Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lK58OCd3vIXnJrtak8dpOL8oyWE.cer
File: lK58OCd3vIXnJrtak8dpOL8oyWE.cer (raw, json)
Hash identifier: Ru1U2r7mbiI6i3XhMaYdR/gM6ymq0lbvv1Jj7L9/hTk=
Subject key identifier: 94:AE:7C:38:27:77:BC:85:E7:26:BB:5A:93:C7:69:38:BF:28:C9:61
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856E656AC8916BA4077C7B9994D217ABA2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/lK58OCd3vIXnJrtak8dpOL8oyWE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 17:33:38 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 176.97.222.0/24
IP: 2a11:de40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:65:6a:c8:91:6b:a4:07:7c:7b:99:94:d2:17:ab:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:33:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ae7c382777bc85e726bb5a93c76938bf28c961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4a:66:be:0e:fe:d3:7d:14:54:a5:6f:15:4e:
12:b7:68:57:ac:25:36:98:d3:04:bb:01:2f:18:e6:
b3:55:28:2c:5d:88:5e:37:59:66:b6:b1:a7:19:2d:
61:4a:61:fa:86:d4:2c:4e:28:ec:9e:31:9e:0e:70:
d2:fd:40:11:39:b0:6e:67:63:20:13:bc:99:c7:d0:
ff:ae:f1:34:eb:a0:db:ad:03:56:09:b2:b3:22:38:
75:77:c6:c8:e3:4b:7e:b5:1d:01:69:a3:65:43:cd:
53:eb:61:e8:51:41:5d:33:83:e2:25:8e:45:c5:a5:
3a:68:33:eb:1a:1b:98:05:d5:2d:7a:61:f7:f5:aa:
70:e3:b4:04:35:d8:5a:78:94:4a:a7:70:74:2d:ff:
d3:97:71:ef:13:dc:a2:33:6d:29:3b:43:58:0e:e8:
a0:38:d0:b7:05:45:16:f2:34:1b:49:a0:2e:88:82:
8a:be:9d:7f:dc:e1:1a:72:e0:a3:7a:4f:65:99:30:
6d:a9:3a:f7:ec:9f:af:ea:f0:04:68:c5:e5:e1:91:
64:e0:97:4f:21:fc:17:49:c5:c1:ce:5f:5f:bf:d6:
70:80:e5:63:bd:e5:96:82:90:ef:f4:42:cb:3e:d7:
aa:d0:4c:dd:67:7b:4c:e3:a5:5c:a5:72:b9:87:47:
5b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AE:7C:38:27:77:BC:85:E7:26:BB:5A:93:C7:69:38:BF:28:C9:61
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1bda15-e882-4467-bcd9-2d8ebcabeba8/1/lK58OCd3vIXnJrtak8dpOL8oyWE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.222.0/24
IPv6:
2a11:de40::/29
Signature Algorithm: sha256WithRSAEncryption
70:e6:34:b3:a7:a4:19:21:b0:56:94:80:e3:f3:78:4b:78:6e:
b6:c3:e4:f3:9e:77:3c:fa:5f:a3:09:d0:78:0c:70:81:00:ae:
a1:2a:c5:e4:65:16:c0:d1:4a:c8:6e:87:7d:89:d7:9c:5d:87:
06:c3:c2:5b:ff:89:9b:23:f5:6b:a5:75:2f:00:1e:e0:05:0c:
f9:37:af:7a:11:da:6c:f0:4a:9c:59:be:fc:c8:b5:3b:bd:04:
79:e0:5f:86:0d:67:a5:3a:e3:0a:64:d0:b1:4e:a4:89:97:ce:
41:54:1e:44:b0:6a:46:55:ad:34:9d:a0:c9:72:47:16:f1:d7:
c6:92:db:97:78:92:f0:fb:43:d0:e1:51:e7:98:05:d9:92:50:
e3:b7:54:28:e1:72:59:6f:34:6d:98:70:b8:31:ec:16:5c:ee:
80:dc:36:e6:cc:11:f1:b1:f5:40:02:21:e4:f7:f3:37:59:ab:
2f:2d:31:96:e8:b0:33:96:5a:85:09:9c:8e:fb:ef:51:37:28:
3c:41:76:bd:5f:af:5c:ce:bc:db:af:73:81:0e:63:cd:f7:c6:
e8:35:3d:8c:90:e8:80:6d:7c:28:0f:b7:c9:58:cd:2b:4a:6f:
16:4b:6a:2f:e8:a2:ec:b4:e4:c0:5e:69:09:df:e3:5d:f0:7d:
9d:25:01:a4
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVuZWrIkWukB3x7mZTSF6uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTczMzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFlN2MzODI3NzdiYzg1ZTcyNmJiNWE5M2M3NjkzOGJmMjhjOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEpmvg7+030UVKVvFU4St2hXrCU2
mNMEuwEvGOazVSgsXYheN1lmtrGnGS1hSmH6htQsTijsnjGeDnDS/UARObBuZ2Mg
E7yZx9D/rvE066DbrQNWCbKzIjh1d8bI40t+tR0BaaNlQ81T62HoUUFdM4PiJY5F
xaU6aDPrGhuYBdUtemH39apw47QENdhaeJRKp3B0Lf/Tl3HvE9yiM20pO0NYDuig
ONC3BUUW8jQbSaAuiIKKvp1/3OEacuCjek9lmTBtqTr37J+v6vAEaMXl4ZFk4JdP
IfwXScXBzl9fv9ZwgOVjveWWgpDv9ELLPteq0EzdZ3tM46VcpXK5h0db5QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJSufDgnd7yF5ya7WpPHaTi/KMlhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIwLzFiZGEx
NS1lODgyLTQ0NjctYmNkOS0yZDhlYmNhYmViYTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvMWJkYTE1
LWU4ODItNDQ2Ny1iY2Q5LTJkOGViY2FiZWJhOC8xL2xLNThPQ2QzdklYbkpydGFr
OGRwT0w4b3lXRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAsGHeMA0EAgACMAcDBQMqEd5AMA0GCSqGSIb3
DQEBCwUAA4IBAQBw5jSzp6QZIbBWlIDj83hLeG62w+Tznnc8+l+jCdB4DHCBAK6h
KsXkZRbA0UrIbod9idecXYcGw8Jb/4mbI/VrpXUvAB7gBQz5N696Edps8EqcWb78
yLU7vQR54F+GDWelOuMKZNCxTqSJl85BVB5EsGpGVa00naDJckcW8dfGktuXeJLw
+0PQ4VHnmAXZklDjt1Qo4XJZbzRtmHC4MewWXO6A3DbmzBHxsfVAAiHk9/M3Wasv
LTGW6LAzllqFCZyO++9RNyg8QXa9X69czrzbr3OBDmPN98boNT2MkOiAbXwoD7fJ
WM0rSm8WS2ov6KLstOTAXmkJ3+Nd8H2dJQGk
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:14 2025 by rpki-client