Certificate
$ rpki-client -vvf rpki.netiface.net/repo/Apricot/1/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.cer
File: C97E7DD81B07D53E3C076F9D1810810F6E2DC227.cer (raw, json)
Hash identifier: HsqNFlJ81f8KkhfRja9RG7LlQ+D2eYDB5VIXxJXJLsI=
Subject key identifier: C9:7E:7D:D8:1B:07:D5:3E:3C:07:6F:9D:18:10:81:0F:6E:2D:C2:27
Authority key identifier: 2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
Certificate issuer: /CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Certificate serial: 2EA0F13CA20877F10AA547D7BE81D32EB0C8734B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Manifest: rsync://rpki.netiface.net/repo/AquaHost/0/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.mft
caRepository: rsync://rpki.netiface.net/repo/AquaHost/0/
Notify URL: https://rpki.netiface.net/rrdp/notification.xml
Certificate not before: Sat 13 Jan 2024 23:00:09 +0000
Certificate not after: Sat 11 Jan 2025 23:05:09 +0000
Subordinate resources: IP: 2a13:df87:b500::/40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:a0:f1:3c:a2:08:77:f1:0a:a5:47:d7:be:81:d3:2e:b0:c8:73:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A1A6172DA4C339FD787467E26F92A11E75DBBB3
Validity
Not Before: Jan 13 23:00:09 2024 GMT
Not After : Jan 11 23:05:09 2025 GMT
Subject: CN=C97E7DD81B07D53E3C076F9D1810810F6E2DC227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:a7:25:33:ff:ea:d6:b0:09:63:60:13:58:
02:e2:bd:ac:a6:cf:ab:80:62:ba:6a:dc:a2:30:38:
9e:d8:cf:3a:40:61:a4:4b:2b:98:dd:41:b4:a4:89:
98:75:54:fe:67:a3:82:2e:c0:33:39:02:aa:2b:b4:
f5:74:15:db:8f:c2:e7:03:c8:1f:c8:29:7c:be:4e:
80:26:25:3e:61:b3:25:b2:fa:cc:00:b6:59:01:75:
62:16:56:49:07:87:bb:27:d5:d3:c0:92:c8:6f:58:
c8:e6:7f:e6:ec:1a:b9:3b:24:e1:87:67:93:bb:af:
f8:6e:f3:47:3a:7f:7b:08:96:1c:a6:b3:af:dc:a6:
a5:d0:cc:ef:79:00:e8:ae:26:7a:16:15:45:14:e1:
32:ec:f1:c0:11:6a:c8:47:b0:a3:38:e8:93:9f:f1:
72:1d:3f:aa:e6:c5:0b:06:e3:e7:82:c9:8b:a9:36:
e5:9e:8e:f5:62:cc:18:6e:e8:52:a5:f9:8f:06:e0:
15:a1:84:ea:63:a8:93:57:70:6f:98:f3:2a:5b:c5:
d0:c2:70:f7:cb:9f:01:9d:1a:95:39:b9:44:e7:7a:
22:8f:cb:2a:0e:cd:38:e9:aa:1f:3e:a7:c0:3c:c0:
a0:81:fb:64:cf:3b:63:94:19:0a:3f:38:1e:cc:a4:
7f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
C9:7E:7D:D8:1B:07:D5:3E:3C:07:6F:9D:18:10:81:0F:6E:2D:C2:27
X509v3 Authority Key Identifier:
keyid:2A:1A:61:72:DA:4C:33:9F:D7:87:46:7E:26:F9:2A:11:E7:5D:BB:B3
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.netiface.net/repo/Apricot/1/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/2A1A6172DA4C339FD787467E26F92A11E75DBBB3.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.netiface.net/repo/AquaHost/0/
RPKI Manifest - URI:rsync://rpki.netiface.net/repo/AquaHost/0/C97E7DD81B07D53E3C076F9D1810810F6E2DC227.mft
RPKI Notify - URI:https://rpki.netiface.net/rrdp/notification.xml
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:b500::/40
Signature Algorithm: sha256WithRSAEncryption
