Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/oaor0Lb2IjmxJYQfggD4ui2-DIk.cer
File: oaor0Lb2IjmxJYQfggD4ui2-DIk.cer (raw, json)
Hash identifier: iV60nP7zAI/cLvKStQz2f2stPKSr3zmm69BytcxLMTg=
Subject key identifier: A1:AA:2B:D0:B6:F6:22:39:B1:25:84:1F:82:00:F8:BA:2D:BE:0C:89
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018ACF2C491D56D48260B631AA7C7D1BD5CB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/a380fb-dc03-4868-86b2-991b6e88f57a/1/oaor0Lb2IjmxJYQfggD4ui2-DIk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/a380fb-dc03-4868-86b2-991b6e88f57a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 26 Sep 2023 01:48:20 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 91.247.190.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:2c:49:1d:56:d4:82:60:b6:31:aa:7c:7d:1b:d5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 26 01:48:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1aa2bd0b6f62239b125841f8200f8ba2dbe0c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6b:bc:36:01:84:76:ec:08:b1:58:d8:fe:94:
7d:0e:9e:bc:3d:ba:68:21:a2:d6:10:80:3e:0b:33:
b7:eb:f2:1a:7d:c7:a5:f4:27:14:81:9e:da:d7:20:
26:2c:24:84:f1:61:33:8c:31:9b:a3:eb:9a:b0:2e:
f9:e1:a9:9c:ba:df:c5:d2:1d:21:6a:b2:11:99:e9:
b4:0a:c5:c3:21:77:c0:63:f9:a4:47:cc:81:72:c3:
b3:d8:a1:36:81:fd:f8:41:f9:98:93:e0:69:69:78:
fb:fe:1c:c4:8c:4c:70:60:0f:e5:28:88:fc:a9:ed:
c2:50:ea:35:68:3d:9f:d0:d3:ae:55:c9:e5:7a:f8:
53:43:1e:71:f9:0c:1c:4f:73:75:fe:27:e1:a9:ca:
96:97:59:a6:02:e1:29:9e:41:88:95:92:bc:72:9b:
ed:4d:dc:8b:9a:b5:f5:9a:ce:f6:da:4e:66:30:e9:
56:a4:66:6f:96:22:3b:a9:92:bc:14:7d:a5:4c:3e:
d3:a5:f8:1c:60:de:3a:c0:75:82:e6:31:5c:60:b3:
13:86:12:cd:74:d3:df:ea:4a:b8:9e:ea:15:f2:c9:
98:ea:6d:92:30:26:4d:45:c4:d8:bb:8c:07:24:6b:
1d:a3:ba:86:15:05:e3:a0:a6:78:55:e2:e3:e7:6f:
59:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AA:2B:D0:B6:F6:22:39:B1:25:84:1F:82:00:F8:BA:2D:BE:0C:89
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a380fb-dc03-4868-86b2-991b6e88f57a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a380fb-dc03-4868-86b2-991b6e88f57a/1/oaor0Lb2IjmxJYQfggD4ui2-DIk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.190.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f1:3d:78:60:4a:7c:e3:42:29:af:db:ad:65:52:ba:6b:7b:
2f:38:fe:de:92:51:24:e9:0a:ad:10:2e:62:32:07:1f:c2:f8:
b6:9a:1d:d9:1c:47:f5:98:ac:cf:b6:5f:ad:1f:23:b2:c6:09:
60:65:c8:3f:11:cc:ec:58:dd:45:92:8f:f3:3a:10:26:14:0c:
3c:01:d8:08:f4:5e:7a:6c:80:c1:2c:7e:90:ac:de:59:bc:44:
a2:14:bd:5e:a7:2b:dc:17:6d:c8:6b:c0:5d:e3:bb:f5:6b:9c:
29:bd:58:71:13:6b:29:ee:2e:59:82:22:4a:a1:7b:46:a9:71:
82:69:5f:e6:7b:f5:ee:c4:f5:20:ae:88:77:64:d8:44:b0:0d:
69:4e:83:f4:a2:96:40:cd:0a:d2:d4:f1:d4:1e:af:88:c5:7a:
b1:5b:24:e4:67:f8:7f:d1:05:7a:c7:19:7e:ca:3e:89:7c:c7:
3b:a2:03:05:5d:59:f8:b3:93:7e:fc:43:72:0d:8d:68:94:90:
27:81:90:cc:a1:c0:95:c9:32:dd:07:11:c6:1e:76:64:cb:bd:
94:d1:11:17:27:c9:e6:90:c0:ea:b6:5b:61:78:f2:99:ca:fb:
54:d2:61:a1:24:78:da:43:1a:56:d6:0e:88:b4:39:ea:9c:4f:
73:35:9f:d5
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYrPLEkdVtSCYLYxqnx9G9XLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwOTI2MDE0ODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFhMmJkMGI2ZjYyMjM5YjEyNTg0MWY4MjAwZjhiYTJkYmUwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWu8NgGEduwIsVjY/pR9Dp68Pbpo
IaLWEIA+CzO36/Iafcel9CcUgZ7a1yAmLCSE8WEzjDGbo+uasC754amcut/F0h0h
arIRmem0CsXDIXfAY/mkR8yBcsOz2KE2gf34QfmYk+BpaXj7/hzEjExwYA/lKIj8
qe3CUOo1aD2f0NOuVcnlevhTQx5x+QwcT3N1/ifhqcqWl1mmAuEpnkGIlZK8cpvt
TdyLmrX1ms722k5mMOlWpGZvliI7qZK8FH2lTD7TpfgcYN46wHWC5jFcYLMThhLN
dNPf6kq4nuoV8smY6m2SMCZNRcTYu4wHJGsdo7qGFQXjoKZ4VeLj529Z8QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFKGqK9C29iI5sSWEH4IA+LotvgyJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjL2EzODBm
Yi1kYzAzLTQ4NjgtODZiMi05OTFiNmU4OGY1N2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvYTM4MGZi
LWRjMDMtNDg2OC04NmIyLTk5MWI2ZTg4ZjU3YS8xL29hb3IwTGIySWpteEpZUWZn
Z0Q0dWkyLURJay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW/e+MA0GCSqGSIb3DQEBCwUAA4IBAQBl8T14
YEp840Ipr9utZVK6a3svOP7eklEk6QqtEC5iMgcfwvi2mh3ZHEf1mKzPtl+tHyOy
xglgZcg/EczsWN1Fko/zOhAmFAw8AdgI9F56bIDBLH6QrN5ZvESiFL1epyvcF23I
a8Bd47v1a5wpvVhxE2sp7i5ZgiJKoXtGqXGCaV/me/XuxPUgroh3ZNhEsA1pToP0
opZAzQrS1PHUHq+IxXqxWyTkZ/h/0QV6xxl+yj6JfMc7ogMFXVn4s5N+/ENyDY1o
lJAngZDMocCVyTLdBxHGHnZky72U0REXJ8nmkMDqtlthePKZyvtU0mGhJHjaQxpW
1g6ItDnqnE9zNZ/V
-----END CERTIFICATE-----
Generated at Mon May 12 12:50:55 2025 by rpki-client