Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3Sof0Kw3hpBWla9X8_8nf_qG_qA.cer
File: 3Sof0Kw3hpBWla9X8_8nf_qG_qA.cer (raw, json)
Hash identifier: Q3PKEbVLXgcdGoeD0Rh83A6VeKth6Ms5EER6tfn1uZU=
Subject key identifier: DD:2A:1F:D0:AC:37:86:90:56:95:AF:57:F3:FF:27:7F:FA:86:FE:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856FAFDB3CB211CB43DCEE0F09FC195BC8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a3/49fbdf-ae77-4b7e-b2bc-6312fd1ad954/1/3Sof0Kw3hpBWla9X8_8nf_qG_qA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a3/49fbdf-ae77-4b7e-b2bc-6312fd1ad954/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 23:34:34 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 193.104.34.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:af:db:3c:b2:11:cb:43:dc:ee:0f:09:fc:19:5b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:34:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd2a1fd0ac3786905695af57f3ff277ffa86fea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ad:90:6b:9c:ac:98:24:6b:ee:d7:c0:9d:d2:
ed:16:f6:6d:c0:db:53:d4:29:5d:25:2f:37:59:e4:
25:2b:c0:52:7a:81:3d:00:1d:3d:00:c8:32:c5:ce:
2f:f0:fe:e6:d4:91:58:a4:47:45:ef:6b:5b:54:37:
37:23:23:8c:cb:d6:0e:5f:ce:ac:88:38:8a:de:5b:
6d:32:49:45:77:50:13:5c:a5:fb:c7:ae:c2:43:7d:
bb:dd:09:7b:1d:81:50:dd:4e:e5:4a:c7:be:ff:87:
b9:0e:9b:a9:f9:5f:be:c0:f6:66:46:4c:73:94:54:
b4:ed:52:7d:83:53:0d:ae:0b:aa:ac:f8:51:5b:e5:
36:94:42:58:6c:73:f8:3c:0e:92:0a:14:70:91:b3:
af:ad:3a:0b:4a:70:b8:b9:39:9b:eb:b6:a8:77:1f:
78:77:d3:da:ef:96:08:dc:79:2f:b1:80:58:c2:2d:
eb:ca:47:a5:ef:64:ac:7a:6a:92:09:9b:cd:50:1a:
97:38:bd:7b:26:23:57:c4:70:f8:5b:d1:cc:26:62:
3c:9c:1b:7b:8f:53:be:e6:db:0f:f2:d6:38:39:84:
e3:3e:1c:1a:5c:1c:40:21:a6:f1:c1:e4:51:3e:73:
da:e8:6c:46:15:22:86:1c:78:f3:3d:5b:66:be:21:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2A:1F:D0:AC:37:86:90:56:95:AF:57:F3:FF:27:7F:FA:86:FE:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/49fbdf-ae77-4b7e-b2bc-6312fd1ad954/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/49fbdf-ae77-4b7e-b2bc-6312fd1ad954/1/3Sof0Kw3hpBWla9X8_8nf_qG_qA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.34.0/24
Signature Algorithm: sha256WithRSAEncryption
89:7b:3d:f3:da:46:7d:67:3b:23:3e:08:d1:dc:d8:fb:e2:41:
15:fe:9c:42:62:34:f9:52:d1:cb:a9:9d:dd:fb:0a:43:cb:36:
77:25:3c:11:b1:20:c0:8e:c4:e9:3f:4c:a8:d6:62:76:fe:f3:
19:c5:18:e7:72:93:b4:24:c0:01:c5:9a:c0:ca:b3:3b:08:ba:
3b:86:a1:31:c5:88:c1:3d:89:62:25:87:34:a4:c3:c8:66:a8:
59:1d:25:5c:18:a1:26:0b:2b:fa:fa:be:c1:cf:5a:17:14:a6:
81:4e:9b:49:75:42:0d:85:76:04:cb:7a:2b:b0:34:bf:aa:ce:
66:35:b4:84:cf:b4:17:b0:5e:b8:04:0d:5b:f2:86:23:8a:cc:
62:64:db:5d:5c:46:7f:27:f3:20:3d:1c:ce:8a:2a:6f:6d:3e:
9a:61:01:37:60:0a:91:93:71:a8:63:62:03:82:fe:56:eb:e5:
69:50:97:08:ca:6b:0e:a4:f7:f7:97:18:26:cc:ce:27:72:7f:
85:30:1d:55:eb:22:84:64:0b:05:ed:f2:d0:ea:59:4c:30:e7:
bd:8d:4b:ee:ef:e6:91:63:52:8f:53:48:a6:03:43:29:47:29:
fd:46:50:16:6b:7a:0a:a3:81:fc:bf:15:96:1d:04:e2:21:e8:
c8:78:88:e2
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVvr9s8shHLQ9zuDwn8GVvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMjMzNDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJhMWZkMGFjMzc4NjkwNTY5NWFmNTdmM2ZmMjc3ZmZhODZmZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7K2Qa5ysmCRr7tfAndLtFvZtwNtT
1CldJS83WeQlK8BSeoE9AB09AMgyxc4v8P7m1JFYpEdF72tbVDc3IyOMy9YOX86s
iDiK3lttMklFd1ATXKX7x67CQ3273Ql7HYFQ3U7lSse+/4e5Dpup+V++wPZmRkxz
lFS07VJ9g1MNrguqrPhRW+U2lEJYbHP4PA6SChRwkbOvrToLSnC4uTmb67aodx94
d9Pa75YI3HkvsYBYwi3rykel72SsemqSCZvNUBqXOL17JiNXxHD4W9HMJmI8nBt7
j1O+5tsP8tY4OYTjPhwaXBxAIabxweRRPnPa6GxGFSKGHHjzPVtmviGlnQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFN0qH9CsN4aQVpWvV/P/J3/6hv6gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2EzLzQ5ZmJk
Zi1hZTc3LTRiN2UtYjJiYy02MzEyZmQxYWQ5NTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMvNDlmYmRm
LWFlNzctNGI3ZS1iMmJjLTYzMTJmZDFhZDk1NC8xLzNTb2YwS3czaHBCV2xhOVg4
XzhuZl9xR19xQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwWgiMA0GCSqGSIb3DQEBCwUAA4IBAQCJez3z
2kZ9ZzsjPgjR3Nj74kEV/pxCYjT5UtHLqZ3d+wpDyzZ3JTwRsSDAjsTpP0yo1mJ2
/vMZxRjncpO0JMABxZrAyrM7CLo7hqExxYjBPYliJYc0pMPIZqhZHSVcGKEmCyv6
+r7Bz1oXFKaBTptJdUINhXYEy3orsDS/qs5mNbSEz7QXsF64BA1b8oYjisxiZNtd
XEZ/J/MgPRzOiipvbT6aYQE3YAqRk3GoY2IDgv5W6+VpUJcIymsOpPf3lxgmzM4n
cn+FMB1V6yKEZAsF7fLQ6llMMOe9jUvu7+aRY1KPU0imA0MpRyn9RlAWa3oKo4H8
vxWWHQTiIejIeIji
-----END CERTIFICATE-----
Generated at Sat May 10 00:25:42 2025 by rpki-client