Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KHQrY-RXsfnnx2Mh08Vwfp81IrY.cer
File: KHQrY-RXsfnnx2Mh08Vwfp81IrY.cer (raw, json)
Hash identifier: g+X6/QeaKykAqFSS3/0Con9hAXUXL1ZKjnpPGsWsm5g=
Subject key identifier: 28:74:2B:63:E4:57:B1:F9:E7:C7:63:21:D3:C5:70:7E:9F:35:22:B6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: B3070EB32C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/e6e0e5-9864-4657-aa23-5581caf05d98/1/KHQrY-RXsfnnx2Mh08Vwfp81IrY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/e6e0e5-9864-4657-aa23-5581caf05d98/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 10 Jun 2022 09:56:46 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 141.98.1.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 768917549868 (0xb3070eb32c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 10 09:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28742b63e457b1f9e7c76321d3c5707e9f3522b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:31:ba:bd:70:d5:24:cd:6d:e2:1a:12:57:34:
44:c4:23:2b:9e:30:44:1e:06:3d:6d:65:30:b7:4e:
88:dc:56:05:9a:ae:64:77:be:57:2e:8b:45:3b:05:
d4:ae:dd:06:a8:08:ce:47:d8:0f:87:fa:52:89:5d:
29:f5:d5:99:79:f7:a2:32:1f:d5:97:c2:5b:e4:18:
a6:02:3a:be:5f:96:85:5b:c9:9b:dd:8a:25:ff:09:
7f:a7:d1:3d:ad:48:12:2c:75:19:ac:de:4f:74:10:
a2:e5:d9:2e:8d:fa:e4:d8:fe:79:1f:32:bc:30:07:
cf:c5:d8:c8:46:7f:a3:50:70:6f:db:fa:e7:83:22:
0c:e2:94:04:30:b3:1e:4e:dc:c7:99:fb:43:82:35:
16:e0:6a:5e:14:b4:c5:ab:61:63:84:2c:c3:6f:0d:
e7:d2:02:ce:21:1e:46:14:d1:6b:ad:88:aa:33:78:
6b:77:f7:2f:8e:fb:6b:c2:6e:4d:fb:ad:f5:d6:3d:
04:6a:8f:e3:fb:87:df:5d:ed:a6:be:4c:6d:93:4a:
86:33:6d:26:27:bb:df:d7:26:89:0b:63:36:ae:ac:
4c:8d:5d:ed:18:06:ff:82:4c:da:e3:49:e7:4d:f7:
1b:e6:d6:f2:5f:38:ee:3f:b8:d7:78:a0:d3:3e:d2:
15:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:74:2B:63:E4:57:B1:F9:E7:C7:63:21:D3:C5:70:7E:9F:35:22:B6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e6e0e5-9864-4657-aa23-5581caf05d98/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e6e0e5-9864-4657-aa23-5581caf05d98/1/KHQrY-RXsfnnx2Mh08Vwfp81IrY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.1.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b2:be:78:14:33:f1:1c:c0:76:c5:f1:ef:3f:09:16:6e:21:
38:5c:2f:b8:b1:1f:53:66:24:68:5a:86:ae:c5:90:ce:a5:28:
8a:65:84:40:e2:1f:26:50:59:17:4e:79:ec:a7:b9:b9:0c:96:
a0:3a:d0:cf:b3:8d:3b:c7:02:68:97:5d:5f:35:f3:17:ae:ed:
a5:eb:be:13:e5:d0:bc:2d:0b:f9:38:75:70:d9:ed:1e:e0:49:
a3:f2:9f:5c:25:49:a7:88:f9:af:cb:b0:52:dc:cb:78:48:0b:
3b:86:f8:ba:09:55:f7:2a:29:ce:96:73:0c:7c:6d:7b:de:b4:
1f:09:f9:6a:61:54:e0:0a:bc:df:53:bb:7b:8c:1f:0d:f3:0a:
f0:1e:79:d8:17:22:8d:48:9e:b6:44:f2:ef:21:1d:b5:19:d3:
e7:f0:4e:aa:ba:b7:8d:32:00:24:4f:2b:d0:af:6d:12:06:86:
74:e3:b4:76:13:80:89:eb:f1:1e:d1:81:76:53:a2:c1:86:32:
82:ce:0a:2f:dc:6e:d8:b9:79:95:d7:93:fa:48:32:9c:f3:e2:
fa:f7:ae:4a:5f:b6:b1:9f:4e:18:3c:a2:c7:29:78:4a:16:ea:
5c:aa:54:31:27:84:b1:29:1a:8c:e3:4d:58:87:83:d8:48:98:
3e:b3:ca:34
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGALMHDrMsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NjEwMDk1NjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODc0MmI2M2U0
NTdiMWY5ZTdjNzYzMjFkM2M1NzA3ZTlmMzUyMmI2MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArDG6vXDVJM1t4hoSVzRExCMrnjBEHgY9bWUwt06I3FYF
mq5kd75XLotFOwXUrt0GqAjOR9gPh/pSiV0p9dWZefeiMh/Vl8Jb5BimAjq+X5aF
W8mb3Yol/wl/p9E9rUgSLHUZrN5PdBCi5dkujfrk2P55HzK8MAfPxdjIRn+jUHBv
2/rngyIM4pQEMLMeTtzHmftDgjUW4GpeFLTFq2FjhCzDbw3n0gLOIR5GFNFrrYiq
M3hrd/cvjvtrwm5N+6311j0Eao/j+4ffXe2mvkxtk0qGM20mJ7vf1yaJC2M2rqxM
jV3tGAb/gkza40nnTfcb5tbyXzjuP7jXeKDTPtIVbwIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFCh0K2PkV7H558djIdPFcH6fNSK2MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0L2U2ZTBlNS05ODY0LTQ2NTct
YWEyMy01NTgxY2FmMDVkOTgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvZTZlMGU1LTk4NjQtNDY1Ny1h
YTIzLTU1ODFjYWYwNWQ5OC8xL0tIUXJZLVJYc2ZubngyTWgwOFZ3ZnA4MUlyWS5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAjWIBMA0GCSqGSIb3DQEBCwUAA4IBAQAosr54FDPxHMB2xfHvPwkW
biE4XC+4sR9TZiRoWoauxZDOpSiKZYRA4h8mUFkXTnnsp7m5DJagOtDPs407xwJo
l11fNfMXru2l674T5dC8LQv5OHVw2e0e4Emj8p9cJUmniPmvy7BS3Mt4SAs7hvi6
CVX3KinOlnMMfG173rQfCflqYVTgCrzfU7t7jB8N8wrwHnnYFyKNSJ62RPLvIR21
GdPn8E6qureNMgAkTyvQr20SBoZ047R2E4CJ6/Ee0YF2U6LBhjKCzgov3G7YuXmV
15P6SDKc8+L6965KX7axn04YPKLHKXhKFupcqlQxJ4SxKRqM401Yh4PYSJg+s8o0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:11 2025 by rpki-client