Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XhtD1aI4u6cm_uUF5YTae5tdV2o.cer
File: XhtD1aI4u6cm_uUF5YTae5tdV2o.cer (raw, json)
Hash identifier: y0ZfWTgncryxOeEx+5QMbM5LH3j+IkvjtETSWH4aR3I=
Subject key identifier: 5E:1B:43:D5:A2:38:BB:A7:26:FE:E5:05:E5:84:DA:7B:9B:5D:57:6A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: B3C86AC25B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ae/fe5bb3-52b4-4025-a547-642722d76fe1/1/XhtD1aI4u6cm_uUF5YTae5tdV2o.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ae/fe5bb3-52b4-4025-a547-642722d76fe1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 30 Jun 2022 13:06:45 +0000
Certificate not after: Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources: IP: 91.217.134.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 772161585755 (0xb3c86ac25b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 30 13:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e1b43d5a238bba726fee505e584da7b9b5d576a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:5a:22:79:76:07:29:95:75:ad:fd:77:4f:
ed:7a:16:25:e8:1d:7b:65:c9:56:70:75:cf:fe:be:
8e:d1:e0:40:9e:28:d4:d6:3b:1f:38:3f:b5:fd:3e:
c2:ca:8b:7f:50:21:ae:4f:53:f5:21:d7:fd:43:00:
bf:b5:86:0a:f1:db:c1:c6:92:57:4c:48:dc:c7:23:
e6:62:97:56:aa:ac:c8:b3:9d:2f:38:70:1f:c1:1a:
11:c7:a4:ab:a8:a0:2c:fa:48:b0:cc:0f:de:37:89:
d1:a9:bc:4a:2a:ec:49:63:90:08:cf:45:11:35:ac:
92:21:c9:9b:72:6f:8d:ff:5b:b8:a0:dc:73:08:6b:
df:1b:c4:52:c5:df:d3:0e:fa:11:10:94:6a:82:cb:
56:3f:6c:9d:b2:fd:57:bf:b7:31:90:e8:c8:0d:5f:
62:be:ed:45:85:32:c5:74:23:23:50:e9:72:3e:7c:
98:1e:fb:16:51:6e:cd:90:31:e4:5c:7d:61:cc:ca:
97:5a:29:a1:08:5a:3f:2a:8e:e9:c5:b6:17:4a:39:
f8:72:46:60:99:ec:cf:81:09:64:4c:9e:65:2c:80:
6a:c7:71:05:71:fc:f4:3f:ee:9c:e3:49:2b:29:9a:
0b:77:ed:5a:c0:d8:37:63:47:b1:ad:15:98:39:9e:
83:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1B:43:D5:A2:38:BB:A7:26:FE:E5:05:E5:84:DA:7B:9B:5D:57:6A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fe5bb3-52b4-4025-a547-642722d76fe1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fe5bb3-52b4-4025-a547-642722d76fe1/1/XhtD1aI4u6cm_uUF5YTae5tdV2o.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.134.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:53:db:5e:d3:dc:7d:74:c1:2e:ce:e1:1b:c3:61:bf:33:a9:
4d:35:8f:bc:23:29:a8:07:9a:1e:1f:c2:68:c5:e4:1f:92:84:
c5:28:72:be:6c:5c:8b:d8:4f:ab:e4:b0:a3:be:f9:25:2e:ee:
4b:07:ce:87:e1:e3:c7:72:0d:53:f1:33:8f:d3:9a:20:3c:d1:
eb:5e:45:35:de:de:6f:8a:40:19:c1:ce:e3:a0:26:d1:1d:25:
ac:e9:89:3a:1e:fb:0c:98:98:99:2d:ae:01:d0:d1:98:d6:66:
7c:be:56:56:1b:a7:f1:ef:56:d3:33:13:b2:d1:d9:f3:a3:8a:
1c:62:a0:cc:2d:a7:4a:2f:bf:fe:f6:93:e4:5a:3d:82:5c:c8:
6f:00:ae:3c:dc:9f:26:fd:4a:2c:a4:17:88:ac:d7:a6:f9:7f:
1f:9c:db:49:e7:6c:90:8e:35:72:c6:76:92:65:86:e9:72:0a:
e0:91:52:1e:4b:80:1a:6d:e7:1e:e7:35:eb:1a:6a:9b:bb:d2:
de:93:29:9b:ac:0e:6b:27:15:57:b2:5f:2d:0f:93:47:ea:ee:
f3:d0:99:5b:8d:91:f9:dd:4d:84:96:1b:f4:4f:16:9e:d2:d0:
7e:60:88:60:2d:23:16:80:5c:2d:9c:d8:a6:18:72:66:c1:05:
a8:fc:04:20
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIGALPIasJbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT
KDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRkZGU2NjkwHhcNMjIw
NjMwMTMwNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTFiNDNkNWEy
MzhiYmE3MjZmZWU1MDVlNTg0ZGE3YjliNWQ1NzZhMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAo/BaInl2BymVda39d0/tehYl6B17ZclWcHXP/r6O0eBA
nijU1jsfOD+1/T7Cyot/UCGuT1P1Idf9QwC/tYYK8dvBxpJXTEjcxyPmYpdWqqzI
s50vOHAfwRoRx6SrqKAs+kiwzA/eN4nRqbxKKuxJY5AIz0URNaySIcmbcm+N/1u4
oNxzCGvfG8RSxd/TDvoREJRqgstWP2ydsv1Xv7cxkOjIDV9ivu1FhTLFdCMjUOly
PnyYHvsWUW7NkDHkXH1hzMqXWimhCFo/Ko7pxbYXSjn4ckZgmezPgQlkTJ5lLIBq
x3EFcfz0P+6c40krKZoLd+1awNg3Y0exrRWYOZ6D9wIDAQABo4IChDCCAoAwHQYD
VR0OBBYEFF4bQ9WiOLunJv7lBeWE2nubXVdqMB8GA1UdIwQYMBaAFCqUqN1VSucB
ByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMGAG
CCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jZXIw
ggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FlL2ZlNWJiMy01MmI0LTQwMjUt
YTU0Ny02NDI3MjJkNzZmZTEvMS8wfAYIKwYBBQUHMAqGcHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUvZmU1YmIzLTUyYjQtNDAyNS1h
NTQ3LTY0MjcyMmQ3NmZlMS8xL1hodEQxYUk0dTZjbV91VUY1WVRhZTV0ZFYyby5t
ZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5ldC9ub3RpZmljYXRp
b24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAW9mGMA0GCSqGSIb3DQEBCwUAA4IBAQBKU9te09x9dMEuzuEbw2G/
M6lNNY+8IymoB5oeH8JoxeQfkoTFKHK+bFyL2E+r5LCjvvklLu5LB86H4ePHcg1T
8TOP05ogPNHrXkU13t5vikAZwc7joCbRHSWs6Yk6HvsMmJiZLa4B0NGY1mZ8vlZW
G6fx71bTMxOy0dnzo4ocYqDMLadKL7/+9pPkWj2CXMhvAK483J8m/UospBeIrNem
+X8fnNtJ52yQjjVyxnaSZYbpcgrgkVIeS4Aabece5zXrGmqbu9LekymbrA5rJxVX
sl8tD5NH6u7z0JlbjZH53U2Elhv0Txae0tB+YIhgLSMWgFwtnNimGHJmwQWo/AQg
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:36 2025 by rpki-client