Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MaS0dAK7iEEdwVCf1cJ1_KCbHAk.cer
File: MaS0dAK7iEEdwVCf1cJ1_KCbHAk.cer (raw, json)
Hash identifier: wTVPlSTpVFt8hqQQHNytVivthQF1fFiXPtuS7cIrI9s=
Subject key identifier: 31:A4:B4:74:02:BB:88:41:1D:C1:50:9F:D5:C2:75:FC:A0:9B:1C:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018571677006CEC82E2E130072C0D0BA5A37
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/9e53a7-8bfc-4c1d-8148-9dcf33f0b2f0/1/MaS0dAK7iEEdwVCf1cJ1_KCbHAk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/9e53a7-8bfc-4c1d-8148-9dcf33f0b2f0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 07:34:42 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 37.140.255.0/24
IP: 2a11:3440::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:67:70:06:ce:c8:2e:2e:13:00:72:c0:d0:ba:5a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31a4b47402bb88411dc1509fd5c275fca09b1c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b3:b0:a1:d3:2c:d9:a9:5e:f0:07:ca:6a:54:
87:0b:9a:25:29:b5:21:e3:ee:03:a3:b6:01:b3:da:
e1:fe:5d:77:20:14:ad:eb:53:d8:e4:31:06:fe:ee:
56:7a:35:69:0a:41:3c:c2:95:06:66:7d:29:73:cc:
3b:43:9a:64:8c:80:41:d5:90:72:8d:db:28:a9:5f:
be:dd:52:7e:20:94:f8:c6:47:90:34:89:ec:9c:34:
14:65:a5:bd:dc:f7:31:84:76:d1:b5:55:5f:4d:aa:
99:1f:11:a0:79:6a:07:68:45:d4:98:ad:5a:d4:f9:
93:f7:13:1d:23:65:31:14:7c:eb:e8:10:e1:b5:0f:
6d:84:16:f7:d4:12:84:01:c8:e2:e8:ae:f3:24:1e:
c0:7a:54:78:d8:5b:9d:02:ef:85:e5:92:95:a7:a6:
0f:cc:f6:af:09:36:90:bd:30:68:c4:01:b5:8d:5a:
dd:1d:73:3f:5d:70:d7:18:8b:c8:78:61:00:00:02:
50:74:16:54:0e:99:7e:cd:37:b7:7b:d2:40:ca:aa:
4e:d9:5b:d1:5c:3c:3b:e3:88:f4:11:57:58:f7:67:
d8:2b:e0:32:28:61:70:a2:94:9a:49:1a:69:45:d4:
4c:0a:d8:a2:16:4e:d8:ef:4a:71:5b:0e:93:45:ee:
41:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A4:B4:74:02:BB:88:41:1D:C1:50:9F:D5:C2:75:FC:A0:9B:1C:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9e53a7-8bfc-4c1d-8148-9dcf33f0b2f0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9e53a7-8bfc-4c1d-8148-9dcf33f0b2f0/1/MaS0dAK7iEEdwVCf1cJ1_KCbHAk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.255.0/24
IPv6:
2a11:3440::/29
Signature Algorithm: sha256WithRSAEncryption
76:40:c6:b4:cc:70:99:21:e3:f0:09:52:b2:99:81:70:0b:4f:
10:3a:29:61:f8:02:53:92:e1:55:0a:05:ba:86:1e:7a:0c:81:
79:3a:4f:59:c2:4e:3c:13:b0:76:89:64:3a:01:01:d7:c8:cb:
eb:34:de:2f:10:61:e9:7c:40:ee:58:76:5b:09:cc:cd:80:ad:
89:a1:b6:50:a1:c0:2d:78:95:14:1a:ca:9d:95:62:7a:d9:89:
bb:04:a5:2e:84:fd:38:08:1f:1e:3b:fa:f1:67:03:0c:19:ee:
d8:44:8f:ac:49:d2:94:ed:b3:ec:31:e2:b2:2c:9a:ed:2b:ce:
12:41:40:f3:d6:dc:0f:13:a5:52:da:a8:8f:0d:12:21:7b:51:
50:dc:56:df:ee:81:21:83:7c:bb:fa:51:77:ba:fb:d3:59:bc:
95:32:00:c5:27:c1:df:f7:6b:56:6f:48:c3:16:8c:09:30:44:
50:6f:4a:df:6f:35:11:36:4c:89:a4:fa:45:42:40:b9:e5:c3:
65:8a:5d:2d:18:e4:fd:55:96:5e:3c:82:18:b8:57:2d:d6:32:
db:7c:2b:7b:ed:e8:2f:59:bb:a5:d7:a5:98:3d:46:64:fa:c1:
dc:f7:b5:e5:09:59:01:db:48:4b:07:e4:3d:8a:8c:15:06:6a:
40:b4:72:56
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVxZ3AGzsguLhMAcsDQulo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDczNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE0YjQ3NDAyYmI4ODQxMWRjMTUwOWZkNWMyNzVmY2EwOWIxYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67OwodMs2ale8AfKalSHC5olKbUh
4+4Do7YBs9rh/l13IBSt61PY5DEG/u5WejVpCkE8wpUGZn0pc8w7Q5pkjIBB1ZBy
jdsoqV++3VJ+IJT4xkeQNInsnDQUZaW93PcxhHbRtVVfTaqZHxGgeWoHaEXUmK1a
1PmT9xMdI2UxFHzr6BDhtQ9thBb31BKEAcji6K7zJB7AelR42FudAu+F5ZKVp6YP
zPavCTaQvTBoxAG1jVrdHXM/XXDXGIvIeGEAAAJQdBZUDpl+zTe3e9JAyqpO2VvR
XDw744j0EVdY92fYK+AyKGFwopSaSRppRdRMCtiiFk7Y70pxWw6TRe5BcwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFDGktHQCu4hBHcFQn9XCdfygmxwJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1LzllNTNh
Ny04YmZjLTRjMWQtODE0OC05ZGNmMzNmMGIyZjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvOWU1M2E3
LThiZmMtNGMxZC04MTQ4LTlkY2YzM2YwYjJmMC8xL01hUzBkQUs3aUVFZHdWQ2Yx
Y0oxX0tDYkhBay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAJYz/MA0EAgACMAcDBQMqETRAMA0GCSqGSIb3
DQEBCwUAA4IBAQB2QMa0zHCZIePwCVKymYFwC08QOilh+AJTkuFVCgW6hh56DIF5
Ok9Zwk48E7B2iWQ6AQHXyMvrNN4vEGHpfEDuWHZbCczNgK2JobZQocAteJUUGsqd
lWJ62Ym7BKUuhP04CB8eO/rxZwMMGe7YRI+sSdKU7bPsMeKyLJrtK84SQUDz1twP
E6VS2qiPDRIhe1FQ3Fbf7oEhg3y7+lF3uvvTWbyVMgDFJ8Hf92tWb0jDFowJMERQ
b0rfbzURNkyJpPpFQkC55cNlil0tGOT9VZZePIIYuFct1jLbfCt77egvWbul16WY
PUZk+sHc97XlCVkB20hLB+Q9iowVBmpAtHJW
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:32:27 2025 by rpki-client