Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
File: XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer (raw, json)
Hash identifier: +AykPKP4rdYfc9FIMuR9bi0C2b+2B4eq5H5Zr/GH5z0=
Subject key identifier: 5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0185716756F0257E745A0E5D08EC38440124
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/XJ8BmFo_QQ-SNw1mAKFO54OwROk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Jan 2023 07:34:36 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: AS: 31242
AS: 41642
AS: 42900
AS: 49269
AS: 50481
AS: 197903
IP: 31.43.176.0/23
IP: 31.172.176.0/20
IP: 84.205.167.0 -- 84.205.169.255
IP: 84.205.176.0 -- 84.205.181.255
IP: 84.205.184.0 -- 84.205.186.255
IP: 84.205.188.0/22
IP: 85.14.64.0/18
IP: 89.25.128.0/17
IP: 91.90.176.0/20
IP: 91.192.225.0/24
IP: 91.193.184.0/22
IP: 91.195.42.0/23
IP: 91.227.199.0 -- 91.227.203.255
IP: 93.179.192.0/18
IP: 119.12.16.0/20
IP: 178.219.20.0 -- 178.219.31.255
IP: 185.54.184.0/22
IP: 185.219.200.0/22
IP: 188.117.128.0/18
IP: 193.106.244.0/22
IP: 193.108.34.0/23
IP: 194.150.96.0/22
IP: 195.242.69.0/24
IP: 213.179.72.0/22
IP: 2a00:13a0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:67:56:f0:25:7e:74:5a:0e:5d:08:ec:38:44:01:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:34:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:52:69:69:fb:5f:38:21:1a:b0:a3:4b:55:69:
56:f7:a2:25:2b:a2:32:22:38:11:06:f3:ab:42:1d:
4d:fb:50:d5:87:29:21:ad:f5:e8:40:fa:47:74:4d:
67:47:94:c0:ee:d1:7d:4c:d5:8c:11:ce:27:e6:b9:
eb:b2:44:29:fb:fb:f6:59:34:68:79:0a:35:13:a9:
2a:2f:66:1f:e3:72:61:56:6a:cb:61:f0:a0:2a:3e:
29:23:1e:1b:98:ed:f7:69:5a:b6:e5:b2:63:68:60:
2f:36:9a:9b:eb:6a:f7:59:46:96:82:ef:87:e2:d8:
d6:9e:25:72:d0:10:f6:60:0c:40:cc:a4:ee:02:8c:
2f:9d:6c:4d:78:6e:f0:f3:f8:30:8d:08:d1:6b:82:
44:21:19:4b:1d:97:7e:8c:eb:8f:0c:6d:cd:81:2a:
16:ae:1c:95:86:cb:a2:4e:a5:de:48:e2:1e:53:b5:
65:a4:51:53:d3:94:da:69:46:16:7e:c6:6f:1a:5d:
87:58:e2:a9:4a:b4:06:11:f3:35:13:f7:57:36:d8:
a8:f0:28:b9:22:bf:bf:04:8f:1e:c5:83:6c:cc:f9:
ad:ff:8f:61:83:9a:eb:04:96:33:9d:8a:9c:2a:f5:
eb:c0:88:ed:31:79:d5:ee:2c:14:4d:5c:61:e9:4e:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/XJ8BmFo_QQ-SNw1mAKFO54OwROk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.176.0/23
31.172.176.0/20
84.205.167.0-84.205.169.255
84.205.176.0-84.205.181.255
84.205.184.0-84.205.186.255
84.205.188.0/22
85.14.64.0/18
89.25.128.0/17
91.90.176.0/20
91.192.225.0/24
91.193.184.0/22
91.195.42.0/23
91.227.199.0-91.227.203.255
93.179.192.0/18
119.12.16.0/20
178.219.20.0-178.219.31.255
185.54.184.0/22
185.219.200.0/22
188.117.128.0/18
193.106.244.0/22
193.108.34.0/23
194.150.96.0/22
195.242.69.0/24
213.179.72.0/22
IPv6:
