Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
File: MSbg1dN79m8-nYh-rq2cpjwYlIk.cer (raw, json)
Hash identifier: 7tzHkWLJxx1ScElkKRweFE+/PcL00fvxxhqIUOrKtX4=
Subject key identifier: 31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942444EBA67C6947E8B050B915F9C05967
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 94.143.88.0/21
IP: 185.74.116.0/22
IP: 193.108.187.0/24
IP: 194.153.176.0/21
IP: 2a00:d320::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:eb:a6:7c:69:47:e8:b0:50:b9:15:f9:c0:59:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3126e0d5d37bf66f3e9d887eaead9ca63c189489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ba:09:cf:b3:17:d7:b2:9c:a5:7b:72:6b:61:
3b:3e:91:b0:ae:5f:b3:93:83:d7:ce:0e:5b:0e:fb:
fd:48:31:c1:d3:98:69:8b:a1:4e:ab:7e:30:99:73:
c3:c9:a6:4e:1a:5d:aa:5b:92:e8:1a:84:62:af:e0:
32:52:1f:6c:bb:8f:61:07:81:93:0f:20:2a:50:5f:
fd:a9:9a:86:bd:aa:64:01:f6:c7:7f:93:94:f3:51:
16:a9:b0:a9:33:7b:f2:69:f4:f6:42:71:c7:c5:42:
f9:a5:14:bf:19:d0:12:21:18:b5:2b:3c:7e:86:29:
61:bd:2f:84:45:47:9b:fd:05:40:c4:87:34:36:82:
9f:25:99:7d:9f:2f:21:29:34:6b:c2:d0:6c:17:3e:
f6:86:93:e8:87:b5:6c:b5:3c:96:27:1c:96:f5:37:
ee:25:75:65:9b:66:14:53:af:60:b3:0b:f1:0c:7e:
df:12:e6:38:2e:28:f4:75:2f:bd:7b:ff:df:a2:cd:
f8:7b:d6:be:0f:a3:37:2c:83:70:d4:a0:f0:03:a1:
a3:16:47:55:25:d3:57:7e:63:6d:16:b9:9f:20:4d:
a3:61:6c:94:01:0d:b4:19:06:a1:c4:50:bd:f9:28:
3d:ca:0e:06:ba:33:8a:a9:76:04:f2:b6:fa:e9:fe:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.88.0/21
185.74.116.0/22
193.108.187.0/24
194.153.176.0/21
IPv6:
2a00:d320::/29
Signature Algorithm: sha256WithRSAEncryption
3a:ed:69:72:2b:ad:0e:2d:e7:e8:91:48:08:35:ab:98:62:11:
e4:6e:7d:84:5d:27:59:18:8f:1b:75:c2:16:fc:3b:41:56:11:
30:c0:fd:9c:a7:8d:76:b5:0c:8e:1b:f8:48:49:78:05:ae:81:
5a:5e:e5:6a:ed:a0:fe:ab:7d:ad:8c:74:73:79:90:d7:c7:a1:
fa:fc:28:44:cd:bd:be:4b:33:1f:94:ad:44:18:9d:58:ba:7e:
58:0f:10:c3:ca:3b:68:99:22:6f:32:e9:d0:4c:03:ee:ad:85:
18:86:19:8d:75:19:80:40:17:10:6e:54:64:06:14:1d:f8:d6:
f8:30:ce:e0:c1:2d:ba:95:fd:29:1e:b0:4f:23:25:f8:a4:b5:
5e:79:2e:65:74:76:52:3f:ef:82:c3:53:6a:e3:1f:24:5b:15:
6e:4a:fa:6c:e7:e8:11:2f:89:db:fb:34:51:64:bf:a9:a8:a2:
17:56:b9:87:b1:5b:fa:ed:30:70:6b:19:cf:39:6c:91:7d:c3:
0f:d9:29:8b:65:8b:f7:9c:d2:6d:db:86:7a:9f:18:08:75:70:
20:7a:94:94:98:6b:e0:76:d4:1d:6d:fe:5d:6a:79:6c:a8:ba:
9d:8c:9f:34:93:0e:6c:9c:51:02:33:8f:10:4a:af:7f:13:ef:
45:4a:b4:0c
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZQkROumfGlH6LBQuRX5wFlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI2ZTBkNWQzN2JmNjZmM2U5ZDg4N2VhZWFkOWNhNjNjMTg5NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuroJz7MX17KcpXtya2E7PpGwrl+z
k4PXzg5bDvv9SDHB05hpi6FOq34wmXPDyaZOGl2qW5LoGoRir+AyUh9su49hB4GT
DyAqUF/9qZqGvapkAfbHf5OU81EWqbCpM3vyafT2QnHHxUL5pRS/GdASIRi1Kzx+
hilhvS+ERUeb/QVAxIc0NoKfJZl9ny8hKTRrwtBsFz72hpPoh7VstTyWJxyW9Tfu
JXVlm2YUU69gswvxDH7fEuY4Lij0dS+9e//fos34e9a+D6M3LINw1KDwA6GjFkdV
JdNXfmNtFrmfIE2jYWyUAQ20GQahxFC9+Sg9yg4GujOKqXYE8rb66f7GiQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFDEm4NXTe/ZvPp2Ifq6tnKY8GJSJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjLzMyZWY1
YS1lMmI5LTQ5OTktYmZiMi02ZThlZDNjNzMwN2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvMzJlZjVh
LWUyYjktNDk5OS1iZmIyLTZlOGVkM2M3MzA3ZS8xL01TYmcxZE43OW04LW5ZaC1y
cTJjcGp3WWxJay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQDXo9YAwQCuUp0AwQAwWy7AwQDwpmwMA0EAgAC
MAcDBQMqANMgMA0GCSqGSIb3DQEBCwUAA4IBAQA67WlyK60OLefokUgINauYYhHk
bn2EXSdZGI8bdcIW/DtBVhEwwP2cp412tQyOG/hISXgFroFaXuVq7aD+q32tjHRz
eZDXx6H6/ChEzb2+SzMflK1EGJ1Yun5YDxDDyjtomSJvMunQTAPurYUYhhmNdRmA
QBcQblRkBhQd+Nb4MM7gwS26lf0pHrBPIyX4pLVeeS5ldHZSP++Cw1Nq4x8kWxVu
Svps5+gRL4nb+zRRZL+pqKIXVrmHsVv67TBwaxnPOWyRfcMP2SmLZYv3nNJt24Z6
nxgIdXAgepSUmGvgdtQdbf5danlsqLqdjJ80kw5snFECM48QSq9/E+9FSrQM
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:17:48 2025 by rpki-client