Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZKqN8pJZWLxNL5W59r2-UQESXQA.cer
File: ZKqN8pJZWLxNL5W59r2-UQESXQA.cer (raw, json)
Hash identifier: 2oFmOusXZBVtImvXxlJQgg/WwJEU4nJE8r9iiT6ADk0=
Subject key identifier: 64:AA:8D:F2:92:59:58:BC:4D:2F:95:B9:F6:BD:BE:51:01:12:5D:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9EB94FC294
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/02/37ff69-235d-4217-abaa-df922683295d/1/ZKqN8pJZWLxNL5W59r2-UQESXQA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/02/37ff69-235d-4217-abaa-df922683295d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 05:51:35 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 2001:67c:2aa0::/48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 681713844884 (0x9eb94fc294)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64aa8df2925958bc4d2f95b9f6bdbe5101125d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:20:d6:3f:66:e5:04:eb:7f:ab:2c:d1:f2:40:
0e:46:a6:ed:22:67:8f:18:54:e4:6c:8a:da:14:5c:
97:1e:af:5a:16:01:cf:9b:5a:0c:34:e3:5c:fd:77:
22:94:cb:9a:4b:99:b1:4c:75:ae:4a:24:23:d4:3d:
fd:2c:2d:e9:db:87:a6:e4:33:0b:d4:4d:0c:e8:c7:
5c:f0:37:e3:43:67:a4:91:8e:c0:f7:fd:49:95:13:
10:21:d3:d9:52:4e:d5:9a:87:f1:b2:82:7c:65:5b:
0f:95:23:9d:eb:71:2a:de:ef:11:6e:a2:61:42:a9:
3e:a2:12:1e:4d:c4:50:12:31:38:9c:31:2f:2e:a9:
93:27:6a:aa:de:78:d8:65:5d:d8:b3:ee:ce:57:69:
af:32:51:c7:d2:d3:71:14:f9:0e:0d:bd:c8:ed:6a:
c6:f4:b7:0d:f9:08:68:ee:5b:41:80:50:12:cc:b7:
28:d0:7f:57:75:62:5c:cc:ec:a7:7d:48:f4:3a:a3:
46:df:55:2c:a6:d1:70:e6:3d:78:94:de:85:12:dd:
a1:d4:79:7d:8c:2a:2c:2a:a5:d2:83:c4:6b:2a:47:
b5:55:d7:89:a8:25:1f:eb:5d:dc:e9:cd:14:eb:8b:
25:42:6d:f2:70:ea:fa:c6:5d:36:30:59:45:86:91:
79:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AA:8D:F2:92:59:58:BC:4D:2F:95:B9:F6:BD:BE:51:01:12:5D:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/37ff69-235d-4217-abaa-df922683295d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/37ff69-235d-4217-abaa-df922683295d/1/ZKqN8pJZWLxNL5W59r2-UQESXQA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2aa0::/48
Signature Algorithm: sha256WithRSAEncryption
49:fa:fa:f4:ef:3a:04:4a:c4:09:36:bd:1f:4d:18:a2:32:6c:
4d:42:de:06:ff:3a:d0:60:b9:68:99:95:68:4b:df:3b:3f:c0:
07:95:6d:4d:41:62:4f:f5:8d:4f:90:a6:7a:ff:58:bf:55:2a:
50:9b:fc:e7:11:46:09:51:9a:81:b4:a8:3a:54:c3:fd:70:1b:
cb:c1:14:71:f6:e7:c7:07:86:74:e6:2e:60:be:98:d4:bb:82:
09:01:5a:6f:9c:98:fa:af:ff:d4:77:b7:33:50:b4:a9:70:66:
c7:62:54:9f:ce:d8:a1:2e:29:0d:cf:3a:4e:e7:07:b8:7b:5e:
fa:da:bd:0b:85:38:30:dc:64:07:69:2a:df:f0:2d:56:e5:60:
45:16:f0:0c:22:16:e0:1f:75:86:d3:4d:07:03:10:df:49:ef:
f7:35:78:7a:47:d3:c9:bd:1f:0c:bb:99:c9:3b:57:a9:6a:13:
3c:ee:54:35:fb:de:bc:22:5f:7e:74:24:81:55:7d:3a:50:44:
21:4e:f7:6b:4b:af:bb:68:10:5c:5a:29:01:ff:d8:75:6b:81:
8d:4e:2a:f3:2c:1f:19:30:5b:71:fe:c6:5e:94:a4:f2:9e:90:
10:5d:d5:f8:1d:9e:d3:26:f0:81:79:f3:6f:22:60:0a:97:2b:
78:0d:fe:8c
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIGAJ65T8KUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDU1MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NGFhOGRmMjky
NTk1OGJjNGQyZjk1YjlmNmJkYmU1MTAxMTI1ZDAwMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAkiDWP2blBOt/qyzR8kAORqbtImePGFTkbIraFFyXHq9a
FgHPm1oMNONc/XcilMuaS5mxTHWuSiQj1D39LC3p24em5DML1E0M6Mdc8DfjQ2ek
kY7A9/1JlRMQIdPZUk7VmofxsoJ8ZVsPlSOd63Eq3u8RbqJhQqk+ohIeTcRQEjE4
nDEvLqmTJ2qq3njYZV3Ys+7OV2mvMlHH0tNxFPkODb3I7WrG9LcN+Qho7ltBgFAS
zLco0H9XdWJczOynfUj0OqNG31UsptFw5j14lN6FEt2h1Hl9jCosKqXSg8RrKke1
VdeJqCUf613c6c0U64slQm3ycOr6xl02MFlFhpF54wIDAQABo4IChzCCAoMwHQYD
VR0OBBYEFGSqjfKSWVi8TS+Vufa9vlEBEl0AMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAyLzM3ZmY2OS0yMzVkLTQyMTct
YWJhYS1kZjkyMjY4MzI5NWQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIvMzdmZjY5LTIzNWQtNDIxNy1h
YmFhLWRmOTIyNjgzMjk1ZC8xL1pLcU44cEpaV0x4Tkw1VzU5cjItVVFFU1hRQS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEGfCqgMA0GCSqGSIb3DQEBCwUAA4IBAQBJ+vr07zoESsQJNr0f
TRiiMmxNQt4G/zrQYLlomZVoS987P8AHlW1NQWJP9Y1PkKZ6/1i/VSpQm/znEUYJ
UZqBtKg6VMP9cBvLwRRx9ufHB4Z05i5gvpjUu4IJAVpvnJj6r//Ud7czULSpcGbH
YlSfztihLikNzzpO5we4e1762r0LhTgw3GQHaSrf8C1W5WBFFvAMIhbgH3WG000H
AxDfSe/3NXh6R9PJvR8Mu5nJO1epahM87lQ1+968Il9+dCSBVX06UEQhTvdrS6+7
aBBcWikB/9h1a4GNTirzLB8ZMFtx/sZelKTynpAQXdX4HZ7TJvCBefNvImAKlyt4
Df6M
-----END CERTIFICATE-----
Generated at Sat May 10 08:19:23 2025 by rpki-client