2a00:13a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
31242
41642
42900
49269
50481
197903
Signature Algorithm: sha256WithRSAEncryption
3c:ea:c5:b0:40:be:88:47:f3:d6:39:23:41:1d:2e:b2:51:a7:
00:f9:ec:83:6a:91:5c:d5:d0:27:1f:70:17:e4:f9:3a:14:ea:
ae:1c:81:af:07:b3:9d:7c:0d:ac:6e:80:56:1e:e9:e9:55:c7:
59:df:26:ac:6c:22:ed:88:78:df:36:f6:91:40:7a:ea:9d:a8:
09:3a:a2:5f:f7:60:9c:08:21:e4:aa:71:9a:1d:45:a8:1c:97:
c0:9f:46:0b:ff:e3:63:ef:97:3e:ca:71:99:cc:f6:de:a9:38:
73:3b:71:35:0b:2b:4b:a1:91:4f:90:2b:4b:64:15:10:f7:83:
e5:5b:e5:d9:21:b2:6f:a0:37:c3:d6:6a:e5:79:86:9f:b9:e7:
d2:8c:6d:04:91:01:86:f5:a6:37:fe:db:e8:23:67:a8:8f:b4:
49:03:25:b1:7b:a0:d6:7c:92:86:57:88:fa:2d:0f:f6:10:3b:
d4:ee:4b:80:e1:0e:5e:39:c6:a0:37:dd:bb:05:44:56:d0:15:
b3:30:d2:28:ca:29:1b:d6:28:97:b9:81:cc:05:f1:e7:bd:50:
17:ca:11:02:21:48:8e:85:4a:78:70:3c:ce:b7:df:66:5d:59:
b9:27:a4:f5:78:d3:18:ae:ae:4e:f8:35:7f:ca:59:38:42:d2:
02:92:5c:ee
-----BEGIN CERTIFICATE-----
MIIGcjCCBVqgAwIBAgISAYVxZ1bwJX50Wg5dCOw4RAEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAyMDczNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzlmMDE5ODVhM2Y0MTBmOTIzNzBkNjYwMGExNGVlNzgzYjA0NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFJpaftfOCEasKNLVWlW96IlK6Iy
IjgRBvOrQh1N+1DVhykhrfXoQPpHdE1nR5TA7tF9TNWMEc4n5rnrskQp+/v2WTRo
eQo1E6kqL2Yf43JhVmrLYfCgKj4pIx4bmO33aVq25bJjaGAvNpqb62r3WUaWgu+H
4tjWniVy0BD2YAxAzKTuAowvnWxNeG7w8/gwjQjRa4JEIRlLHZd+jOuPDG3NgSoW
rhyVhsuiTqXeSOIeU7VlpFFT05TaaUYWfsZvGl2HWOKpSrQGEfM1E/dXNtio8Ci5
Ir+/BI8exYNszPmt/49hg5rrBJYznYqcKvXrwIjtMXnV7iwUTVxh6U6xswIDAQAB
o4IDfjCCA3owHQYDVR0OBBYEFFyfAZhaP0EPkjcNZgChTueDsETpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4Lzc5ZmIw
MC04ZDUxLTQ3MTItOTI5YS04Y2ZiMmU3M2Y3MGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvNzlmYjAw
LThkNTEtNDcxMi05MjlhLThjZmIyZTczZjcwZC8xL1hKOEJtRm9fUVEtU053MW1B
S0ZPNTRPd1JPay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHkBggrBgEF
BQcBBwEB/wSB1DCB0TCBvwQCAAEwgbgDBAEfK7ADBAQfrLAwDAMEAFTNpwMEAVTN
qDAMAwQEVM2wAwQBVM20MAwDBANUzbgDBABUzboDBAJUzbwDBAZVDkADBAdZGYAD
BARbWrADBABbwOEDBAJbwbgDBAFbwyowDAMEAFvjxwMEAlvjyAMEBl2zwAMEBHcM
EDAMAwQCstsUAwQFstsAAwQCuTa4AwQCudvIAwQGvHWAAwQCwWr0AwQBwWwiAwQC
wpZgAwQAw/JFAwQC1bNIMA0EAgACMAcDBQAqABOgMDIGCCsGAQUFBwEIAQH/BCMw
IaAfMB0CAnoKAgMAoqoCAwCnlAIDAMB1AgMAxTECAwMFDzANBgkqhkiG9w0BAQsF
AAOCAQEAPOrFsEC+iEfz1jkjQR0uslGnAPnsg2qRXNXQJx9wF+T5OhTqrhyBrwez
nXwNrG6AVh7p6VXHWd8mrGwi7Yh43zb2kUB66p2oCTqiX/dgnAgh5Kpxmh1FqByX
wJ9GC//jY++XPspxmcz23qk4cztxNQsrS6GRT5ArS2QVEPeD5Vvl2SGyb6A3w9Zq
5XmGn7nn0oxtBJEBhvWmN/7b6CNnqI+0SQMlsXug1nyShleI+i0P9hA71O5LgOEO
XjnGoDfduwVEVtAVszDSKMopG9Yol7mBzAXx571QF8oRAiFIjoVKeHA8zrffZl1Z
uSek9XjTGK6uTvg1f8pZOELSApJc7g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:51 2025 by rpki-client