Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.cer
File: aQ2FgcRkyZa8-Ca8JWVKVQSVf40.cer (raw, json)
Hash identifier: i5p9mwfrixVbxavppTfEamzcXxd/bHXoWOGl7s26ei4=
Subject key identifier: 69:0D:85:81:C4:64:C9:96:BC:F8:26:BC:25:65:4A:55:04:95:7F:8D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856DF773701A1FD161576160F7C366D6E8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 15:33:31 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.170.8.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:f7:73:70:1a:1f:d1:61:57:61:60:f7:c3:66:d6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:33:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=690d8581c464c996bcf826bc25654a5504957f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ba:24:ef:fd:28:28:cd:69:ac:7b:84:48:ef:
fb:42:f1:ae:10:33:a7:54:69:02:ba:4f:81:8b:08:
9f:86:6f:d3:c0:91:7b:79:f5:73:bb:66:d1:e3:5f:
e3:15:e9:b6:93:e3:b5:f7:73:a2:c0:b0:72:ae:ff:
13:74:7a:3f:1b:cb:12:40:e6:16:e5:3d:4a:c6:f3:
16:b2:4b:79:38:bf:b7:20:e3:c0:14:bc:c0:de:cb:
80:4a:db:81:90:5c:f0:2b:83:26:44:47:d5:be:fd:
ba:f9:1d:e7:f7:0e:37:16:26:ad:a7:a8:53:eb:8a:
ca:1f:13:65:e3:5f:da:14:f3:4e:3a:be:81:7c:1a:
28:08:92:01:b9:1f:11:fd:87:29:c3:91:a2:1e:e0:
8b:b9:07:02:9a:5b:61:9e:69:51:f3:64:37:9f:21:
fa:6f:21:83:8f:4d:37:04:a5:9a:ef:17:c7:22:9f:
99:c4:9c:02:22:14:69:33:a3:93:cb:85:de:03:99:
f9:57:50:55:1c:4b:b6:35:f9:29:24:3f:b6:db:8e:
31:b8:fd:1c:88:d0:d1:e7:65:3b:48:6e:dc:45:77:
8e:0b:5b:97:54:11:0a:26:64:c9:87:b6:d6:7f:02:
ad:20:ae:ac:48:f0:51:ce:4d:cf:cf:ba:6a:c7:17:
75:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0D:85:81:C4:64:C9:96:BC:F8:26:BC:25:65:4A:55:04:95:7F:8D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.8.0/24
Signature Algorithm: sha256WithRSAEncryption
19:86:cc:e8:e4:da:1f:93:f8:28:1d:b7:c7:67:5b:5d:c5:1a:
30:02:b6:39:c3:69:3b:8a:4f:4c:f2:dd:02:20:a6:e0:8c:70:
44:df:15:ee:90:09:26:59:8a:a9:ec:39:e3:d1:44:d5:e2:fc:
7d:b3:4f:7e:01:5f:cd:d9:c5:e8:2c:a4:9d:31:9b:91:b2:c5:
be:d0:e0:ec:22:1e:6c:6d:7d:0b:6d:4e:ee:a8:25:79:4e:0f:
c3:9e:2d:40:47:ff:77:d9:f4:df:fc:02:5b:8c:16:21:bc:b4:
11:fb:a4:f6:1d:43:37:32:09:95:2b:71:fd:a4:5d:e0:ff:8c:
42:2e:10:a7:78:df:be:1a:c1:b2:76:3c:e3:af:0e:48:d4:11:
cb:76:97:44:c3:d3:be:08:cd:50:47:fc:e5:15:9c:db:41:89:
f7:0d:5d:d4:ea:d3:bf:77:b4:26:d9:76:c8:f6:a1:8e:4f:10:
75:a3:a3:80:07:3d:85:fd:6d:cd:3a:46:1a:8f:2b:64:f9:f8:
a8:00:51:75:b8:e2:59:0f:c8:27:ef:88:d4:3f:02:7a:4e:2f:
f7:9b:7f:3b:e4:c0:42:39:84:f8:58:0f:10:df:34:b7:a3:76:
50:a3:e1:0f:d7:c8:31:8e:a3:9c:ef:58:60:56:e6:a3:38:f0:
63:e7:3a:d5
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVt93NwGh/RYVdhYPfDZtboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBkODU4MWM0NjRjOTk2YmNmODI2YmMyNTY1NGE1NTA0OTU3ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrok7/0oKM1prHuESO/7QvGuEDOn
VGkCuk+Biwifhm/TwJF7efVzu2bR41/jFem2k+O193OiwLByrv8TdHo/G8sSQOYW
5T1KxvMWskt5OL+3IOPAFLzA3suAStuBkFzwK4MmREfVvv26+R3n9w43Fiatp6hT
64rKHxNl41/aFPNOOr6BfBooCJIBuR8R/Ycpw5GiHuCLuQcCmlthnmlR82Q3nyH6
byGDj003BKWa7xfHIp+ZxJwCIhRpM6OTy4XeA5n5V1BVHEu2NfkpJD+2244xuP0c
iNDR52U7SG7cRXeOC1uXVBEKJmTJh7bWfwKtIK6sSPBRzk3Pz7pqxxd1HQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGkNhYHEZMmWvPgmvCVlSlUElX+NMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxL2E3OTJj
Mi1mNjBiLTQ0MzQtYTFkMS1kMTQzZDMzZDc4ZDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvYTc5MmMy
LWY2MGItNDQzNC1hMWQxLWQxNDNkMzNkNzhkMi8xL2FRMkZnY1JreVphOC1DYThK
V1ZLVlFTVmY0MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuaoIMA0GCSqGSIb3DQEBCwUAA4IBAQAZhszo
5Nofk/goHbfHZ1tdxRowArY5w2k7ik9M8t0CIKbgjHBE3xXukAkmWYqp7Dnj0UTV
4vx9s09+AV/N2cXoLKSdMZuRssW+0ODsIh5sbX0LbU7uqCV5Tg/Dni1AR/932fTf
/AJbjBYhvLQR+6T2HUM3MgmVK3H9pF3g/4xCLhCneN++GsGydjzjrw5I1BHLdpdE
w9O+CM1QR/zlFZzbQYn3DV3U6tO/d7Qm2XbI9qGOTxB1o6OABz2F/W3NOkYajytk
+fioAFF1uOJZD8gn74jUPwJ6Ti/3m3875MBCOYT4WA8Q3zS3o3ZQo+EP18gxjqOc
71hgVuajOPBj5zrV
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:29:31 2025 by rpki-client