Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iOqNgCiO3alNlbYwi_FZpSbGN0U.cer
File: iOqNgCiO3alNlbYwi_FZpSbGN0U.cer (raw, json)
Hash identifier: fSsPAQcgTqNZb7w8ZWFFOc6rmB9RlQ3E3f3Km4GM9QA=
Subject key identifier: 88:EA:8D:80:28:8E:DD:A9:4D:95:B6:30:8B:F1:59:A5:26:C6:37:45
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856ED41F8D145D73C4FC9C096A2B461760
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/iOqNgCiO3alNlbYwi_FZpSbGN0U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 19:34:33 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.3.188.0/24
IP: 2a12:a000::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:1f:8d:14:5d:73:c4:fc:9c:09:6a:2b:46:17:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:34:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88ea8d80288edda94d95b6308bf159a526c63745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:98:80:28:40:05:55:12:c7:e9:45:45:e3:07:
a1:47:e4:09:c0:74:dd:86:32:76:b9:d0:0e:f8:36:
93:d0:5e:4f:c7:cd:5f:fe:bd:c3:b9:cc:32:2d:d2:
5f:ec:bc:e6:16:3a:ae:10:d8:10:b4:f7:33:93:0c:
db:7a:42:98:0e:ae:0d:fc:6d:cf:4e:0e:fe:6f:bd:
57:c6:f6:49:0e:e9:66:9a:e5:90:7c:eb:a8:81:f6:
56:56:0b:4a:6f:dc:9f:ee:1c:4e:6b:66:4b:f1:2a:
43:f7:62:68:5a:a7:e8:ce:e6:79:eb:80:31:e8:f9:
49:2f:29:e4:23:ab:7a:db:87:07:17:47:24:4d:19:
76:22:c9:37:87:f5:4b:c4:5e:17:f8:d4:30:88:cb:
fa:da:e0:54:76:cd:de:61:36:1b:e2:e5:d3:71:5f:
b5:53:52:3e:e3:0d:d6:69:3d:69:3c:98:72:36:6d:
94:49:ec:4a:56:63:3d:63:b8:70:9d:9d:d8:a5:24:
50:5b:c5:16:9d:52:33:64:29:c5:f3:98:39:33:34:
d1:46:b3:ea:26:37:b7:1f:d1:10:a4:a8:0f:13:df:
d0:d1:db:28:6b:5b:1d:e2:e4:a5:1c:64:ee:45:73:
15:bb:d2:60:2d:f5:b7:9e:d4:57:1e:c0:9c:ff:13:
56:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EA:8D:80:28:8E:DD:A9:4D:95:B6:30:8B:F1:59:A5:26:C6:37:45
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3bf92d-1c59-474b-8865-bbe4cf13583f/1/iOqNgCiO3alNlbYwi_FZpSbGN0U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.188.0/24
IPv6:
2a12:a000::/29
Signature Algorithm: sha256WithRSAEncryption
86:56:33:99:fe:d1:91:d0:76:c2:0e:a9:54:a1:a2:b1:7d:c5:
01:a5:70:2c:df:b6:b6:fe:24:de:79:2a:94:58:de:f3:05:ee:
25:42:3a:2e:9c:5f:e5:75:7f:7e:65:90:7c:34:16:90:b6:b6:
9c:87:6b:00:d8:bc:fa:a9:0e:72:84:b5:e3:29:05:1c:b7:ca:
1a:85:b0:7a:2b:24:1b:12:4f:35:58:35:a9:63:94:59:14:08:
39:6a:1c:e6:6e:0a:e0:3b:e5:f7:ce:83:df:57:21:ec:27:eb:
0c:81:57:e8:ed:9d:83:87:83:ab:aa:00:58:72:bd:ef:7d:dd:
17:1e:44:8e:48:9f:99:22:4f:8f:ea:d3:ca:ee:9b:20:59:3a:
34:11:36:5e:ca:97:f1:3b:fc:e9:9f:da:16:db:1a:80:45:2d:
82:15:4a:9e:2f:b7:be:67:d7:67:19:fa:ba:60:a1:d6:bd:02:
c7:24:41:f7:43:a3:82:05:03:3e:17:5d:97:8c:48:6f:89:c4:
95:64:b2:db:e7:69:ad:17:e6:bb:a8:90:80:f5:f1:a3:d0:80:
47:33:76:e0:9f:79:59:05:3d:11:da:5a:b6:ce:cd:a6:3d:f8:
eb:89:37:3e:39:fa:ea:0c:6d:63:87:b5:ce:9d:51:e9:72:0a:
31:e8:61:92
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVu1B+NFF1zxPycCWorRhdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTkzNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVhOGQ4MDI4OGVkZGE5NGQ5NWI2MzA4YmYxNTlhNTI2YzYzNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZiAKEAFVRLH6UVF4wehR+QJwHTd
hjJ2udAO+DaT0F5Px81f/r3DucwyLdJf7LzmFjquENgQtPczkwzbekKYDq4N/G3P
Tg7+b71XxvZJDulmmuWQfOuogfZWVgtKb9yf7hxOa2ZL8SpD92JoWqfozuZ564Ax
6PlJLynkI6t624cHF0ckTRl2Isk3h/VLxF4X+NQwiMv62uBUds3eYTYb4uXTcV+1
U1I+4w3WaT1pPJhyNm2USexKVmM9Y7hwnZ3YpSRQW8UWnVIzZCnF85g5MzTRRrPq
Jje3H9EQpKgPE9/Q0dsoa1sd4uSlHGTuRXMVu9JgLfW3ntRXHsCc/xNWgQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFIjqjYAojt2pTZW2MIvxWaUmxjdFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgxLzNiZjky
ZC0xYzU5LTQ3NGItODg2NS1iYmU0Y2YxMzU4M2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvM2JmOTJk
LTFjNTktNDc0Yi04ODY1LWJiZTRjZjEzNTgzZi8xL2lPcU5nQ2lPM2FsTmxiWXdp
X0ZacFNiR04wVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwQO8MA0EAgACMAcDBQMqEqAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCGVjOZ/tGR0HbCDqlUoaKxfcUBpXAs37a2/iTeeSqUWN7zBe4l
QjounF/ldX9+ZZB8NBaQtrach2sA2Lz6qQ5yhLXjKQUct8oahbB6KyQbEk81WDWp
Y5RZFAg5ahzmbgrgO+X3zoPfVyHsJ+sMgVfo7Z2Dh4OrqgBYcr3vfd0XHkSOSJ+Z
Ik+P6tPK7psgWTo0ETZeypfxO/zpn9oW2xqARS2CFUqeL7e+Z9dnGfq6YKHWvQLH
JEH3Q6OCBQM+F12XjEhvicSVZLLb52mtF+a7qJCA9fGj0IBHM3bgn3lZBT0R2lq2
zs2mPfjriTc+OfrqDG1jh7XOnVHpcgox6GGS
-----END CERTIFICATE-----
Generated at Wed Mar 12 17:01:10 2025 by rpki-client