Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
File: NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer (raw, json)
Hash identifier: dU3uuP+zwffGNSQVXoCvjUnkG9U8C3+Ot1Btyepg2ME=
Subject key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425219AD82F4E8FD53B5B85E37564B78B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 24768
AS: 34643
AS: 213277
IP: 5.253.180.0/22
IP: 82.102.4.0/24
IP: 82.102.7.0/24
IP: 94.46.12.0 -- 94.46.31.255
IP: 94.46.128.0/21
IP: 94.46.160.0 -- 94.46.183.255
IP: 109.71.40.0/21
IP: 130.185.80.0/21
IP: 185.15.20.0/22
IP: 2a00:1650::/29
IP: 2a09:58c0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:9a:d8:2f:4e:8f:d5:3b:5b:85:e3:75:64:b7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3545a7200164912041bb931efb1feac123b43a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:85:fb:a3:2d:b4:5d:d1:16:11:4a:69:1a:
2c:25:59:5a:ac:ae:eb:82:c3:55:50:c0:82:f1:f6:
6a:2b:df:cf:6e:bb:9b:56:c8:08:f1:92:31:99:4d:
e5:77:96:f3:21:44:55:83:a5:77:2d:34:bc:66:16:
2e:1a:e1:56:ab:db:ab:bc:bf:56:29:dc:1f:5a:94:
bf:c0:6f:39:48:90:00:5c:e6:47:4f:fb:47:ec:fb:
19:27:c1:2f:27:bb:06:6c:e1:b6:2c:26:f3:a3:4d:
bd:90:17:bb:44:99:87:06:b2:99:b4:98:d8:5c:87:
de:e7:33:09:bc:d4:d0:b3:91:70:16:08:60:21:79:
d1:6c:64:03:3a:83:39:90:76:b5:04:c3:93:44:86:
42:da:d9:e7:e4:1d:7b:11:eb:f5:95:db:56:ea:d4:
d9:4f:67:ab:5b:98:ea:73:fd:90:ea:08:3f:ce:69:
be:8b:44:61:7f:7c:cd:d2:cf:b2:1f:1d:30:26:43:
f0:9f:24:2e:de:6c:2b:95:c8:8a:3c:78:81:95:2b:
f8:6a:64:5f:c7:1b:54:a3:b4:eb:ef:2d:5a:81:55:
08:87:ac:56:4e:0d:ef:30:00:6b:c1:af:14:67:0e:
ca:b3:10:8f:70:a5:da:78:68:6f:76:35:b8:f0:62:
d9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.180.0/22
82.102.4.0/24
82.102.7.0/24
94.46.12.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/29
2a09:58c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24768
34643
213277
Signature Algorithm: sha256WithRSAEncryption
22:fc:e3:2a:b8:ac:63:1e:99:62:e7:02:af:a5:a1:c5:db:ca:
4e:05:6a:cc:6a:17:f9:fe:df:41:6d:69:b0:ab:1d:58:b3:5f:
bc:9a:ca:97:13:75:a8:01:38:49:7a:2a:ba:e0:c8:cb:f6:dd:
22:52:b2:44:fa:98:6e:cd:c5:84:7e:26:e3:da:7a:25:10:15:
20:bd:65:4a:b1:69:08:df:7e:f5:c9:1a:df:cc:6d:22:fd:e2:
37:ab:fc:59:7f:5a:c3:fc:bb:0a:b4:2b:16:ac:e9:e3:7a:c5:
9b:25:15:cb:40:d1:c5:25:a8:79:93:08:7c:d2:e5:3e:11:bd:
cb:de:9c:44:63:14:1f:af:79:d8:7b:44:cb:f9:2d:1a:2c:d2:
e8:a2:09:94:91:9c:ba:e4:36:db:50:7c:90:7c:ef:4b:17:81:
13:ac:39:d5:40:d2:de:8d:96:a4:8c:00:06:56:e0:2d:59:6c:
6b:26:30:72:53:a7:2a:93:4c:eb:03:45:24:e1:68:49:b2:91:
04:68:c5:39:92:98:39:d8:e5:ad:0f:06:33:45:16:2e:1d:95:
a2:18:84:f4:f6:b9:5d:cd:6f:87:24:af:e5:24:89:21:a5:01:
7c:01:81:bf:41:d2:39:47:d2:22:81:4f:17:73:5d:e0:52:77:
17:c1:69:16
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZQlIZrYL06P1TtbheN1ZLeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ1YTcyMDAxNjQ5MTIwNDFiYjkzMWVmYjFmZWFjMTIzYjQzYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTWF+6MttF3RFhFKaRosJVlarK7r
gsNVUMCC8fZqK9/PbrubVsgI8ZIxmU3ld5bzIURVg6V3LTS8ZhYuGuFWq9urvL9W
KdwfWpS/wG85SJAAXOZHT/tH7PsZJ8EvJ7sGbOG2LCbzo029kBe7RJmHBrKZtJjY
XIfe5zMJvNTQs5FwFghgIXnRbGQDOoM5kHa1BMOTRIZC2tnn5B17Eev1ldtW6tTZ
T2erW5jqc/2Q6gg/zmm+i0Rhf3zN0s+yHx0wJkPwnyQu3mwrlciKPHiBlSv4amRf
xxtUo7Tr7y1agVUIh6xWTg3vMABrwa8UZw7KsxCPcKXaeGhvdjW48GLZcwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFDVFpyABZJEgQbuTHvsf6sEjtDoYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjLzU5YzRi
OC04N2Y0LTRmMmYtYTQ0OS1hYWJiMDYyZTQwZGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvNTljNGI4
LTg3ZjQtNGYyZi1hNDQ5LWFhYmIwNjJlNDBkYi8xL05VV25JQUZra1NCQnU1TWUt
eF9xd1NPME9oZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF
BwEHAQH/BGYwZDBMBAIAATBGAwQCBf20AwQAUmYEAwQAUmYHMAwDBAJeLgwDBAVe
LgADBANeLoAwDAMEBV4uoAMEA14usAMEA21HKAMEA4K5UAMEArkPFDAUBAIAAjAO
AwUDKgAWUAMFACoJWMAwIwYIKwYBBQUHAQgBAf8EFDASoBAwDgICYMACAwCHUwID
A0EdMA0GCSqGSIb3DQEBCwUAA4IBAQAi/OMquKxjHpli5wKvpaHF28pOBWrMahf5
/t9BbWmwqx1Ys1+8msqXE3WoAThJeiq64MjL9t0iUrJE+phuzcWEfibj2nolEBUg
vWVKsWkI3371yRrfzG0i/eI3q/xZf1rD/LsKtCsWrOnjesWbJRXLQNHFJah5kwh8
0uU+Eb3L3pxEYxQfr3nYe0TL+S0aLNLoogmUkZy65DbbUHyQfO9LF4ETrDnVQNLe
jZakjAAGVuAtWWxrJjByU6cqk0zrA0Uk4WhJspEEaMU5kpg52OWtDwYzRRYuHZWi
GIT09rldzW+HJK/lJIkhpQF8AYG/QdI5R9IigU8Xc13gUncXwWkW
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:50:33 2025 by rpki-client