Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rDRefFkgzImj6mytor5QUoNoQnA.cer
File: rDRefFkgzImj6mytor5QUoNoQnA.cer (raw, json)
Hash identifier: lTpWQe0OqPGqaqg7XK7rliEoSmLA4HMj5vx9G9fdfeI=
Subject key identifier: AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018B8F8E7068358C3CD4F1C8B7DFB93374E6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/rDRefFkgzImj6mytor5QUoNoQnA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Nov 2023 10:22:38 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 62.3.54.0/24
IP: 2a14:6a00::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:8e:70:68:35:8c:3c:d4:f1:c8:b7:df:b9:33:74:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 2 10:22:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac345e7c5920cc89a3ea6cada2be505283684270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:68:54:07:09:3c:82:b1:b1:f4:6b:0b:9e:a5:
b3:7e:61:51:0f:5b:46:43:26:c7:49:bd:e8:28:ad:
54:7f:5a:50:97:5b:d9:5f:0a:53:58:68:19:71:90:
45:39:46:dc:ad:09:77:2f:11:5e:ab:2e:c7:50:86:
eb:e1:95:2d:55:9f:d5:c6:b5:49:d7:83:55:61:2b:
88:b8:e4:f5:20:26:4b:cc:1c:20:6f:fe:a0:7d:6d:
95:92:50:54:2d:5e:1e:cb:17:a2:93:f8:03:c2:57:
2e:6a:cf:74:d1:78:56:64:b2:2d:0a:16:d6:93:03:
bf:6e:cb:5d:14:0d:53:40:f2:34:82:0e:62:9b:83:
f5:58:44:3f:5b:26:03:dc:f6:83:79:14:4a:8a:b4:
62:6e:74:8b:d5:d7:05:8a:18:00:c8:47:9f:3e:a7:
c7:da:a3:9f:f5:bf:73:f4:d8:97:40:c9:5c:c7:8e:
b0:69:cb:9e:b3:0a:ad:0a:c6:45:2e:73:31:0b:81:
46:b5:da:e1:a3:ac:56:6c:e3:6c:bd:5e:43:db:83:
f0:8d:3d:6a:dd:63:bc:da:31:03:67:2d:d5:0f:3e:
1f:84:e1:e2:f7:07:62:e0:90:67:c7:38:21:7d:24:
92:dd:e6:dd:eb:d8:09:5a:c1:c7:74:e1:cc:2e:d6:
51:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/rDRefFkgzImj6mytor5QUoNoQnA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.54.0/24
IPv6:
2a14:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
17:0c:c8:03:3f:a7:a4:b0:2b:b1:15:dc:44:6f:68:04:37:f6:
16:26:99:7c:01:dd:e4:16:88:ea:f8:27:45:5f:11:f5:ac:54:
35:16:b7:ef:82:3e:38:f3:4b:e4:59:01:3c:7c:6b:50:db:74:
c2:a1:07:0a:e0:32:87:0a:4d:2d:12:99:e2:fd:d9:93:83:47:
f1:43:2d:fb:35:2c:5f:18:b5:1b:60:79:8e:0f:31:4c:f9:fc:
e8:73:e3:a2:ac:a1:a2:74:06:35:c9:44:69:7c:b8:14:52:23:
a8:21:70:0a:97:19:db:46:04:98:32:84:2f:8c:d2:f5:49:aa:
01:fc:f7:6c:7d:96:61:f5:f9:0c:7b:f0:0f:9b:cf:d7:30:ee:
14:2f:ee:7a:db:16:48:e3:97:77:bb:7b:7b:96:85:4a:90:cf:
4b:b1:55:dd:c6:57:48:5d:f3:0b:03:88:2a:57:9b:92:19:d4:
61:f7:30:59:f3:63:97:24:81:31:7b:87:1f:c8:8b:fe:a2:87:
1d:78:a2:29:4b:8d:03:6e:11:0b:0c:21:5d:64:13:18:12:de:
f8:42:68:d2:9d:03:43:b8:fe:a6:da:bd:bf:91:99:08:75:c0:
50:b2:cf:50:78:6a:4d:a2:b1:fe:0e:fc:b9:24:88:3c:82:fb:
9a:ad:cf:90
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYuPjnBoNYw81PHIt9+5M3TmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMxMTAyMTAyMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM0NWU3YzU5MjBjYzg5YTNlYTZjYWRhMmJlNTA1MjgzNjg0MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WhUBwk8grGx9GsLnqWzfmFRD1tG
QybHSb3oKK1Uf1pQl1vZXwpTWGgZcZBFOUbcrQl3LxFeqy7HUIbr4ZUtVZ/VxrVJ
14NVYSuIuOT1ICZLzBwgb/6gfW2VklBULV4eyxeik/gDwlcuas900XhWZLItChbW
kwO/bstdFA1TQPI0gg5im4P1WEQ/WyYD3PaDeRRKirRibnSL1dcFihgAyEefPqfH
2qOf9b9z9NiXQMlcx46wacueswqtCsZFLnMxC4FGtdrho6xWbONsvV5D24PwjT1q
3WO82jEDZy3VDz4fhOHi9wdi4JBnxzghfSSS3ebd69gJWsHHdOHMLtZRyQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFKw0XnxZIMyJo+psraK+UFKDaEJwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzU3ODY0
Mi05NDI4LTRhMTctYjkzNi04ODMyOWIwM2IyYWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvNTc4NjQy
LTk0MjgtNGExNy1iOTM2LTg4MzI5YjAzYjJhYS8xL3JEUmVmRmtnekltajZteXRv
cjVRVW9Ob1FuQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAPgM2MA0EAgACMAcDBQMqFGoAMA0GCSqGSIb3
DQEBCwUAA4IBAQAXDMgDP6eksCuxFdxEb2gEN/YWJpl8Ad3kFojq+CdFXxH1rFQ1
Frfvgj4480vkWQE8fGtQ23TCoQcK4DKHCk0tEpni/dmTg0fxQy37NSxfGLUbYHmO
DzFM+fzoc+OirKGidAY1yURpfLgUUiOoIXAKlxnbRgSYMoQvjNL1SaoB/PdsfZZh
9fkMe/APm8/XMO4UL+562xZI45d3u3t7loVKkM9LsVXdxldIXfMLA4gqV5uSGdRh
9zBZ82OXJIExe4cfyIv+oocdeKIpS40DbhELDCFdZBMYEt74QmjSnQNDuP6m2r2/
kZkIdcBQss9QeGpNorH+Dvy5JIg8gvuarc+Q
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:41:53 2025 by rpki-client