Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tVGEJhitozw7hXCAJKCpTUJcIbw.cer
File: tVGEJhitozw7hXCAJKCpTUJcIbw.cer (raw, json)
Hash identifier: ODvqtYoBVb0q77n1X8qoTH5rPCtuMo40EMuedHzuSVc=
Subject key identifier: B5:51:84:26:18:AD:A3:3C:3B:85:70:80:24:A0:A9:4D:42:5C:21:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A6D0BA085E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/0ace67-7dac-40ed-ba8b-feb64997681f/1/tVGEJhitozw7hXCAJKCpTUJcIbw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/0ace67-7dac-40ed-ba8b-feb64997681f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 12:06:33 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.152.212.0/22
IP: 2a0f:9500::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 716466423902 (0xa6d0ba085e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b551842618ada33c3b85708024a0a94d425c21bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:fa:df:11:20:fa:c3:33:1a:c9:27:ff:b1:
e3:77:3e:d0:aa:17:7b:28:b5:a0:8c:19:95:b8:db:
24:cc:6a:cc:79:79:6c:81:e4:03:e1:84:27:a7:69:
5e:14:ad:08:eb:88:14:70:6e:72:1c:28:ca:c7:ee:
5e:99:47:68:55:0b:3f:a5:2c:87:14:a2:99:c2:ec:
ee:6d:30:1f:7b:ed:05:44:68:8e:9f:8a:03:84:c6:
80:ee:0d:ff:27:c9:ed:54:94:9a:56:a3:47:8c:9d:
46:60:b8:83:3c:e6:b9:20:a7:1d:f0:7c:0d:58:0d:
d1:fe:e8:f7:29:07:85:4f:3c:08:23:b5:78:3b:87:
b4:2e:ca:59:48:21:ea:00:4f:37:78:93:70:63:b2:
70:52:fc:e8:ee:87:c6:a9:e0:49:20:82:eb:d8:81:
90:c7:67:21:2f:59:a1:20:1f:50:e0:9a:d5:13:d3:
3a:3b:7a:9e:cf:43:18:82:72:bd:41:a5:00:80:e1:
39:cd:6b:b7:74:65:fd:7e:b2:ef:44:42:ee:0c:2d:
b2:eb:51:03:ca:65:ca:39:19:8c:49:f4:63:bf:21:
d9:34:59:ba:e4:f5:f5:dd:db:f8:6d:d1:70:32:8c:
5a:20:7f:f5:19:67:be:b8:13:80:10:57:02:e1:c7:
28:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:51:84:26:18:AD:A3:3C:3B:85:70:80:24:A0:A9:4D:42:5C:21:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0ace67-7dac-40ed-ba8b-feb64997681f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0ace67-7dac-40ed-ba8b-feb64997681f/1/tVGEJhitozw7hXCAJKCpTUJcIbw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.212.0/22
IPv6:
2a0f:9500::/29
Signature Algorithm: sha256WithRSAEncryption
47:f8:ce:29:a8:eb:79:37:20:c3:3f:ed:ea:50:1c:02:da:81:
bb:74:5c:d0:0f:31:c7:4a:ac:0f:83:6f:81:06:8a:0f:ed:57:
90:9d:8c:86:74:b9:80:8e:67:72:48:54:ec:77:22:8c:87:cd:
fd:2f:75:a1:cc:4e:29:7a:2a:b0:24:21:c0:50:48:6c:0b:20:
b2:27:2a:e1:09:4d:c8:5d:00:f3:54:39:35:a6:9a:3b:33:c8:
eb:49:92:d6:51:2e:31:ba:0e:0b:7d:f0:56:6b:35:6a:75:23:
8c:71:66:d8:91:8c:61:23:75:2b:10:fe:58:19:a6:99:82:77:
e6:d8:95:4c:7d:e3:ab:90:c7:a9:8a:ac:51:d9:c6:59:ff:a9:
b9:b3:4f:0a:9e:e2:f3:2f:81:44:53:37:d1:90:f6:1e:71:7f:
a0:4a:95:c1:40:f5:ae:d3:b0:b8:03:ad:0b:92:ee:12:0d:c0:
24:1f:8d:f3:81:c6:82:12:cf:cf:40:d6:78:23:16:60:2b:ae:
e5:63:32:b4:3c:dd:3c:1a:ae:2b:94:b6:97:32:be:99:04:c5:
c4:ae:61:ae:99:ea:0e:13:e1:55:61:72:5b:1d:a1:0b:83:12:
a4:2e:a8:7b:24:fc:83:6c:5a:aa:33:a6:6d:5f:16:64:98:37:
8b:3a:60:17
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKbQugheMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTIwNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTUxODQyNjE4
YWRhMzNjM2I4NTcwODAyNGEwYTk0ZDQyNWMyMWJjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtRb63xEg+sMzGskn/7Hjdz7Qqhd7KLWgjBmVuNskzGrM
eXlsgeQD4YQnp2leFK0I64gUcG5yHCjKx+5emUdoVQs/pSyHFKKZwuzubTAfe+0F
RGiOn4oDhMaA7g3/J8ntVJSaVqNHjJ1GYLiDPOa5IKcd8HwNWA3R/uj3KQeFTzwI
I7V4O4e0LspZSCHqAE83eJNwY7JwUvzo7ofGqeBJIILr2IGQx2chL1mhIB9Q4JrV
E9M6O3qez0MYgnK9QaUAgOE5zWu3dGX9frLvRELuDC2y61EDymXKORmMSfRjvyHZ
NFm65PX13dv4bdFwMoxaIH/1GWe+uBOAEFcC4cco2QIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFLVRhCYYraM8O4VwgCSgqU1CXCG8MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjLzBhY2U2Ny03ZGFjLTQwZWQt
YmE4Yi1mZWI2NDk5NzY4MWYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvMGFjZTY3LTdkYWMtNDBlZC1i
YThiLWZlYjY0OTk3NjgxZi8xL3RWR0VKaGl0b3p3N2hYQ0FKS0NwVFVKY0lidy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCLZjUMA0EAgACMAcDBQMqD5UAMA0GCSqGSIb3DQEBCwUAA4IBAQBH
+M4pqOt5NyDDP+3qUBwC2oG7dFzQDzHHSqwPg2+BBooP7VeQnYyGdLmAjmdySFTs
dyKMh839L3WhzE4peiqwJCHAUEhsCyCyJyrhCU3IXQDzVDk1ppo7M8jrSZLWUS4x
ug4LffBWazVqdSOMcWbYkYxhI3UrEP5YGaaZgnfm2JVMfeOrkMepiqxR2cZZ/6m5
s08KnuLzL4FEUzfRkPYecX+gSpXBQPWu07C4A60Lku4SDcAkH43zgcaCEs/PQNZ4
IxZgK67lYzK0PN08Gq4rlLaXMr6ZBMXErmGumeoOE+FVYXJbHaELgxKkLqh7JPyD
bFqqM6ZtXxZkmDeLOmAX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:39 2025 by rpki-client