Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.cer
File: Hl_griXG6uJ3Y9zexRoOEOvGw3Q.cer (raw, json)
Hash identifier: KvtP/kAVUuTOE+2N+FKf5V1t7iPvxMfGwIpXqwnT+Hc=
Subject key identifier: 1E:5F:E0:AE:25:C6:EA:E2:77:63:DC:DE:C5:1A:0E:10:EB:C6:C3:74
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942826569818341D8D76EC45CF3E4956A2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:53:08 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.104.0.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:56:98:18:34:1d:8d:76:ec:45:cf:3e:49:56:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e5fe0ae25c6eae27763dcdec51a0e10ebc6c374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:8d:c0:5e:43:f7:fd:20:20:03:5f:74:fb:
22:5f:db:72:05:2e:21:ed:54:9e:83:0e:6c:bd:0a:
67:29:8d:64:d4:49:65:c3:da:fd:7e:4b:54:32:01:
33:1b:1c:d2:14:bb:87:33:76:6c:7a:3f:52:7f:e0:
46:94:19:ff:8b:5e:68:d6:43:02:41:24:d7:fa:88:
46:08:67:82:92:70:e3:73:55:c7:a7:7b:9a:09:49:
9d:d8:81:ff:b7:60:7e:37:7f:69:47:75:dd:3d:1e:
c2:91:6e:39:db:65:35:94:bd:54:97:8c:8f:da:01:
04:41:3c:75:4f:3a:f3:54:7c:2d:b0:27:5e:19:0c:
99:e7:26:3b:ce:7a:63:d5:b2:e6:81:ed:a9:c4:bf:
85:b6:ce:3c:ef:50:55:a2:7e:45:2e:43:14:b4:05:
20:54:99:66:03:cf:53:17:33:26:b9:b7:d7:d7:73:
d5:76:be:f8:39:54:37:6a:ab:a0:8c:b2:f2:07:75:
95:19:d4:3a:08:25:0d:7e:53:78:3d:b9:b3:35:5d:
fd:8c:65:e6:17:02:74:96:b5:1c:8b:8a:08:42:5b:
13:8a:de:e8:25:7d:a7:0e:16:2d:f7:86:fc:bb:07:
81:0f:31:04:1c:fd:de:42:e0:75:3a:14:d0:61:00:
47:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5F:E0:AE:25:C6:EA:E2:77:63:DC:DE:C5:1A:0E:10:EB:C6:C3:74
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/76fb22-124c-4866-8e4d-8b792a42d0ef/1/Hl_griXG6uJ3Y9zexRoOEOvGw3Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.0.0/24
Signature Algorithm: sha256WithRSAEncryption
98:0d:43:70:41:94:e0:d3:8f:2a:28:a3:3d:6c:c9:a5:7b:5f:
5e:b1:65:8d:83:4b:dc:74:f4:44:0d:08:8e:72:b7:db:04:00:
12:76:e5:80:ae:54:a6:64:bf:d3:e4:65:e2:0d:d4:80:0c:af:
8a:c5:45:b2:71:a4:49:06:6d:b4:a0:94:31:cf:bb:ab:2c:ed:
b4:88:02:7f:01:26:38:09:d6:8b:c4:1d:c2:2c:90:1b:84:1f:
51:4b:2a:15:45:5c:eb:64:e6:66:9e:96:45:13:39:9b:52:67:
dd:8d:3e:e4:3b:dc:a0:61:67:70:70:d8:31:45:66:da:21:e6:
45:d6:90:fe:84:89:92:87:a2:27:1e:67:a8:8a:ed:52:51:c6:
db:94:db:0e:4a:3d:c5:38:93:f5:5a:55:fc:3a:66:92:42:89:
2e:09:50:07:48:a7:1f:81:bc:db:02:75:f0:90:2a:00:b6:d0:
7e:9b:53:34:94:80:7d:9f:6b:93:76:22:18:d5:db:91:b8:3b:
cc:50:06:92:92:36:07:84:ed:d8:40:0d:f5:9a:98:83:24:c0:
36:f3:eb:6f:e7:71:16:8a:a6:b4:a8:d0:42:f5:47:94:09:f0:
eb:4d:6e:35:ba:e2:63:ed:f1:d8:ab:3e:e0:10:ba:4f:b2:cc:
ec:81:8f:9d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQoJlaYGDQdjXbsRc8+SVaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVmZTBhZTI1YzZlYWUyNzc2M2RjZGVjNTFhMGUxMGViYzZjMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkmNwF5D9/0gIANfdPsiX9tyBS4h
7VSegw5svQpnKY1k1Ellw9r9fktUMgEzGxzSFLuHM3Zsej9Sf+BGlBn/i15o1kMC
QSTX+ohGCGeCknDjc1XHp3uaCUmd2IH/t2B+N39pR3XdPR7CkW4522U1lL1Ul4yP
2gEEQTx1TzrzVHwtsCdeGQyZ5yY7znpj1bLmge2pxL+Fts4871BVon5FLkMUtAUg
VJlmA89TFzMmubfX13PVdr74OVQ3aqugjLLyB3WVGdQ6CCUNflN4PbmzNV39jGXm
FwJ0lrUci4oIQlsTit7oJX2nDhYt94b8uweBDzEEHP3eQuB1OhTQYQBHDwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFB5f4K4lxurid2Pc3sUaDhDrxsN0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZhLzc2ZmIy
Mi0xMjRjLTQ4NjYtOGU0ZC04Yjc5MmE0MmQwZWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvNzZmYjIy
LTEyNGMtNDg2Ni04ZTRkLThiNzkyYTQyZDBlZi8xL0hsX2dyaVhHNnVKM1k5emV4
Um9PRU92R3czUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwWgAMA0GCSqGSIb3DQEBCwUAA4IBAQCYDUNw
QZTg048qKKM9bMmle19esWWNg0vcdPREDQiOcrfbBAASduWArlSmZL/T5GXiDdSA
DK+KxUWycaRJBm20oJQxz7urLO20iAJ/ASY4CdaLxB3CLJAbhB9RSyoVRVzrZOZm
npZFEzmbUmfdjT7kO9ygYWdwcNgxRWbaIeZF1pD+hImSh6InHmeoiu1SUcbblNsO
Sj3FOJP1WlX8OmaSQokuCVAHSKcfgbzbAnXwkCoAttB+m1M0lIB9n2uTdiIY1duR
uDvMUAaSkjYHhO3YQA31mpiDJMA28+tv53EWiqa0qNBC9UeUCfDrTW41uuJj7fHY
qz7gELpPsszsgY+d
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:08:47 2025 by rpki-client