64:29:18:ef:78:ca:ab:70:53:6c:62:5c:e2:00:0c:b1:43:14:
d8:b7:3c:e1:5a:9c:1d:af:e3:6e:f4:5d:b4:bf:c0:9e:22:fd:
1a:86:2e:f5:81:d1:db:1b:99:11:80:2a:46:fe:9e:2b:41:b0:
36:c3:2c:9a:7c:76:20:48:79:99:c1:9f:79:38:1d:de:34:9c:
3b:80:f9:64:c6:ef:4a:8e:55:ed:51:3f:df:ef:40:ba:ab:b8:
af:d7:a6:56:d7:3f:de:f7:86:b2:93:e2:10:88:69:83:de:68:
5e:2d:b3:12:76:56:d4:55:b1:6d:86:c8:4d:8e:8f:95:16:8f:
90:73:8f:84:6b:92:1e:ed:48:fc:ae:e5:59:58:9a:44:60:4b:
2a:35:95:ea:7c:73:65:59:b1:77:22:96:bd:b5:8c:54:48:11:
0f:9b:c4:33:ad:96:f8:19:a3:4b:65:bc:f1:ed:d7:e1:5e:0f:
74:49:b5:41:b4:d5:db:9e:fe:38:a6:13:5d:8b:49:24:0c:cf:
9e:04:ba:5d:69:78:16:aa:53:b1:26:c1:89:ab:a0:7f:85:8c:
48:33:2f:f9:15:20:2d:7b:3a:ef:06:1f:ec:0f:6e:46:f0:20:
87:70:8b:d8:4c:37:eb:19:e1:c8:63:b0:8f:3f:d9:56:16:25:
eb:55:83:ec
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIULqDxPKIId/EKpUfXvoHTLrDIc0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkExQTYxNzJEQTRDMzM5RkQ3ODc0NjdFMjZGOTJBMTFF
NzVEQkJCMzAeFw0yNDAxMTMyMzAwMDlaFw0yNTAxMTEyMzA1MDlaMDMxMTAvBgNV
BAMTKEM5N0U3REQ4MUIwN0Q1M0UzQzA3NkY5RDE4MTA4MTBGNkUyREMyMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCsqclM//q1rAJY2ATWALivaym
z6uAYrpq3KIwOJ7YzzpAYaRLK5jdQbSkiZh1VP5no4IuwDM5AqortPV0FduPwucD
yB/IKXy+ToAmJT5hsyWy+swAtlkBdWIWVkkHh7sn1dPAkshvWMjmf+bsGrk7JOGH
Z5O7r/hu80c6f3sIlhyms6/cpqXQzO95AOiuJnoWFUUU4TLs8cARashHsKM46JOf
8XIdP6rmxQsG4+eCyYupNuWejvVizBhu6FKl+Y8G4BWhhOpjqJNXcG+Y8ypbxdDC
cPfLnwGdGpU5uUTneiKPyyoOzTjpqh8+p8A8wKCB+2TPO2OUGQo/OB7MpH9BAgMB
AAGjggKXMIICkzAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTJfn3YGwfVPjwH
b50YEIEPbi3CJzAfBgNVHSMEGDAWgBQqGmFy2kwzn9eHRn4m+SoR5127szAOBgNV
HQ8BAf8EBAMCAQYwZgYDVR0fBF8wXTBboFmgV4ZVcnN5bmM6Ly9ycGtpLm5ldGlm
YWNlLm5ldC9yZXBvL0Fwcmljb3QvMS8yQTFBNjE3MkRBNEMzMzlGRDc4NzQ2N0Uy
NkY5MkExMUU3NURCQkIzLmNybDCBngYIKwYBBQUHAQEEgZEwgY4wgYsGCCsGAQUF
BzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzA0MDMyYzhmLTFkNTctNGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wLzJBMUE2MTcy
REE0QzMzOUZENzg3NDY3RTI2RjkyQTExRTc1REJCQjMuY2VyMIHpBggrBgEFBQcB
CwSB3DCB2TA2BggrBgEFBQcwBYYqcnN5bmM6Ly9ycGtpLm5ldGlmYWNlLm5ldC9y
ZXBvL0FxdWFIb3N0LzAvMGIGCCsGAQUFBzAKhlZyc3luYzovL3Jwa2kubmV0aWZh
Y2UubmV0L3JlcG8vQXF1YUhvc3QvMC9DOTdFN0REODFCMDdENTNFM0MwNzZGOUQx
ODEwODEwRjZFMkRDMjI3Lm1mdDA7BggrBgEFBQcwDYYvaHR0cHM6Ly9ycGtpLm5l
dGlmYWNlLm5ldC9ycmRwL25vdGlmaWNhdGlvbi54bWwwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoT34e1MA0G
CSqGSIb3DQEBCwUAA4IBAQBkKRjveMqrcFNsYlziAAyxQxTYtzzhWpwdr+Nu9F20
v8CeIv0ahi71gdHbG5kRgCpG/p4rQbA2wyyafHYgSHmZwZ95OB3eNJw7gPlkxu9K
jlXtUT/f70C6q7iv16ZW1z/e94ayk+IQiGmD3mheLbMSdlbUVbFthshNjo+VFo+Q
c4+Ea5Ie7Uj8ruVZWJpEYEsqNZXqfHNlWbF3Ipa9tYxUSBEPm8QzrZb4GaNLZbzx
7dfhXg90SbVBtNXbnv44phNdi0kkDM+eBLpdaXgWqlOxJsGJq6B/hYxIMy/5FSAt
ezrvBh/sD25G8CCHcIvYTDfrGeHIY7CPP9lWFiXrVYPs
-----END CERTIFICATE-----
Generated at Sat Apr 13 16:02:03 2024 by rpki-client on console-ams.rpki-client.org