Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3QBoNzkz_w9uXf5melXI1VfTRVw.cer
File: 3QBoNzkz_w9uXf5melXI1VfTRVw.cer (raw, json)
Hash identifier: 13iqKMUZbzfp5jxzN/Ry4FKj4lDrMkIqSG3a8NW+HM0=
Subject key identifier: DD:00:68:37:39:33:FF:0F:6E:5D:FE:66:7A:55:C8:D5:57:D3:45:5C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856BD13C25A0108D7E30F1F706850EA191
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/0f8525-0fbc-4402-9a3e-cf2743a9d962/1/3QBoNzkz_w9uXf5melXI1VfTRVw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/0f8525-0fbc-4402-9a3e-cf2743a9d962/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 05:32:32 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.35.229.0/24
IP: 2a11:1b40::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d1:3c:25:a0:10:8d:7e:30:f1:f7:06:85:0e:a1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:32:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd0068373933ff0f6e5dfe667a55c8d557d3455c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:80:35:f4:85:b1:ad:67:0b:4e:31:f7:ba:
a3:79:58:4e:dc:6a:b4:ed:ea:71:6e:6d:fa:c0:9a:
5a:4c:2e:96:52:4c:42:b7:64:76:d4:5c:8b:00:5a:
7b:ae:c4:9c:70:00:7a:26:43:f8:14:0c:72:39:2e:
e7:92:b3:ac:4f:96:d9:76:bb:e1:03:92:92:8f:08:
6a:5b:b9:9a:e2:5d:f1:1c:92:f7:9e:13:4e:c4:10:
56:3d:a2:ec:fe:ec:9c:0c:b6:37:ca:19:fd:ce:05:
ff:4f:ed:d0:f2:ef:e5:dd:6a:7b:a1:48:78:3a:af:
5b:15:9a:14:66:d3:42:94:10:43:92:0c:43:a1:96:
18:01:1b:25:67:72:a8:dd:d0:11:7e:ef:b2:1c:ce:
17:bc:0d:75:24:84:ec:16:e5:fc:e7:a1:72:6e:33:
43:46:ec:77:26:61:35:53:61:4c:90:b4:78:e1:5e:
0e:1b:72:51:92:88:1e:e9:8f:a3:23:23:67:6d:6e:
f1:84:3b:c0:c7:d4:73:44:51:bd:b0:77:64:64:10:
dc:68:3e:1c:62:35:5d:60:cc:3d:cf:73:b4:04:2c:
01:ff:16:9a:e5:c1:36:6a:58:6e:39:be:ce:44:a0:
f9:5a:8b:25:04:44:4c:2b:c4:65:de:9d:f3:d8:0a:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:00:68:37:39:33:FF:0F:6E:5D:FE:66:7A:55:C8:D5:57:D3:45:5C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0f8525-0fbc-4402-9a3e-cf2743a9d962/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0f8525-0fbc-4402-9a3e-cf2743a9d962/1/3QBoNzkz_w9uXf5melXI1VfTRVw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.229.0/24
IPv6:
2a11:1b40::/29
Signature Algorithm: sha256WithRSAEncryption
95:7c:6e:3f:3b:41:cd:af:28:47:27:be:7e:88:2c:c0:de:42:
db:3e:9b:62:1a:7c:0e:ff:1a:32:04:f7:74:aa:ad:aa:f3:09:
7a:86:87:35:17:94:d7:7c:8a:c2:6a:98:f7:e5:07:04:0a:bb:
fc:4b:13:eb:20:67:53:cd:de:86:6f:68:9f:fc:30:09:23:bc:
54:e7:a6:8f:ce:f3:6c:78:47:b1:8b:10:13:44:7d:b5:da:78:
39:6d:92:f4:43:29:19:16:31:b1:43:91:0b:84:89:f1:0b:ec:
c2:72:2b:bc:07:2d:ef:c7:91:a6:0a:6d:26:d0:46:a8:36:1a:
3e:a1:26:1c:46:f4:0e:6d:8e:95:ea:3d:bc:a9:4d:82:ca:4d:
2a:34:e8:ee:b9:07:d9:a7:b1:3f:0e:b1:fa:9d:05:b3:2f:7d:
6c:5f:15:6a:5e:e6:7b:3f:8b:8d:ba:6c:cf:84:02:ba:bc:be:
12:41:33:0d:53:57:20:2a:6e:2c:0e:ae:4a:4a:aa:10:92:b2:
06:ee:45:43:ba:97:13:3a:c8:27:c7:8a:bc:07:08:d7:4c:c7:
7c:a6:fb:ee:cb:15:60:92:99:05:57:16:09:74:6d:6f:38:0a:
d0:7b:13:48:b2:75:43:e6:45:00:a3:af:fa:dc:47:f5:0a:9a:
cc:a1:e5:b2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVr0TwloBCNfjDx9waFDqGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMDUzMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDAwNjgzNzM5MzNmZjBmNmU1ZGZlNjY3YTU1YzhkNTU3ZDM0NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyESANfSFsa1nC04x97qjeVhO3Gq0
7epxbm36wJpaTC6WUkxCt2R21FyLAFp7rsSccAB6JkP4FAxyOS7nkrOsT5bZdrvh
A5KSjwhqW7ma4l3xHJL3nhNOxBBWPaLs/uycDLY3yhn9zgX/T+3Q8u/l3Wp7oUh4
Oq9bFZoUZtNClBBDkgxDoZYYARslZ3Ko3dARfu+yHM4XvA11JITsFuX856FybjND
Rux3JmE1U2FMkLR44V4OG3JRkoge6Y+jIyNnbW7xhDvAx9RzRFG9sHdkZBDcaD4c
YjVdYMw9z3O0BCwB/xaa5cE2alhuOb7ORKD5WoslBERMK8Rl3p3z2AqSawIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFN0AaDc5M/8Pbl3+ZnpVyNVX00VcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzLzBmODUy
NS0wZmJjLTQ0MDItOWEzZS1jZjI3NDNhOWQ5NjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvMGY4NTI1
LTBmYmMtNDQwMi05YTNlLWNmMjc0M2E5ZDk2Mi8xLzNRQm9Oemt6X3c5dVhmNW1l
bFhJMVZmVFJWdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwSPlMA0EAgACMAcDBQMqERtAMA0GCSqGSIb3
DQEBCwUAA4IBAQCVfG4/O0HNryhHJ75+iCzA3kLbPptiGnwO/xoyBPd0qq2q8wl6
hoc1F5TXfIrCapj35QcECrv8SxPrIGdTzd6Gb2if/DAJI7xU56aPzvNseEexixAT
RH212ng5bZL0QykZFjGxQ5ELhInxC+zCciu8By3vx5GmCm0m0EaoNho+oSYcRvQO
bY6V6j28qU2Cyk0qNOjuuQfZp7E/DrH6nQWzL31sXxVqXuZ7P4uNumzPhAK6vL4S
QTMNU1cgKm4sDq5KSqoQkrIG7kVDupcTOsgnx4q8BwjXTMd8pvvuyxVgkpkFVxYJ
dG1vOArQexNIsnVD5kUAo6/63Ef1CprMoeWy
-----END CERTIFICATE-----
Generated at Mon May 12 22:01:50 2025 by rpki-client