Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aCf2BHqADr5LDcYpnAhO8F4Kqt4.cer
File: aCf2BHqADr5LDcYpnAhO8F4Kqt4.cer (raw, json)
Hash identifier: txb0Qxk5mDhMHnzLmfo+B23G8VtbNaRPiW2JuoBe3L8=
Subject key identifier: 68:27:F6:04:7A:80:0E:BE:4B:0D:C6:29:9C:08:4E:F0:5E:0A:AA:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942368FDDEE532443E676E37F09BC381DB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/9af6c38e-8050-483d-a2cb-a61c9e2aa468/0/6827F6047A800EBE4B0DC6299C084EF05E0AAADE.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/9af6c38e-8050-483d-a2cb-a61c9e2aa468/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:47:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 214522
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:fd:de:e5:32:44:3e:67:6e:37:f0:9b:c3:81:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6827f6047a800ebe4b0dc6299c084ef05e0aaade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:4f:0c:c4:65:d8:43:a6:fa:21:de:d2:3f:ff:
f1:e2:50:b5:fe:f1:3d:70:41:3a:1d:2c:ce:32:ca:
0b:19:f3:4a:30:28:d6:21:5e:5f:bb:76:0f:ce:bd:
1c:10:98:30:2f:b0:37:dd:d6:8f:53:2e:4a:c1:56:
7d:cc:69:9e:df:05:19:ae:bd:08:00:41:2f:60:c2:
8e:c6:87:d4:ea:fc:64:be:10:df:a5:d6:03:b1:c9:
98:03:5b:97:f7:6e:96:4b:e8:81:67:99:6b:70:e0:
3d:f0:81:96:99:f1:65:fa:9b:65:d8:fc:ec:82:4d:
cf:7c:99:8d:04:9a:58:96:f8:c3:ce:cb:9a:32:c4:
71:24:86:99:e3:80:cc:8d:89:11:c0:d0:17:cb:e0:
66:39:03:6f:80:a3:c0:f1:73:26:cc:02:6b:a1:e9:
07:07:96:d1:e7:33:fc:f7:ce:de:28:18:65:1a:d6:
4b:7f:95:02:de:45:83:65:fd:2b:66:4a:6b:e3:11:
e4:83:13:58:90:38:f8:63:2c:db:c8:f1:0d:e1:a4:
8a:8e:b4:56:e2:5c:c0:a4:33:ba:d6:58:27:b1:58:
bb:c2:00:77:17:da:ab:8a:8b:78:34:ae:51:26:f8:
e0:1a:3b:35:cd:8a:cb:e7:e7:c5:40:a8:6f:03:c3:
ca:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:27:F6:04:7A:80:0E:BE:4B:0D:C6:29:9C:08:4E:F0:5E:0A:AA:DE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/9af6c38e-8050-483d-a2cb-a61c9e2aa468/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/9af6c38e-8050-483d-a2cb-a61c9e2aa468/0/6827F6047A800EBE4B0DC6299C084EF05E0AAADE.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214522
Signature Algorithm: sha256WithRSAEncryption
12:b9:bb:3e:a0:a5:1b:a7:f6:40:03:b2:1a:a5:e1:80:bb:87:
da:02:26:c1:70:e6:b9:84:27:a4:ac:68:63:0b:dc:19:c2:69:
a3:04:49:a4:b3:5e:2c:b5:e7:49:92:94:ba:91:cf:73:d5:ff:
f2:02:10:5e:af:37:84:6a:ad:35:22:88:0d:da:52:5c:e8:0b:
2e:95:0c:80:0b:fb:43:7c:68:08:38:83:95:13:04:11:e9:ae:
0c:b1:b8:c8:76:d9:08:11:2f:60:fa:39:94:f6:00:bb:dd:fd:
ec:1d:50:3c:ea:e2:8a:a6:b6:12:3b:0e:20:cc:b7:87:eb:0b:
a4:7e:51:af:71:54:da:0f:ed:b3:6f:6f:d2:e6:08:a0:19:05:
98:d6:18:cf:95:2b:92:dc:6c:ab:84:61:1f:e1:8f:82:ad:4c:
f8:c1:70:9c:78:cd:05:09:74:f8:3e:f1:95:0d:9b:ec:a7:1c:
7c:4a:8d:8b:92:ac:52:cd:5f:ca:d0:d9:32:7f:c1:14:2e:6a:
9e:d5:33:4a:c4:a9:46:25:a6:6b:56:2b:b9:b0:d6:de:2a:39:
fb:98:15:ff:96:9e:ec:b7:37:24:bf:70:e0:2a:0d:a8:26:26:
8b:84:2d:88:e2:d9:b8:69:73:df:88:bc:c7:57:df:7e:15:e0:
3a:b7:4d:f8
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQjaP3e5TJEPmduN/Cbw4HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI3ZjYwNDdhODAwZWJlNGIwZGM2Mjk5YzA4NGVmMDVlMGFhYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/k8MxGXYQ6b6Id7SP//x4lC1/vE9
cEE6HSzOMsoLGfNKMCjWIV5fu3YPzr0cEJgwL7A33daPUy5KwVZ9zGme3wUZrr0I
AEEvYMKOxofU6vxkvhDfpdYDscmYA1uX926WS+iBZ5lrcOA98IGWmfFl+ptl2Pzs
gk3PfJmNBJpYlvjDzsuaMsRxJIaZ44DMjYkRwNAXy+BmOQNvgKPA8XMmzAJroekH
B5bR5zP8987eKBhlGtZLf5UC3kWDZf0rZkpr4xHkgxNYkDj4YyzbyPEN4aSKjrRW
4lzApDO61lgnsVi7wgB3F9qriot4NK5RJvjgGjs1zYrL5+fFQKhvA8PKkQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFGgn9gR6gA6+Sw3GKZwITvBeCqreMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzlhZjZj
MzhlLTgwNTAtNDgzZC1hMmNiLWE2MWM5ZTJhYTQ2OC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWFm
NmMzOGUtODA1MC00ODNkLWEyY2ItYTYxYzllMmFhNDY4LzAvNjgyN0Y2MDQ3QTgw
MEVCRTRCMERDNjI5OUMwODRFRjA1RTBBQUFERS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDRfow
DQYJKoZIhvcNAQELBQADggEBABK5uz6gpRun9kADshql4YC7h9oCJsFw5rmEJ6Ss
aGML3BnCaaMESaSzXiy150mSlLqRz3PV//ICEF6vN4RqrTUiiA3aUlzoCy6VDIAL
+0N8aAg4g5UTBBHprgyxuMh22QgRL2D6OZT2ALvd/ewdUDzq4oqmthI7DiDMt4fr
C6R+Ua9xVNoP7bNvb9LmCKAZBZjWGM+VK5LcbKuEYR/hj4KtTPjBcJx4zQUJdPg+
8ZUNm+ynHHxKjYuSrFLNX8rQ2TJ/wRQuap7VM0rEqUYlpmtWK7mw1t4qOfuYFf+W
nuy3NyS/cOAqDagmJouELYji2bhpc9+IvMdX334V4Dq3Tfg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:52:59 2025 by rpki-client