Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KKA2-mP3WcWcWqIcbo8DC1imMO4.cer
File: KKA2-mP3WcWcWqIcbo8DC1imMO4.cer (raw, json)
Hash identifier: pgpG+/uRuaEAsug6WUXlIqUaw968I8Tx19j7a62C6YU=
Subject key identifier: 28:A0:36:FA:63:F7:59:C5:9C:5A:A2:1C:6E:8F:03:0B:58:A6:30:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9FBDBA3019
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/db/72cf8b-9ae8-401b-9e75-b3f2f24b0108/1/KKA2-mP3WcWcWqIcbo8DC1imMO4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/db/72cf8b-9ae8-401b-9e75-b3f2f24b0108/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 06:05:09 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 204637
IP: 185.244.168.0/22
IP: 2a0d:3680::/32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 686082895897 (0x9fbdba3019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28a036fa63f759c59c5aa21c6e8f030b58a630ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:46:93:cd:95:30:f3:68:9e:fe:f9:e0:92:be:
e4:f6:34:f9:e0:9c:c1:45:6d:a4:93:0d:dc:34:9b:
19:52:bf:e9:68:93:e6:4b:27:72:88:c3:9e:55:90:
55:f0:5a:e6:f4:09:28:f2:e2:ea:1b:9f:ef:dd:a4:
3c:4a:6d:7f:19:7b:76:5e:74:9e:62:80:60:68:b5:
34:04:de:fe:11:6c:52:3f:0b:2d:3f:13:fe:b6:ff:
e1:d4:83:93:f8:84:ed:9f:a9:5c:cf:42:2b:41:7f:
ca:ca:09:c4:d9:12:ca:6f:94:3e:d8:1e:5a:f3:4a:
18:be:f6:93:99:77:92:6c:a0:12:83:ca:c9:a1:67:
3c:7c:fe:3e:e7:c2:90:90:75:3e:b3:7d:55:0c:9c:
a2:c1:5a:a7:f6:73:99:74:d7:b0:48:48:f8:84:ed:
12:d8:6b:f1:e7:42:aa:4e:92:be:38:4e:25:b5:54:
26:1c:5d:ef:65:50:a7:16:be:a4:00:3c:f2:ec:ff:
f5:a2:48:17:2d:5b:70:33:aa:41:75:da:5f:03:22:
e7:c9:2d:30:b3:62:fe:fb:0f:06:8e:b2:37:c3:2c:
b5:d6:bf:6e:fe:9c:72:03:84:ca:bc:e7:64:56:60:
99:52:f9:f4:37:67:c3:b8:2d:b8:b0:26:9c:50:fc:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A0:36:FA:63:F7:59:C5:9C:5A:A2:1C:6E:8F:03:0B:58:A6:30:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72cf8b-9ae8-401b-9e75-b3f2f24b0108/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72cf8b-9ae8-401b-9e75-b3f2f24b0108/1/KKA2-mP3WcWcWqIcbo8DC1imMO4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.168.0/22
IPv6:
2a0d:3680::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204637
Signature Algorithm: sha256WithRSAEncryption
50:0c:e9:ae:b8:52:46:c0:1a:19:45:8f:3d:b4:40:1e:6c:16:
f5:f5:cf:21:fc:de:03:8a:b7:24:fd:33:38:8d:44:6a:ca:ac:
64:59:08:df:10:44:c4:39:28:5c:c0:7e:34:71:41:d6:03:4c:
38:a1:d1:88:05:61:0e:fc:f7:52:c5:20:97:20:3b:49:5f:bc:
20:09:c3:7f:88:e6:87:d5:ec:b0:8f:b1:b8:5a:34:8b:99:ea:
62:5a:f8:4a:ce:cd:14:2e:cf:e2:66:a6:ca:8f:f1:73:b9:bf:
98:d3:dc:5b:06:a2:61:41:7d:1e:dd:d3:81:39:6f:6c:9d:40:
83:83:f8:7e:40:82:d6:e7:d3:cf:95:76:59:09:31:a7:63:c3:
3f:4f:e2:c1:f3:45:10:bf:5b:d8:fb:1b:45:ab:55:85:92:3b:
bb:9c:96:ff:13:ab:4d:39:02:2a:d3:4e:07:2c:d1:c1:c7:64:
e5:fa:d8:df:12:54:22:03:2f:fc:8a:d6:20:d7:87:1d:ca:a3:
32:04:4b:3c:cc:bc:b9:a6:69:c5:e6:02:df:f5:0e:4a:73:d8:
f6:c6:75:55:5a:8a:49:2c:bc:65:a1:5a:e8:03:91:a4:0b:8e:
b0:7f:33:74:85:3c:6f:4c:5e:c9:68:bb:2a:d7:40:d5:47:94:
b1:08:f3:3a
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIGAJ+9ujAZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDYwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGEwMzZmYTYz
Zjc1OWM1OWM1YWEyMWM2ZThmMDMwYjU4YTYzMGVlMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAq0aTzZUw82ie/vngkr7k9jT54JzBRW2kkw3cNJsZUr/p
aJPmSydyiMOeVZBV8Frm9Ako8uLqG5/v3aQ8Sm1/GXt2XnSeYoBgaLU0BN7+EWxS
PwstPxP+tv/h1IOT+ITtn6lcz0IrQX/KygnE2RLKb5Q+2B5a80oYvvaTmXeSbKAS
g8rJoWc8fP4+58KQkHU+s31VDJyiwVqn9nOZdNewSEj4hO0S2Gvx50KqTpK+OE4l
tVQmHF3vZVCnFr6kADzy7P/1okgXLVtwM6pBddpfAyLnyS0ws2L++w8GjrI3wyy1
1r9u/pxyA4TKvOdkVmCZUvn0N2fDuC24sCacUPzCGQIDAQABo4ICrzCCAqswHQYD
VR0OBBYEFCigNvpj91nFnFqiHG6PAwtYpjDuMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiLzcyY2Y4Yi05YWU4LTQwMWIt
OWU3NS1iM2YyZjI0YjAxMDgvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvNzJjZjhiLTlhZTgtNDAxYi05
ZTc1LWIzZjJmMjRiMDEwOC8xL0tLQTItbVAzV2NXY1dxSWNibzhEQzFpbU1PNC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM
BAIAATAGAwQCufSoMA0EAgACMAcDBQAqDTaAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMfXTANBgkqhkiG9w0BAQsFAAOCAQEAUAzprrhSRsAaGUWPPbRAHmwW9fXP
IfzeA4q3JP0zOI1EasqsZFkI3xBExDkoXMB+NHFB1gNMOKHRiAVhDvz3UsUglyA7
SV+8IAnDf4jmh9XssI+xuFo0i5nqYlr4Ss7NFC7P4mamyo/xc7m/mNPcWwaiYUF9
Ht3TgTlvbJ1Ag4P4fkCC1ufTz5V2WQkxp2PDP0/iwfNFEL9b2PsbRatVhZI7u5yW
/xOrTTkCKtNOByzRwcdk5frY3xJUIgMv/IrWINeHHcqjMgRLPMy8uaZpxeYC3/UO
SnPY9sZ1VVqKSSy8ZaFa6AORpAuOsH8zdIU8b0xeyWi7KtdA1UeUsQjzOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:30:16 2024 by rpki-client on console-ams.rpki-client.org