Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/halvDTq-apwU55KnEVbTxu_P1M0.cer
File: halvDTq-apwU55KnEVbTxu_P1M0.cer (raw, json)
Hash identifier: 2K6Otj8LkP8Mj1HrK3Bb6LWAiGjiHoeWFhu7Jsp4+WY=
Subject key identifier: 85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856EFBE11443371F60990AB48170B6198C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/halvDTq-apwU55KnEVbTxu_P1M0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 20:17:59 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 195.225.81.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:fb:e1:14:43:37:1f:60:99:0a:b4:81:70:b6:19:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:17:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a96f0d3abe6a9c14e792a71156d3c6efcfd4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:66:51:dc:5d:e2:64:38:5b:be:82:05:63:0c:
a7:82:1b:cc:31:e7:da:fa:31:28:da:ca:09:4a:f3:
c8:8e:94:4e:2d:76:ed:6f:84:81:c8:6e:d7:e9:6e:
c1:30:b9:f0:ff:78:d7:1c:c5:7e:b5:8f:c7:06:06:
da:d0:9f:a9:e8:6c:e6:bb:c1:86:18:ef:a0:47:d5:
ec:b5:3d:2a:42:bd:df:ee:2e:68:f6:f9:bc:95:1e:
25:3d:98:d1:2c:a2:63:14:65:83:17:6e:ff:93:cf:
8a:4e:79:79:fe:e6:4f:34:64:e7:4d:e9:bd:3a:c8:
31:f4:3c:5e:fd:b7:54:ac:a2:90:f9:73:90:98:a3:
f5:dd:2f:22:32:9d:c7:3a:43:c5:97:e7:6e:df:36:
8b:d7:0b:b2:43:df:0a:a2:60:cb:ce:90:9f:e4:b3:
e6:82:60:fa:ba:0e:36:d4:85:fc:66:63:b9:15:30:
f5:f9:3b:73:23:7b:13:4d:63:dd:c9:c5:76:8b:07:
e9:7a:3d:79:f9:6a:f8:d7:34:c0:9c:78:83:d2:33:
ee:1c:50:43:7f:d7:96:ec:2b:1a:71:e7:2d:28:57:
3e:e4:af:6f:88:2a:19:fb:f8:d0:ca:64:bd:5e:11:
94:44:a0:8f:9d:0f:c3:1b:a2:a5:08:c0:b0:d3:5f:
78:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/halvDTq-apwU55KnEVbTxu_P1M0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.81.0/24
Signature Algorithm: sha256WithRSAEncryption
37:4c:e9:1f:9b:49:08:8d:f1:01:5b:13:5d:9b:81:47:50:67:
cf:82:38:b8:8e:f2:8c:16:a5:63:ed:31:d0:a2:40:89:a4:88:
7c:4e:c2:a3:46:2d:f2:fd:26:b8:19:c0:66:34:a5:e2:34:05:
92:84:02:a2:68:db:11:bc:e3:2d:46:91:00:d0:14:7d:ce:64:
1e:f1:6e:a8:cd:27:1e:a6:d4:5f:91:f7:17:c5:86:9e:35:9c:
eb:34:d8:64:a4:f1:7d:f0:7c:15:3e:1e:6e:08:8b:6d:8a:92:
26:16:06:69:5e:f8:10:4b:66:3c:84:9b:31:a1:8d:93:46:e0:
c8:39:7d:f8:f7:0a:8d:9a:f4:bf:a7:3c:74:8f:48:4d:7e:f7:
43:db:27:c6:90:9b:26:6d:86:ba:78:99:d4:88:8b:3e:1f:6e:
26:27:d3:27:ad:6d:86:e2:8b:bd:1b:a9:09:7b:34:e1:89:23:
7c:3e:df:d0:8b:f4:72:d2:5e:05:d0:56:5d:72:83:31:00:9b:
7c:06:63:c0:18:4e:67:53:48:4a:54:39:a1:f2:d0:9b:7f:88:
90:ec:6a:3d:0f:bf:d6:44:fa:c4:32:ef:35:09:aa:94:5b:68:
ae:23:fe:dd:63:b8:1a:d2:5c:71:a1:94:b7:7f:45:bf:db:1b:
af:ba:60:ef
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVu++EUQzcfYJkKtIFwthmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjAxNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE5NmYwZDNhYmU2YTljMTRlNzkyYTcxMTU2ZDNjNmVmY2ZkNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWZR3F3iZDhbvoIFYwynghvMMefa
+jEo2soJSvPIjpROLXbtb4SByG7X6W7BMLnw/3jXHMV+tY/HBgba0J+p6Gzmu8GG
GO+gR9XstT0qQr3f7i5o9vm8lR4lPZjRLKJjFGWDF27/k8+KTnl5/uZPNGTnTem9
Osgx9Dxe/bdUrKKQ+XOQmKP13S8iMp3HOkPFl+du3zaL1wuyQ98KomDLzpCf5LPm
gmD6ug421IX8ZmO5FTD1+TtzI3sTTWPdycV2iwfpej15+Wr41zTAnHiD0jPuHFBD
f9eW7CsacectKFc+5K9viCoZ+/jQymS9XhGURKCPnQ/DG6KlCMCw0194xwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIWpbw06vmqcFOeSpxFW08bvz9TNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZiLzFlNWQ2
Ny1mNjI2LTQ5MjUtOThmMy0yMGRjN2UwNTcyZjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIvMWU1ZDY3
LWY2MjYtNDkyNS05OGYzLTIwZGM3ZTA1NzJmNC8xL2hhbHZEVHEtYXB3VTU1S25F
VmJUeHVfUDFNMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw+FRMA0GCSqGSIb3DQEBCwUAA4IBAQA3TOkf
m0kIjfEBWxNdm4FHUGfPgji4jvKMFqVj7THQokCJpIh8TsKjRi3y/Sa4GcBmNKXi
NAWShAKiaNsRvOMtRpEA0BR9zmQe8W6ozSceptRfkfcXxYaeNZzrNNhkpPF98HwV
Ph5uCIttipImFgZpXvgQS2Y8hJsxoY2TRuDIOX349wqNmvS/pzx0j0hNfvdD2yfG
kJsmbYa6eJnUiIs+H24mJ9MnrW2G4ou9G6kJezThiSN8Pt/Qi/Ry0l4F0FZdcoMx
AJt8BmPAGE5nU0hKVDmh8tCbf4iQ7Go9D7/WRPrEMu81CaqUW2iuI/7dY7ga0lxx
oZS3f0W/2xuvumDv
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:28:47 2025 by rpki-client