Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ghIZRpxt92z0dvJ0zc8n5S-PDfg.cer
File: ghIZRpxt92z0dvJ0zc8n5S-PDfg.cer (raw, json)
Hash identifier: 6oSQWX9sNsDihBhK9holzjnzz8BjdNJ1Zje3BYstLKE=
Subject key identifier: 82:12:19:46:9C:6D:F7:6C:F4:76:F2:74:CD:CF:27:E5:2F:8F:0D:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942368CACEA478E9D20F75BB420CB5826C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7d/a1a11d-11fb-4424-8cd4-0daa0704b992/1/ghIZRpxt92z0dvJ0zc8n5S-PDfg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7d/a1a11d-11fb-4424-8cd4-0daa0704b992/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:47:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 188.65.160.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:ca:ce:a4:78:e9:d2:0f:75:bb:42:0c:b5:82:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=821219469c6df76cf476f274cdcf27e52f8f0df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ca:af:cf:ef:72:93:05:c0:f4:df:9d:6b:87:
8d:5e:81:91:f6:2e:f1:ec:39:ee:b1:17:e6:ad:f4:
6d:39:55:d2:1b:60:7f:4a:16:5a:2c:f4:f9:79:32:
2b:74:de:08:fe:86:98:79:90:92:6a:29:9a:ee:40:
03:4b:4f:dd:10:7d:15:e8:89:24:fd:94:8a:22:8b:
77:91:3e:13:05:6f:16:8e:9f:c4:34:18:e9:e0:fa:
81:c7:ff:62:1f:2c:3d:73:40:2a:95:e7:85:04:3b:
f9:1a:71:ac:04:ca:cf:d3:19:40:06:10:e2:86:c7:
bc:3d:89:d4:fd:93:a1:df:18:92:07:65:05:5a:3f:
b8:f0:6b:6a:42:8a:2d:52:0e:5c:fe:d3:47:14:47:
43:c6:86:26:6d:0b:4d:72:5e:80:32:91:7f:9d:87:
9b:69:95:30:51:34:2a:d0:05:4f:19:de:3d:b2:9b:
3f:18:65:cc:d1:72:88:66:b8:62:60:2e:d3:68:59:
43:63:67:c9:b5:e4:37:61:f8:ee:24:8e:d9:9d:9f:
7d:e3:73:06:a8:69:32:49:16:78:3e:f4:c5:ab:0c:
3f:8b:13:32:1b:2c:45:51:f4:e1:46:ff:6c:12:e1:
ba:14:69:a7:72:e6:54:71:9b:7b:44:1a:69:c0:ed:
27:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:12:19:46:9C:6D:F7:6C:F4:76:F2:74:CD:CF:27:E5:2F:8F:0D:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a1a11d-11fb-4424-8cd4-0daa0704b992/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a1a11d-11fb-4424-8cd4-0daa0704b992/1/ghIZRpxt92z0dvJ0zc8n5S-PDfg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.65.160.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:74:88:12:26:79:2b:16:97:d4:0c:ee:dd:a2:4a:e6:a4:3c:
61:4d:e6:b4:50:fa:c3:4f:d7:76:89:a7:6e:07:18:90:f3:2b:
87:51:d9:5f:3f:39:c9:84:09:2b:cb:c2:23:f9:97:2a:7e:43:
c9:97:ae:e0:cb:69:e3:08:ec:84:f8:d9:8d:5e:b5:22:2f:cf:
8d:c0:86:49:43:66:16:8a:ed:67:54:dc:d7:4b:a8:cf:40:d3:
81:cb:09:38:98:f5:2d:a5:e6:73:76:50:47:68:75:63:e1:ce:
1a:36:4e:49:c1:67:59:0f:f9:69:7e:26:d3:50:63:58:0e:18:
5d:70:64:ac:c2:90:cf:cc:c4:f0:56:4a:43:29:22:bd:46:c0:
84:ce:e7:9e:ca:ca:a8:4e:19:04:22:c8:e7:90:3b:37:cb:da:
d1:1e:b0:22:c3:fc:c1:1b:0e:da:0c:0a:3b:48:b5:81:18:09:
2c:bf:b1:5d:a0:76:43:e5:dc:27:e7:2f:7c:53:86:e1:89:2c:
6e:fb:3e:c8:56:c9:7e:29:27:8f:02:f1:2e:02:a2:4c:26:f7:
5b:f2:c7:cd:16:ab:b6:e5:50:a4:d4:2f:71:53:f2:b7:ff:db:
da:27:69:f6:66:9c:53:4e:f1:78:8e:a9:b5:91:13:4f:78:72:
1b:fb:d7:e8
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQjaMrOpHjp0g91u0IMtYJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEyMTk0NjljNmRmNzZjZjQ3NmYyNzRjZGNmMjdlNTJmOGYwZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucqvz+9ykwXA9N+da4eNXoGR9i7x
7DnusRfmrfRtOVXSG2B/ShZaLPT5eTIrdN4I/oaYeZCSaima7kADS0/dEH0V6Ikk
/ZSKIot3kT4TBW8Wjp/ENBjp4PqBx/9iHyw9c0AqleeFBDv5GnGsBMrP0xlABhDi
hse8PYnU/ZOh3xiSB2UFWj+48GtqQootUg5c/tNHFEdDxoYmbQtNcl6AMpF/nYeb
aZUwUTQq0AVPGd49sps/GGXM0XKIZrhiYC7TaFlDY2fJteQ3YfjuJI7ZnZ9943MG
qGkySRZ4PvTFqww/ixMyGyxFUfThRv9sEuG6FGmncuZUcZt7RBppwO0nPwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIISGUacbfds9HbydM3PJ+Uvjw34MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdkL2ExYTEx
ZC0xMWZiLTQ0MjQtOGNkNC0wZGFhMDcwNGI5OTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvYTFhMTFk
LTExZmItNDQyNC04Y2Q0LTBkYWEwNzA0Yjk5Mi8xL2doSVpScHh0OTJ6MGR2SjB6
YzhuNVMtUERmZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAvEGgMA0GCSqGSIb3DQEBCwUAA4IBAQAadIgS
JnkrFpfUDO7dokrmpDxhTea0UPrDT9d2iaduBxiQ8yuHUdlfPznJhAkry8Ij+Zcq
fkPJl67gy2njCOyE+NmNXrUiL8+NwIZJQ2YWiu1nVNzXS6jPQNOBywk4mPUtpeZz
dlBHaHVj4c4aNk5JwWdZD/lpfibTUGNYDhhdcGSswpDPzMTwVkpDKSK9RsCEzuee
ysqoThkEIsjnkDs3y9rRHrAiw/zBGw7aDAo7SLWBGAksv7FdoHZD5dwn5y98U4bh
iSxu+z7IVsl+KSePAvEuAqJMJvdb8sfNFqu25VCk1C9xU/K3/9vaJ2n2ZpxTTvF4
jqm1kRNPeHIb+9fo
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:06:17 2025 by rpki-client