Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PZ--FcPNteA0NeJM9i8W-2xiOWw.cer
File: PZ--FcPNteA0NeJM9i8W-2xiOWw.cer (raw, json)
Hash identifier: ySEC+zTWTnTXnGESQPfwGyYTi0mbTkvjjl0UMBcVOKw=
Subject key identifier: 3D:9F:BE:15:C3:CD:B5:E0:34:35:E2:4C:F6:2F:16:FB:6C:62:39:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D60FC7E20442BCAF089CF6003E4F11
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/PZ--FcPNteA0NeJM9i8W-2xiOWw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:07 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8334
AS: 39153
IP: 46.188.0.0/17
IP: 80.248.80.0/20
IP: 80.253.16.0/20
IP: 94.127.168.0/21
IP: 109.71.192.0/21
IP: 185.39.132.0/22
IP: 185.151.120.0/22
IP: 188.244.32.0/20
IP: 195.98.160.0/19
IP: 2a00:4500::/32
IP: 2a00:5d00::/32
IP: 2a00:dc40::/32
IP: 2a00:fee0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0f:c7:e2:04:42:bc:af:08:9c:f6:00:3e:4f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d9fbe15c3cdb5e03435e24cf62f16fb6c62396c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1e:5e:f5:b6:87:a6:02:3a:f4:9c:7d:8c:36:
ee:cf:d7:86:4b:37:91:5e:e0:05:31:fd:75:ac:6a:
ae:fa:47:c1:35:fe:db:87:eb:0a:d0:e5:f0:bf:9d:
e7:2a:4d:ed:35:4e:43:f4:72:63:fe:34:d3:a9:25:
be:63:c5:03:33:8b:7f:e4:23:e8:c2:03:23:5b:3d:
a3:10:b8:46:17:fb:4c:6b:dd:c6:55:14:60:94:d3:
88:be:14:74:64:80:60:80:6d:54:ce:ef:ca:c2:08:
fe:30:78:0b:21:a0:be:09:2d:69:4f:f1:8d:d1:5f:
7b:8f:19:8b:e9:4b:3f:00:80:23:2d:3a:49:f9:42:
d5:0d:34:c1:3b:08:9c:5a:0f:cf:05:ba:54:cc:cc:
c0:b9:ab:8c:22:11:39:40:bb:c7:0a:68:d9:37:37:
18:00:f2:b9:03:e9:14:b8:46:4a:49:49:60:ff:f5:
03:6d:4f:20:6b:19:8f:eb:ca:d4:24:d9:37:35:21:
f2:53:cf:ed:d4:54:5e:8d:c6:9c:7c:c4:3b:31:f4:
5a:6e:ba:58:1d:01:38:39:39:1d:48:9f:ba:4f:66:
fd:c6:ed:6a:1e:4b:33:36:9f:c6:66:cb:3a:b1:0e:
f0:5a:66:57:64:93:82:bb:c1:ac:73:ef:73:41:15:
ab:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9F:BE:15:C3:CD:B5:E0:34:35:E2:4C:F6:2F:16:FB:6C:62:39:6C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/PZ--FcPNteA0NeJM9i8W-2xiOWw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.188.0.0/17
80.248.80.0/20
80.253.16.0/20
94.127.168.0/21
109.71.192.0/21
185.39.132.0/22
185.151.120.0/22
188.244.32.0/20
195.98.160.0/19
IPv6:
2a00:4500::/32
2a00:5d00::/32
2a00:dc40::/32
2a00:fee0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8334
39153
Signature Algorithm: sha256WithRSAEncryption
