Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Tmhknrlb-T3brWZaxzC3M_0LW7k.cer
File: Tmhknrlb-T3brWZaxzC3M_0LW7k.cer (raw, json)
Hash identifier: S0aSNIxCKSuG72Hii5qO6fbwP6t9foydpoY/ZMlM29g=
Subject key identifier: 4E:68:64:9E:B9:5B:F9:3D:DB:AD:66:5A:C7:30:B7:33:FD:0B:5B:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0186A246267A9D75304C6B951CAFC9A219F5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c9/61363e-220f-4414-9262-edafdcc604cf/1/Tmhknrlb-T3brWZaxzC3M_0LW7k.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c9/61363e-220f-4414-9262-edafdcc604cf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Mar 2023 12:22:31 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 2001:67c:16a8::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:46:26:7a:9d:75:30:4c:6b:95:1c:af:c9:a2:19:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 2 12:22:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e68649eb95bf93ddbad665ac730b733fd0b5bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:45:54:86:37:6d:1b:e1:e0:86:a6:7c:b1:0e:
d0:99:32:2f:6f:d8:54:d5:49:37:7d:fb:ee:0b:81:
20:4c:f1:a1:eb:30:49:3b:da:e1:a9:db:02:4a:04:
52:49:f6:ca:16:b4:9f:69:85:b1:93:4f:be:9b:f0:
1e:3d:f2:e1:6d:e3:85:11:e4:fe:4c:9f:e3:27:a9:
70:79:af:d2:9f:33:de:91:eb:4a:58:70:89:0b:46:
36:a3:8b:d5:f6:38:cb:b9:bb:c2:ac:75:3a:b4:cd:
c4:15:c8:1a:36:19:32:8d:33:14:4f:da:ef:39:c6:
14:18:54:83:e1:1d:d1:76:e6:e0:44:88:ff:cc:3f:
36:f5:9a:24:bd:ab:b4:96:f4:6c:71:83:c8:29:09:
f1:d2:81:67:43:e1:7b:e4:77:01:b7:f1:0e:37:c6:
f5:ae:de:0e:21:fd:57:97:8f:37:e9:f2:28:c9:64:
0e:39:18:f7:b1:bf:7a:bc:ae:71:bb:7f:0a:25:e3:
ab:84:e3:41:c6:c0:d6:bf:4e:56:1f:dd:41:22:8e:
f4:67:a0:c6:3f:ba:7a:28:6a:44:b0:fe:55:97:68:
3e:03:d3:c6:af:a5:18:0e:2a:f6:0c:23:a0:56:9a:
91:2d:f8:aa:5d:84:c8:dc:95:40:23:a2:6f:0d:df:
5e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:68:64:9E:B9:5B:F9:3D:DB:AD:66:5A:C7:30:B7:33:FD:0B:5B:B9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/61363e-220f-4414-9262-edafdcc604cf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/61363e-220f-4414-9262-edafdcc604cf/1/Tmhknrlb-T3brWZaxzC3M_0LW7k.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:16a8::/48
Signature Algorithm: sha256WithRSAEncryption
52:41:59:76:ad:8d:94:90:c1:c3:ba:bf:5b:c8:40:4d:c9:f3:
92:d4:0c:f5:18:a3:ae:42:78:23:29:6b:21:6b:95:43:67:d6:
e2:8e:2b:fe:c2:3c:1c:07:53:17:a2:7a:79:66:5c:37:c4:74:
47:f2:f3:e5:31:40:90:78:29:a0:2a:b5:2e:bc:bc:cf:7a:9e:
b4:8b:3f:dd:3e:13:47:d1:04:1f:d5:9d:b8:bc:62:01:a6:f1:
1d:4f:85:72:5c:4a:99:82:25:30:13:29:46:e2:de:90:c0:0e:
36:40:e2:be:1c:59:9d:ed:bb:57:7f:c3:a7:7d:9a:e3:0a:76:
18:4a:8e:95:8e:8d:76:4c:fe:84:92:92:91:2c:c4:d2:2b:a7:
29:b4:30:62:3d:06:4f:ff:d7:8f:7a:46:90:27:9b:35:56:8f:
17:5f:97:d0:c8:46:f2:0d:69:21:95:ca:ac:95:7b:77:b1:d9:
e0:a9:c9:b9:54:37:00:83:76:38:df:13:ec:a3:e3:9b:38:cf:
bf:28:2d:2e:73:4b:0c:27:81:54:cf:50:42:66:ce:9c:c5:3f:
bb:d3:48:0f:91:c2:99:b7:54:26:9e:cd:63:d8:39:aa:34:f0:
b4:31:f1:2a:7b:3d:9b:44:e2:94:24:87:df:de:a5:9a:cf:03:
ff:8b:7d:05
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYaiRiZ6nXUwTGuVHK/John1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMzAyMTIyMjMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY4NjQ5ZWI5NWJmOTNkZGJhZDY2NWFjNzMwYjczM2ZkMGI1YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UVUhjdtG+HghqZ8sQ7QmTIvb9hU
1Uk3ffvuC4EgTPGh6zBJO9rhqdsCSgRSSfbKFrSfaYWxk0++m/AePfLhbeOFEeT+
TJ/jJ6lwea/SnzPeketKWHCJC0Y2o4vV9jjLubvCrHU6tM3EFcgaNhkyjTMUT9rv
OcYUGFSD4R3RdubgRIj/zD829Zokvau0lvRscYPIKQnx0oFnQ+F75HcBt/EON8b1
rt4OIf1Xl4836fIoyWQOORj3sb96vK5xu38KJeOrhONBxsDWv05WH91BIo70Z6DG
P7p6KGpEsP5Vl2g+A9PGr6UYDir2DCOgVpqRLfiqXYTI3JVAI6JvDd9eVQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFE5oZJ65W/k9261mWscwtzP9C1u5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5LzYxMzYz
ZS0yMjBmLTQ0MTQtOTI2Mi1lZGFmZGNjNjA0Y2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvNjEzNjNl
LTIyMGYtNDQxNC05MjYyLWVkYWZkY2M2MDRjZi8xL1RtaGtucmxiLVQzYnJXWmF4
ekMzTV8wTFc3ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBaoMA0GCSqGSIb3DQEBCwUAA4IBAQBS
QVl2rY2UkMHDur9byEBNyfOS1Az1GKOuQngjKWsha5VDZ9bijiv+wjwcB1MXonp5
Zlw3xHRH8vPlMUCQeCmgKrUuvLzPep60iz/dPhNH0QQf1Z24vGIBpvEdT4VyXEqZ
giUwEylG4t6QwA42QOK+HFmd7btXf8OnfZrjCnYYSo6Vjo12TP6EkpKRLMTSK6cp
tDBiPQZP/9ePekaQJ5s1Vo8XX5fQyEbyDWkhlcqslXt3sdngqcm5VDcAg3Y43xPs
o+ObOM+/KC0uc0sMJ4FUz1BCZs6cxT+700gPkcKZt1Qmns1j2DmqNPC0MfEqez2b
ROKUJIff3qWazwP/i30F
-----END CERTIFICATE-----
Generated at Fri May 2 08:15:50 2025 by rpki-client