Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer
File: HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer (raw, json)
Hash identifier: XOjjr1KspcPAOHzx3PfQVdH2rzaIn34ZmPtv4v9vMco=
Subject key identifier: 1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194236A2FA70E78CE5CA17185E63088F0F8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:49:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 58310
IP: 91.109.224.0/21
IP: 185.173.72.0/22
IP: 2a0b:3900::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2f:a7:0e:78:ce:5c:a1:71:85:e6:30:88:f0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c9c0b1d2144214ea4913c7d63b26fe26a472efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:11:8a:d6:39:be:84:78:dc:84:d3:5d:fa:
79:08:b5:33:24:ec:a3:1d:86:fe:ae:dd:96:47:2b:
e5:8c:b3:f0:d6:fa:97:da:d1:d2:dc:ba:2b:2e:b4:
66:8c:5d:c4:0a:59:67:ec:5c:cf:e5:d3:5a:f0:69:
fd:da:50:76:87:65:d2:e3:22:d9:70:a6:45:12:10:
05:10:6f:b7:96:72:d4:ee:9e:f3:f5:1f:83:ae:94:
0c:12:46:05:b5:f3:db:ae:2c:ec:91:a7:45:1e:21:
63:f8:16:58:5b:3d:a7:f3:18:2c:98:0b:d6:a7:2d:
b9:df:fd:a6:15:a3:cd:6a:ec:21:fc:36:44:6d:93:
44:ce:21:df:76:72:c0:f7:bb:c9:fc:ac:35:c4:54:
c9:09:30:e6:db:f2:86:5d:ed:75:84:e1:05:7f:25:
bd:90:42:79:b0:d0:3a:a9:0a:e4:c5:8f:f5:5a:f7:
80:9a:e7:84:d2:c1:04:ee:66:cf:d1:55:cc:76:1a:
8f:36:2c:c5:55:86:1a:00:b3:57:1e:4e:49:5d:4f:
1f:a9:8a:1e:28:96:8b:65:1c:03:73:bd:c8:e5:2f:
76:53:f5:24:cc:bd:7f:a1:0b:eb:64:71:ce:be:f9:
e9:f6:23:e8:59:fd:6c:83:98:c3:ac:d3:8f:27:12:
aa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.224.0/21
185.173.72.0/22
IPv6:
2a0b:3900::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
58310
Signature Algorithm: sha256WithRSAEncryption
3d:3d:2d:43:b5:e0:a9:d9:2e:f1:5a:21:1d:39:75:c4:74:a5:
73:b6:c3:dc:23:4b:22:b9:7c:eb:d0:bb:6b:19:74:17:2b:80:
95:a9:8a:3e:66:0b:11:b3:75:41:ec:1a:38:64:01:e9:15:07:
db:fa:74:cc:7c:94:26:ad:93:4e:4e:dc:6e:15:f4:d1:a3:f4:
c6:80:03:54:13:7b:59:94:45:a5:56:ba:6e:42:7e:45:84:56:
37:1c:3e:e8:40:02:2a:76:fe:db:a6:59:68:cd:eb:d0:42:ba:
8d:2c:dd:2a:65:8b:f8:ec:bb:87:e1:ed:38:81:9f:c5:a1:e9:
ad:99:a6:51:bf:38:07:c1:0f:c0:a7:00:b5:1b:87:9a:5a:1b:
66:fc:e9:98:40:52:72:eb:ac:84:31:43:1f:08:b5:92:d7:9f:
1c:53:83:bc:0d:55:29:a3:18:21:59:a6:9d:03:b0:1f:00:04:
1c:db:5c:24:a4:43:d4:12:d7:15:68:07:4f:71:86:e7:58:f2:
c0:dd:03:ee:58:56:d6:9e:94:a8:a3:8b:af:60:ae:21:ae:be:
0d:45:2c:d1:b1:5d:ad:0f:89:f7:1a:ec:83:08:d3:e5:ac:b3:
eb:4d:30:73:bf:04:33:ba:34:93:14:34:e8:2d:78:b8:f4:b1:
40:66:1f:eb
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQjai+nDnjOXKFxheYwiPD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzljMGIxZDIxNDQyMTRlYTQ5MTNjN2Q2M2IyNmZlMjZhNDcyZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ0RitY5voR43ITTXfp5CLUzJOyj
HYb+rt2WRyvljLPw1vqX2tHS3LorLrRmjF3EClln7FzP5dNa8Gn92lB2h2XS4yLZ
cKZFEhAFEG+3lnLU7p7z9R+DrpQMEkYFtfPbrizskadFHiFj+BZYWz2n8xgsmAvW
py253/2mFaPNauwh/DZEbZNEziHfdnLA97vJ/Kw1xFTJCTDm2/KGXe11hOEFfyW9
kEJ5sNA6qQrkxY/1WveAmueE0sEE7mbP0VXMdhqPNizFVYYaALNXHk5JXU8fqYoe
KJaLZRwDc73I5S92U/UkzL1/oQvrZHHOvvnp9iPoWf1sg5jDrNOPJxKqkwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBycCx0hRCFOpJE8fWOyb+JqRy7+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3LzRkODUx
NC0wZWU1LTRjZGItYjA3OC1mNjVhOTNmNDgwYTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvNGQ4NTE0
LTBlZTUtNGNkYi1iMDc4LWY2NWE5M2Y0ODBhOC8xL0hKd0xIU0ZFSVU2a2tUeDlZ
N0p2NG1wSEx2NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDW23gAwQCua1IMA0EAgACMAcDBQMqCzkAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDjxjANBgkqhkiG9w0BAQsFAAOCAQEAPT0t
Q7Xgqdku8VohHTl1xHSlc7bD3CNLIrl869C7axl0FyuAlamKPmYLEbN1QewaOGQB
6RUH2/p0zHyUJq2TTk7cbhX00aP0xoADVBN7WZRFpVa6bkJ+RYRWNxw+6EACKnb+
26ZZaM3r0EK6jSzdKmWL+Oy7h+HtOIGfxaHprZmmUb84B8EPwKcAtRuHmlobZvzp
mEBScuushDFDHwi1ktefHFODvA1VKaMYIVmmnQOwHwAEHNtcJKRD1BLXFWgHT3GG
51jywN0D7lhW1p6UqKOLr2CuIa6+DUUs0bFdrQ+J9xrsgwjT5ayz600wc78EM7o0
kxQ06C14uPSxQGYf6w==
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:46:44 2025 by rpki-client