83:90:43:46:c4:28:1d:e7:43:53:2a:76:cf:cc:7e:
bb:b1:9d:aa:56:31:d1:41:b9:c2:99:0a:c9:d6:fa:7d:1c:6f:
1f:cf:22:63:51:59:44:cf:b7:48:83:77:8e:e6:9e:a2:85:a5:
60:1d:fa:13:31:fb:1e:de:b9:28:58:61:7c:3c:a2:ee:6b:f6:
73:7b:f9:bf:26:9c:03:a5:02:dc:03:56:1e:bc:98:bc:20:82:
fa:74:03:f1:00:87:16:07:8f:a8:1f:6e:0c:a2:d2:aa:59:d2:
69:4e:d4:05:99:bc:ac:7d:81:25:dd:1e:e6:33:09:3d:40:c4:
f4:8a:8b:3a:00:16:b3:b4:bb:70:95:9b:a9:7b:4b:45:f7:dc:
d7:e5:ee:ca:03:c8:4e:09:08:05:05:5e:16:99:f1:56:2e:3d:
4f:7f:f1:2e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIGAKOinHiXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDk1NTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MGZjY2U5OGRl
ZWY3MzllYTA1M2I1ZTRlODcwNDk1MzM0NzNiZjFjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwYz9ubkZnqfNlrqUWJrjrOc7g/ojA+TGRim3c/WWxZD2
pIQ/+Dg/pjXCSpcVRGuKFscM31KD5pOBNXz3ePo4smsjq/qLytYfAJs14NdxtD8Z
dCI7QXFsvtoi0Zp1gluLxDnEnxBrZv7503yqNNh/etwdHOmQJPiE1+lj7C0OtqMg
tGpBCet9wym1efHoqkHcwt9804BhHZHlKuQNTGvxVL8L51QoDrz4E1DgmTjrQxr2
qlpL4aNR1O3bB3MnLM1btm23sAYkBJ6m0KCTPNkQ3UcE0XkmQC6Sp0Ka/i7NSNb4
nEGzVSpvSaLL6fWuotaHfo/WtAIDly+HR7DqdiVMMQIDAQABo4ICijCCAoYwHQYD
VR0OBBYEFFD8zpje73OeoFO15OhwSVM0c78cMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRiL2Q2ZmVkOC01MzJkLTQ5MTAt
OGQyYS01ODI4Y2RiYzJkODgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIvZDZmZWQ4LTUzMmQtNDkxMC04
ZDJhLTU4MjhjZGJjMmQ4OC8xL1VQek9tTjd2YzU2Z1U3WGs2SEJKVXpSenZ4dy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS
BAIAATAMAwQCueUsAwQCueVgMA0GCSqGSIb3DQEBCwUAA4IBAQBs/X7Q/Qyf0sSU
2b7zmU6AnpH/l6jZQDy56sKcVm+ALWrKykte5meRL33QLU8FpG9KVV4fMFAYEx8I
3mEkL1hTRObUVdzWgRXXgGXKRmrZqnYP5SJ5X1LiKnRuD22DkENGxCgd50NTKnbP
zH67sZ2qVjHRQbnCmQrJ1vp9HG8fzyJjUVlEz7dIg3eO5p6ihaVgHfoTMfse3rko
WGF8PKLua/Zze/m/JpwDpQLcA1YevJi8IIL6dAPxAIcWB4+oH24MotKqWdJpTtQF
mbysfYEl3R7mMwk9QMT0ios6ABaztLtwlZupe0tF99zX5e7KA8hOCQgFBV4WmfFW
Lj1Pf/Eu
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:24 2025 by rpki-client