Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer
File: 3qhfIWaKmNfoGnQYPwzOUTCGYBs.cer (raw, json)
Hash identifier: ES21q1j5cbAUudGJlAPFy4YgaylE32gvTv47MMgPj2o=
Subject key identifier: DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421443CB53DA5F8BBD87FF8CE612A53D1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:27 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.36.48.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3c:b5:3d:a5:f8:bb:d8:7f:f8:ce:61:2a:53:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dea85f21668a98d7e81a74183f0cce513086601b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9c:e9:5f:81:9c:8c:96:1f:72:84:76:e7:1d:
c4:9b:d0:71:d6:7f:b8:5d:7b:b9:70:e1:f3:a3:75:
1b:28:d1:8c:b3:f2:f6:a3:de:24:49:de:4e:c9:cc:
99:d4:64:bc:1e:b0:2c:fe:f7:13:a6:14:2a:38:90:
ff:b8:73:5b:57:f8:2c:3a:d8:c2:b8:46:03:c7:9c:
f7:9e:52:83:3b:fd:f1:e5:d0:3f:c4:04:c3:db:13:
0e:2c:c0:64:b4:e4:30:93:24:96:03:55:df:1b:00:
d8:4d:75:42:22:a1:cd:ff:bb:69:0e:be:16:47:c7:
40:89:56:62:e1:22:f3:0b:7f:ab:18:4e:57:09:cf:
7a:f1:7e:04:a8:f4:cc:30:62:84:dc:bb:d4:9c:b9:
9b:bc:69:c5:04:3c:f5:e3:b4:c4:37:ab:f5:8f:56:
41:eb:e3:e2:33:1b:45:1f:f2:03:93:d6:cd:9e:3c:
fa:d3:4d:6c:ce:6b:01:91:95:5c:55:90:7c:2e:e2:
43:5e:15:78:ad:55:ee:b8:d0:b6:e1:a2:c7:b9:56:
f0:15:7a:1c:16:eb:ae:d1:7a:ab:2f:63:88:3c:5d:
ad:4a:ee:e2:06:03:b4:b6:1e:f3:af:24:c4:aa:18:
77:0d:70:09:5f:3f:00:c2:f0:86:3d:a2:01:5e:2f:
5a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A8:5F:21:66:8A:98:D7:E8:1A:74:18:3F:0C:CE:51:30:86:60:1B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/949daa-1ed1-4088-9c4b-52f8ff18d069/1/3qhfIWaKmNfoGnQYPwzOUTCGYBs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.48.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:5e:61:37:33:06:82:8f:09:1f:fa:3e:14:62:f8:d0:eb:c2:
20:a3:01:04:7f:74:fd:48:2e:e4:fe:5c:2b:ec:97:0a:75:58:
5b:63:8e:a5:ff:be:5d:04:33:25:10:9b:a5:f5:6b:22:69:89:
0c:b2:af:b7:f2:c7:4c:df:84:f1:98:98:34:05:a1:03:30:41:
aa:83:89:b7:c8:bc:97:51:d0:45:14:7b:8e:92:44:a1:19:66:
43:29:a2:4f:39:22:2a:e9:07:eb:84:d5:6b:de:5c:0b:06:ac:
36:33:d0:97:48:c2:94:1d:f8:9d:fe:7f:93:1a:77:0c:a5:38:
76:61:56:f6:08:4c:a5:b9:34:5e:d3:98:84:24:45:8c:98:64:
18:d5:7a:6f:eb:fd:a1:8a:22:24:e3:ea:1d:5c:8c:30:2b:c6:
ce:43:31:fd:af:42:03:2e:3c:b9:9f:b7:d0:46:e9:a6:cd:ac:
47:67:c0:64:45:66:d0:7e:7d:fe:66:d6:bf:d2:e0:ad:74:de:
ca:33:7e:01:92:24:2c:e9:e0:51:6c:e8:02:3b:b0:49:0f:38:
12:67:fe:a0:da:12:ec:6f:bc:8c:d7:20:d3:4b:f6:c0:cd:ea:
87:11:7a:c7:58:79:83:90:29:d3:eb:f0:3f:45:5e:7a:aa:d4:
97:d8:c9:2b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQhRDy1PaX4u9h/+M5hKlPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE4NWYyMTY2OGE5OGQ3ZTgxYTc0MTgzZjBjY2U1MTMwODY2MDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZzpX4GcjJYfcoR25x3Em9Bx1n+4
XXu5cOHzo3UbKNGMs/L2o94kSd5OycyZ1GS8HrAs/vcTphQqOJD/uHNbV/gsOtjC
uEYDx5z3nlKDO/3x5dA/xATD2xMOLMBktOQwkySWA1XfGwDYTXVCIqHN/7tpDr4W
R8dAiVZi4SLzC3+rGE5XCc968X4EqPTMMGKE3LvUnLmbvGnFBDz147TEN6v1j1ZB
6+PiMxtFH/IDk9bNnjz6001szmsBkZVcVZB8LuJDXhV4rVXuuNC24aLHuVbwFXoc
Fuuu0XqrL2OIPF2tSu7iBgO0th7zryTEqhh3DXAJXz8AwvCGPaIBXi9aQQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFN6oXyFmipjX6Bp0GD8MzlEwhmAbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzLzk0OWRh
YS0xZWQxLTQwODgtOWM0Yi01MmY4ZmYxOGQwNjkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvOTQ5ZGFh
LTFlZDEtNDA4OC05YzRiLTUyZjhmZjE4ZDA2OS8xLzNxaGZJV2FLbU5mb0duUVlQ
d3pPVVRDR1lCcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCwSQwMA0GCSqGSIb3DQEBCwUAA4IBAQA/XmE3
MwaCjwkf+j4UYvjQ68IgowEEf3T9SC7k/lwr7JcKdVhbY46l/75dBDMlEJul9Wsi
aYkMsq+38sdM34TxmJg0BaEDMEGqg4m3yLyXUdBFFHuOkkShGWZDKaJPOSIq6Qfr
hNVr3lwLBqw2M9CXSMKUHfid/n+TGncMpTh2YVb2CEyluTRe05iEJEWMmGQY1Xpv
6/2hiiIk4+odXIwwK8bOQzH9r0IDLjy5n7fQRummzaxHZ8BkRWbQfn3+Zta/0uCt
dN7KM34BkiQs6eBRbOgCO7BJDzgSZ/6g2hLsb7yM1yDTS/bAzeqHEXrHWHmDkCnT
6/A/RV56qtSX2Mkr
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:09:57 2025 by rpki-client