Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qN4Je1iKD2a8arfy7R2rgD7F0E0.cer
File: qN4Je1iKD2a8arfy7R2rgD7F0E0.cer (raw, json)
Hash identifier: j+9R+puE8NDizx5o7kas1ahQc3YEnpemp025KJFAPVw=
Subject key identifier: A8:DE:09:7B:58:8A:0F:66:BC:6A:B7:F2:ED:1D:AB:80:3E:C5:D0:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9C070322B4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a2/92495c-19a3-4aca-84b3-a63f5a4308a0/1/qN4Je1iKD2a8arfy7R2rgD7F0E0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a2/92495c-19a3-4aca-84b3-a63f5a4308a0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 02:58:57 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 195.88.54.0/23
IP: 2001:67c:21e0::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 670132544180 (0x9c070322b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:58:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8de097b588a0f66bc6ab7f2ed1dab803ec5d04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:43:60:63:db:b4:9c:97:31:9d:0e:51:b4:78:
3f:db:5e:d3:c6:32:3e:9d:5b:7b:d2:ab:87:fc:1d:
ac:ba:bf:af:1c:40:b4:6f:1a:75:88:02:e2:9f:5b:
65:eb:ba:6d:41:91:c9:51:08:67:ab:ec:66:a2:0f:
fe:38:4b:4d:12:a4:5a:e6:0a:e0:94:0d:5f:81:ff:
a8:fd:66:90:3d:52:7a:bf:fa:fc:e1:df:cc:b5:71:
2f:b4:a3:cd:ce:e6:9b:5e:b3:cd:e1:1b:86:9a:9e:
a0:08:0f:39:43:1e:99:0d:8c:82:4f:8b:2c:69:4e:
55:97:9f:02:e5:a0:77:4a:fb:d5:a4:fc:a7:9b:82:
f6:73:da:c3:e2:1c:8a:f9:65:27:2f:06:d4:d8:ed:
ac:ac:ee:e3:95:36:d2:7d:59:94:f2:94:5f:31:fa:
f9:3a:77:20:75:fc:a1:f0:a8:67:6d:c6:b5:0e:f7:
f6:be:f4:3a:88:d4:b1:f7:3c:d3:ef:d3:7a:1c:de:
de:93:07:c3:6e:09:e1:1c:68:9a:06:1b:8f:ce:94:
87:95:08:ac:2d:34:25:43:1d:cf:9d:d3:2c:68:03:
c4:22:e7:67:18:73:47:57:21:55:ad:57:56:67:d8:
29:1b:9e:73:65:eb:b1:aa:2b:a5:46:8c:cb:b2:4b:
4f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DE:09:7B:58:8A:0F:66:BC:6A:B7:F2:ED:1D:AB:80:3E:C5:D0:4D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/92495c-19a3-4aca-84b3-a63f5a4308a0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/92495c-19a3-4aca-84b3-a63f5a4308a0/1/qN4Je1iKD2a8arfy7R2rgD7F0E0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.54.0/23
IPv6:
2001:67c:21e0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:11:cd:e2:08:73:88:d9:cc:04:1e:b6:a2:6a:a5:d0:47:10:
09:0a:bb:bc:74:ae:a6:8f:76:25:ed:bb:d8:38:bc:2f:10:03:
cd:3f:de:6f:23:40:0f:ea:01:b4:1d:93:4f:18:54:e9:4b:95:
35:84:ae:b3:4c:6e:f4:22:e3:02:a6:e2:6b:7b:4c:ea:d4:47:
aa:a1:0b:75:2a:2e:4d:8e:f8:1a:67:0d:4c:70:67:9e:0f:33:
1c:94:64:36:6c:1a:ff:58:6f:78:84:71:2a:ed:b6:05:72:dd:
3a:55:54:68:95:68:24:66:ef:8c:f3:cc:ce:36:f3:4a:32:64:
5b:bd:90:c8:c4:37:31:a7:c3:7f:9c:bd:f4:cc:fe:1f:46:ec:
04:17:ec:fa:ee:cc:fd:ce:b1:89:39:0c:04:2f:e6:ed:6f:f1:
d3:61:bd:01:17:de:ee:f0:b7:03:a6:95:74:e3:a3:ff:41:08:
4d:9b:86:93:c3:b8:ea:be:45:b0:f1:78:c5:a0:9d:a6:90:f6:
d6:8e:5d:7d:4e:8a:08:c6:4f:7e:85:b9:6e:2c:6a:86:fe:02:
50:af:4e:06:f2:20:1c:17:87:37:e3:ff:89:cf:fc:37:01:50:
f1:fd:2e:2b:23:69:0e:c4:36:17:a6:96:26:34:23:62:25:16:
58:86:9e:05
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIGAJwHAyK0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDI1ODU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhOGRlMDk3YjU4
OGEwZjY2YmM2YWI3ZjJlZDFkYWI4MDNlYzVkMDRkMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAwkNgY9u0nJcxnQ5RtHg/217TxjI+nVt70quH/B2sur+v
HEC0bxp1iALin1tl67ptQZHJUQhnq+xmog/+OEtNEqRa5grglA1fgf+o/WaQPVJ6
v/r84d/MtXEvtKPNzuabXrPN4RuGmp6gCA85Qx6ZDYyCT4ssaU5Vl58C5aB3SvvV
pPynm4L2c9rD4hyK+WUnLwbU2O2srO7jlTbSfVmU8pRfMfr5Oncgdfyh8Khnbca1
Dvf2vvQ6iNSx9zzT79N6HN7ekwfDbgnhHGiaBhuPzpSHlQisLTQlQx3PndMsaAPE
IudnGHNHVyFVrVdWZ9gpG55zZeuxqiulRozLsktPeQIDAQABo4IClTCCApEwHQYD
VR0OBBYEFKjeCXtYig9mvGq38u0dq4A+xdBNMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EyLzkyNDk1Yy0xOWEzLTRhY2Et
ODRiMy1hNjNmNWE0MzA4YTAvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvOTI0OTVjLTE5YTMtNGFjYS04
NGIzLWE2M2Y1YTQzMDhhMC8xL3FONEplMWlLRDJhOGFyZnk3UjJyZ0Q3RjBFMC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAM
BAIAATAGAwQBw1g2MA8EAgACMAkDBwAgAQZ8IeAwDQYJKoZIhvcNAQELBQADggEB
AKwRzeIIc4jZzAQetqJqpdBHEAkKu7x0rqaPdiXtu9g4vC8QA80/3m8jQA/qAbQd
k08YVOlLlTWErrNMbvQi4wKm4mt7TOrUR6qhC3UqLk2O+BpnDUxwZ54PMxyUZDZs
Gv9Yb3iEcSrttgVy3TpVVGiVaCRm74zzzM4280oyZFu9kMjENzGnw3+cvfTM/h9G
7AQX7PruzP3OsYk5DAQv5u1v8dNhvQEX3u7wtwOmlXTjo/9BCE2bhpPDuOq+RbDx
eMWgnaaQ9taOXX1OigjGT36FuW4saob+AlCvTgbyIBwXhzfj/4nP/DcBUPH9Lisj
aQ7ENhemliY0I2IlFliGngU=
-----END CERTIFICATE-----
Generated at Wed Mar 12 17:29:57 2025 by rpki-client