Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
File: st3QfM2do60-gKKnrDSslmbX090.cer (raw, json)
Hash identifier: IX9zpFlzJ0MmB9z6VdaAK8/MbOZkRF8M9BUw1ZAas0E=
Subject key identifier: B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01856D89085517935749131153822F712429
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/st3QfM2do60-gKKnrDSslmbX090.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sun 01 Jan 2023 13:32:55 +0000
Certificate not after: Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources: IP: 5.253.156.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:89:08:55:17:93:57:49:13:11:53:82:2f:71:24:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:32:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:8b:3e:3c:94:7e:7e:4c:7d:d1:db:bf:ac:
39:6e:ee:b6:7b:56:9e:d5:7d:22:6e:2e:6d:cb:ef:
a6:36:27:94:f7:58:2b:29:62:13:e0:59:02:c0:e9:
83:69:38:64:4f:4c:f0:23:b5:04:c9:a2:6a:e1:bb:
1b:49:fc:35:00:0f:85:fc:a6:2a:9b:43:05:0c:56:
7d:75:0b:f3:ba:4d:a3:dc:94:ca:10:a0:25:f3:06:
af:45:10:bc:8c:f2:97:4e:15:e7:39:4b:fe:79:9b:
c5:25:2d:15:75:3e:48:6a:6b:da:46:aa:5a:71:18:
76:56:e2:ef:a6:03:63:98:54:25:62:9d:21:92:32:
4e:cf:a6:b1:d1:17:e9:22:07:21:51:c4:05:db:a8:
e9:0d:cc:9e:11:a5:0f:2c:3b:9e:5c:bd:9d:12:fe:
fe:c6:2d:9a:da:79:54:6d:32:b9:9e:17:3f:37:9a:
05:dc:df:17:3c:53:0d:19:26:09:e2:a1:6f:3f:25:
c1:05:ba:00:d7:5c:a9:4b:c9:82:1a:f2:3c:d8:5c:
ff:6f:d7:44:46:e6:93:6e:49:88:bc:f1:2d:02:17:
72:79:2f:41:31:8c:8a:40:db:15:f2:03:59:e0:b1:
24:6b:e8:a6:b5:a0:0e:57:47:fa:44:5e:e4:07:c8:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/st3QfM2do60-gKKnrDSslmbX090.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/22
Signature Algorithm: sha256WithRSAEncryption
37:e6:0b:4e:d8:6b:99:82:a0:c1:f1:0a:37:5d:91:86:f0:39:
d8:ff:84:3d:4a:df:d5:d5:7f:2f:63:f0:0f:82:72:31:ff:49:
1d:a7:1b:e6:7b:87:57:0b:18:ca:93:3b:83:07:2a:9b:ce:93:
99:46:8e:20:b7:e2:92:54:6f:b6:39:ec:6d:61:51:e9:c9:f7:
40:bc:e1:d2:67:de:0f:a5:9a:19:e6:cc:a8:87:e1:d0:e6:d7:
6e:f9:bd:11:84:4e:08:a9:18:40:39:3e:62:cc:e5:77:f7:a1:
c9:56:db:18:40:4e:5b:60:39:70:96:e4:ce:29:23:c8:9c:e5:
bd:9b:37:9b:57:6e:7a:c4:e5:15:a3:cf:3a:1c:b4:44:93:9a:
46:04:da:0f:cc:8d:1d:0a:70:2b:cf:9f:84:10:52:f9:7e:44:
d1:ca:30:88:87:ca:97:75:25:73:e3:f2:c8:c4:44:20:d4:58:
3d:ef:05:60:55:5c:59:e2:5a:12:61:e1:3f:61:6c:86:cd:94:
1e:9b:ad:c1:30:de:6b:92:1f:0b:84:ea:20:a0:ae:a3:6a:17:
45:49:ed:60:4f:67:04:9b:dc:aa:9a:87:79:92:56:8b:f1:18:
a9:61:e1:c2:1c:55:2a:e5:a9:ce:23:3e:6f:6d:dd:98:4f:35:
95:be:89:76
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVtiQhVF5NXSRMRU4IvcSQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjMwMTAxMTMzMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRkZDA3Y2NkOWRhM2FkM2U4MGEyYTdhYzM0YWM5NjY2ZDdkM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn36LPjyUfn5MfdHbv6w5bu62e1ae
1X0ibi5ty++mNieU91grKWIT4FkCwOmDaThkT0zwI7UEyaJq4bsbSfw1AA+F/KYq
m0MFDFZ9dQvzuk2j3JTKEKAl8wavRRC8jPKXThXnOUv+eZvFJS0VdT5IamvaRqpa
cRh2VuLvpgNjmFQlYp0hkjJOz6ax0RfpIgchUcQF26jpDcyeEaUPLDueXL2dEv7+
xi2a2nlUbTK5nhc/N5oF3N8XPFMNGSYJ4qFvPyXBBboA11ypS8mCGvI82Fz/b9dE
RuaTbkmIvPEtAhdyeS9BMYyKQNsV8gNZ4LEka+imtaAOV0f6RF7kB8hAdQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFLLd0HzNnaOtPoCip6w0rJZm19PdMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1LzdkYzlj
ZS05ODYyLTQyNzctODIzZi01ZTA5MGEzMGY0ZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvN2RjOWNl
LTk4NjItNDI3Ny04MjNmLTVlMDkwYTMwZjRkYy8xL3N0M1FmTTJkbzYwLWdLS25y
RFNzbG1iWDA5MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCBf2cMA0GCSqGSIb3DQEBCwUAA4IBAQA35gtO
2GuZgqDB8Qo3XZGG8DnY/4Q9St/V1X8vY/APgnIx/0kdpxvme4dXCxjKkzuDByqb
zpOZRo4gt+KSVG+2OextYVHpyfdAvOHSZ94PpZoZ5syoh+HQ5tdu+b0RhE4IqRhA
OT5izOV396HJVtsYQE5bYDlwluTOKSPInOW9mzebV256xOUVo886HLREk5pGBNoP
zI0dCnArz5+EEFL5fkTRyjCIh8qXdSVz4/LIxEQg1Fg97wVgVVxZ4loSYeE/YWyG
zZQem63BMN5rkh8LhOogoK6jahdFSe1gT2cEm9yqmod5klaL8RipYeHCHFUq5anO
Iz5vbd2YTzWVvol2
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:21:29 2025 by rpki-client