Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer
File: d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.cer (raw, json)
Hash identifier: bQcTxFtPTpPNaXAq1iDh86AAgh91BCVM8YcToa7gUK0=
Subject key identifier: 77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018571681B53D2AAB5EE31EC72C458BC8EF1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 07:35:26 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.138.166.0/24
IP: 2a11:240::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:68:1b:53:d2:aa:b5:ee:31:ec:72:c4:58:bc:8e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77c51066d4f53dae10e69674dced3f032dd72efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:99:88:78:b7:c6:0b:fd:f5:9d:24:5f:36:
ba:ea:b2:a7:49:2f:56:ce:87:92:79:8b:38:ce:8a:
6e:54:56:e8:94:c1:0f:d0:7b:8e:4a:1b:0c:0e:0c:
cb:88:e8:f1:2c:65:af:18:96:a5:df:af:2b:f0:c6:
5f:3b:2d:48:55:00:a0:d8:4e:d2:8f:b2:51:d8:ee:
88:3e:40:a7:bd:61:d7:cc:cf:49:84:02:9f:c0:14:
0f:02:3b:a2:af:44:c4:08:a4:56:0b:9d:2f:f3:67:
06:b6:6a:b8:50:eb:d7:41:26:c9:6c:74:37:7a:0d:
1a:29:14:84:1f:2c:c0:40:ba:ea:3c:f7:ad:af:bd:
37:24:4b:83:a8:9f:db:16:de:f9:00:3a:d8:ec:81:
72:3c:58:9d:76:98:76:ba:75:bc:20:c4:64:a9:17:
e2:aa:87:aa:92:6d:d3:de:cd:54:a7:07:ad:c9:62:
89:64:31:ff:55:e0:6b:21:84:af:88:22:8e:23:dc:
87:62:82:8c:1f:c2:e5:f9:6e:54:52:d4:2d:db:d5:
e6:42:1c:59:00:d4:ba:63:4d:88:9c:cd:38:74:78:
eb:10:d7:e4:42:cd:ea:77:4c:59:1c:51:27:aa:3a:
3d:cc:8d:4b:26:97:db:e9:fa:c7:bd:93:b9:44:51:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C5:10:66:D4:F5:3D:AE:10:E6:96:74:DC:ED:3F:03:2D:D7:2E:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/53a03e-5571-456f-88a6-831817955d33/1/d8UQZtT1Pa4Q5pZ03O0_Ay3XLv0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.166.0/24
IPv6:
2a11:240::/29
Signature Algorithm: sha256WithRSAEncryption
8c:f2:f4:6b:26:04:9b:7d:41:28:2e:f5:5f:15:c7:d8:e0:ae:
08:64:e9:dc:ec:c6:be:b4:a7:0c:c1:58:9c:6a:29:16:28:f6:
37:96:7f:45:81:f7:42:c3:f7:99:c0:b0:5f:01:e4:14:48:13:
a0:19:8d:e9:c3:20:d4:45:4e:b9:43:dc:f8:12:e3:3e:f8:b7:
22:1f:4b:f1:36:3d:1d:89:be:56:2b:df:b4:35:39:a9:c2:6b:
dd:e1:17:ba:c9:72:dc:c7:24:be:c6:5e:72:b2:83:bb:a8:7a:
f1:bb:9b:c9:60:99:56:c3:ce:b2:79:01:65:29:da:b5:fe:1d:
bb:b6:92:84:23:22:fd:01:ee:d9:cf:4d:fa:ce:fb:91:9e:ca:
5b:bd:33:3b:e2:18:65:21:ae:1c:fa:5e:d2:d7:c2:cc:c1:c6:
d1:88:77:1d:8a:03:05:3c:a5:05:0b:06:7c:74:47:12:d1:b1:
b7:76:55:ef:73:c9:c9:7b:88:c4:0c:dc:27:8f:b7:41:bd:8d:
43:4c:e6:8e:5b:e0:37:46:5c:c9:54:50:a7:61:42:db:ee:40:
89:06:b5:81:8e:57:2e:17:75:92:e7:ac:d9:0b:98:7a:de:f9:
a2:bd:24:8a:2e:93:56:66:1f:9f:66:95:bf:fa:64:7d:64:91:
51:1a:d6:5a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVxaBtT0qq17jHscsRYvI7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDczNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M1MTA2NmQ0ZjUzZGFlMTBlNjk2NzRkY2VkM2YwMzJkZDcyZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutmZiHi3xgv99Z0kXza66rKnSS9W
zoeSeYs4zopuVFbolMEP0HuOShsMDgzLiOjxLGWvGJal368r8MZfOy1IVQCg2E7S
j7JR2O6IPkCnvWHXzM9JhAKfwBQPAjuir0TECKRWC50v82cGtmq4UOvXQSbJbHQ3
eg0aKRSEHyzAQLrqPPetr703JEuDqJ/bFt75ADrY7IFyPFiddph2unW8IMRkqRfi
qoeqkm3T3s1UpwetyWKJZDH/VeBrIYSviCKOI9yHYoKMH8Ll+W5UUtQt29XmQhxZ
ANS6Y02InM04dHjrENfkQs3qd0xZHFEnqjo9zI1LJpfb6frHvZO5RFFHmwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFHfFEGbU9T2uEOaWdNztPwMt1y79MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NiLzUzYTAz
ZS01NTcxLTQ1NmYtODhhNi04MzE4MTc5NTVkMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2IvNTNhMDNl
LTU1NzEtNDU2Zi04OGE2LTgzMTgxNzk1NWQzMy8xL2Q4VVFadFQxUGE0UTVwWjAz
TzBfQXkzWEx2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuYqmMA0EAgACMAcDBQMqEQJAMA0GCSqGSIb3
DQEBCwUAA4IBAQCM8vRrJgSbfUEoLvVfFcfY4K4IZOnc7Ma+tKcMwVicaikWKPY3
ln9FgfdCw/eZwLBfAeQUSBOgGY3pwyDURU65Q9z4EuM++LciH0vxNj0dib5WK9+0
NTmpwmvd4Re6yXLcxyS+xl5ysoO7qHrxu5vJYJlWw86yeQFlKdq1/h27tpKEIyL9
Ae7Zz036zvuRnspbvTM74hhlIa4c+l7S18LMwcbRiHcdigMFPKUFCwZ8dEcS0bG3
dlXvc8nJe4jEDNwnj7dBvY1DTOaOW+A3RlzJVFCnYULb7kCJBrWBjlcuF3WS56zZ
C5h63vmivSSKLpNWZh+fZpW/+mR9ZJFRGtZa
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:11:59 2025 by rpki-client