Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer
File: yaf_ASy3LqhNG4PAAsMgPMAk5qY.cer (raw, json)
Hash identifier: eSUBW04FgiSj72rL2zbwo84a3aXKISaaq5BPFsTPCvc=
Subject key identifier: C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942067E77F362963EADFEA4F2943DE3AA1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/yaf_ASy3LqhNG4PAAsMgPMAk5qY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:47 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.28.11.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e7:7f:36:29:63:ea:df:ea:4f:29:43:de:3a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9a7ff012cb72ea84d1b83c002c3203cc024e6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:48:0f:96:ca:8e:6e:28:82:50:30:b4:0c:1f:
28:bc:92:60:16:30:9b:a2:f9:13:de:04:6a:9a:a6:
ef:85:b0:46:b8:d2:df:50:ad:c4:85:04:5e:35:e0:
3c:40:e9:b3:2a:98:a9:7f:11:3c:52:79:b2:8f:7f:
08:0f:2e:bc:5d:f5:16:8d:43:1e:18:56:8c:9d:06:
40:b8:38:6a:19:05:44:19:0e:13:85:32:4f:ac:1b:
1b:44:44:6a:b9:7c:2a:6e:7d:52:6a:84:eb:25:0b:
18:66:94:17:81:05:b3:3f:c3:ac:2b:8d:7f:05:89:
18:77:51:7a:85:a6:2b:a5:3f:ed:91:f3:73:2c:f9:
b1:3a:14:a3:9c:79:22:a6:48:ca:06:65:9a:05:64:
07:54:b1:41:04:35:1f:50:c8:da:bf:60:d2:34:1e:
e3:a1:e4:57:6f:b4:26:f7:67:7c:1a:0e:66:3f:dd:
06:46:48:6e:f7:ad:cc:96:4e:0f:02:d2:4c:23:0b:
25:bb:dc:c1:2f:66:3e:6f:27:fa:39:b4:88:45:30:
9a:e4:ba:ca:f5:a0:81:5b:3a:12:46:32:76:8a:24:
ef:eb:c7:fa:0d:73:02:ab:4d:06:b7:b5:cc:0d:a0:
d3:49:a4:3e:5a:42:bc:12:99:3f:46:62:b3:af:11:
35:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A7:FF:01:2C:B7:2E:A8:4D:1B:83:C0:02:C3:20:3C:C0:24:E6:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42fb3c-61a6-45ca-a47e-d2d1209c4825/1/yaf_ASy3LqhNG4PAAsMgPMAk5qY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.11.0/24
Signature Algorithm: sha256WithRSAEncryption
82:36:44:d3:67:3c:dd:77:ee:f4:b4:6d:31:4b:f1:8d:9a:c9:
39:86:c2:7d:82:1f:91:a6:a4:df:6a:02:dd:12:95:c1:da:e7:
6c:c1:27:d9:c9:2a:df:62:ef:71:02:c7:24:03:fc:8c:3b:a5:
42:99:6d:99:6f:74:7a:4d:f0:89:ce:09:ce:3c:52:e6:a2:3b:
bd:80:e2:33:e3:8f:cb:e1:1c:27:b6:6f:51:08:44:1e:4e:3a:
0b:73:74:95:10:0e:8b:57:41:44:77:35:ae:99:67:b3:13:00:
1a:dd:81:42:b4:1c:2f:4b:30:69:ed:86:04:34:2e:5e:6e:3b:
d6:2f:ad:11:b9:6b:2c:19:71:8a:08:02:da:48:af:95:06:12:
35:79:0e:af:80:b8:29:9e:da:9b:38:bc:6c:12:d9:bc:92:01:
72:6c:30:b8:75:b0:4c:43:4b:0b:d6:35:7f:f3:f8:bd:db:7a:
b8:58:00:65:02:70:ad:41:cc:f3:5b:02:f2:4f:00:9a:ef:24:
4a:19:69:bc:78:d0:1b:ad:d7:41:c1:a7:7e:e5:85:c0:71:2a:
a5:d3:92:fd:b7:de:89:7f:2e:9e:6a:04:0b:5e:f8:99:a7:83:
d7:d8:89:77:dd:ba:08:63:83:b9:b0:e6:e8:91:73:7b:5d:bb:
0c:35:1b:09
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQgZ+d/Nilj6t/qTylD3jqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE3ZmYwMTJjYjcyZWE4NGQxYjgzYzAwMmMzMjAzY2MwMjRlNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kgPlsqObiiCUDC0DB8ovJJgFjCb
ovkT3gRqmqbvhbBGuNLfUK3EhQReNeA8QOmzKpipfxE8Unmyj38IDy68XfUWjUMe
GFaMnQZAuDhqGQVEGQ4ThTJPrBsbRERquXwqbn1SaoTrJQsYZpQXgQWzP8OsK41/
BYkYd1F6haYrpT/tkfNzLPmxOhSjnHkipkjKBmWaBWQHVLFBBDUfUMjav2DSNB7j
oeRXb7Qm92d8Gg5mP90GRkhu963Mlk4PAtJMIwslu9zBL2Y+byf6ObSIRTCa5LrK
9aCBWzoSRjJ2iiTv68f6DXMCq00Gt7XMDaDTSaQ+WkK8Epk/RmKzrxE1gwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMmn/wEsty6oTRuDwALDIDzAJOamMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzQyZmIz
Yy02MWE2LTQ1Y2EtYTQ3ZS1kMmQxMjA5YzQ4MjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvNDJmYjNj
LTYxYTYtNDVjYS1hNDdlLWQyZDEyMDljNDgyNS8xL3lhZl9BU3kzTHFoTkc0UEFB
c01nUE1BazVxWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwRwLMA0GCSqGSIb3DQEBCwUAA4IBAQCCNkTT
Zzzdd+70tG0xS/GNmsk5hsJ9gh+RpqTfagLdEpXB2udswSfZySrfYu9xAsckA/yM
O6VCmW2Zb3R6TfCJzgnOPFLmoju9gOIz44/L4Rwntm9RCEQeTjoLc3SVEA6LV0FE
dzWumWezEwAa3YFCtBwvSzBp7YYENC5ebjvWL60RuWssGXGKCALaSK+VBhI1eQ6v
gLgpntqbOLxsEtm8kgFybDC4dbBMQ0sL1jV/8/i923q4WABlAnCtQczzWwLyTwCa
7yRKGWm8eNAbrddBwad+5YXAcSql05L9t96Jfy6eagQLXviZp4PX2Il33boIY4O5
sObokXN7XbsMNRsJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:25:08 2025 by rpki-client