Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qU8KMqYC1kH7KE2ZKNMr-E9gpNw.cer
File: qU8KMqYC1kH7KE2ZKNMr-E9gpNw.cer (raw, json)
Hash identifier: zjOh9xdE1pSvg7ReSylz3S4O32PaEPeV6H/eNYHFhrc=
Subject key identifier: A9:4F:0A:32:A6:02:D6:41:FB:28:4D:99:28:D3:2B:F8:4F:60:A4:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856BD0A19B4121D0AF5728A48AEF6DA8DF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ed/eb38d3-a4a1-4869-893f-b4605a8b24ba/1/qU8KMqYC1kH7KE2ZKNMr-E9gpNw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ed/eb38d3-a4a1-4869-893f-b4605a8b24ba/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 05:31:53 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.3.184.0/24
IP: 2a11:f840::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d0:a1:9b:41:21:d0:af:57:28:a4:8a:ef:6d:a8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:31:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a94f0a32a602d641fb284d9928d32bf84f60a4dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cb:dd:02:69:ab:4e:2e:66:7e:15:0b:00:9c:
91:08:de:64:fd:3b:c2:23:52:84:3a:b0:0a:d4:35:
3a:b0:0c:a0:d3:99:b6:f8:ed:8d:e9:91:35:8b:a0:
8f:05:a5:77:ce:e8:be:20:6f:52:ef:ce:f4:3c:1e:
70:53:9d:4c:2c:4d:c7:de:0a:33:c3:15:13:7f:d9:
8f:ff:e0:0a:8c:a3:bd:ed:db:03:fb:84:06:99:58:
f1:7a:b0:51:45:e8:bf:0d:5b:db:66:52:5d:ea:ea:
63:72:00:1d:ef:4e:51:5a:89:b3:23:4b:48:7f:bb:
25:fa:26:a6:f7:d5:2c:26:20:65:91:1b:2c:84:2b:
e2:78:b5:61:3f:b7:fa:ff:26:47:ac:52:94:01:21:
4d:4c:95:45:1f:a1:38:91:8f:54:4c:52:e8:10:d6:
91:ca:8a:b9:db:5b:76:18:b7:c9:fb:f5:86:6a:da:
71:e6:0a:78:2b:3b:b1:be:30:22:62:6c:dd:28:fd:
d1:df:4f:c6:6d:a9:6a:df:79:f7:f9:34:f9:29:ad:
d5:19:42:25:06:68:58:23:ea:41:e2:0f:a4:68:ed:
fe:a4:58:d7:1b:6e:36:ed:86:d1:12:54:da:9b:af:
8d:10:2c:ba:d3:a4:20:97:4c:31:b7:f5:74:c9:46:
04:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4F:0A:32:A6:02:D6:41:FB:28:4D:99:28:D3:2B:F8:4F:60:A4:DC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/eb38d3-a4a1-4869-893f-b4605a8b24ba/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/eb38d3-a4a1-4869-893f-b4605a8b24ba/1/qU8KMqYC1kH7KE2ZKNMr-E9gpNw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.184.0/24
IPv6:
2a11:f840::/29
Signature Algorithm: sha256WithRSAEncryption
7c:24:f1:52:bf:14:99:a2:87:f8:81:84:13:6d:d3:98:76:83:
52:0f:95:1e:1a:54:bd:4d:9b:7e:49:95:46:aa:a3:43:90:32:
6b:90:85:0c:da:d3:c4:40:25:02:00:e5:e2:a0:10:89:80:e8:
70:e4:fe:d8:9e:88:e7:e2:b9:74:36:20:17:82:8c:db:31:80:
05:61:71:0e:99:67:6e:8c:6f:61:7f:61:4b:ff:ff:df:45:20:
fa:f8:f3:c7:46:e2:de:65:0a:37:4b:20:96:77:c8:3e:db:18:
60:1a:66:1f:d8:42:77:e8:16:68:6c:5d:3c:74:fb:d6:82:aa:
29:9b:e6:4b:49:79:41:7f:d3:ee:29:68:fd:f0:b2:df:18:1a:
19:66:36:25:d0:3e:c8:90:d4:7e:06:ac:42:43:78:05:e4:46:
0e:89:b9:6e:c8:92:e5:bb:a8:6e:ec:9a:4f:4c:9d:b1:bc:24:
77:fd:f1:21:12:84:57:2d:0a:c5:5f:5c:c4:9c:3b:6a:17:39:
4b:2a:05:43:17:d1:70:75:9b:fe:71:24:97:f8:72:03:2e:48:
e1:8f:0f:d6:74:64:df:62:ae:82:6b:8a:e9:80:4f:79:5d:29:
09:b9:1f:5c:a5:bc:d6:9e:36:e0:73:68:5a:76:97:41:bf:34:
7b:a0:21:f2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVr0KGbQSHQr1copIrvbajfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDUzMTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRmMGEzMmE2MDJkNjQxZmIyODRkOTkyOGQzMmJmODRmNjBhNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsvdAmmrTi5mfhULAJyRCN5k/TvC
I1KEOrAK1DU6sAyg05m2+O2N6ZE1i6CPBaV3zui+IG9S7870PB5wU51MLE3H3goz
wxUTf9mP/+AKjKO97dsD+4QGmVjxerBRRei/DVvbZlJd6upjcgAd705RWomzI0tI
f7sl+iam99UsJiBlkRsshCvieLVhP7f6/yZHrFKUASFNTJVFH6E4kY9UTFLoENaR
yoq521t2GLfJ+/WGatpx5gp4KzuxvjAiYmzdKP3R30/Gbalq33n3+TT5Ka3VGUIl
BmhYI+pB4g+kaO3+pFjXG2427YbRElTam6+NECy606Qgl0wxt/V0yUYElQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFKlPCjKmAtZB+yhNmSjTK/hPYKTcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkL2ViMzhk
My1hNGExLTQ4NjktODkzZi1iNDYwNWE4YjI0YmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvZWIzOGQz
LWE0YTEtNDg2OS04OTNmLWI0NjA1YThiMjRiYS8xL3FVOEtNcVlDMWtIN0tFMlpL
Tk1yLUU5Z3BOdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwQO4MA0EAgACMAcDBQMqEfhAMA0GCSqGSIb3
DQEBCwUAA4IBAQB8JPFSvxSZoof4gYQTbdOYdoNSD5UeGlS9TZt+SZVGqqNDkDJr
kIUM2tPEQCUCAOXioBCJgOhw5P7Ynojn4rl0NiAXgozbMYAFYXEOmWdujG9hf2FL
///fRSD6+PPHRuLeZQo3SyCWd8g+2xhgGmYf2EJ36BZobF08dPvWgqopm+ZLSXlB
f9PuKWj98LLfGBoZZjYl0D7IkNR+BqxCQ3gF5EYOibluyJLlu6hu7JpPTJ2xvCR3
/fEhEoRXLQrFX1zEnDtqFzlLKgVDF9FwdZv+cSSX+HIDLkjhjw/WdGTfYq6Ca4rp
gE95XSkJuR9cpbzWnjbgc2hadpdBvzR7oCHy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:21 2025 by rpki-client