Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Xz-V_nmz9G1NX7mtaw8bffOZloQ.cer
File: Xz-V_nmz9G1NX7mtaw8bffOZloQ.cer (raw, json)
Hash identifier: FQ0bfnbu6gU1jUuLgop7J5jkr+arqFWYK4EIHNNYIbU=
Subject key identifier: 5F:3F:95:FE:79:B3:F4:6D:4D:5F:B9:AD:6B:0F:1B:7D:F3:99:96:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185701BFEC720B74D2D685DDD721CEF344A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/69/fe83be-d613-4cc0-a551-3f0a0fa18ef0/1/Xz-V_nmz9G1NX7mtaw8bffOZloQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/69/fe83be-d613-4cc0-a551-3f0a0fa18ef0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 01:32:41 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.234.8.0/24
IP: 2a04:fa00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1b:fe:c7:20:b7:4d:2d:68:5d:dd:72:1c:ef:34:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f3f95fe79b3f46d4d5fb9ad6b0f1b7df3999684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7c:c3:e6:54:78:47:68:66:49:a6:f6:62:51:
c6:11:1e:a4:2e:e1:33:68:38:a4:3f:1f:e2:b5:4b:
73:9c:96:e6:6d:5d:06:e9:71:f6:eb:25:98:41:56:
3c:99:b8:b6:33:90:36:c1:3c:af:99:25:86:e9:1d:
ba:bd:59:0d:3d:36:75:e4:2f:95:48:43:c5:8e:7f:
7a:52:7d:40:eb:77:9c:f3:33:90:f2:3c:76:b0:d4:
b4:b6:68:3e:dc:c7:f8:b5:32:e5:10:f4:76:95:ef:
22:64:7b:34:2d:8a:1e:51:b6:a4:cf:ca:50:09:48:
79:19:1b:cf:90:c8:4e:d7:08:3c:95:1a:8d:a2:a6:
f8:e1:72:e6:15:1e:1e:63:e0:21:68:d5:19:ee:ad:
12:4f:04:c4:54:5c:7e:d0:54:64:0f:1c:d8:c9:ba:
8c:b9:68:3a:75:e3:a1:a2:fc:f8:e7:75:8f:c1:66:
04:41:b8:11:da:32:4f:4b:a8:23:77:0e:4e:33:55:
77:ce:94:9f:d2:1b:d2:d6:bb:07:bd:f2:c6:ab:77:
d3:9e:02:86:0a:4f:df:90:51:6d:a6:48:46:58:87:
cb:d1:dd:1d:8a:a4:06:0e:2a:9e:6e:0d:06:3f:c5:
39:2a:57:4e:23:6f:12:31:19:59:f2:c0:2c:95:b7:
8e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3F:95:FE:79:B3:F4:6D:4D:5F:B9:AD:6B:0F:1B:7D:F3:99:96:84
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/fe83be-d613-4cc0-a551-3f0a0fa18ef0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/fe83be-d613-4cc0-a551-3f0a0fa18ef0/1/Xz-V_nmz9G1NX7mtaw8bffOZloQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.8.0/24
IPv6:
2a04:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:67:a0:20:d1:9c:31:d3:ff:3b:90:c9:df:56:61:7d:e1:9a:
24:0e:f7:bf:ee:df:7b:9a:5a:b5:bb:69:c4:f3:b9:70:96:92:
1f:53:e2:21:37:7c:02:c7:0a:ed:75:9f:19:97:d9:9e:a1:2e:
60:c5:ab:85:a3:f3:4c:87:3b:01:0d:69:2b:95:78:8b:f0:15:
a6:5f:34:12:e8:10:34:bc:04:1f:1d:13:5d:8a:23:cc:cd:d2:
4f:f6:e1:ee:ed:59:4a:e2:9e:89:b0:76:5d:c1:69:37:5d:9f:
4a:46:1a:d3:1f:41:99:d7:d8:e2:7a:1e:d7:2f:d2:3d:2e:67:
f4:c6:1e:0f:3d:54:28:23:c2:8c:94:32:74:d3:d4:a1:0b:d6:
6a:81:dd:3d:f0:45:ef:dc:0d:c7:d4:0e:e7:e0:ec:f1:56:a4:
ce:4b:0d:66:ea:03:d8:a3:15:6a:64:8b:ba:64:ce:83:a4:e9:
16:b0:d0:e9:ac:ca:57:e6:fe:23:3a:1e:9e:e1:5c:d8:2f:eb:
62:cc:7e:91:4d:5e:e1:7b:1e:1d:6b:0a:a3:89:5b:3c:78:c6:
c0:60:f0:b6:f1:c0:47:06:76:5c:ec:df:9b:7d:05:eb:d9:fd:
c1:64:6d:01:df:cf:e0:5e:84:1f:5b:99:21:7d:28:2d:96:5a:
79:8a:dc:54
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVwG/7HILdNLWhd3XIc7zRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDEzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNmOTVmZTc5YjNmNDZkNGQ1ZmI5YWQ2YjBmMWI3ZGYzOTk5Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHzD5lR4R2hmSab2YlHGER6kLuEz
aDikPx/itUtznJbmbV0G6XH26yWYQVY8mbi2M5A2wTyvmSWG6R26vVkNPTZ15C+V
SEPFjn96Un1A63ec8zOQ8jx2sNS0tmg+3Mf4tTLlEPR2le8iZHs0LYoeUbakz8pQ
CUh5GRvPkMhO1wg8lRqNoqb44XLmFR4eY+AhaNUZ7q0STwTEVFx+0FRkDxzYybqM
uWg6deOhovz453WPwWYEQbgR2jJPS6gjdw5OM1V3zpSf0hvS1rsHvfLGq3fTngKG
Ck/fkFFtpkhGWIfL0d0diqQGDiqebg0GP8U5KldOI28SMRlZ8sAslbeOJwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFF8/lf55s/RtTV+5rWsPG33zmZaEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5L2ZlODNi
ZS1kNjEzLTRjYzAtYTU1MS0zZjBhMGZhMThlZjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvZmU4M2Jl
LWQ2MTMtNGNjMC1hNTUxLTNmMGEwZmExOGVmMC8xL1h6LVZfbm16OUcxTlg3bXRh
dzhiZmZPWmxvUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAueoIMA0EAgACMAcDBQMqBPoAMA0GCSqGSIb3
DQEBCwUAA4IBAQAdZ6Ag0Zwx0/87kMnfVmF94ZokDve/7t97mlq1u2nE87lwlpIf
U+IhN3wCxwrtdZ8Zl9meoS5gxauFo/NMhzsBDWkrlXiL8BWmXzQS6BA0vAQfHRNd
iiPMzdJP9uHu7VlK4p6JsHZdwWk3XZ9KRhrTH0GZ19jieh7XL9I9Lmf0xh4PPVQo
I8KMlDJ009ShC9Zqgd098EXv3A3H1A7n4OzxVqTOSw1m6gPYoxVqZIu6ZM6DpOkW
sNDprMpX5v4jOh6e4VzYL+tizH6RTV7hex4dawqjiVs8eMbAYPC28cBHBnZc7N+b
fQXr2f3BZG0B38/gXoQfW5khfSgtllp5itxU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:24 2025 by rpki-client