Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
File: 3T1AERdeXfej9X0454FQosBf3R0.cer (raw, json)
Hash identifier: N2e6w0E0Y5ThYyK5MqrVfWIMt/p69nAACK4HLEIvfkc=
Subject key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FDBD1D3C4455565ADB822281BFAD98
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206805
IP: 45.84.152.0/22
IP: 45.145.188.0/22
IP: 80.85.248.0/21
IP: 176.119.0.0/21
IP: 178.159.32.0/23
IP: 185.159.111.0/24
IP: 185.228.48.0/22
IP: 185.247.192.0/22
IP: 188.64.149.0 -- 188.64.151.255
IP: 193.19.100.0/23
IP: 193.141.230.0/23
IP: 193.142.20.0/23
IP: 193.246.144.0/24
IP: 193.246.150.0/24
IP: 193.246.153.0/24
IP: 193.246.159.0/24
IP: 2a0c:ee00::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bd:1d:3c:44:55:56:5a:db:82:22:81:bf:ad:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:97:22:32:df:52:95:3a:9e:e3:82:4a:fa:cc:
9e:88:3c:6a:ab:da:f8:6b:f6:c5:65:6c:a1:95:8c:
1d:e4:4b:d3:da:bb:da:6b:32:8e:95:d8:ff:3e:de:
b3:a4:23:25:ba:a4:ab:e4:92:ca:d3:e1:44:70:bd:
9a:90:87:6a:04:df:71:99:ff:32:4c:4f:e4:52:6f:
4c:62:3d:c3:c8:5e:7c:d0:f3:31:69:13:44:19:ff:
ef:36:0a:68:27:d3:b5:6c:2e:83:bd:95:94:f7:6d:
0e:63:1c:dd:69:d4:f4:c0:81:89:cf:99:b2:fd:db:
c3:e0:db:f7:7d:e9:72:26:ed:aa:e1:df:6c:e8:f1:
4f:f5:a4:9f:cf:14:e4:6a:3b:a8:b1:3a:f7:de:84:
76:02:4a:e0:4d:5d:c4:c5:ff:15:b3:4c:99:b3:bb:
98:1f:ff:5a:1b:4c:a1:08:9f:81:03:d2:16:cc:98:
86:3e:98:6a:08:94:c2:c5:33:bd:15:8f:32:d1:a4:
47:c8:dd:0b:99:a8:f7:a6:af:79:26:23:76:1b:67:
92:80:69:b3:4e:21:32:ee:a4:e5:c1:c1:22:e9:0e:
19:6b:8c:24:50:23:41:7e:de:e1:2a:56:0f:17:ed:
be:24:f3:d6:3e:bd:ca:ea:e5:ac:57:2d:48:c7:2a:
f9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
176.119.0.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
IPv6:
2a0c:ee00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206805
Signature Algorithm: sha256WithRSAEncryption
84:95:84:d4:66:6d:e7:d8:ef:c8:1b:f7:f2:2c:ce:4c:25:d6:
b9:5a:10:d4:a4:89:b5:28:bb:6b:ba:80:a4:fd:c2:2a:f9:c9:
8a:7c:94:57:cc:0d:fc:d8:94:d6:a2:0e:8b:f0:47:5b:b8:61:
18:f5:cd:f5:d0:0f:e4:f2:0b:39:73:8e:ec:8b:1f:80:a7:cb:
39:b1:87:82:b0:4b:57:5e:6d:d2:8f:67:d6:90:ff:50:c0:10:
d6:1a:05:d7:7f:42:08:ce:8f:97:82:f4:5a:db:58:ea:9e:3c:
34:c2:d4:89:3f:f5:67:e6:53:b5:66:99:b7:d3:7c:91:12:af:
d3:bb:5c:3c:88:d7:e0:63:b4:25:4e:f0:59:63:2b:a7:bb:dd:
93:ec:ba:64:2c:18:6b:02:25:9d:c5:03:09:7d:4c:8d:4a:19:
d0:14:46:68:1d:88:c4:b8:25:0a:f3:b0:8f:50:12:6c:23:86:
21:d6:5e:ef:fa:47:db:4a:58:7c:1b:d8:5c:99:57:6d:60:63:
cf:a2:37:1c:74:24:be:6d:dd:94:30:5d:f7:b6:39:c6:13:4d:
3f:3f:27:42:e0:d7:b8:08:c4:78:90:16:41:19:b6:9f:a5:0d:
3e:d6:eb:ef:06:7a:66:e8:dd:64:5a:f1:ea:2e:f2:b8:cc:96:
5c:99:d2:c0
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZQl/b0dPERVVlrbgiKBv62YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNkNDAxMTE3NWU1ZGY3YTNmNTdkMzhlNzgxNTBhMmMwNWZkZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJciMt9SlTqe44JK+syeiDxqq9r4
a/bFZWyhlYwd5EvT2rvaazKOldj/Pt6zpCMluqSr5JLK0+FEcL2akIdqBN9xmf8y
TE/kUm9MYj3DyF580PMxaRNEGf/vNgpoJ9O1bC6DvZWU920OYxzdadT0wIGJz5my
/dvD4Nv3felyJu2q4d9s6PFP9aSfzxTkajuosTr33oR2AkrgTV3Exf8Vs0yZs7uY
H/9aG0yhCJ+BA9IWzJiGPphqCJTCxTO9FY8y0aRHyN0Lmaj3pq95JiN2G2eSgGmz
TiEy7qTlwcEi6Q4Za4wkUCNBft7hKlYPF+2+JPPWPr3K6uWsVy1Ixyr5hwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFN09QBEXXl33o/V9OOeBUKLAX90dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNlLzMwODU4
OS05MmZlLTQ1OTMtOTNlNC0yZDBhNzhiZTg5MmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMzA4NTg5
LTkyZmUtNDU5My05M2U0LTJkMGE3OGJlODkyZC8xLzNUMUFFUmRlWGZlajlYMDQ1
NEZRb3NCZjNSMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF
BQcBBwEB/wSBgTB/MG4EAgABMGgDBAItVJgDBAItkbwDBANQVfgDBAOwdwADBAGy
nyADBAC5n28DBAK55DADBAK598AwDAMEALxAlQMEA7xAkAMEAcETZAMEAcGN5gME
AcGOFAMEAMH2kAMEAMH2lgMEAMH2mQMEAMH2nzANBAIAAjAHAwUDKgzuADAaBggr
BgEFBQcBCAEB/wQLMAmgBzAFAgMDJ9UwDQYJKoZIhvcNAQELBQADggEBAISVhNRm
befY78gb9/Iszkwl1rlaENSkibUou2u6gKT9wir5yYp8lFfMDfzYlNaiDovwR1u4
YRj1zfXQD+TyCzlzjuyLH4Cnyzmxh4KwS1debdKPZ9aQ/1DAENYaBdd/QgjOj5eC
9FrbWOqePDTC1Ik/9WfmU7VmmbfTfJESr9O7XDyI1+BjtCVO8FljK6e73ZPsumQs
GGsCJZ3FAwl9TI1KGdAURmgdiMS4JQrzsI9QEmwjhiHWXu/6R9tKWHwb2FyZV21g
Y8+iNxx0JL5t3ZQwXfe2OcYTTT8/J0Lg17gIxHiQFkEZtp+lDT7W6+8Gembo3WRa
8eou8rjMllyZ0sA=
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:30:52 2025 by rpki-client