Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer
File: zq4QIe9dbXLKaPjKXBWfSginQ2Y.cer (raw, json)
Hash identifier: 3D3yHG0d0dNSr/SSYxRlYHX4OWEaVsLLq2fMq2eU5+8=
Subject key identifier: CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: A17F599438
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/zq4QIe9dbXLKaPjKXBWfSginQ2Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 07:56:59 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 193.32.204.0/22
IP: 2a0d:d540::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 693626311736 (0xa17f599438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:56:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ceae1021ef5d6d72ca68f8ca5c159f4a08a74366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:17:4e:3f:d0:55:3f:90:20:96:ee:30:3b:d6:
d6:02:33:a1:56:eb:11:4d:b7:5d:1e:18:72:09:d7:
ef:78:07:6e:d8:81:20:21:10:fe:a8:b8:1e:ce:15:
7d:a2:9e:15:8c:da:9c:5b:64:fb:06:89:73:9b:83:
a3:21:47:c5:44:53:2f:5c:7b:c5:31:7a:23:09:8a:
7f:21:2e:c1:f5:30:b7:2d:e6:af:24:0d:64:26:ff:
03:a3:69:3f:9c:6c:24:cd:4a:a2:60:c1:82:21:b2:
24:6c:63:22:29:b4:7d:5a:bc:ab:d8:ae:a1:d9:f6:
33:08:61:77:3c:78:48:3d:c5:29:e5:8e:27:f0:48:
e1:81:57:c1:7b:83:1d:93:c1:be:3c:68:53:e4:e1:
3b:b9:a2:ef:71:73:3b:f9:5e:60:30:e3:f6:a4:f8:
ec:fb:37:5a:63:8c:4e:64:46:bf:ba:8a:44:b8:c5:
3f:1a:cf:c6:ac:6b:9f:20:e4:af:09:46:d4:66:8f:
13:11:9d:e7:95:7f:00:b3:cc:1f:34:dd:0d:01:a1:
b8:1d:24:9e:46:1e:ca:f3:12:fb:3b:f7:cb:9a:7c:
3b:e1:36:94:b2:1a:f1:c5:4b:5d:be:5c:51:66:92:
a0:80:d6:07:e7:0e:df:ae:07:34:ec:63:a5:74:ca:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AE:10:21:EF:5D:6D:72:CA:68:F8:CA:5C:15:9F:4A:08:A7:43:66
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/caf622-ee11-458d-b81d-15ed1ea93e25/1/zq4QIe9dbXLKaPjKXBWfSginQ2Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.204.0/22
IPv6:
2a0d:d540::/29
Signature Algorithm: sha256WithRSAEncryption
04:0c:a2:82:b2:25:4f:57:9d:a5:59:87:81:e5:7c:5d:0e:1c:
45:eb:01:5e:ce:ad:7e:ac:c2:e1:51:74:0c:58:9e:59:f6:97:
bc:5b:f0:11:b2:e1:6a:29:01:5f:34:ca:0a:a6:71:d2:17:8c:
42:f2:53:7f:2e:5e:dd:7d:36:27:21:38:5b:34:9e:84:97:1f:
f1:23:48:0d:84:df:a3:a3:32:e5:7b:99:4e:0e:de:41:35:3a:
4e:ab:81:3a:3d:97:1c:03:58:9b:e3:4f:f7:88:83:6a:0f:72:
aa:ed:d3:5f:d3:8a:e3:81:4e:9d:f2:35:22:fe:46:cf:80:f3:
97:fb:c0:26:1d:f9:79:5e:6c:5e:cc:3a:11:49:06:19:d3:67:
a4:9a:22:a9:34:cc:48:ae:bc:37:1b:16:ca:b1:75:54:ed:6b:
d9:a5:84:c4:a5:62:6b:fa:2a:f6:eb:25:32:ab:58:c5:3b:5f:
f8:b8:2f:36:0a:bc:81:ce:43:4b:a2:e2:9b:61:fd:45:e3:d0:
52:b7:8b:96:2f:3f:90:f2:37:c1:c0:87:34:17:d9:ec:21:2d:
b8:d0:c4:3a:43:10:98:b6:46:73:5d:24:7a:1a:05:e7:8a:53:
6c:6f:ab:ea:55:81:0d:bf:72:36:92:14:00:90:d5:c2:f8:0c:
de:b0:69:25
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIGAKF/WZQ4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDc1NjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjZWFlMTAyMWVm
NWQ2ZDcyY2E2OGY4Y2E1YzE1OWY0YTA4YTc0MzY2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlBdOP9BVP5Aglu4wO9bWAjOhVusRTbddHhhyCdfveAdu
2IEgIRD+qLgezhV9op4VjNqcW2T7Bolzm4OjIUfFRFMvXHvFMXojCYp/IS7B9TC3
LeavJA1kJv8Do2k/nGwkzUqiYMGCIbIkbGMiKbR9Wryr2K6h2fYzCGF3PHhIPcUp
5Y4n8EjhgVfBe4Mdk8G+PGhT5OE7uaLvcXM7+V5gMOP2pPjs+zdaY4xOZEa/uopE
uMU/Gs/GrGufIOSvCUbUZo8TEZ3nlX8As8wfNN0NAaG4HSSeRh7K8xL7O/fLmnw7
4TaUshrxxUtdvlxRZpKggNYH5w7frgc07GOldMr9SwIDAQABo4ICkzCCAo8wHQYD
VR0OBBYEFM6uECHvXW1yymj4ylwVn0oIp0NmMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkL2NhZjYyMi1lZTExLTQ1OGQt
YjgxZC0xNWVkMWVhOTNlMjUvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQvY2FmNjIyLWVlMTEtNDU4ZC1i
ODFkLTE1ZWQxZWE5M2UyNS8xL3pxNFFJZTlkYlhMS2FQaktYQldmU2dpblEyWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCwSDMMA0EAgACMAcDBQMqDdVAMA0GCSqGSIb3DQEBCwUAA4IBAQAE
DKKCsiVPV52lWYeB5XxdDhxF6wFezq1+rMLhUXQMWJ5Z9pe8W/ARsuFqKQFfNMoK
pnHSF4xC8lN/Ll7dfTYnIThbNJ6Elx/xI0gNhN+jozLle5lODt5BNTpOq4E6PZcc
A1ib40/3iINqD3Kq7dNf04rjgU6d8jUi/kbPgPOX+8AmHfl5XmxezDoRSQYZ02ek
miKpNMxIrrw3GxbKsXVU7WvZpYTEpWJr+ir26yUyq1jFO1/4uC82CryBzkNLouKb
Yf1F49BSt4uWLz+Q8jfBwIc0F9nsIS240MQ6QxCYtkZzXSR6GgXnilNsb6vqVYEN
v3I2khQAkNXC+AzesGkl
-----END CERTIFICATE-----
Generated at Mon May 12 18:28:30 2025 by rpki-client