Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
File: TIp4hmYiVL456hrdcnKOAA6ywlo.cer (raw, json)
Hash identifier: Y28e4fZO4qUDYfq+GTeq7a5uDl9YuTaAoqTIHvWZlY0=
Subject key identifier: 4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423696B854CF38EE6992E55FA581CA515
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:48:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 82.113.96.0/19
IP: 89.204.128.0/19
IP: 185.98.140.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6b:85:4c:f3:8e:e6:99:2e:55:fa:58:1c:a5:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c8a7886662254be39ea1add72728e000eb2c25a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c7:88:f2:dc:d1:80:e6:f7:fa:57:dc:24:cf:
fe:08:bf:07:e4:0d:b6:73:ed:bc:95:16:6f:58:74:
a4:fd:92:1a:47:58:5e:4c:7e:85:79:f4:9b:77:10:
44:03:17:42:08:25:34:e3:5d:2b:9e:37:c7:68:cb:
a7:78:90:90:5a:b2:97:b7:7e:94:03:a7:89:d8:e1:
27:0f:43:33:76:43:f4:6c:6d:9a:f3:a3:69:d8:44:
c9:76:e0:cc:4b:ed:14:01:2a:34:33:b2:60:72:4b:
12:15:f2:77:64:b6:33:6b:f2:2e:a9:a7:e0:e2:8f:
c3:65:5d:56:02:a8:4f:0a:9d:f7:4d:59:ee:ef:6d:
05:0a:cc:80:e4:6d:6e:b0:07:0c:52:b1:32:00:9d:
60:14:70:31:38:d2:5d:0e:21:d0:f0:9c:b7:fd:09:
39:fb:d8:8c:62:05:fe:98:db:72:85:dc:4b:33:e4:
0b:ac:33:b4:3b:9e:8f:77:65:e1:ee:61:20:8f:f0:
92:f7:75:14:5d:8b:ac:58:e5:bd:bc:31:21:d4:a1:
54:ab:d2:1a:48:d1:44:99:2d:34:4f:6e:e8:3e:7d:
6f:e8:dd:67:d8:35:73:8f:80:3e:a1:31:ed:e4:59:
26:1c:db:0c:45:57:be:b0:6c:66:29:fe:2d:e1:94:
80:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.113.96.0/19
89.204.128.0/19
185.98.140.0/22
Signature Algorithm: sha256WithRSAEncryption
99:57:b2:ad:c7:37:cb:da:0e:c0:4c:3d:7c:e8:28:ae:45:67:
a5:3f:38:66:b6:01:ac:74:ca:82:d9:b0:d6:92:53:3b:c2:70:
30:c2:9b:34:aa:dd:01:7c:50:25:63:16:40:02:23:c8:a0:d9:
13:40:92:37:dd:bb:37:48:79:e3:41:c9:34:6e:ce:30:43:88:
fb:af:cf:5a:d5:ba:7d:73:fa:e0:17:01:94:35:50:dd:18:ea:
7e:23:a2:af:73:96:20:04:18:cc:eb:72:93:fc:a9:38:aa:c8:
a8:df:63:4b:80:2b:7c:ea:d8:3f:64:2f:77:cc:be:4d:1e:4a:
b5:bf:23:c9:f9:44:b1:9d:21:1b:4e:ba:6f:ec:60:79:23:90:
a7:1e:e7:cc:b4:d3:f1:bd:e7:3a:91:f4:54:2b:a8:46:f2:49:
5b:6f:bc:79:87:1e:63:64:bf:d8:51:9f:bc:72:65:07:f9:cd:
b0:61:39:2c:b4:06:31:a6:4f:e6:31:7a:12:8b:c8:40:d6:5e:
84:c4:bf:3f:97:18:72:97:64:16:e1:c1:73:4d:2a:07:52:d1:
c9:d0:a0:34:c3:e0:5b:39:8b:44:fe:0c:37:03:59:9f:b4:b9:
55:28:5c:1b:6d:ef:c8:be:8d:ce:b8:a4:be:a3:88:bd:14:1f:
c8:cc:7b:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQjaWuFTPOO5pkuVfpYHKUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhhNzg4NjY2MjI1NGJlMzllYTFhZGQ3MjcyOGUwMDBlYjJjMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8eI8tzRgOb3+lfcJM/+CL8H5A22
c+28lRZvWHSk/ZIaR1heTH6FefSbdxBEAxdCCCU0410rnjfHaMuneJCQWrKXt36U
A6eJ2OEnD0MzdkP0bG2a86Np2ETJduDMS+0UASo0M7JgcksSFfJ3ZLYza/Iuqafg
4o/DZV1WAqhPCp33TVnu720FCsyA5G1usAcMUrEyAJ1gFHAxONJdDiHQ8Jy3/Qk5
+9iMYgX+mNtyhdxLM+QLrDO0O56Pd2Xh7mEgj/CS93UUXYusWOW9vDEh1KFUq9Ia
SNFEmS00T27oPn1v6N1n2DVzj4A+oTHt5FkmHNsMRVe+sGxmKf4t4ZSAcwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFEyKeIZmIlS+Oeoa3XJyjgAOssJaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzU2ODdj
MS1kZjlmLTRhZTUtYTRjYy1lYzAzZWJkMTkwMDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvNTY4N2Mx
LWRmOWYtNGFlNS1hNGNjLWVjMDNlYmQxOTAwMC8xL1RJcDRobVlpVkw0NTZocmRj
bktPQUE2eXdsby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQFUnFgAwQFWcyAAwQCuWKMMA0GCSqGSIb3DQEB
CwUAA4IBAQCZV7KtxzfL2g7ATD186CiuRWelPzhmtgGsdMqC2bDWklM7wnAwwps0
qt0BfFAlYxZAAiPIoNkTQJI33bs3SHnjQck0bs4wQ4j7r89a1bp9c/rgFwGUNVDd
GOp+I6Kvc5YgBBjM63KT/Kk4qsio32NLgCt86tg/ZC93zL5NHkq1vyPJ+USxnSEb
Trpv7GB5I5CnHufMtNPxvec6kfRUK6hG8klbb7x5hx5jZL/YUZ+8cmUH+c2wYTks
tAYxpk/mMXoSi8hA1l6ExL8/lxhyl2QW4cFzTSoHUtHJ0KA0w+BbOYtE/gw3A1mf
tLlVKFwbbe/Ivo3OuKS+o4i9FB/IzHsW
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:29:50 2025 by rpki-client