Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f2U67jLmKHb31C9zWncwpFEiJ4.cer
File: 3f2U67jLmKHb31C9zWncwpFEiJ4.cer (raw, json)
Hash identifier: InnwfiOeP968aynmru99Mz7t9G7gglDN5APindq6gN8=
Subject key identifier: DD:FD:94:EB:B8:CB:98:A1:DB:DF:50:BD:CD:69:DC:C2:91:44:88:9E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266BBEC9CC51FA4C8EAD47F799D2C303
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/3f2U67jLmKHb31C9zWncwpFEiJ4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:49:42 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.56.127.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:be:c9:cc:51:fa:4c:8e:ad:47:f7:99:d2:c3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddfd94ebb8cb98a1dbdf50bdcd69dcc29144889e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:80:0d:d2:1c:7e:e4:62:c8:d7:a6:d0:2d:a2:
9c:69:97:51:b3:54:4f:ff:cb:c3:05:8e:fc:de:3b:
b8:1d:53:fb:ee:26:82:6b:0b:4e:11:1a:6a:d3:c5:
49:0f:d8:65:65:eb:3b:5e:73:2e:80:23:0c:fb:37:
14:e6:19:88:b2:7f:fe:85:4a:a6:77:72:b4:23:56:
b7:cb:dd:2d:86:3d:37:e4:3c:14:33:e7:f0:29:f1:
b8:fc:6b:b8:f1:27:e2:ae:ee:10:11:ca:56:8f:fe:
b9:1a:50:7a:0a:2c:a5:ce:71:89:3b:96:52:a9:64:
4c:81:35:14:06:15:c3:76:9d:54:f3:54:b7:ab:cd:
c4:d9:a4:a4:66:bf:03:8e:2f:e1:c3:ff:b8:fe:0a:
22:82:a8:51:a7:c1:1d:0f:97:0a:38:7b:e0:ef:f3:
28:6c:7f:c9:5c:91:04:d6:40:62:be:bf:b3:56:b6:
dc:37:e2:4b:75:82:59:d0:ae:1b:bc:48:7f:c7:e9:
5b:10:76:96:b4:b7:d1:39:1d:69:c2:ea:09:ad:17:
6b:dd:6c:de:01:83:11:03:a2:fc:c2:e8:ee:d3:c0:
87:17:69:b3:ab:47:f4:f1:92:22:b0:5b:74:38:ac:
58:62:2d:16:4c:b2:ea:9b:9f:a7:f6:cb:50:3d:0a:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FD:94:EB:B8:CB:98:A1:DB:DF:50:BD:CD:69:DC:C2:91:44:88:9E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a6f506-6948-4cef-8548-c93c1ee898be/1/3f2U67jLmKHb31C9zWncwpFEiJ4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.127.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ad:e8:11:29:98:4d:d0:e9:00:95:1b:3d:a3:f1:72:1c:ff:
c0:a5:7c:32:c2:fe:b1:34:45:56:74:37:4a:44:57:de:e7:af:
fd:48:1e:84:da:14:61:41:dd:55:b4:42:04:60:7e:3e:ca:0f:
ac:1a:19:45:3a:d1:9f:7c:87:f5:ca:9e:1e:06:b4:51:e4:a5:
74:7b:bc:6b:d9:5a:fe:56:a6:46:d3:d4:f5:5b:13:da:41:3f:
ed:d4:cf:89:b1:ae:17:de:da:31:55:43:96:9d:69:0b:b0:52:
60:74:2a:c7:8c:37:3c:e7:fd:b9:12:7d:37:92:31:6c:ec:5e:
60:e0:34:08:1e:fe:b9:73:04:37:54:86:af:12:b0:ec:df:f8:
4d:05:0d:9f:a1:ed:9f:11:78:64:98:de:e9:b0:76:5f:85:6d:
fe:81:6a:49:fa:7f:92:a0:f1:9e:ae:ab:52:0e:32:e5:c1:e5:
c8:b3:25:d0:18:44:40:34:44:87:26:79:5c:da:3a:61:d0:5b:
62:17:61:d0:5b:e0:2b:66:b8:72:88:af:37:b0:47:ae:48:6f:
0e:dc:c2:7e:1e:af:97:d2:69:04:01:7c:73:89:f3:41:99:fa:
f8:09:a6:ee:9a:71:8a:0a:71:2b:d2:a9:ca:96:07:63:e5:2b:
4d:ff:90:dc
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQma77JzFH6TI6tR/eZ0sMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZkOTRlYmI4Y2I5OGExZGJkZjUwYmRjZDY5ZGNjMjkxNDQ4ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4AN0hx+5GLI16bQLaKcaZdRs1RP
/8vDBY783ju4HVP77iaCawtOERpq08VJD9hlZes7XnMugCMM+zcU5hmIsn/+hUqm
d3K0I1a3y90thj035DwUM+fwKfG4/Gu48Sfiru4QEcpWj/65GlB6CiylznGJO5ZS
qWRMgTUUBhXDdp1U81S3q83E2aSkZr8Dji/hw/+4/goigqhRp8EdD5cKOHvg7/Mo
bH/JXJEE1kBivr+zVrbcN+JLdYJZ0K4bvEh/x+lbEHaWtLfROR1pwuoJrRdr3Wze
AYMRA6L8wuju08CHF2mzq0f08ZIisFt0OKxYYi0WTLLqm5+n9stQPQoCUQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFN39lOu4y5ih299Qvc1p3MKRRIieMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3L2E2ZjUw
Ni02OTQ4LTRjZWYtODU0OC1jOTNjMWVlODk4YmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvYTZmNTA2
LTY5NDgtNGNlZi04NTQ4LWM5M2MxZWU4OThiZS8xLzNmMlU2N2pMbUtIYjMxQzl6
V25jd3BGRWlKNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwjh/MA0GCSqGSIb3DQEBCwUAA4IBAQBxregR
KZhN0OkAlRs9o/FyHP/ApXwywv6xNEVWdDdKRFfe56/9SB6E2hRhQd1VtEIEYH4+
yg+sGhlFOtGffIf1yp4eBrRR5KV0e7xr2Vr+VqZG09T1WxPaQT/t1M+Jsa4X3tox
VUOWnWkLsFJgdCrHjDc85/25En03kjFs7F5g4DQIHv65cwQ3VIavErDs3/hNBQ2f
oe2fEXhkmN7psHZfhW3+gWpJ+n+SoPGerqtSDjLlweXIsyXQGERANESHJnlc2jph
0FtiF2HQW+ArZrhyiK83sEeuSG8O3MJ+Hq+X0mkEAXxzifNBmfr4CabumnGKCnEr
0qnKlgdj5StN/5Dc
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:50:24 2025 by rpki-client