Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
File: DRDop2O_i6vpa-erR_nbWdnZUjI.cer (raw, json)
Hash identifier: bFer6Jqj/woT1gbhhqAirBEpG6qvfd+tgqGKidXlw6s=
Subject key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1C444AEF48F7AB647456F88EE125C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
caRepository: rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/
Notify URL: https://repo.kagl.me/rpki/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 50555
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c4:44:ae:f4:8f:7a:b6:47:45:6f:88:ee:12:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d4:47:9f:7e:0a:3d:36:90:f1:b8:6c:f2:b1:
d3:a2:1f:c1:15:85:bd:cf:6e:1a:91:65:88:f0:a7:
51:b8:7a:8d:02:ec:9d:36:0b:d8:62:de:3e:06:e9:
11:dc:47:81:fc:59:39:0e:79:df:38:0e:a8:e6:79:
bd:c5:57:9a:93:d1:3c:6b:97:12:ac:59:b3:30:26:
96:1e:a0:f9:f1:f5:9e:01:78:cd:27:2b:4a:84:98:
89:61:bf:50:7a:5b:32:f6:a9:43:86:16:80:d9:34:
9b:94:1b:9a:6f:2b:77:b1:49:a0:73:86:6a:1f:e5:
e1:16:37:34:e7:03:6a:53:d7:ba:dd:8d:cc:e7:31:
ac:6e:1a:fe:cb:0a:6e:8c:99:9c:d9:f4:85:94:9d:
e3:5b:de:dd:d9:04:3c:09:b3:0f:02:73:27:66:fa:
09:1e:b5:2f:9d:94:ec:35:83:1c:09:43:30:50:b7:
31:00:cb:22:3e:2e:53:67:d9:9d:4c:a8:e9:6f:39:
f3:62:0f:44:63:22:09:0d:20:58:33:7b:0d:81:48:
97:86:8f:cb:90:cb:32:97:c2:62:64:e6:94:c0:78:
bb:97:8a:37:82:45:58:ec:7c:fb:d2:f6:8e:a1:53:
77:23:3b:f6:52:20:07:67:7f:63:5c:42:99:7a:d8:
68:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/
RPKI Manifest - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
RPKI Notify - URI:https://repo.kagl.me/rpki/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
50555
Signature Algorithm: sha256WithRSAEncryption
9f:3f:d2:af:b7:b7:3e:da:19:c8:ec:d9:03:ef:1d:bd:57:77:
ff:b8:b2:20:3f:6d:cb:82:02:9a:07:88:4a:5d:8c:95:85:6c:
27:21:aa:4d:b9:ae:07:e3:f6:10:dd:72:f6:2a:94:60:71:6d:
95:1d:ba:65:9e:ef:5b:44:f5:63:ad:25:26:d3:c7:bc:68:48:
78:6b:5f:0b:da:76:e4:5a:66:bd:71:ba:cc:a4:0f:58:12:3a:
2d:4a:52:70:1e:f8:6d:4a:6e:d1:8e:b0:df:8d:14:7b:6b:2f:
9d:15:9a:f7:2e:7b:fa:53:ed:47:ff:25:c0:af:67:65:76:53:
c0:25:ed:30:e8:a8:77:b4:5a:58:3c:7a:6d:9b:db:e8:b9:71:
0f:72:f6:42:12:a0:af:e2:6e:d7:5d:f9:4a:e6:5f:5b:4c:2f:
6a:ff:3d:71:a0:c9:94:24:6c:68:96:3e:e0:0d:d3:87:47:4f:
c8:e7:7a:a0:4f:6e:58:3e:fa:ca:4f:58:47:21:8a:c0:76:ca:
fe:d5:d0:a9:48:fb:b4:50:72:88:f6:b6:b9:8f:e4:be:91:60:
33:db:67:18:0a:dd:67:58:42:a7:96:48:a9:cd:8a:8d:a6:46:
cd:d5:c4:0c:a9:b8:4b:79:8d:9d:3f:aa:31:4b:b1:84:e5:2e:
79:cb:34:15
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQhscRErvSPerZHRW+I7hJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEwZThhNzYzYmY4YmFiZTk2YmU3YWI0N2Y5ZGI1OWQ5ZDk1MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdRHn34KPTaQ8bhs8rHToh/BFYW9
z24akWWI8KdRuHqNAuydNgvYYt4+BukR3EeB/Fk5DnnfOA6o5nm9xVeak9E8a5cS
rFmzMCaWHqD58fWeAXjNJytKhJiJYb9Qelsy9qlDhhaA2TSblBuabyt3sUmgc4Zq
H+XhFjc05wNqU9e63Y3M5zGsbhr+ywpujJmc2fSFlJ3jW97d2QQ8CbMPAnMnZvoJ
HrUvnZTsNYMcCUMwULcxAMsiPi5TZ9mdTKjpbznzYg9EYyIJDSBYM3sNgUiXho/L
kMsyl8JiZOaUwHi7l4o3gkVY7Hz70vaOoVN3Izv2UiAHZ39jXEKZethotQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFA0Q6Kdjv4ur6Wvnq0f521nZ2VIyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgewGCCsGAQUFBwELBIHfMIHcMDoGCCsGAQUFBzAFhi5yc3lu
YzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFpci1URVNULzAvMGYGCCsG
AQUFBzAKhlpyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFpci1U
RVNULzAvMEQxMEU4QTc2M0JGOEJBQkU5NkJFN0FCNDdGOURCNTlEOUQ5NTIzMi5t
ZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8vcmVwby5rYWdsLm1lL3Jwa2kvbm90aWZp
Y2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVt
ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQL
MAmgBzAFAgMAxXswDQYJKoZIhvcNAQELBQADggEBAJ8/0q+3tz7aGcjs2QPvHb1X
d/+4siA/bcuCApoHiEpdjJWFbCchqk25rgfj9hDdcvYqlGBxbZUdumWe71tE9WOt
JSbTx7xoSHhrXwvaduRaZr1xusykD1gSOi1KUnAe+G1KbtGOsN+NFHtrL50Vmvcu
e/pT7Uf/JcCvZ2V2U8Al7TDoqHe0Wlg8em2b2+i5cQ9y9kISoK/ibtdd+UrmX1tM
L2r/PXGgyZQkbGiWPuAN04dHT8jneqBPblg++spPWEchisB2yv7V0KlI+7RQcoj2
trmP5L6RYDPbZxgK3WdYQqeWSKnNio2mRs3VxAypuEt5jZ0/qjFLsYTlLnnLNBU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:50:40 2025 by rpki-client