Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XQKJi0p6S_mqXf9tIhDDXWlb9aQ.cer
File: XQKJi0p6S_mqXf9tIhDDXWlb9aQ.cer (raw, json)
Hash identifier: iTjH7QAuuBg4eQrQQu3AWfzs4jVbsqDhZQ0ue8K16m8=
Subject key identifier: 5D:02:89:8B:4A:7A:4B:F9:AA:5D:FF:6D:22:10:C3:5D:69:5B:F5:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018466A809801C9EA4C2AEC0D4FA450381E6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5a/8a7720-27a4-4a2b-a6ad-e28309e65ae7/1/XQKJi0p6S_mqXf9tIhDDXWlb9aQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5a/8a7720-27a4-4a2b-a6ad-e28309e65ae7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 11 Nov 2022 12:26:39 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 2a0f:8a40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:66:a8:09:80:1c:9e:a4:c2:ae:c0:d4:fa:45:03:81:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 11 12:26:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d02898b4a7a4bf9aa5dff6d2210c35d695bf5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2b:d1:06:10:37:45:42:26:4d:81:0a:e1:7b:
50:d7:9e:b3:44:d8:66:05:64:12:55:3b:23:ae:47:
bf:e3:64:e6:8e:1f:53:ad:3d:5e:d3:e2:29:80:41:
06:1a:11:ed:e3:95:e2:9d:11:53:f6:74:2e:ab:35:
97:1e:6b:66:82:55:f9:e5:17:74:9d:dc:73:f2:d3:
22:c7:2e:de:5f:5e:b0:99:93:5f:5a:d7:fe:bb:ba:
d9:75:21:6c:e5:76:db:58:68:f1:af:26:ae:75:ca:
63:a6:d6:af:2d:76:06:79:b8:12:f4:66:6d:d4:a9:
9d:cd:19:fe:82:98:9e:c9:f0:f9:2e:eb:73:ff:b3:
6c:fa:5f:a0:44:6d:10:dd:37:78:d8:88:82:62:d0:
2f:9e:e0:6f:07:65:12:aa:52:f9:a6:dc:a3:ff:27:
ed:f1:12:41:f8:c3:81:24:8b:a5:8a:0a:67:4c:45:
5f:0b:29:b0:96:8e:b4:21:d4:ed:5b:92:42:56:23:
33:c2:99:be:b0:e1:bf:b5:cf:9d:8a:f2:54:70:c5:
45:8b:bf:3e:f8:21:43:38:26:98:f6:28:55:b8:7c:
46:97:2d:36:54:62:39:68:fe:cb:00:7b:05:bc:1d:
d0:6c:48:dd:bf:93:17:f1:a9:49:72:cc:27:db:38:
d3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:02:89:8B:4A:7A:4B:F9:AA:5D:FF:6D:22:10:C3:5D:69:5B:F5:A4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/8a7720-27a4-4a2b-a6ad-e28309e65ae7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/8a7720-27a4-4a2b-a6ad-e28309e65ae7/1/XQKJi0p6S_mqXf9tIhDDXWlb9aQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
a4:c6:66:a1:ca:07:80:a7:6e:93:99:f0:4c:3b:57:8e:70:d2:
62:e9:05:47:3c:d0:0f:43:02:7f:fb:17:9b:fa:6a:9b:7b:31:
bd:a4:bd:fa:15:43:a5:59:3e:ac:1f:44:76:af:b5:10:d1:fc:
c8:43:e7:ba:d8:b4:be:d6:53:aa:c2:d8:07:6e:8a:cd:85:23:
77:f8:3b:86:95:ae:f2:58:d3:8f:1b:67:9a:4e:a5:d7:0b:ea:
41:75:66:f6:2a:f5:a6:ea:87:70:04:c1:5e:9d:ef:ff:b0:c3:
5d:73:30:71:56:9d:52:00:c1:0e:b3:2c:00:a7:76:c7:dd:c3:
16:55:98:c3:bc:ad:70:05:25:de:3b:d1:2e:de:06:af:7f:ec:
7d:ab:2e:d0:c1:9e:d9:b3:0d:c4:01:e8:60:9e:9e:ad:ac:96:
f6:08:53:dd:c6:69:d8:4c:63:c0:54:ca:99:9f:cc:a0:73:64:
28:ca:70:b5:0b:bf:65:3d:0d:19:fe:62:4a:81:99:e4:0b:ab:
df:d0:22:c0:11:32:e8:eb:73:22:39:c3:38:eb:f1:f3:83:ea:
ff:df:8d:f9:9f:4a:90:58:24:cc:ea:b2:48:7a:0d:66:41:14:
a8:1e:e1:c8:4c:12:4a:b2:1c:4f:ac:94:0d:be:b3:93:3a:3c:
0a:02:38:ab
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYRmqAmAHJ6kwq7A1PpFA4HmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjIxMTExMTIyNjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDAyODk4YjRhN2E0YmY5YWE1ZGZmNmQyMjEwYzM1ZDY5NWJmNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SvRBhA3RUImTYEK4XtQ156zRNhm
BWQSVTsjrke/42Tmjh9TrT1e0+IpgEEGGhHt45XinRFT9nQuqzWXHmtmglX55Rd0
ndxz8tMixy7eX16wmZNfWtf+u7rZdSFs5XbbWGjxryaudcpjptavLXYGebgS9GZt
1KmdzRn+gpieyfD5Lutz/7Ns+l+gRG0Q3Td42IiCYtAvnuBvB2USqlL5ptyj/yft
8RJB+MOBJIuligpnTEVfCymwlo60IdTtW5JCViMzwpm+sOG/tc+divJUcMVFi78+
+CFDOCaY9ihVuHxGly02VGI5aP7LAHsFvB3QbEjdv5MX8alJcswn2zjT8wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFF0CiYtKekv5ql3/bSIQw11pW/WkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzhhNzcy
MC0yN2E0LTRhMmItYTZhZC1lMjgzMDllNjVhZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvOGE3NzIw
LTI3YTQtNGEyYi1hNmFkLWUyODMwOWU2NWFlNy8xL1hRS0ppMHA2U19tcVhmOXRJ
aEREWFdsYjlhUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUDKg+KQDANBgkqhkiG9w0BAQsFAAOCAQEApMZm
ocoHgKduk5nwTDtXjnDSYukFRzzQD0MCf/sXm/pqm3sxvaS9+hVDpVk+rB9Edq+1
ENH8yEPnuti0vtZTqsLYB26KzYUjd/g7hpWu8ljTjxtnmk6l1wvqQXVm9ir1puqH
cATBXp3v/7DDXXMwcVadUgDBDrMsAKd2x93DFlWYw7ytcAUl3jvRLt4Gr3/sfasu
0MGe2bMNxAHoYJ6erayW9ghT3cZp2ExjwFTKmZ/MoHNkKMpwtQu/ZT0NGf5iSoGZ
5Aur39AiwBEy6OtzIjnDOOvx84Pq/9+N+Z9KkFgkzOqySHoNZkEUqB7hyEwSSrIc
T6yUDb6zkzo8CgI4qw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:15 2025 by rpki-client