19:f6:b1:79:a1:ff:0a:d0:17:47:1c:ae:19:43:4e:ef:0f:99:
63:97:c8:39:cc:1b:96:54:97:a1:9e:85:37:0f:4c:10:65:b6:
4b:2e:93:7d:b4:2d:9e:7b:e7:56:37:f4:90:32:32:64:00:47:
4d:14:46:6d:7f:b5:57:01:06:35:5e:25:82:18:74:c2:4c:db:
3a:29:ee:4f:ed:02:1a:ab:40:2c:29:54:0a:93:cc:e9:05:8e:
ea:ec:2f:0d:06:df:f9:88:cb:5b:41:4a:d0:45:54:d3:96:50:
3d:dc:c3:4d:ec:7d:f0:37:75:4f:77:68:a9:3b:3f:27:02:cf:
63:ca:09:3f:46:4b:f0:0a:4f:ef:2c:18:e1:fd:4a:47:e2:a1:
02:7b:5b:ed:a0:5b:a8:44:5b:cd:32:e7:fd:98:6c:1e:e5:60:
dd:19:b6:74:83:5e:4e:a4:16:95:af:a9:75:0f:3d:ed:dd:99:
cb:09:9b:25:70:4c:39:91:38:00:6b:67:85:7d:72:81:13:bc:
0e:e7:e5:3d:0b:6f:48:82:0b:6b:90:2d:10:6d:87:84:de:ec:
f3:17:82:7b:c7:b2:3e:da:55:c0:21:fc:0f:3b:9d:74:ad:77:
11:bf:0a:b9:2f:ad:b9:84:44:01:cb:a9:c5:d7:38:ca:10:00:
7f:b5:09:7c
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZQg1g/H4gRCvK8InPYAPk8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlmYmUxNWMzY2RiNWUwMzQzNWUyNGNmNjJmMTZmYjZjNjIzOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x5e9baHpgI69Jx9jDbuz9eGSzeR
XuAFMf11rGqu+kfBNf7bh+sK0OXwv53nKk3tNU5D9HJj/jTTqSW+Y8UDM4t/5CPo
wgMjWz2jELhGF/tMa93GVRRglNOIvhR0ZIBggG1Uzu/Kwgj+MHgLIaC+CS1pT/GN
0V97jxmL6Us/AIAjLTpJ+ULVDTTBOwicWg/PBbpUzMzAuauMIhE5QLvHCmjZNzcY
APK5A+kUuEZKSUlg//UDbU8gaxmP68rUJNk3NSHyU8/t1FRejcacfMQ7MfRabrpY
HQE4OTkdSJ+6T2b9xu1qHkszNp/GZss6sQ7wWmZXZJOCu8Gsc+9zQRWrIwIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFD2fvhXDzbXgNDXiTPYvFvtsYjlsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I4L2U4M2Ji
OS1hNWMyLTQ3NzQtOWViYi1hZTMyN2RiZTQ1YzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvZTgzYmI5
LWE1YzItNDc3NC05ZWJiLWFlMzI3ZGJlNDVjOS8xL1BaLS1GY1BOdGVBME5lSk05
aThXLTJ4aU9Xdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHMGCCsGAQUF
BwEHAQH/BGQwYjA8BAIAATA2AwQHLrwAAwQEUPhQAwQEUP0QAwQDXn+oAwQDbUfA
AwQCuSeEAwQCuZd4AwQEvPQgAwQFw2KgMCIEAgACMBwDBQAqAEUAAwUAKgBdAAMF
ACoA3EADBQAqAP7gMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAiCOAgMAmPEwDQYJ
KoZIhvcNAQELBQADggEBABn2sXmh/wrQF0ccrhlDTu8PmWOXyDnMG5ZUl6GehTcP
TBBltksuk320LZ5751Y39JAyMmQAR00URm1/tVcBBjVeJYIYdMJM2zop7k/tAhqr
QCwpVAqTzOkFjursLw0G3/mIy1tBStBFVNOWUD3cw03sffA3dU93aKk7PycCz2PK
CT9GS/AKT+8sGOH9SkfioQJ7W+2gW6hEW80y5/2YbB7lYN0ZtnSDXk6kFpWvqXUP
Pe3dmcsJmyVwTDmROABrZ4V9coETvA7n5T0Lb0iCC2uQLRBth4Te7PMXgnvHsj7a
VcAh/A87nXStdxG/CrkvrbmERAHLqcXXOMoQAH+1CXw=
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:26:56 2025 by rpki-client