
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9Nev2LpxTJc1xtj_o856Cu8Gp0.cer
File: a9Nev2LpxTJc1xtj_o856Cu8Gp0.cer (raw, json)
Hash identifier: caoZ1YltFuCtfFG4Rx/PO8GxWzDO2sKrSDl2P2rALA0=
Subject key identifier: 6B:D3:5E:BF:62:E9:C5:32:5C:D7:1B:63:FE:8F:39:E8:2B:BC:1A:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AA7D7B122C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/a9Nev2LpxTJc1xtj_o856Cu8Gp0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 15:56:10 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 5.133.124.0/22
IP: 2a09:8200::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 732249657900 (0xaa7d7b122c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bd35ebf62e9c5325cd71b63fe8f39e82bbc1a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:08:69:61:70:2f:31:fa:2d:d9:af:3d:72:0d:
02:7b:38:32:7a:64:44:ee:48:2d:bc:39:c9:69:56:
ee:bb:fd:46:1d:f3:14:2b:69:dd:d0:5a:eb:9f:65:
ee:1a:1f:91:bb:00:64:5f:3c:5f:4f:a9:f0:55:6e:
53:15:76:a2:f7:a9:c0:c8:83:d6:b2:ef:c6:79:21:
1e:fc:5e:97:eb:0c:78:59:b5:6e:b4:e7:f4:3d:8c:
a4:d9:fe:d1:39:2b:70:f6:ec:b3:43:1f:ff:60:28:
bc:fb:3a:5d:84:5b:05:52:a1:6d:fc:55:b3:1f:27:
9f:5a:f6:d5:28:5c:bf:9a:a0:04:dd:3f:99:d1:dc:
2a:36:3a:ce:94:2e:1e:6c:ff:46:eb:78:d3:80:6d:
64:fd:e1:bd:99:d1:1f:e3:4a:b1:84:a1:63:c7:a2:
6f:ca:4e:c5:60:1c:69:63:ae:bb:3a:a3:f2:b9:48:
60:65:73:e4:00:81:54:74:4f:f0:f1:29:15:cb:3a:
fd:0b:67:08:ed:57:30:6f:b7:55:69:4b:15:77:ae:
cc:77:eb:20:4b:29:69:02:18:6b:0e:91:98:15:c0:
0b:73:0f:b4:b6:f3:e6:7c:e6:79:f1:60:61:4e:b3:
62:d5:54:61:24:88:b9:0f:4f:f1:18:05:53:77:03:
68:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D3:5E:BF:62:E9:C5:32:5C:D7:1B:63:FE:8F:39:E8:2B:BC:1A:9D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/3bf02a-2b66-45f5-9e3e-c5e56a72ee18/1/a9Nev2LpxTJc1xtj_o856Cu8Gp0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
IPv6:
2a09:8200::/29
Signature Algorithm: sha256WithRSAEncryption
3a:6d:ec:4f:93:dc:b0:cc:3c:41:e6:dd:02:08:c9:f0:e5:b4:
3d:6b:9e:2a:b1:aa:2e:0f:2b:dc:6d:50:40:65:52:fc:96:29:
c0:40:9f:30:3c:1f:35:40:20:0c:89:ac:c0:d5:d0:71:13:f9:
09:b1:9b:25:1d:cb:3f:9e:ad:e7:32:6d:67:16:0e:81:03:2e:
d3:09:0d:8e:b7:2e:0f:78:78:34:5d:40:b8:86:43:07:cd:e1:
21:be:00:5a:ef:07:d3:f4:8e:92:70:be:61:b2:c3:e1:5c:47:
8a:03:e8:08:d1:bf:74:86:56:40:d5:91:80:c8:73:09:a7:2a:
89:2b:af:4a:6a:b3:89:48:da:70:20:1c:48:65:a2:03:45:84:
ac:8b:46:70:84:2a:c5:78:25:1e:84:4f:15:41:0d:c1:85:55:
39:ac:8d:42:f6:4d:6f:36:2a:9d:f0:50:b0:50:cf:90:86:e7:
49:95:e9:35:b9:ab:cb:a4:36:70:4c:c2:01:80:03:b3:f0:d7:
b8:0c:76:78:73:12:77:db:ea:4c:e0:87:85:5e:72:9a:3a:b7:
27:55:e8:35:6b:87:ef:3e:30:a8:4b:e0:2e:0f:a8:ee:7e:2f:
18:34:9f:52:34:7c:fd:61:e4:fe:e0:67:c0:f9:7c:3c:28:52:
0e:80:78:73
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKp9exIsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTU1NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YmQzNWViZjYy
ZTljNTMyNWNkNzFiNjNmZThmMzllODJiYmMxYTlkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuQhpYXAvMfot2a89cg0CezgyemRE7kgtvDnJaVbuu/1G
HfMUK2nd0Frrn2XuGh+RuwBkXzxfT6nwVW5TFXai96nAyIPWsu/GeSEe/F6X6wx4
WbVutOf0PYyk2f7ROStw9uyzQx//YCi8+zpdhFsFUqFt/FWzHyefWvbVKFy/mqAE
3T+Z0dwqNjrOlC4ebP9G63jTgG1k/eG9mdEf40qxhKFjx6Jvyk7FYBxpY667OqPy
uUhgZXPkAIFUdE/w8SkVyzr9C2cI7Vcwb7dVaUsVd67Md+sgSylpAhhrDpGYFcAL
cw+0tvPmfOZ58WBhTrNi1VRhJIi5D0/xGAVTdwNo6wIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFGvTXr9i6cUyXNcbY/6POegrvBqdMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EwLzNiZjAyYS0yYjY2LTQ1ZjUt
OWUzZS1jNWU1NmE3MmVlMTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAvM2JmMDJhLTJiNjYtNDVmNS05
ZTNlLWM1ZTU2YTcyZWUxOC8xL2E5TmV2MkxweFRKYzF4dGpfbzg1NkN1OEdwMC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCBYV8MA0EAgACMAcDBQMqCYIAMA0GCSqGSIb3DQEBCwUAA4IBAQA6
bexPk9ywzDxB5t0CCMnw5bQ9a54qsaouDyvcbVBAZVL8linAQJ8wPB81QCAMiazA
1dBxE/kJsZslHcs/nq3nMm1nFg6BAy7TCQ2Oty4PeHg0XUC4hkMHzeEhvgBa7wfT
9I6ScL5hssPhXEeKA+gI0b90hlZA1ZGAyHMJpyqJK69KarOJSNpwIBxIZaIDRYSs
i0ZwhCrFeCUehE8VQQ3BhVU5rI1C9k1vNiqd8FCwUM+QhudJlek1uavLpDZwTMIB
gAOz8Ne4DHZ4cxJ32+pM4IeFXnKaOrcnVeg1a4fvPjCoS+AuD6jufi8YNJ9SNHz9
YeT+4GfA+Xw8KFIOgHhz
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:16:48 2025 by rpki-client