Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ohtsMsKv9I3PW1B0Si1RFHICC0Q.cer
File: ohtsMsKv9I3PW1B0Si1RFHICC0Q.cer (raw, json)
Hash identifier: aMGmaH2L9bQh4J4Y3AarjFPFug66Di2uPfwxICQ2RI8=
Subject key identifier: A2:1B:6C:32:C2:AF:F4:8D:CF:5B:50:74:4A:2D:51:14:72:02:0B:44
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A7E2996DF7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e4/b6072d-467d-4593-9d35-fe641573b4b6/1/ohtsMsKv9I3PW1B0Si1RFHICC0Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e4/b6072d-467d-4593-9d35-fe641573b4b6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 13:06:17 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 195.8.62.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 721061244407 (0xa7e2996df7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:06:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a21b6c32c2aff48dcf5b50744a2d511472020b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:08:bd:59:36:c1:bd:1b:90:54:eb:4a:5f:97:
e2:8a:c9:3e:13:4c:33:a8:29:26:69:9c:4e:87:1b:
1d:af:54:9d:3b:44:97:2e:73:e9:2a:da:ed:eb:ab:
7a:52:23:a6:e0:0e:8b:c3:60:36:c0:3b:d9:05:04:
4d:a9:14:0d:ca:a0:a5:5d:3a:37:54:68:ae:b6:97:
ff:bf:0e:d0:6a:ab:63:56:cf:23:a3:f7:3b:77:0b:
04:6c:79:cb:6e:fd:d6:76:83:7b:4e:34:f4:2a:a9:
41:0a:d5:99:26:06:e9:7e:14:ca:42:6e:f3:0a:dc:
6e:82:1e:f3:80:bb:3e:5a:30:fd:4c:3a:cd:51:35:
47:07:c3:61:9e:4e:1d:85:d6:7c:67:5d:e4:50:96:
0b:a9:5c:de:47:40:97:97:90:74:7a:3f:65:3e:9c:
0d:04:bf:1f:19:4d:f2:e6:9e:7b:3e:a0:29:b1:79:
01:dc:5a:30:e9:b4:a8:ae:93:b9:12:59:06:75:9e:
6c:e7:de:61:10:16:c4:63:93:55:97:a7:1d:f5:11:
9a:46:6b:42:04:d9:7e:d4:c9:1f:c1:63:2f:16:2c:
9d:cb:64:3d:3f:4c:6e:2c:72:ce:14:67:8a:6e:31:
40:8f:50:9c:4c:6d:8d:3e:4c:35:19:19:20:64:03:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1B:6C:32:C2:AF:F4:8D:CF:5B:50:74:4A:2D:51:14:72:02:0B:44
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b6072d-467d-4593-9d35-fe641573b4b6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b6072d-467d-4593-9d35-fe641573b4b6/1/ohtsMsKv9I3PW1B0Si1RFHICC0Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.62.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c7:2f:3e:f6:c1:df:26:bf:d2:6d:1b:f8:3f:13:a7:25:5a:
79:01:02:5a:7f:02:d7:22:5c:e6:ad:4c:ae:9c:91:35:a5:5d:
83:f7:cf:52:57:dd:9b:13:5c:a8:5a:58:80:1d:38:bf:6a:1c:
b1:6c:e4:a7:95:63:86:d9:cf:b8:3a:3b:af:8c:57:0b:0e:c6:
f6:20:23:aa:1f:27:50:25:e2:dc:5f:5e:1c:73:e5:b1:14:15:
b7:0b:2b:b3:4f:f9:ec:ea:7f:9a:62:5f:3f:57:47:71:68:d4:
51:3a:ea:05:61:31:87:2d:e8:23:31:da:a6:d8:b3:99:89:c7:
5b:79:8b:a1:bc:12:01:10:d3:28:8c:7b:9a:7b:1e:92:1b:6a:
d0:10:c5:ff:9c:93:2f:2c:ff:e4:87:5e:c7:d7:51:f6:16:98:
b6:01:44:7f:cf:48:09:68:dd:9b:02:e9:e9:e9:61:15:68:a2:
ff:ae:ca:1b:d4:80:96:c8:93:3a:d3:29:d6:6d:0f:25:fc:36:
be:ab:9c:b4:1c:c5:fd:00:19:35:07:03:03:28:18:f2:e2:ce:
78:6e:e2:99:3c:ad:e6:a0:6e:a4:41:a0:9e:99:14:81:85:72:
2f:b9:f8:ad:20:58:6d:ea:78:2f:6e:66:b6:e6:c4:f1:d4:45:
56:0d:6d:7a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGAKfimW33MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMTMwNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMjFiNmMzMmMy
YWZmNDhkY2Y1YjUwNzQ0YTJkNTExNDcyMDIwYjQ0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqAi9WTbBvRuQVOtKX5fiisk+E0wzqCkmaZxOhxsdr1Sd
O0SXLnPpKtrt66t6UiOm4A6Lw2A2wDvZBQRNqRQNyqClXTo3VGiutpf/vw7Qaqtj
Vs8jo/c7dwsEbHnLbv3WdoN7TjT0KqlBCtWZJgbpfhTKQm7zCtxugh7zgLs+WjD9
TDrNUTVHB8Nhnk4dhdZ8Z13kUJYLqVzeR0CXl5B0ej9lPpwNBL8fGU3y5p57PqAp
sXkB3Fow6bSorpO5ElkGdZ5s595hEBbEY5NVl6cd9RGaRmtCBNl+1MkfwWMvFiyd
y2Q9P0xuLHLOFGeKbjFAj1CcTG2NPkw1GRkgZAOc5wIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFKIbbDLCr/SNz1tQdEotURRyAgtEMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U0L2I2MDcyZC00NjdkLTQ1OTMt
OWQzNS1mZTY0MTU3M2I0YjYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQvYjYwNzJkLTQ2N2QtNDU5My05
ZDM1LWZlNjQxNTczYjRiNi8xL29odHNNc0t2OUkzUFcxQjBTaTFSRkhJQ0MwUS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwwg+MA0GCSqGSIb3DQEBCwUAA4IBAQBfxy8+9sHfJr/SbRv4PxOn
JVp5AQJafwLXIlzmrUyunJE1pV2D989SV92bE1yoWliAHTi/ahyxbOSnlWOG2c+4
OjuvjFcLDsb2ICOqHydQJeLcX14cc+WxFBW3CyuzT/ns6n+aYl8/V0dxaNRROuoF
YTGHLegjMdqm2LOZicdbeYuhvBIBENMojHuaex6SG2rQEMX/nJMvLP/kh17H11H2
Fpi2AUR/z0gJaN2bAunp6WEVaKL/rsob1ICWyJM60ynWbQ8l/Da+q5y0HMX9ABk1
BwMDKBjy4s54buKZPK3moG6kQaCemRSBhXIvufitIFht6ngvbma25sTx1EVWDW16
-----END CERTIFICATE-----
Generated at Thu May 15 03:48:34 2025 by rpki-client