Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z-5maJZkpy4PsRpESwHMI_fuXGM.cer
File: Z-5maJZkpy4PsRpESwHMI_fuXGM.cer (raw, json)
Hash identifier: Op2Igv7fxUI8NugqNM1hwncpLlwjaz8VywTCpHFGV9k=
Subject key identifier: 67:EE:66:68:96:64:A7:2E:0F:B1:1A:44:4B:01:CC:23:F7:EE:5C:63
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9D3E21AE07
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/Z-5maJZkpy4PsRpESwHMI_fuXGM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 04:01:07 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.158.172.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 675352260103 (0x9d3e21ae07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67ee66689664a72e0fb11a444b01cc23f7ee5c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:64:26:ef:c4:be:b6:17:e5:62:69:e3:1a:e6:
88:db:0d:84:13:97:8c:ad:5c:c1:9b:62:7d:64:79:
ba:c6:0b:89:48:f6:1d:c7:99:8f:88:a3:7e:5c:9d:
69:41:5f:4f:ef:70:89:c9:53:15:c8:55:25:7f:c6:
96:89:2b:39:22:02:c0:7e:81:e3:f4:46:b1:b1:94:
4f:f4:3c:0a:91:73:76:04:87:16:35:a3:cf:12:5f:
05:90:2b:ca:b2:01:90:e9:0f:ed:6e:47:c1:e2:a5:
60:f4:e1:57:6a:55:b7:a8:2d:55:84:42:88:28:8e:
d9:5f:d1:e9:ce:da:b0:e4:8e:98:07:a4:7b:02:5d:
7f:b0:31:9b:50:7c:42:8e:54:f3:70:ad:8a:8a:2c:
b2:60:ca:88:02:c7:d2:3c:99:96:f8:ac:aa:fb:95:
97:96:54:2e:02:81:13:66:fd:98:47:93:a4:10:9a:
71:3f:f1:86:a2:0d:a9:77:56:9a:e5:f6:e7:0c:0b:
e0:dc:df:bb:fa:f8:2d:81:d0:a9:f0:62:37:d1:73:
30:0e:b9:fb:75:1a:ad:66:df:4a:0c:da:f7:4b:1d:
00:4d:19:fd:ba:1a:1f:42:c9:9c:9e:70:48:ac:3d:
7f:4d:48:e7:58:5b:f8:c4:a3:ce:90:37:6f:dc:69:
56:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:66:68:96:64:A7:2E:0F:B1:1A:44:4B:01:CC:23:F7:EE:5C:63
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/Z-5maJZkpy4PsRpESwHMI_fuXGM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:6f:7a:2b:3e:91:b9:fa:c2:22:df:31:37:7d:4b:92:aa:fe:
70:a9:17:66:c6:d9:f4:3d:1a:30:03:57:28:39:7e:4f:d8:07:
6f:18:73:55:25:f4:43:bb:e5:2b:26:a2:ee:54:b0:96:cc:43:
87:fa:46:de:f3:09:43:c1:54:c8:44:00:8c:e0:93:ca:4c:42:
d4:4b:5c:1a:cc:d8:ab:50:76:d8:39:51:93:5f:69:0d:32:c8:
57:aa:c9:7c:41:45:91:9c:98:95:65:1e:e5:a2:31:8b:cd:23:
8b:82:32:39:7a:fd:f7:4c:ea:8f:d4:bc:4b:fe:86:19:ac:09:
5e:1f:b4:c8:1e:89:b1:e5:6d:47:e5:cb:6a:a9:7e:7b:03:5f:
6c:c6:93:3b:0f:43:06:ae:83:72:9c:a5:c7:62:72:b9:54:c2:
c2:3d:7b:d2:5b:69:05:1f:a0:06:cb:b6:ff:b4:bb:98:7e:11:
09:c3:b9:50:55:c0:db:50:fa:af:77:28:c2:05:71:32:eb:b4:
3c:36:84:61:0e:22:ef:8a:2d:e7:16:0b:b6:47:c4:9c:e2:46:
57:51:56:2e:f2:c9:8e:a5:e5:fb:22:35:2b:a4:ac:9d:ff:0c:
c3:77:ba:8e:cc:c6:80:d3:20:03:3f:55:ef:79:15:c8:0b:c5:
4d:7c:e2:df
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAJ0+Ia4HMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDQwMTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2N2VlNjY2ODk2
NjRhNzJlMGZiMTFhNDQ0YjAxY2MyM2Y3ZWU1YzYzMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo2Qm78S+thflYmnjGuaI2w2EE5eMrVzBm2J9ZHm6xguJ
SPYdx5mPiKN+XJ1pQV9P73CJyVMVyFUlf8aWiSs5IgLAfoHj9EaxsZRP9DwKkXN2
BIcWNaPPEl8FkCvKsgGQ6Q/tbkfB4qVg9OFXalW3qC1VhEKIKI7ZX9Hpztqw5I6Y
B6R7Al1/sDGbUHxCjlTzcK2KiiyyYMqIAsfSPJmW+Kyq+5WXllQuAoETZv2YR5Ok
EJpxP/GGog2pd1aa5fbnDAvg3N+7+vgtgdCp8GI30XMwDrn7dRqtZt9KDNr3Sx0A
TRn9uhofQsmcnnBIrD1/TUjnWFv4xKPOkDdv3GlWLQIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFGfuZmiWZKcuD7EaREsBzCP37lxjMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA4L2E1MjIwNS1lNWNlLTQwN2It
OTdkYy1hN2UxYzk5N2VkZmYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgvYTUyMjA1LWU1Y2UtNDA3Yi05
N2RjLWE3ZTFjOTk3ZWRmZi8xL1otNW1hSlprcHk0UHNScEVTd0hNSV9mdVhHTS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCLZ6sMA0GCSqGSIb3DQEBCwUAA4IBAQB7b3orPpG5+sIi3zE3fUuS
qv5wqRdmxtn0PRowA1coOX5P2AdvGHNVJfRDu+UrJqLuVLCWzEOH+kbe8wlDwVTI
RACM4JPKTELUS1wazNirUHbYOVGTX2kNMshXqsl8QUWRnJiVZR7lojGLzSOLgjI5
ev33TOqP1LxL/oYZrAleH7TIHomx5W1H5ctqqX57A19sxpM7D0MGroNynKXHYnK5
VMLCPXvSW2kFH6AGy7b/tLuYfhEJw7lQVcDbUPqvdyjCBXEy67Q8NoRhDiLvii3n
Fgu2R8Sc4kZXUVYu8smOpeX7IjUrpKyd/wzDd7qOzMaA0yADP1XveRXIC8VNfOLf
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:19:05 2025 by rpki-client