Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
File: iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer (raw, json)
Hash identifier: fa4s9zWiSMOwy4EuyBhv7SBijFe+NQulMpMBhaAwlNU=
Subject key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01951306E1CD0D9DD4241D5289D1115ED925
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 17 Feb 2025 08:29:32 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.135.40.0/21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:06:e1:cd:0d:9d:d4:24:1d:52:89:d1:11:5e:d9:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 17 08:29:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:85:70:82:c1:20:e0:50:52:31:c8:61:89:
da:a1:89:dc:5e:9a:5a:4b:a0:71:f9:f9:db:8f:67:
16:11:bb:60:13:59:0c:96:70:59:f1:04:04:fa:67:
00:bc:6a:19:be:a6:ca:58:67:bb:a3:5b:4c:01:b9:
37:ca:4f:ca:fe:5a:f9:89:01:3d:05:72:ba:58:3f:
af:19:c2:59:be:1c:df:a5:7f:a2:6a:60:ec:85:06:
25:43:cb:6c:91:a4:c3:04:69:c5:f8:ed:7a:aa:b3:
5f:1d:43:93:3f:ef:ec:63:83:f8:6b:67:de:eb:e7:
af:c1:1a:34:9a:a7:2b:e0:e3:6d:d4:4a:a3:9d:f0:
ee:e2:70:9e:e8:a1:1d:97:d1:f8:27:ce:a2:9a:2e:
07:35:13:e2:61:95:c2:ec:1a:d2:07:b2:00:2e:26:
d2:32:37:99:ed:35:8f:a4:25:96:62:5a:6c:9f:30:
ba:51:72:e5:47:6e:4e:00:85:69:1b:31:fd:48:84:
fd:ef:75:38:8b:cf:c1:2c:58:3a:1d:d0:d1:cd:6f:
ed:08:fc:41:bc:58:bd:cd:9d:6f:b7:37:3d:0a:68:
93:b8:a1:9f:1e:61:c0:20:48:0f:f0:3c:df:b8:5b:
74:c6:da:66:72:57:db:82:56:5e:38:ed:13:36:36:
93:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.40.0/21
Signature Algorithm: sha256WithRSAEncryption
14:96:54:02:c0:4e:98:d6:6d:2e:35:26:5f:54:e7:05:03:c8:
a3:b1:f1:1b:79:07:21:6f:40:bf:f9:2b:d4:0a:71:67:47:73:
c7:71:c9:8a:d7:68:2f:6c:76:1e:11:7a:7a:70:cd:1a:32:f4:
39:be:18:62:ed:d5:b0:6b:5e:e8:64:ea:49:b6:a4:4f:4c:0c:
bf:b4:7b:bf:5f:b7:b5:e3:be:93:7f:db:5e:1e:79:5d:e2:a3:
00:02:6f:2d:d3:3b:92:78:1f:0d:88:66:d5:1b:b7:01:2a:77:
7c:be:84:19:9b:5d:0f:8b:13:b8:9a:ff:ed:fa:db:ae:d9:05:
2e:83:55:11:e1:b5:ed:71:ed:cf:40:e4:3a:7a:a6:6a:ff:29:
0e:d1:4d:6e:0a:7f:a3:ff:2e:eb:3d:9b:71:c8:af:aa:1c:2a:
9f:fe:e2:55:43:0b:63:0b:f4:47:c5:bd:76:34:e4:9a:ea:ce:
56:09:a4:7a:9f:a2:2a:3d:2a:63:ea:ed:36:62:08:31:df:b7:
65:d3:49:95:7c:98:68:c8:d7:05:6c:aa:c4:ce:14:99:2e:ca:
b5:f3:06:aa:85:20:c0:1a:38:7b:c9:c4:cd:ca:eb:d3:2a:2e:
b9:9b:14:00:3a:f7:76:cf:1a:6b:d1:a2:23:85:f7:ae:9e:6c:
47:cc:b6:9b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZUTBuHNDZ3UJB1SidERXtklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMjE3MDgyOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFkOWMwY2U1YmEzOTA1YjQxOTcwYTA0ZTUxOTc2MDc2YzY3ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplaFcILBIOBQUjHIYYnaoYncXppa
S6Bx+fnbj2cWEbtgE1kMlnBZ8QQE+mcAvGoZvqbKWGe7o1tMAbk3yk/K/lr5iQE9
BXK6WD+vGcJZvhzfpX+iamDshQYlQ8tskaTDBGnF+O16qrNfHUOTP+/sY4P4a2fe
6+evwRo0mqcr4ONt1EqjnfDu4nCe6KEdl9H4J86imi4HNRPiYZXC7BrSB7IALibS
MjeZ7TWPpCWWYlpsnzC6UXLlR25OAIVpGzH9SIT973U4i8/BLFg6HdDRzW/tCPxB
vFi9zZ1vtzc9CmiTuKGfHmHAIEgP8DzfuFt0xtpmclfbglZeOO0TNjaTPwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIqtnAzlujkFtBlwoE5Rl2B2xn4AMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2U0NDVl
NC0yNmJkLTQ4YzktODNkYi03YTBlY2U5YzBhZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZTQ0NWU0
LTI2YmQtNDhjOS04M2RiLTdhMGVjZTljMGFmOC8xL2lxMmNET1c2T1FXMEdYQ2dU
bEdYWUhiR2ZnQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDwYcoMA0GCSqGSIb3DQEBCwUAA4IBAQAUllQC
wE6Y1m0uNSZfVOcFA8ijsfEbeQchb0C/+SvUCnFnR3PHccmK12gvbHYeEXp6cM0a
MvQ5vhhi7dWwa17oZOpJtqRPTAy/tHu/X7e1476Tf9teHnld4qMAAm8t0zuSeB8N
iGbVG7cBKnd8voQZm10PixO4mv/t+tuu2QUug1UR4bXtce3PQOQ6eqZq/ykO0U1u
Cn+j/y7rPZtxyK+qHCqf/uJVQwtjC/RHxb12NOSa6s5WCaR6n6IqPSpj6u02Yggx
37dl00mVfJhoyNcFbKrEzhSZLsq18waqhSDAGjh7ycTNyuvTKi65mxQAOvd2zxpr
0aIjhfeunmxHzLab
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:56:47 2025 by rpki-client