Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/645r4vjaWmJQeG_drAdAvonKbXw.cer
File: 645r4vjaWmJQeG_drAdAvonKbXw.cer (raw, json)
Hash identifier: YTIOLZDeJp4DOcjjF49UhHIT3MBeTeOfgPEWJOLH4pU=
Subject key identifier: EB:8E:6B:E2:F8:DA:5A:62:50:78:6F:DD:AC:07:40:BE:89:CA:6D:7C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856FAE856336B2BA19CE70559B82072423
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a1/42edbd-ceeb-410a-8fef-ecc5b082ca02/1/645r4vjaWmJQeG_drAdAvonKbXw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a1/42edbd-ceeb-410a-8fef-ecc5b082ca02/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 23:33:06 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 185.235.204.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:ae:85:63:36:b2:ba:19:ce:70:55:9b:82:07:24:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb8e6be2f8da5a6250786fddac0740be89ca6d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:aa:46:f6:0c:20:bd:c3:71:e4:95:3c:fa:
f7:18:80:a7:7b:fe:57:70:af:13:26:bb:f3:e2:3a:
68:60:fd:0c:77:4f:8c:4a:90:3f:38:7d:26:b1:d9:
67:3b:6c:6f:e3:05:61:17:e4:29:ac:f5:61:89:d7:
c1:5e:a4:61:38:31:aa:59:5f:3f:ec:96:03:a4:81:
5e:42:3f:3f:70:20:0f:19:e8:c4:8c:db:17:0a:09:
ee:fb:d9:d5:ff:c0:16:81:18:94:55:e2:8f:7e:d4:
05:d1:c9:92:d0:a1:b7:f0:8e:bc:43:83:4f:c9:c7:
db:fe:10:46:44:df:e3:be:22:bd:e3:e6:b5:7f:87:
d8:3a:29:41:95:b5:18:f4:46:1f:f4:c6:ac:27:c4:
fb:62:ba:69:83:ff:d9:28:ce:09:df:99:40:ed:e5:
e6:f9:3a:33:4f:20:29:ca:45:4c:20:a4:26:4b:6a:
5c:e9:60:8a:2f:20:13:f4:d0:93:d1:50:8e:2b:b3:
71:c5:4e:07:3c:5a:85:51:6b:13:3f:ca:e6:bf:7d:
a0:ed:af:b5:a2:a2:f6:95:4b:e1:5b:ca:58:e6:6a:
9a:0d:02:66:a0:8c:61:f9:61:3b:10:c6:fe:3b:10:
ac:6a:0a:16:4d:eb:85:3d:50:c7:7f:2b:a9:ed:35:
c3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8E:6B:E2:F8:DA:5A:62:50:78:6F:DD:AC:07:40:BE:89:CA:6D:7C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/42edbd-ceeb-410a-8fef-ecc5b082ca02/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/42edbd-ceeb-410a-8fef-ecc5b082ca02/1/645r4vjaWmJQeG_drAdAvonKbXw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.204.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:3a:79:cd:bf:fb:28:f4:fd:71:2c:61:ec:7c:d2:22:1a:8a:
22:43:1a:cc:99:13:df:29:78:68:e1:1b:d2:9b:2d:7b:07:5e:
20:00:d4:6d:62:21:c7:6e:96:31:3a:b4:b1:fa:66:b2:2d:c6:
40:70:e1:12:a8:e2:84:0b:72:f2:7e:97:cd:7e:bf:10:b7:01:
44:12:2f:88:9d:3b:8f:b1:59:14:cc:58:e7:82:34:f4:fa:1f:
84:c7:d9:66:74:c6:55:97:19:63:5f:33:eb:51:ec:b0:63:5e:
59:c1:92:15:b8:f0:fd:d4:a2:01:f5:51:72:85:df:63:fb:8a:
a5:65:35:f9:97:9b:6f:cb:e2:db:0e:7c:d1:0e:2d:61:38:a2:
37:3f:73:ee:6b:f7:d9:8b:67:da:c9:c5:07:60:f1:36:28:ad:
d2:66:be:bc:c8:c0:2d:7e:1f:a7:98:e9:2c:c0:f0:4d:51:d9:
72:e0:85:50:92:e1:13:68:cd:2c:a1:6a:0e:dc:aa:74:b2:6b:
30:fc:af:c5:f5:9f:ae:bd:66:3c:74:08:71:0d:58:a1:30:62:
a5:c4:e0:67:95:ea:1e:f1:bc:fa:26:75:ad:97:ba:51:42:7a:
a7:21:da:a2:1d:87:0e:76:e9:e4:ed:c4:10:a8:1e:0d:80:e7:
6e:89:3b:5d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVvroVjNrK6Gc5wVZuCByQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhlNmJlMmY4ZGE1YTYyNTA3ODZmZGRhYzA3NDBiZTg5Y2E2ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyGqRvYMIL3DceSVPPr3GICne/5X
cK8TJrvz4jpoYP0Md0+MSpA/OH0msdlnO2xv4wVhF+QprPVhidfBXqRhODGqWV8/
7JYDpIFeQj8/cCAPGejEjNsXCgnu+9nV/8AWgRiUVeKPftQF0cmS0KG38I68Q4NP
ycfb/hBGRN/jviK94+a1f4fYOilBlbUY9EYf9MasJ8T7Yrppg//ZKM4J35lA7eXm
+TozTyApykVMIKQmS2pc6WCKLyAT9NCT0VCOK7NxxU4HPFqFUWsTP8rmv32g7a+1
oqL2lUvhW8pY5mqaDQJmoIxh+WE7EMb+OxCsagoWTeuFPVDHfyup7TXDDQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFOuOa+L42lpiUHhv3awHQL6Jym18MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ExLzQyZWRi
ZC1jZWViLTQxMGEtOGZlZi1lY2M1YjA4MmNhMDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEvNDJlZGJk
LWNlZWItNDEwYS04ZmVmLWVjYzViMDgyY2EwMi8xLzY0NXI0dmphV21KUWVHX2Ry
QWRBdm9uS2JYdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAuevMMA0GCSqGSIb3DQEBCwUAA4IBAQAPOnnN
v/so9P1xLGHsfNIiGooiQxrMmRPfKXho4RvSmy17B14gANRtYiHHbpYxOrSx+may
LcZAcOESqOKEC3LyfpfNfr8QtwFEEi+InTuPsVkUzFjngjT0+h+Ex9lmdMZVlxlj
XzPrUeywY15ZwZIVuPD91KIB9VFyhd9j+4qlZTX5l5tvy+LbDnzRDi1hOKI3P3Pu
a/fZi2faycUHYPE2KK3SZr68yMAtfh+nmOkswPBNUdly4IVQkuETaM0soWoO3Kp0
smsw/K/F9Z+uvWY8dAhxDVihMGKlxOBnleoe8bz6JnWtl7pRQnqnIdqiHYcOdunk
7cQQqB4NgOduiTtd
-----END CERTIFICATE-----
Generated at Thu May 1 02:28:49 2025 by rpki-client