Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A9aopjn4iq8fQ21qILQXezjTkPw.cer
File: A9aopjn4iq8fQ21qILQXezjTkPw.cer (raw, json)
Hash identifier: J0BTLNeb+Sv7SI73naxZ4w94hBVJWmhzke82DZCGobQ=
Subject key identifier: 03:D6:A8:A6:39:F8:8A:AF:1F:43:6D:6A:20:B4:17:7B:38:D3:90:FC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425218FE017F12FEF7A187F3442A8F041
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/A9aopjn4iq8fQ21qILQXezjTkPw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.0.169.0/24
IP: 195.110.28.0/23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8f:e0:17:f1:2f:ef:7a:18:7f:34:42:a8:f0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03d6a8a639f88aaf1f436d6a20b4177b38d390fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0a:53:36:b9:3f:76:30:0a:60:2a:67:c2:fa:
6e:37:ed:81:9a:94:f5:1c:39:19:db:25:4c:3d:8c:
f9:07:8c:1d:cf:3d:83:bb:20:ef:79:0c:21:ea:81:
1f:3d:e5:b4:03:a5:82:2a:e9:1f:0b:20:63:57:7c:
3d:07:22:02:da:2c:aa:04:db:31:f5:df:f2:11:c7:
ae:0c:12:56:e4:71:53:5e:c2:9a:04:90:e7:56:30:
46:3a:e8:90:0f:a9:63:9d:63:78:06:46:86:13:ca:
c8:31:d6:fa:ca:03:b6:f1:a8:69:2f:b4:4a:62:73:
fd:85:50:1c:f0:18:49:77:f4:c3:ff:2f:31:81:1e:
de:c0:68:3f:0a:54:a0:e1:ac:a5:72:c6:7c:af:1e:
fb:bd:ec:c3:71:10:1d:fb:4d:b7:d5:e0:0f:a6:c3:
60:05:f7:ef:31:9f:88:11:a5:cc:e9:d5:08:dd:8c:
cc:06:24:04:0b:e3:c9:56:cf:a0:20:32:0f:97:1b:
9f:59:7a:28:b7:f5:25:d1:6a:ea:25:34:16:02:7d:
85:f1:1b:13:88:86:fa:ed:1d:57:d2:42:2d:8a:af:
29:bc:6b:98:e0:ff:aa:ed:18:9d:7a:21:a3:e0:fc:
0c:64:8b:a6:8c:4c:ef:1f:5a:31:38:f0:f0:d9:21:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D6:A8:A6:39:F8:8A:AF:1F:43:6D:6A:20:B4:17:7B:38:D3:90:FC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c18105-d90f-442f-8b1d-c20de543c0df/1/A9aopjn4iq8fQ21qILQXezjTkPw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.169.0/24
195.110.28.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:5b:26:56:c5:d5:ed:be:4e:48:5d:24:e7:3d:63:e0:eb:e3:
f1:db:ae:52:d0:9f:47:da:f3:fa:b8:d5:59:75:19:c0:15:6f:
a4:2d:eb:0f:e7:18:95:0f:3f:37:4c:74:30:01:cd:ab:cd:93:
62:5e:50:d8:4f:d7:87:9a:f1:49:98:71:86:64:75:95:48:40:
b3:20:de:d4:e5:5d:36:d3:82:26:a3:d8:99:5b:3c:47:94:fa:
c6:42:fd:41:9d:e3:97:43:fd:32:2c:71:58:e8:9c:f7:6c:b4:
23:0a:e5:a6:d5:82:77:70:f0:8d:c8:7a:e1:78:e5:be:bc:84:
89:1f:00:69:ca:f4:91:98:f5:80:53:e2:ab:c9:90:c0:14:19:
2e:f8:5a:53:8b:30:4a:2d:19:bb:1b:69:78:d8:9a:4c:ea:cc:
f1:f1:92:e3:03:7d:92:85:46:db:f6:09:f4:a6:85:18:dc:18:
06:62:d8:4f:b1:ee:5c:84:38:b8:c4:69:ff:19:ff:81:8c:e0:
c8:77:8b:5b:6a:98:ed:19:fe:7a:ff:b8:5e:36:0f:23:e6:52:
27:f1:7b:f9:0f:86:fb:03:6e:c9:b4:10:dc:65:14:76:fd:a0:
bc:19:a0:f2:c4:9f:5e:0c:f4:bd:43:71:d6:23:05:7a:c7:48:
f3:73:ea:21
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQlIY/gF/Ev73oYfzRCqPBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q2YThhNjM5Zjg4YWFmMWY0MzZkNmEyMGI0MTc3YjM4ZDM5MGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ApTNrk/djAKYCpnwvpuN+2BmpT1
HDkZ2yVMPYz5B4wdzz2DuyDveQwh6oEfPeW0A6WCKukfCyBjV3w9ByIC2iyqBNsx
9d/yEceuDBJW5HFTXsKaBJDnVjBGOuiQD6ljnWN4BkaGE8rIMdb6ygO28ahpL7RK
YnP9hVAc8BhJd/TD/y8xgR7ewGg/ClSg4aylcsZ8rx77vezDcRAd+0231eAPpsNg
BffvMZ+IEaXM6dUI3YzMBiQEC+PJVs+gIDIPlxufWXoot/Ul0WrqJTQWAn2F8RsT
iIb67R1X0kItiq8pvGuY4P+q7RideiGj4PwMZIumjEzvH1oxOPDw2SGq3QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFAPWqKY5+IqvH0NtaiC0F3s405D8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBiL2MxODEw
NS1kOTBmLTQ0MmYtOGIxZC1jMjBkZTU0M2MwZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIvYzE4MTA1
LWQ5MGYtNDQyZi04YjFkLWMyMGRlNTQzYzBkZi8xL0E5YW9wam40aXE4ZlEyMXFJ
TFFYZXpqVGtQdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAwgCpAwQBw24cMA0GCSqGSIb3DQEBCwUAA4IB
AQBaWyZWxdXtvk5IXSTnPWPg6+Px265S0J9H2vP6uNVZdRnAFW+kLesP5xiVDz83
THQwAc2rzZNiXlDYT9eHmvFJmHGGZHWVSECzIN7U5V0204Imo9iZWzxHlPrGQv1B
neOXQ/0yLHFY6Jz3bLQjCuWm1YJ3cPCNyHrheOW+vISJHwBpyvSRmPWAU+KryZDA
FBku+FpTizBKLRm7G2l42JpM6szx8ZLjA32ShUbb9gn0poUY3BgGYthPse5chDi4
xGn/Gf+BjODId4tbapjtGf56/7heNg8j5lIn8Xv5D4b7A27JtBDcZRR2/aC8GaDy
xJ9eDPS9Q3HWIwV6x0jzc+oh
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:23 2025 by rpki-client