Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KBWXVYQ3xYGF1ML-cbnVJ3nYANY.cer
File: KBWXVYQ3xYGF1ML-cbnVJ3nYANY.cer (raw, json)
Hash identifier: HosTITUZJWiSoKOv2tIDd3Mse8yX5s98hwQMaP4S3HM=
Subject key identifier: 28:15:97:55:84:37:C5:81:85:D4:C2:FE:71:B9:D5:27:79:D8:00:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856DF7681578CA8F7CAA49B8897FD5B1A0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/f95bb4-5c31-4a3c-8b3c-b174a94155ed/1/KBWXVYQ3xYGF1ML-cbnVJ3nYANY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/f95bb4-5c31-4a3c-8b3c-b174a94155ed/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 15:33:28 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 146.19.227.0/24
IP: 2a12:880::/29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:f7:68:15:78:ca:8f:7c:aa:49:b8:89:7f:d5:b1:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:33:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=281597558437c58185d4c2fe71b9d52779d800d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:8c:fe:7d:86:28:85:59:45:2d:93:0f:4e:
54:5d:5e:c5:b8:b1:75:29:e6:0e:e1:08:94:c0:85:
02:20:24:2f:9a:47:84:ee:80:36:af:da:d5:04:ae:
14:22:ac:6b:06:05:93:48:f0:43:79:78:8d:cd:d2:
59:be:bf:ce:cd:7f:94:1c:09:9d:28:28:c8:1d:df:
4f:22:20:b2:5f:db:0b:1b:a1:67:88:26:13:5c:70:
1e:f1:01:62:b7:31:f3:c8:6e:79:9c:7a:66:4e:09:
19:97:66:ba:62:9d:92:50:41:8b:23:fe:70:cf:e4:
d9:db:6d:63:8a:21:64:0e:4c:b9:92:46:90:26:a0:
8c:26:4f:6d:93:75:f6:0d:62:fe:7c:86:5d:d1:93:
93:96:bd:0e:5f:ef:ca:cb:fa:13:f5:0d:8b:59:a1:
22:8e:a8:20:7e:7f:b6:eb:ab:e4:ba:c4:44:fe:94:
9e:bc:50:dd:ce:fd:e8:a6:b1:51:52:e8:c3:8b:1d:
19:6b:ab:8f:bd:0a:34:52:8d:74:2b:c7:ff:02:d7:
22:13:46:62:49:45:d1:a2:64:64:62:28:f1:9c:03:
aa:1d:b4:65:c0:2c:14:ea:8a:0c:be:31:61:e7:1f:
0e:9a:a0:8b:fd:4a:65:f1:7d:3f:5c:c4:45:5e:c8:
5d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:15:97:55:84:37:C5:81:85:D4:C2:FE:71:B9:D5:27:79:D8:00:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f95bb4-5c31-4a3c-8b3c-b174a94155ed/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f95bb4-5c31-4a3c-8b3c-b174a94155ed/1/KBWXVYQ3xYGF1ML-cbnVJ3nYANY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.227.0/24
IPv6:
2a12:880::/29
Signature Algorithm: sha256WithRSAEncryption
04:4c:9a:e0:93:e1:16:fa:7d:24:b4:44:19:ed:3a:30:c0:89:
75:d5:30:6f:f8:60:52:8d:d1:a5:1b:a2:a3:e3:e1:8d:d2:77:
10:17:5f:94:93:cd:47:f9:b0:61:27:5b:32:59:ed:bf:62:de:
16:a6:56:c8:bf:48:5c:d1:ff:45:65:12:3c:a0:d3:ab:54:0d:
ef:4d:43:45:9e:27:00:4c:0a:8b:7d:44:a1:30:23:21:81:ce:
8c:36:45:83:21:55:76:d7:17:c0:86:cb:53:3f:9e:38:cf:8d:
38:1d:82:96:0b:e0:75:1a:d2:9e:67:f2:58:1e:74:78:04:ac:
b9:fe:9c:ab:86:62:f3:ef:85:a6:93:a4:ee:29:5d:89:2b:56:
2a:86:93:29:93:b0:49:e4:75:19:12:d6:4e:eb:f4:2c:80:05:
5a:6c:38:63:5e:6a:79:55:a8:42:b3:fd:a5:50:f4:60:41:9a:
8d:69:34:a3:29:c0:81:c1:29:c5:61:f2:e5:c4:75:b0:2d:ec:
1f:b9:48:d6:79:c3:de:78:ce:ae:03:cf:e2:6a:21:3c:50:ec:
60:aa:7e:0a:86:35:c6:b6:d9:5f:14:5a:96:02:d8:59:43:5e:
6d:08:2b:b3:cb:bf:90:aa:d3:63:d8:6c:a5:a6:70:71:b8:05:
81:b2:a7:b4
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVt92gVeMqPfKpJuIl/1bGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTUzMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE1OTc1NTg0MzdjNTgxODVkNGMyZmU3MWI5ZDUyNzc5ZDgwMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA2M/n2GKIVZRS2TD05UXV7FuLF1
KeYO4QiUwIUCICQvmkeE7oA2r9rVBK4UIqxrBgWTSPBDeXiNzdJZvr/OzX+UHAmd
KCjIHd9PIiCyX9sLG6FniCYTXHAe8QFitzHzyG55nHpmTgkZl2a6Yp2SUEGLI/5w
z+TZ221jiiFkDky5kkaQJqCMJk9tk3X2DWL+fIZd0ZOTlr0OX+/Ky/oT9Q2LWaEi
jqggfn+266vkusRE/pSevFDdzv3oprFRUujDix0Za6uPvQo0Uo10K8f/AtciE0Zi
SUXRomRkYijxnAOqHbRlwCwU6ooMvjFh5x8OmqCL/Upl8X0/XMRFXshdYQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFCgVl1WEN8WBhdTC/nG51Sd52ADWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2Y5NWJi
NC01YzMxLTRhM2MtOGIzYy1iMTc0YTk0MTU1ZWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvZjk1YmI0
LTVjMzEtNGEzYy04YjNjLWIxNzRhOTQxNTVlZC8xL0tCV1hWWVEzeFlHRjFNTC1j
Ym5WSjNuWUFOWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAkhPjMA0EAgACMAcDBQMqEgiAMA0GCSqGSIb3
DQEBCwUAA4IBAQAETJrgk+EW+n0ktEQZ7TowwIl11TBv+GBSjdGlG6Kj4+GN0ncQ
F1+Uk81H+bBhJ1syWe2/Yt4WplbIv0hc0f9FZRI8oNOrVA3vTUNFnicATAqLfUSh
MCMhgc6MNkWDIVV21xfAhstTP544z404HYKWC+B1GtKeZ/JYHnR4BKy5/pyrhmLz
74Wmk6TuKV2JK1YqhpMpk7BJ5HUZEtZO6/QsgAVabDhjXmp5VahCs/2lUPRgQZqN
aTSjKcCBwSnFYfLlxHWwLewfuUjWecPeeM6uA8/iaiE8UOxgqn4KhjXGttlfFFqW
AthZQ15tCCuzy7+QqtNj2GylpnBxuAWBsqe0
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:52:10 2025 by rpki-client