Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U4Vcjs6b1vjjlAICISzgmwX1-KA.cer
File: U4Vcjs6b1vjjlAICISzgmwX1-KA.cer (raw, json)
Hash identifier: chTyeftFCV07RmwX9wg3iFCceElNa1GuJUvEQO7XtRQ=
Subject key identifier: 53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221F9A5B2782E5549EE2FB493EEDFF10
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2001:678:868::/48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9a:5b:27:82:e5:54:9e:e2:fb:49:3e:ed:ff:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53855c8ece9bd6f8e3940202212ce09b05f5f8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:20:ec:61:49:5a:d9:0a:99:cc:bf:60:57:0a:
d6:fe:97:6e:d2:aa:ce:32:bb:cc:77:26:2a:ad:9f:
bd:78:c6:09:55:49:b3:13:ad:f4:59:f7:6b:8e:0f:
2c:1b:81:80:56:a1:0d:30:69:50:36:0d:90:ea:5b:
b7:85:98:cb:a6:2f:ac:39:d1:28:da:f2:ea:de:85:
7c:24:a5:3d:79:86:f9:0b:87:b4:5c:fd:88:ad:58:
cb:c8:47:0c:2d:0d:e4:bd:32:5b:95:30:56:32:d2:
ad:9b:ac:c8:e4:2e:66:fb:ed:0e:5c:0d:54:eb:91:
3a:a8:eb:4a:fd:4f:98:67:a7:07:4f:0a:52:a4:e3:
8b:14:c2:a1:bd:dc:ca:2a:03:ce:2e:22:e2:f5:4c:
07:ca:0c:51:fe:ae:c9:00:70:b3:50:5b:84:0b:8a:
1f:c4:45:31:2b:4b:33:dd:ab:10:ca:30:df:46:21:
43:2e:f6:fc:d6:43:43:85:81:db:7d:c0:fc:67:28:
0f:0f:72:ad:22:00:37:81:5d:28:6c:87:47:76:68:
d4:42:42:60:74:99:f5:4c:46:40:cb:5c:99:9c:bb:
e3:fa:5b:8e:cd:50:01:47:9b:5f:94:d0:95:6c:09:
46:06:9e:09:d4:f3:7d:be:82:e2:5c:a2:c4:e4:8e:
27:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:85:5C:8E:CE:9B:D6:F8:E3:94:02:02:21:2C:E0:9B:05:F5:F8:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8336b0-cbe4-4da2-841b-1cefd1fa10a6/1/U4Vcjs6b1vjjlAICISzgmwX1-KA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:868::/48
Signature Algorithm: sha256WithRSAEncryption
15:bd:0c:ab:13:bf:6f:b0:9d:06:e8:4b:f0:b6:74:0e:0e:46:
b7:e4:b9:23:3d:a7:af:df:11:b3:f5:4a:b9:8b:f7:fb:19:4a:
91:46:2f:2b:ad:45:7a:cd:7f:d3:04:b0:bd:df:0b:50:06:8b:
ba:aa:cc:1b:eb:8d:54:ed:63:d6:40:62:09:fd:d4:61:84:33:
23:04:47:af:30:45:9e:5a:72:69:8a:2a:bf:b5:3f:b4:88:61:
4d:49:ed:9b:af:82:2d:73:bc:18:55:b9:ba:93:b4:69:f0:b2:
53:16:6e:b3:57:c0:0e:83:d7:f2:27:c9:70:4f:63:d6:2d:a2:
92:5a:66:5f:dd:0a:c5:56:7c:72:29:ae:85:d4:d1:4d:26:a9:
0d:ca:20:26:e7:68:f3:8b:f9:50:03:36:e0:30:2c:c9:2d:9b:
99:ac:67:a3:14:4f:2f:14:e4:1f:1d:2b:83:59:28:75:bd:b0:
cf:bc:cf:a2:46:39:bf:bc:45:8e:cb:2f:53:4e:2b:4b:a2:9a:
67:d1:7d:8f:bb:69:79:e9:27:47:37:e4:15:fe:d9:af:93:28:
c3:ba:b0:b0:40:83:08:ad:63:5a:8b:b7:05:39:34:5b:1d:3d:
5f:97:75:55:7f:e9:d1:06:93:58:8d:3c:ee:f3:b5:40:5c:76:
6d:f9:a7:cd
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZQiH5pbJ4LlVJ7i+0k+7f8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg1NWM4ZWNlOWJkNmY4ZTM5NDAyMDIyMTJjZTA5YjA1ZjVmOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yDsYUla2QqZzL9gVwrW/pdu0qrO
MrvMdyYqrZ+9eMYJVUmzE630Wfdrjg8sG4GAVqENMGlQNg2Q6lu3hZjLpi+sOdEo
2vLq3oV8JKU9eYb5C4e0XP2IrVjLyEcMLQ3kvTJblTBWMtKtm6zI5C5m++0OXA1U
65E6qOtK/U+YZ6cHTwpSpOOLFMKhvdzKKgPOLiLi9UwHygxR/q7JAHCzUFuEC4of
xEUxK0sz3asQyjDfRiFDLvb81kNDhYHbfcD8ZygPD3KtIgA3gV0obIdHdmjUQkJg
dJn1TEZAy1yZnLvj+luOzVABR5tflNCVbAlGBp4J1PN9voLiXKLE5I4nLQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFFOFXI7Om9b445QCAiEs4JsF9figMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YyLzgzMzZi
MC1jYmU0LTRkYTItODQxYi0xY2VmZDFmYTEwYTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvODMzNmIw
LWNiZTQtNGRhMi04NDFiLTFjZWZkMWZhMTBhNi8xL1U0VmNqczZiMXZqamxBSUNJ
U3pnbXdYMS1LQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAhoMA0GCSqGSIb3DQEBCwUAA4IBAQAV
vQyrE79vsJ0G6EvwtnQODka35LkjPaev3xGz9Uq5i/f7GUqRRi8rrUV6zX/TBLC9
3wtQBou6qswb641U7WPWQGIJ/dRhhDMjBEevMEWeWnJpiiq/tT+0iGFNSe2br4It
c7wYVbm6k7Rp8LJTFm6zV8AOg9fyJ8lwT2PWLaKSWmZf3QrFVnxyKa6F1NFNJqkN
yiAm52jzi/lQAzbgMCzJLZuZrGejFE8vFOQfHSuDWSh1vbDPvM+iRjm/vEWOyy9T
TitLoppn0X2Pu2l56SdHN+QV/tmvkyjDurCwQIMIrWNai7cFOTRbHT1fl3VVf+nR
BpNYjTzu87VAXHZt+afN
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:42:37 2025 by rpki-client