Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kLH-1--p_9xhgAlxlGuO34PO57w.cer
File: kLH-1--p_9xhgAlxlGuO34PO57w.cer (raw, json)
Hash identifier: XcZpKrL8b/bn+DnK4VxqBdOjQdWUTXYlAokUQFv2gNw=
Subject key identifier: 90:B1:FE:D7:EF:A9:FF:DC:61:80:09:71:94:6B:8E:DF:83:CE:E7:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 9C503482EF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/bca143-295c-40dd-9ec0-eb7c7f3ecf1d/1/kLH-1--p_9xhgAlxlGuO34PO57w.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/bca143-295c-40dd-9ec0-eb7c7f3ecf1d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 01 Jan 2022 03:02:25 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: AS: 50738
IP: 185.98.158.0/24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 671360516847 (0x9c503482ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:02:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90b1fed7efa9ffdc61800971946b8edf83cee7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:eb:83:9c:7e:54:a0:af:e2:e7:43:f4:d8:
25:c1:a6:2c:68:1f:69:cd:31:e9:61:16:5c:e4:eb:
36:20:64:a1:02:62:4c:d6:ea:31:26:b3:54:cf:70:
53:a9:06:08:4d:eb:91:ae:72:91:66:a5:2a:1c:c2:
64:b6:f1:7f:b2:34:ec:27:17:b1:a3:90:db:0b:53:
18:a6:59:86:ed:9d:20:de:bb:de:56:13:b7:2e:6d:
44:14:19:c1:2f:16:27:d1:93:ec:a4:ec:9e:14:fd:
23:a9:21:6a:ea:04:df:8f:6f:1b:f8:69:2d:da:87:
f0:b6:a7:e0:8b:0b:20:af:16:f5:6f:a8:28:be:54:
72:9c:c1:ca:06:a1:7a:63:cc:63:32:11:b1:58:d0:
73:74:26:ae:37:01:ee:44:08:0b:0b:af:6c:b0:de:
2c:50:0f:80:d2:ce:93:31:e8:0d:95:78:6e:e8:51:
3d:37:72:a1:0d:a7:92:e9:eb:cc:20:1c:6d:97:5a:
dd:59:df:8f:2f:46:85:20:37:64:71:cb:20:51:1a:
6c:d2:c2:a1:b6:d1:6b:5d:60:96:c0:d7:3d:72:1c:
fe:ce:96:7a:6c:59:f7:d5:aa:e7:d4:2b:26:b9:d2:
06:cb:c6:d6:c3:49:23:6f:cc:8b:af:42:40:26:a4:
c5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B1:FE:D7:EF:A9:FF:DC:61:80:09:71:94:6B:8E:DF:83:CE:E7:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bca143-295c-40dd-9ec0-eb7c7f3ecf1d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bca143-295c-40dd-9ec0-eb7c7f3ecf1d/1/kLH-1--p_9xhgAlxlGuO34PO57w.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.158.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
50738
Signature Algorithm: sha256WithRSAEncryption
14:43:3b:96:68:3b:c5:be:1d:df:a7:15:45:2e:e9:7f:eb:31:
47:ae:b6:dc:93:ba:bc:05:7c:76:5c:27:54:18:ad:72:d6:ac:
0d:97:3f:0b:0f:34:98:85:00:9e:f9:cd:95:e8:4f:35:f3:83:
09:10:96:4f:e4:9a:0b:cb:af:ac:8f:05:4c:fe:93:62:2b:26:
7d:6c:2d:e1:bd:4a:77:88:98:d3:5f:b4:79:2e:30:f4:1b:cc:
52:10:59:ca:14:51:f4:f1:f5:aa:6b:57:2a:cf:09:92:b2:f9:
32:b5:9e:cf:ec:38:3b:3a:5c:26:df:e2:79:7e:dd:c4:96:30:
3b:cc:09:1c:b1:fe:46:c6:fc:4d:b8:01:96:21:97:da:7c:d4:
d7:38:2a:82:2c:f2:ef:dd:44:05:56:1a:d8:75:66:e6:b5:66:
99:f5:55:fb:da:ae:e3:b4:e1:79:a8:49:5f:d0:48:db:db:f4:
c6:37:1e:04:77:3d:99:fc:47:62:44:48:7c:92:26:aa:b9:24:
fe:a1:d4:90:d5:08:ff:32:e9:b1:ff:0e:38:78:6c:2c:d0:b0:
c7:07:e1:eb:69:7b:41:cd:d4:93:17:5a:00:b9:d6:b7:75:40:
4f:b3:18:c6:f8:5a:61:e2:a9:d5:aa:63:e7:d1:4d:12:94:58:
0e:46:f1:b0
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIGAJxQNILvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
MTAxMDMwMjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MGIxZmVkN2Vm
YTlmZmRjNjE4MDA5NzE5NDZiOGVkZjgzY2VlN2JjMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAtafrg5x+VKCv4udD9NglwaYsaB9pzTHpYRZc5Os2IGSh
AmJM1uoxJrNUz3BTqQYITeuRrnKRZqUqHMJktvF/sjTsJxexo5DbC1MYplmG7Z0g
3rveVhO3Lm1EFBnBLxYn0ZPspOyeFP0jqSFq6gTfj28b+Gkt2ofwtqfgiwsgrxb1
b6govlRynMHKBqF6Y8xjMhGxWNBzdCauNwHuRAgLC69ssN4sUA+A0s6TMegNlXhu
6FE9N3KhDaeS6evMIBxtl1rdWd+PL0aFIDdkccsgURps0sKhttFrXWCWwNc9chz+
zpZ6bFn31arn1CsmudIGy8bWw0kjb8yLr0JAJqTF6QIDAQABo4ICoDCCApwwHQYD
VR0OBBYEFJCx/tfvqf/cYYAJcZRrjt+Dzue8MB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2L2JjYTE0My0yOTVjLTQwZGQt
OWVjMC1lYjdjN2YzZWNmMWQvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvYmNhMTQzLTI5NWMtNDBkZC05
ZWMwLWViN2M3ZjNlY2YxZC8xL2tMSC0xLS1wXzl4aGdBbHhsR3VPMzRQTzU3dy5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuWKeMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDGMjANBgkqhkiG
9w0BAQsFAAOCAQEAFEM7lmg7xb4d36cVRS7pf+sxR6623JO6vAV8dlwnVBitctas
DZc/Cw80mIUAnvnNlehPNfODCRCWT+SaC8uvrI8FTP6TYismfWwt4b1Kd4iY01+0
eS4w9BvMUhBZyhRR9PH1qmtXKs8JkrL5MrWez+w4OzpcJt/ieX7dxJYwO8wJHLH+
Rsb8TbgBliGX2nzU1zgqgizy791EBVYa2HVm5rVmmfVV+9qu47TheahJX9BI29v0
xjceBHc9mfxHYkRIfJImqrkk/qHUkNUI/zLpsf8OOHhsLNCwxwfh62l7Qc3Ukxda
ALnWt3VAT7MYxvhaYeKp1apj59FNEpRYDkbxsA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:53 2023 by rpki-client on console.sobornost.net