Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oRUQDgzID1tQF7yGGHsHH7HM4gA.cer
File: oRUQDgzID1tQF7yGGHsHH7HM4gA.cer (raw, json)
Hash identifier: PN5AaIaHqMryhiUOrYwkfyGF/zAg9LLNnqFYXR4xviA=
Subject key identifier: A1:15:10:0E:0C:C8:0F:5B:50:17:BC:86:18:7B:07:1F:B1:CC:E2:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018ADB0CEE965368D5E7FFE5DA21DD7182B7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.roa.net/rrdp/xTom/48/A115100E0CC80F5B5017BC86187B071FB1CCE200.mft
caRepository: rsync://rpki.roa.net/rrdp/xTom/48/
Notify URL: https://rpki.roa.net/rrdp/notification.xml
Certificate not before: Thu 28 Sep 2023 09:09:32 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.120.183.0/24
IP: 2a07:46c0::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:0c:ee:96:53:68:d5:e7:ff:e5:da:21:dd:71:82:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 28 09:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a115100e0cc80f5b5017bc86187b071fb1cce200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:b5:47:8d:9c:4c:8c:25:bf:9d:9c:25:c8:
65:18:2c:96:0d:ac:db:b3:77:60:be:5f:1e:08:2e:
78:74:1a:cb:74:72:82:af:3a:2b:aa:7d:a2:ce:50:
d7:e5:8f:b1:c7:d7:b6:24:f3:19:04:55:f6:91:18:
ce:74:79:14:e9:b4:ef:b5:41:f5:19:91:0f:5d:c2:
42:01:c3:4b:0a:9a:e2:34:a6:d1:f4:20:d9:12:bc:
58:c5:c4:45:40:30:2c:52:94:fc:ea:6e:ab:c7:b2:
0a:b5:1a:b1:a7:01:62:f7:23:48:51:7e:f2:ac:96:
9a:6c:07:93:64:57:3e:c2:45:71:e3:2e:f3:0e:04:
be:48:1d:07:c1:f3:5c:81:f4:cb:59:3c:63:fa:00:
0f:54:34:11:d4:df:6b:44:e5:77:22:b3:54:ba:14:
e8:17:02:8b:11:b8:48:9a:a3:71:2f:c9:13:8f:48:
6c:01:35:da:1e:ab:39:ae:2a:e8:e6:b4:09:e9:a0:
e6:5f:9f:97:2f:6e:d5:e2:72:11:d9:f0:86:75:eb:
de:03:2c:c2:2f:cc:3e:2f:99:55:59:c2:12:11:33:
dd:b0:b3:f9:44:ce:14:87:a7:fd:b5:be:af:8c:07:
1b:29:a6:27:70:da:6d:34:9c:7b:0e:01:50:ea:19:
d2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:15:10:0E:0C:C8:0F:5B:50:17:BC:86:18:7B:07:1F:B1:CC:E2:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.roa.net/rrdp/xTom/48/
RPKI Manifest - URI:rsync://rpki.roa.net/rrdp/xTom/48/A115100E0CC80F5B5017BC86187B071FB1CCE200.mft
RPKI Notify - URI:https://rpki.roa.net/rrdp/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.183.0/24
IPv6:
2a07:46c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:75:c5:12:af:fb:1a:f4:a5:5c:15:05:b3:5e:e3:c4:76:44:
db:ee:4b:a1:17:ff:6c:7d:aa:8b:47:6b:7c:1a:e8:98:61:65:
db:61:6d:f8:28:db:df:19:e7:23:43:a2:ad:96:b7:be:e3:ff:
fc:93:e4:ed:42:e8:db:fc:8c:94:74:55:ac:34:1c:54:9d:cb:
d8:9f:4f:3b:6d:76:8b:a7:0b:6f:63:00:93:67:47:09:97:af:
99:34:ad:94:fc:d5:42:82:67:ae:d6:92:46:b1:1b:96:fb:ff:
ca:b5:37:bc:2b:4a:a5:d3:77:4c:20:79:5e:20:30:70:d5:04:
46:7c:d2:c8:18:01:a5:d9:23:59:3b:a4:2d:d6:27:39:cd:42:
ae:1c:19:f2:36:25:06:2d:69:82:5b:92:d0:f5:9a:68:2f:39:
be:a9:18:79:5f:02:e8:4e:ca:84:b1:4c:3d:98:88:14:df:4d:
de:23:29:7c:41:0f:da:5d:c4:66:0e:e5:00:d1:8b:1c:b2:11:
32:c5:18:eb:6a:38:ce:c8:59:2b:bb:69:d5:3b:db:9b:b8:aa:
b4:b7:e0:44:cc:d1:bb:9b:a4:c6:78:50:82:38:7f:86:25:1c:
bf:58:5d:47:bf:0a:ca:7c:d5:df:0e:12:e2:c7:ef:36:f0:ee:
3b:20:10:e7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYrbDO6WU2jV5//l2iHdcYK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTI4MDkwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE1MTAwZTBjYzgwZjViNTAxN2JjODYxODdiMDcxZmIxY2NlMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKC1R42cTIwlv52cJchlGCyWDazb
s3dgvl8eCC54dBrLdHKCrzorqn2izlDX5Y+xx9e2JPMZBFX2kRjOdHkU6bTvtUH1
GZEPXcJCAcNLCpriNKbR9CDZErxYxcRFQDAsUpT86m6rx7IKtRqxpwFi9yNIUX7y
rJaabAeTZFc+wkVx4y7zDgS+SB0HwfNcgfTLWTxj+gAPVDQR1N9rROV3IrNUuhTo
FwKLEbhImqNxL8kTj0hsATXaHqs5riro5rQJ6aDmX5+XL27V4nIR2fCGdeveAyzC
L8w+L5lVWcISETPdsLP5RM4Uh6f9tb6vjAcbKaYncNptNJx7DgFQ6hnS+QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKEVEA4MyA9bUBe8hhh7Bx+xzOIAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdQGCCsGAQUFBwELBIHHMIHEMC4GCCsGAQUFBzAFhiJyc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDgvMFoGCCsGAQUFBzAKhk5yc3lu
YzovL3Jwa2kucm9hLm5ldC9ycmRwL3hUb20vNDgvQTExNTEwMEUwQ0M4MEY1QjUw
MTdCQzg2MTg3QjA3MUZCMUNDRTIwMC5tZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8v
cnBraS5yb2EubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0tw
U28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALl4tzANBAIAAjAH
AwUDKgdGwDANBgkqhkiG9w0BAQsFAAOCAQEApnXFEq/7GvSlXBUFs17jxHZE2+5L
oRf/bH2qi0drfBromGFl22Ft+Cjb3xnnI0OirZa3vuP//JPk7ULo2/yMlHRVrDQc
VJ3L2J9PO212i6cLb2MAk2dHCZevmTStlPzVQoJnrtaSRrEblvv/yrU3vCtKpdN3
TCB5XiAwcNUERnzSyBgBpdkjWTukLdYnOc1CrhwZ8jYlBi1pgluS0PWaaC85vqkY
eV8C6E7KhLFMPZiIFN9N3iMpfEEP2l3EZg7lANGLHLIRMsUY62o4zshZK7tp1Tvb
m7iqtLfgRMzRu5ukxnhQgjh/hiUcv1hdR78KynzV3w4S4sfvNvDuOyAQ5w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:12:39 2025 by rpki-client