Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Ui-Yecz63uXQSpqZc_WyeVKXG_s.cer
File: Ui-Yecz63uXQSpqZc_WyeVKXG_s.cer (raw, json)
Hash identifier: XcU2huVAzbuEgUuf0LEt9aIoPW0tVXZyxzulvDqaB9w=
Subject key identifier: 52:2F:98:79:CC:FA:DE:E5:D0:4A:9A:99:73:F5:B2:79:52:97:1B:FB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D60C597746F420189B528FB0A3B939
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f9/fad4f1-91f0-47e1-b370-ee509fbd80e1/1/Ui-Yecz63uXQSpqZc_WyeVKXG_s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f9/fad4f1-91f0-47e1-b370-ee509fbd80e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.90.180.0/22
IP: 2a05:e340::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0c:59:77:46:f4:20:18:9b:52:8f:b0:a3:b9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=522f9879ccfadee5d04a9a9973f5b27952971bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:38:7e:39:82:74:16:d8:79:a0:e4:a6:b0:c3:
c1:29:82:39:b9:58:4b:7f:8f:1c:ed:d7:2d:1a:1a:
46:ad:c8:c1:f3:cf:0e:e5:43:bf:53:6a:29:80:53:
f0:86:a9:7c:e3:cc:88:9f:c9:ff:9a:aa:40:41:20:
52:bb:0a:15:a2:0f:ca:8a:1d:56:5f:98:d2:43:ec:
97:e9:d5:05:5f:28:d6:d3:60:b2:33:45:eb:6e:ca:
c3:c9:d4:d7:80:60:90:65:bc:76:00:ae:9a:70:82:
20:9d:1e:e3:99:c5:55:8f:cc:4a:81:81:78:cc:5e:
68:26:78:c9:16:75:c1:df:b6:5c:7b:55:53:b6:9c:
0f:ff:d0:05:36:59:55:1f:e4:52:6b:f7:f7:00:25:
79:47:b5:71:8c:de:5d:fb:39:a8:73:11:87:9b:89:
76:bc:b9:0e:b2:42:b5:2e:e9:37:36:fd:2c:fa:2f:
b0:b8:81:88:dd:ae:6d:9c:92:b9:ae:11:46:67:c9:
01:ac:1a:04:3c:05:91:5c:97:91:a4:e5:dd:3a:bf:
4c:d9:05:98:74:6b:e4:8d:aa:bd:da:59:d1:e5:f9:
2a:02:56:b9:82:99:0b:b1:a8:41:44:c4:7c:70:79:
b6:fe:82:b0:40:1c:f8:c2:24:3c:c8:74:b0:65:78:
bf:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2F:98:79:CC:FA:DE:E5:D0:4A:9A:99:73:F5:B2:79:52:97:1B:FB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/fad4f1-91f0-47e1-b370-ee509fbd80e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/fad4f1-91f0-47e1-b370-ee509fbd80e1/1/Ui-Yecz63uXQSpqZc_WyeVKXG_s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.180.0/22
IPv6:
2a05:e340::/29
Signature Algorithm: sha256WithRSAEncryption
54:ea:99:f6:48:7d:85:f9:26:80:82:09:7f:94:0f:78:05:f7:
10:16:e5:4f:16:bf:3a:7e:3e:eb:d6:a6:e9:8b:1d:82:b7:a7:
54:bf:ae:88:91:78:e8:a2:4b:5c:d4:50:c0:7a:89:17:3b:1f:
d5:b6:9c:a2:a7:5e:6e:56:f8:ae:d7:2e:e1:33:a4:29:02:b5:
96:09:66:ad:bf:ae:f5:ea:3a:68:ad:d5:ef:76:25:ce:96:9a:
e3:a5:eb:71:81:5c:5b:a7:e5:64:7e:3b:d4:d2:1e:37:2c:ae:
c8:98:e8:5e:ce:16:dd:38:85:62:92:74:86:8c:24:45:10:64:
88:c9:aa:56:92:a9:41:83:bc:14:f6:5b:4a:2e:3d:05:29:cc:
79:53:d2:be:67:ce:af:1f:2a:e8:76:15:c6:2c:9b:60:61:d8:
fe:ef:45:49:43:34:de:7d:06:73:ea:ac:db:d1:a2:b7:f4:7c:
7e:b2:1a:f0:dd:de:85:41:0b:d4:8b:04:8f:5c:90:ce:ce:45:
f0:4a:32:48:2e:75:75:db:0e:11:2f:61:72:77:9b:18:42:83:
60:31:ab:18:4f:a4:b3:93:de:ac:69:18:76:91:6b:1f:2a:dd:
00:c1:cb:96:b9:07:7d:81:5d:3e:40:4f:de:fd:d6:c1:8c:49:
db:28:37:10
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQg1gxZd0b0IBibUo+wo7k5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJmOTg3OWNjZmFkZWU1ZDA0YTlhOTk3M2Y1YjI3OTUyOTcxYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Dh+OYJ0Fth5oOSmsMPBKYI5uVhL
f48c7dctGhpGrcjB888O5UO/U2opgFPwhql848yIn8n/mqpAQSBSuwoVog/Kih1W
X5jSQ+yX6dUFXyjW02CyM0XrbsrDydTXgGCQZbx2AK6acIIgnR7jmcVVj8xKgYF4
zF5oJnjJFnXB37Zce1VTtpwP/9AFNllVH+RSa/f3ACV5R7VxjN5d+zmocxGHm4l2
vLkOskK1Luk3Nv0s+i+wuIGI3a5tnJK5rhFGZ8kBrBoEPAWRXJeRpOXdOr9M2QWY
dGvkjaq92lnR5fkqAla5gpkLsahBRMR8cHm2/oKwQBz4wiQ8yHSwZXi/ewIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFFIvmHnM+t7l0EqamXP1snlSlxv7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5L2ZhZDRm
MS05MWYwLTQ3ZTEtYjM3MC1lZTUwOWZiZDgwZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvZmFkNGYx
LTkxZjAtNDdlMS1iMzcwLWVlNTA5ZmJkODBlMS8xL1VpLVllY3o2M3VYUVNwcVpj
X1d5ZVZLWEdfcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuVq0MA0EAgACMAcDBQMqBeNAMA0GCSqGSIb3
DQEBCwUAA4IBAQBU6pn2SH2F+SaAggl/lA94BfcQFuVPFr86fj7r1qbpix2Ct6dU
v66IkXjooktc1FDAeokXOx/Vtpyip15uVviu1y7hM6QpArWWCWatv6716jpordXv
diXOlprjpetxgVxbp+VkfjvU0h43LK7ImOhezhbdOIViknSGjCRFEGSIyapWkqlB
g7wU9ltKLj0FKcx5U9K+Z86vHyrodhXGLJtgYdj+70VJQzTefQZz6qzb0aK39Hx+
shrw3d6FQQvUiwSPXJDOzkXwSjJILnV12w4RL2Fyd5sYQoNgMasYT6Szk96saRh2
kWsfKt0AwcuWuQd9gV0+QE/e/dbBjEnbKDcQ
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:34:57 2025 by rpki-client