Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KNnJi5mkfz4ArK1nMsE6zcjR2W8.cer
File: KNnJi5mkfz4ArK1nMsE6zcjR2W8.cer (raw, json)
Hash identifier: /9R+RWW+iqC00fazNGW1/gZS4MK1LYO47gSBIuvaxos=
Subject key identifier: 28:D9:C9:8B:99:A4:7F:3E:00:AC:AD:67:32:C1:3A:CD:C8:D1:D9:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9FE7044785
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b5309-1c56-4c04-a4f5-a1a2d35c17b6/1/KNnJi5mkfz4ArK1nMsE6zcjR2W8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b5309-1c56-4c04-a4f5-a1a2d35c17b6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 06:06:44 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 205147
IP: 185.8.96.0/22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 686775617413 (0x9fe7044785)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:06:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d9c98b99a47f3e00acad6732c13acdc8d1d96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:86:ab:77:ab:6a:a2:e6:0b:bf:51:20:82:e5:
35:73:e5:66:6e:0d:b6:0b:92:ff:b1:c5:d4:bb:ea:
4d:d3:4e:2f:c8:b8:d5:98:ee:d8:35:fe:a6:a9:61:
46:fb:65:ae:9a:61:c6:d5:47:98:0b:00:f9:ee:6e:
01:9e:ba:1f:43:8f:7e:dd:26:95:7b:2f:77:7e:0c:
79:d3:53:88:47:1e:b7:44:40:72:46:98:93:fe:f3:
34:1a:ab:95:63:50:05:a8:bc:50:0d:56:f1:18:e3:
13:78:d9:20:7c:39:eb:ce:99:a4:46:58:9a:e6:23:
49:b0:99:6c:12:05:7c:4f:8f:5a:5a:18:6f:3e:24:
51:f3:23:dc:0f:63:94:d3:9f:01:f2:6c:b6:ed:66:
8e:e0:34:77:dc:6f:b2:94:b0:a1:9c:5a:1d:c8:af:
c9:d4:e0:65:3e:6c:1f:91:8d:3b:9d:16:f7:87:86:
d4:dc:1e:69:35:96:97:5d:2f:b4:a0:ec:2c:09:e2:
af:8e:31:1e:49:8d:86:90:42:8b:ff:0d:25:85:b9:
68:7a:62:c2:d2:a7:54:d7:b7:c6:97:5d:44:ef:e5:
c7:a1:55:f9:8b:da:bb:39:85:91:27:75:32:5a:18:
12:fc:8c:ad:d2:23:f7:2c:12:db:f1:ef:be:37:87:
90:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D9:C9:8B:99:A4:7F:3E:00:AC:AD:67:32:C1:3A:CD:C8:D1:D9:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b5309-1c56-4c04-a4f5-a1a2d35c17b6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b5309-1c56-4c04-a4f5-a1a2d35c17b6/1/KNnJi5mkfz4ArK1nMsE6zcjR2W8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.96.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205147
Signature Algorithm: sha256WithRSAEncryption
7a:a3:aa:39:ab:bf:ba:a2:c3:e6:8e:b7:9d:aa:3a:0d:cf:9d:
78:15:c9:6e:c1:78:74:94:a9:fa:0c:60:42:5f:c3:ec:c9:fd:
bc:96:cf:a7:05:83:c1:36:d5:6b:08:66:4b:5f:e4:ed:21:c8:
92:65:55:56:54:c5:d3:0b:a3:91:3c:30:5f:d3:34:91:35:71:
9d:78:e3:a8:8b:df:4b:b5:a9:0c:68:02:b1:8c:fe:2d:35:45:
c7:fd:31:a6:05:34:50:66:80:d8:55:8c:28:41:23:21:bb:42:
0b:b3:40:b7:85:24:93:0b:73:f3:ea:a3:98:6a:22:85:f3:02:
6f:9f:62:19:a2:9c:14:44:68:6d:d8:0f:14:68:f5:55:56:30:
32:51:c9:96:91:ee:77:25:f1:c0:03:08:f2:a8:8b:46:66:a1:
41:88:08:a5:8e:6f:66:71:be:03:51:b6:ea:3f:3c:42:9f:b1:
1f:cf:de:41:50:b5:a8:14:52:8b:c9:14:f1:3a:64:2e:7e:46:
2f:28:59:ad:55:2c:8b:8f:f4:14:7d:cd:fc:b0:86:16:be:17:
c3:38:5e:cb:4a:4a:46:35:f5:e8:e9:6e:c3:a2:9d:b4:cd:37:
66:3c:ce:39:9e:b5:ef:89:27:a4:19:fc:e2:78:1c:55:64:d2:
f9:e0:87:72
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAJ/nBEeFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDYwNjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyOGQ5Yzk4Yjk5
YTQ3ZjNlMDBhY2FkNjczMmMxM2FjZGM4ZDFkOTZmMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqYard6tqouYLv1EgguU1c+Vmbg22C5L/scXUu+pN004v
yLjVmO7YNf6mqWFG+2WummHG1UeYCwD57m4BnrofQ49+3SaVey93fgx501OIRx63
REByRpiT/vM0GquVY1AFqLxQDVbxGOMTeNkgfDnrzpmkRlia5iNJsJlsEgV8T49a
WhhvPiRR8yPcD2OU058B8my27WaO4DR33G+ylLChnFodyK/J1OBlPmwfkY07nRb3
h4bU3B5pNZaXXS+0oOwsCeKvjjEeSY2GkEKL/w0lhbloemLC0qdU17fGl11E7+XH
oVX5i9q7OYWRJ3UyWhgS/Iyt0iP3LBLb8e++N4eQnwIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFCjZyYuZpH8+AKytZzLBOs3I0dlvMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzhiNTMwOS0xYzU2LTRjMDQt
YTRmNS1hMWEyZDM1YzE3YjYvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvOGI1MzA5LTFjNTYtNGMwNC1h
NGY1LWExYTJkMzVjMTdiNi8xL0tObkppNW1rZno0QXJLMW5Nc0U2emNqUjJXOC5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCuQhgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMhWzANBgkqhkiG
9w0BAQsFAAOCAQEAeqOqOau/uqLD5o63nao6Dc+deBXJbsF4dJSp+gxgQl/D7Mn9
vJbPpwWDwTbVawhmS1/k7SHIkmVVVlTF0wujkTwwX9M0kTVxnXjjqIvfS7WpDGgC
sYz+LTVFx/0xpgU0UGaA2FWMKEEjIbtCC7NAt4Ukkwtz8+qjmGoihfMCb59iGaKc
FERobdgPFGj1VVYwMlHJlpHudyXxwAMI8qiLRmahQYgIpY5vZnG+A1G26j88Qp+x
H8/eQVC1qBRSi8kU8TpkLn5GLyhZrVUsi4/0FH3N/LCGFr4Xwzhey0pKRjX16Olu
w6KdtM03ZjzOOZ6174knpBn84ngcVWTS+eCHcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:48 2024 by rpki-client on console-fra.rpki-client.org