Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oqyTBEcJC_mDoZHgp2MXq_QMc-M.cer
File: oqyTBEcJC_mDoZHgp2MXq_QMc-M.cer (raw, json)
Hash identifier: xw9WLpz8myoH6wp/cWGAOUYuDOuZXYrI53b75QkG/qs=
Subject key identifier: A2:AC:93:04:47:09:0B:F9:83:A1:91:E0:A7:63:17:AB:F4:0C:73:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185708B36E56CB0A71C0C1381FFC96E1EE1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3b/18bd82-37c8-4f57-975c-a4896d5a3887/1/oqyTBEcJC_mDoZHgp2MXq_QMc-M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3b/18bd82-37c8-4f57-975c-a4896d5a3887/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 03:34:09 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.253.32.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8b:36:e5:6c:b0:a7:1c:0c:13:81:ff:c9:6e:1e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2ac930447090bf983a191e0a76317abf40c73e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:17:83:6d:4a:c7:95:11:64:44:3a:ed:10:
0e:f9:70:de:09:4f:4a:05:c2:e9:b0:7a:97:3b:ef:
08:68:76:ea:0e:b9:82:ed:91:a0:52:c4:a7:11:1c:
6f:06:9f:11:5f:20:1e:fc:5e:86:c3:ef:3c:7d:a6:
5a:4e:cb:a4:e5:1e:a0:bd:39:a0:69:91:b6:08:fd:
53:14:16:8a:2d:89:b3:29:d4:3e:93:17:23:48:f6:
f2:ed:df:3a:84:d5:d2:31:b1:96:75:65:aa:9f:c0:
c9:5e:8e:60:b6:66:1d:e3:03:7b:8f:09:bd:94:c8:
ff:92:6a:36:29:fa:6b:8f:ba:bd:93:d2:06:fd:1b:
b1:03:2d:cc:bb:53:56:77:cb:10:1d:9a:ad:39:8c:
4b:7f:17:c4:21:f6:77:49:33:7e:36:24:71:a7:62:
74:64:b9:b6:71:37:ac:f5:d2:04:d9:1e:a6:3a:68:
07:6e:02:32:34:8d:66:d1:ca:5f:04:bc:24:dd:66:
51:4b:01:a3:df:d2:4d:51:0f:fe:4b:25:0d:95:b5:
05:d7:4a:79:a7:81:dc:09:da:b1:f1:9a:f0:02:ed:
02:ec:49:fc:bc:de:84:1f:47:54:d8:c7:2c:67:f0:
32:84:73:7d:2a:b4:0b:f2:e7:02:42:aa:e4:a7:33:
e3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AC:93:04:47:09:0B:F9:83:A1:91:E0:A7:63:17:AB:F4:0C:73:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18bd82-37c8-4f57-975c-a4896d5a3887/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/18bd82-37c8-4f57-975c-a4896d5a3887/1/oqyTBEcJC_mDoZHgp2MXq_QMc-M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.32.0/22
Signature Algorithm: sha256WithRSAEncryption
65:87:ca:a8:d0:96:09:5a:30:ba:eb:39:0c:b5:c0:af:8d:c2:
7a:1a:89:49:3d:53:c5:4d:df:27:c2:32:22:5e:86:4b:30:20:
15:76:be:74:37:e4:a3:cb:cd:b6:7e:5f:5f:f9:e8:c7:c6:d1:
10:3e:01:f1:19:58:dc:00:fc:dd:ab:1d:ae:41:c3:37:ff:2a:
e6:5c:e3:68:d4:63:66:aa:b6:bf:dc:0b:39:ef:4a:f2:a9:ae:
2f:2a:d5:f4:ad:5f:69:4e:a8:0a:56:b4:c8:fa:6c:66:3d:df:
44:e3:1b:6a:99:8f:6f:54:13:b5:55:bc:52:da:d9:27:97:43:
6f:ae:19:99:5b:28:33:1a:91:69:da:c1:da:f1:98:41:4a:a6:
54:da:af:e5:5c:ec:fd:26:78:53:47:c4:3b:ec:aa:e3:86:63:
da:85:9f:62:de:31:bc:ef:90:b5:ab:49:25:c0:66:5c:2e:10:
19:ae:64:f2:67:23:c3:81:f6:88:c5:7e:36:dc:09:5c:da:2b:
27:b4:22:6f:5f:74:34:64:a8:f7:e8:50:18:27:b0:54:56:c0:
7f:30:28:16:f0:7e:0e:da:b8:10:ca:32:b7:ff:71:88:06:a4:
d6:bb:c6:a3:4c:bf:c3:e5:c0:38:b0:70:3f:34:5f:7d:c5:94:
0e:03:b3:01
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVwizblbLCnHAwTgf/Jbh7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDMzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFjOTMwNDQ3MDkwYmY5ODNhMTkxZTBhNzYzMTdhYmY0MGM3M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVkXg21Kx5URZEQ67RAO+XDeCU9K
BcLpsHqXO+8IaHbqDrmC7ZGgUsSnERxvBp8RXyAe/F6Gw+88faZaTsuk5R6gvTmg
aZG2CP1TFBaKLYmzKdQ+kxcjSPby7d86hNXSMbGWdWWqn8DJXo5gtmYd4wN7jwm9
lMj/kmo2Kfprj7q9k9IG/RuxAy3Mu1NWd8sQHZqtOYxLfxfEIfZ3STN+NiRxp2J0
ZLm2cTes9dIE2R6mOmgHbgIyNI1m0cpfBLwk3WZRSwGj39JNUQ/+SyUNlbUF10p5
p4HcCdqx8ZrwAu0C7En8vN6EH0dU2McsZ/AyhHN9KrQL8ucCQqrkpzPjPwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFKKskwRHCQv5g6GR4KdjF6v0DHPjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNiLzE4YmQ4
Mi0zN2M4LTRmNTctOTc1Yy1hNDg5NmQ1YTM4ODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvMThiZDgy
LTM3YzgtNGY1Ny05NzVjLWE0ODk2ZDVhMzg4Ny8xL29xeVRCRWNKQ19tRG9aSGdw
Mk1YcV9RTWMtTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuf0gMA0GCSqGSIb3DQEBCwUAA4IBAQBlh8qo
0JYJWjC66zkMtcCvjcJ6GolJPVPFTd8nwjIiXoZLMCAVdr50N+Sjy822fl9f+ejH
xtEQPgHxGVjcAPzdqx2uQcM3/yrmXONo1GNmqra/3As570ryqa4vKtX0rV9pTqgK
VrTI+mxmPd9E4xtqmY9vVBO1VbxS2tknl0NvrhmZWygzGpFp2sHa8ZhBSqZU2q/l
XOz9JnhTR8Q77KrjhmPahZ9i3jG875C1q0klwGZcLhAZrmTyZyPDgfaIxX423Alc
2isntCJvX3Q0ZKj36FAYJ7BUVsB/MCgW8H4O2rgQyjK3/3GIBqTWu8ajTL/D5cA4
sHA/NF99xZQOA7MB
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:31:29 2025 by rpki-client