Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QDS297MUdKxB0DO-lJXRwGCx_XE.cer
File: QDS297MUdKxB0DO-lJXRwGCx_XE.cer (raw, json)
Hash identifier: HJ3V84/GXifDlcsLKbatseZ8KWkzb0dRek3v/WDhKwY=
Subject key identifier: 40:34:B6:F7:B3:14:74:AC:41:D0:33:BE:94:95:D1:C0:60:B1:FD:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: AB09B9B80F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e4/f44760-7ed6-4813-abcf-0fdf15ae569f/1/QDS297MUdKxB0DO-lJXRwGCx_XE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e4/f44760-7ed6-4813-abcf-0fdf15ae569f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 16:04:50 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 45.145.180.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 734602573839 (0xab09b9b80f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4034b6f7b31474ac41d033be9495d1c060b1fd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7c:2a:ab:d6:a1:c6:af:23:40:e8:fc:49:23:
5b:00:a4:ab:85:a9:f8:4b:75:e2:68:1d:1a:c2:c6:
83:0b:0e:cd:24:2a:f7:7a:34:ab:36:f2:99:19:34:
63:24:12:b6:f2:01:14:88:3b:c5:69:e5:9f:14:9f:
74:cd:e9:a3:07:70:98:d7:c1:93:d1:e1:fc:73:c4:
8b:94:7d:9d:b6:e0:f8:d2:dc:04:58:2e:48:5e:79:
05:6c:c7:86:3a:0e:0e:33:63:53:6f:4d:9b:c8:a3:
69:5f:b4:46:74:83:ab:54:95:7d:b1:ee:40:43:f1:
d3:68:67:f2:ad:98:fa:73:93:99:e0:86:86:c7:91:
6b:79:71:c2:80:0f:db:03:bf:c8:6a:a6:09:92:a6:
06:c4:fb:34:7c:56:e4:73:97:a0:e9:f6:a7:c9:1d:
bf:27:7f:aa:69:22:1d:6b:63:7f:a3:03:f8:b1:5f:
57:d9:6b:9d:d2:60:00:7b:3d:90:17:4f:ff:95:ce:
ff:a2:a6:1e:08:36:09:f2:13:53:61:6f:54:6f:af:
99:35:79:e6:1f:44:11:53:b7:6f:ef:ab:99:9b:ac:
9f:58:b1:18:8e:1a:f0:69:a8:ce:bd:80:b9:b0:1e:
ee:15:55:2b:82:05:dd:36:0e:ad:bb:40:f7:96:5f:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:34:B6:F7:B3:14:74:AC:41:D0:33:BE:94:95:D1:C0:60:B1:FD:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f44760-7ed6-4813-abcf-0fdf15ae569f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f44760-7ed6-4813-abcf-0fdf15ae569f/1/QDS297MUdKxB0DO-lJXRwGCx_XE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.180.0/22
Signature Algorithm: sha256WithRSAEncryption
60:03:13:51:22:a2:36:42:b4:6d:22:c9:ee:e1:d5:31:91:0e:
75:34:a7:52:16:be:06:94:a3:66:aa:92:9a:59:19:4c:cd:5b:
ce:21:3c:52:a3:69:fc:eb:33:b8:ad:43:0f:1d:63:ca:be:b4:
77:4c:c6:d1:00:14:b8:2b:ab:67:64:9b:79:cb:6f:fe:48:f7:
3f:0f:d4:a6:41:50:28:93:88:cd:22:8c:83:6e:91:7b:4d:9a:
87:72:88:10:3b:df:33:de:ba:1e:0d:c5:fe:4f:44:d8:6b:15:
31:f2:d1:65:27:8a:5e:1f:5b:f0:66:19:ad:e5:31:88:fb:91:
9d:1b:6e:38:b4:1e:1c:e3:3b:b0:60:57:69:05:9a:80:7b:c8:
c0:e5:99:63:5a:3c:19:3e:23:6a:b6:f6:78:5e:15:4f:8d:24:
29:c1:e7:51:c3:0e:50:32:15:da:b0:ea:45:57:53:d2:f6:fb:
b1:89:fe:ac:02:97:08:f6:6d:cb:33:26:3f:e8:ba:60:34:36:
fb:62:04:c4:a7:ac:60:2d:b5:03:08:48:e4:52:87:5d:7f:6e:
4c:6b:f6:40:ed:25:76:6c:bc:db:8e:c3:c0:09:d0:e5:e2:19:
ed:de:50:af:60:c5:fb:a5:84:19:21:82:2d:9e:f0:96:98:4c:
73:79:a1:3a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKsJubgPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTYwNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0MDM0YjZmN2Iz
MTQ3NGFjNDFkMDMzYmU5NDk1ZDFjMDYwYjFmZDcxMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAunwqq9ahxq8jQOj8SSNbAKSrhan4S3XiaB0awsaDCw7N
JCr3ejSrNvKZGTRjJBK28gEUiDvFaeWfFJ90zemjB3CY18GT0eH8c8SLlH2dtuD4
0twEWC5IXnkFbMeGOg4OM2NTb02byKNpX7RGdIOrVJV9se5AQ/HTaGfyrZj6c5OZ
4IaGx5FreXHCgA/bA7/IaqYJkqYGxPs0fFbkc5eg6fanyR2/J3+qaSIda2N/owP4
sV9X2Wud0mAAez2QF0//lc7/oqYeCDYJ8hNTYW9Ub6+ZNXnmH0QRU7dv76uZm6yf
WLEYjhrwaajOvYC5sB7uFVUrggXdNg6tu0D3ll/AxwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFEA0tvezFHSsQdAzvpSV0cBgsf1xMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U0L2Y0NDc2MC03ZWQ2LTQ4MTMt
YWJjZi0wZmRmMTVhZTU2OWYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvZjQ0NzYwLTdlZDYtNDgxMy1h
YmNmLTBmZGYxNWFlNTY5Zi8xL1FEUzI5N01VZEt4QjBETy1sSlhSd0dDeF9YRS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCLZG0MA0GCSqGSIb3DQEBCwUAA4IBAQBgAxNRIqI2QrRtIsnu4dUx
kQ51NKdSFr4GlKNmqpKaWRlMzVvOITxSo2n86zO4rUMPHWPKvrR3TMbRABS4K6tn
ZJt5y2/+SPc/D9SmQVAok4jNIoyDbpF7TZqHcogQO98z3roeDcX+T0TYaxUx8tFl
J4peH1vwZhmt5TGI+5GdG244tB4c4zuwYFdpBZqAe8jA5ZljWjwZPiNqtvZ4XhVP
jSQpwedRww5QMhXasOpFV1PS9vuxif6sApcI9m3LMyY/6LpgNDb7YgTEp6xgLbUD
CEjkUoddf25Ma/ZA7SV2bLzbjsPACdDl4hnt3lCvYMX7pYQZIYItnvCWmExzeaE6
-----END CERTIFICATE-----
Generated at Sat May 10 22:03:48 2025 by rpki-client