Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
File: hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer (raw, json)
Hash identifier: A1IIPyiSaPNSS9Awjqgyilk+Y2tJPJITvV1rAlgE7ns=
Subject key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FB5F80BEDE8FB4E6FA4D31321F8D89
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2.57.248.0/22
IP: 5.183.240.0/22
IP: 45.11.240.0/22
IP: 45.14.80.0/22
IP: 45.80.96.0/22
IP: 45.85.128.0/22
IP: 45.86.24.0/22
IP: 45.90.204.0/22
IP: 45.129.220.0/22
IP: 45.158.192.0/22
IP: 92.119.24.0/22
IP: 171.22.60.0/22
IP: 185.45.92.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:80:be:de:8f:b4:e6:fa:4d:31:32:1f:8d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a3:13:72:1d:ba:db:21:bb:3c:a4:d8:0d:3c:
3f:54:0f:93:93:a1:a9:5d:fc:d6:d6:11:bf:d1:20:
61:54:fb:55:ee:38:f6:0f:6b:32:b2:bb:6b:7e:d1:
dd:40:f6:69:28:fb:69:fc:10:97:78:4e:a9:d4:2b:
13:85:24:24:26:75:ed:5c:73:09:ea:a8:b5:95:7d:
3a:69:e3:6e:bf:f7:34:69:c4:e8:75:7c:cb:8e:d0:
8b:88:6f:f1:30:2e:b7:f2:8c:02:79:6f:30:53:b6:
10:e4:13:f0:0b:ad:25:55:60:18:51:de:de:b4:f6:
c1:00:c8:5f:81:57:3a:20:ea:16:5a:ef:11:34:e7:
43:f1:99:e9:b2:c0:b1:4a:6d:24:36:61:52:0f:6f:
c1:c5:e8:42:30:0c:d0:1f:46:e4:fc:7d:1f:01:9f:
90:bd:05:0c:6e:55:6f:63:cb:32:d2:0b:e2:2b:1c:
78:bc:34:f9:4c:e8:f1:bd:e5:ac:67:a5:4a:b1:9a:
c9:36:6f:c3:a4:07:8e:88:6a:ca:b4:47:1b:b1:3e:
e1:bf:1a:9e:5c:f9:4c:38:0d:3b:27:6f:fc:54:5a:
86:5b:a1:d3:7f:3a:d1:36:47:08:43:04:4a:27:52:
59:c8:a9:1e:1c:2b:1d:65:01:4c:8b:c2:31:c6:8f:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.248.0/22
5.183.240.0/22
45.11.240.0/22
45.14.80.0/22
45.80.96.0/22
45.85.128.0/22
45.86.24.0/22
45.90.204.0/22
45.129.220.0/22
45.158.192.0/22
92.119.24.0/22
171.22.60.0/22
185.45.92.0/22
Signature Algorithm: sha256WithRSAEncryption
07:7d:74:05:a8:17:af:27:15:8c:be:83:42:dd:7f:b3:8c:7f:
26:08:ce:ee:f2:6a:14:7f:ab:1a:a3:63:a0:f2:2d:09:a9:32:
10:50:3c:35:55:a1:1c:f1:69:af:f5:74:9e:27:9a:d9:74:e8:
cc:fd:51:5c:bb:96:6e:41:d3:7e:1a:cc:6a:b7:10:cd:8e:4c:
62:29:1e:97:25:80:ae:3d:13:df:ca:fd:72:05:d4:19:89:7d:
0a:3e:1e:41:14:70:5a:90:5f:0f:f7:88:52:3a:f1:86:f8:d5:
f5:9d:58:a2:df:ea:df:da:24:09:5d:49:a2:9c:10:e1:c9:56:
27:e3:35:cd:48:f2:e9:6f:9a:7f:74:bf:84:35:0e:88:b3:2b:
32:de:46:25:1f:77:c9:3e:b1:55:93:2d:bf:fa:e4:43:21:48:
88:7c:40:29:67:3a:a3:b0:76:69:c3:de:05:90:88:3b:f7:ad:
8c:90:65:4f:29:af:74:b2:c5:d2:42:9e:92:42:4d:99:9e:3c:
b6:41:c5:06:8d:6c:32:e3:58:6d:04:d3:52:bd:4a:82:6d:2c:
9b:53:4a:5c:87:e9:86:b0:19:8c:68:99:ac:84:55:f6:25:90:
5a:84:d6:eb:f0:e4:3e:1c:4f:be:03:1a:34:0e:94:fb:e1:7d:
6a:af:53:92
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZQi+1+Avt6PtOb6TTEyH42JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMzZWY0NjExNmZkOWQyMWJmYjUzM2U0NGJkZTUxNzg5MGMyNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqMTch262yG7PKTYDTw/VA+Tk6Gp
XfzW1hG/0SBhVPtV7jj2D2sysrtrftHdQPZpKPtp/BCXeE6p1CsThSQkJnXtXHMJ
6qi1lX06aeNuv/c0acTodXzLjtCLiG/xMC638owCeW8wU7YQ5BPwC60lVWAYUd7e
tPbBAMhfgVc6IOoWWu8RNOdD8ZnpssCxSm0kNmFSD2/BxehCMAzQH0bk/H0fAZ+Q
vQUMblVvY8sy0gviKxx4vDT5TOjxveWsZ6VKsZrJNm/DpAeOiGrKtEcbsT7hvxqe
XPlMOA07J2/8VFqGW6HTfzrRNkcIQwRKJ1JZyKkeHCsdZQFMi8Ixxo8KxQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFIUz70YRb9nSG/tTPkS95ReJDCTcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAzL2UwNDcy
YS0zYWRmLTQzY2QtYmYzMC03MzkyM2RhZWYxMTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMvZTA0NzJh
LTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjExNC8xL2hUUHZSaEZ2MmRJYi0xTS1S
TDNsRjRrTUpOdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUF
BwEHAQH/BFgwVjBUBAIAATBOAwQCAjn4AwQCBbfwAwQCLQvwAwQCLQ5QAwQCLVBg
AwQCLVWAAwQCLVYYAwQCLVrMAwQCLYHcAwQCLZ7AAwQCXHcYAwQCqxY8AwQCuS1c
MA0GCSqGSIb3DQEBCwUAA4IBAQAHfXQFqBevJxWMvoNC3X+zjH8mCM7u8moUf6sa
o2Og8i0JqTIQUDw1VaEc8Wmv9XSeJ5rZdOjM/VFcu5ZuQdN+GsxqtxDNjkxiKR6X
JYCuPRPfyv1yBdQZiX0KPh5BFHBakF8P94hSOvGG+NX1nVii3+rf2iQJXUminBDh
yVYn4zXNSPLpb5p/dL+ENQ6Isysy3kYlH3fJPrFVky2/+uRDIUiIfEApZzqjsHZp
w94FkIg7962MkGVPKa90ssXSQp6SQk2Znjy2QcUGjWwy41htBNNSvUqCbSybU0pc
h+mGsBmMaJmshFX2JZBahNbr8OQ+HE++Axo0DpT74X1qr1OS
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:04 2025 by rpki-client