Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
File: Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer (raw, json)
Hash identifier: HbA8DrXrSNMQKmwvr0eG8S+KlWZU7pxVUM0dExW2Zcw=
Subject key identifier: 66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B2407678206DB5DE7CFABEF5AC2980
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 199952
IP: 45.66.64.0/22
IP: 92.119.108.0/22
IP: 152.89.100.0/22
IP: 185.29.68.0/22
IP: 185.69.8.0/22
IP: 185.88.52.0/22
IP: 185.110.76.0/22
IP: 185.223.240.0/22
IP: 185.227.8.0/22
IP: 2a03:7ce0::/32
IP: 2a04:41c0::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:40:76:78:20:6d:b5:de:7c:fa:be:f5:ac:29:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6676dff61a8305675977e86f52eee6745d6428f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:03:03:d5:df:a7:22:9d:97:0a:82:21:c9:65:
2a:c0:32:08:ec:5e:86:29:a6:7e:2e:95:e5:f7:98:
58:1a:6e:83:ff:6f:b9:7a:39:16:95:30:bb:25:4f:
63:60:8b:55:bc:f0:69:be:3d:50:b8:ef:b9:2a:f9:
29:a4:ac:52:8c:9b:ce:b5:8e:0f:ce:0a:b2:51:b1:
7f:b6:5f:ec:e1:5e:20:1d:b4:8f:b4:1b:86:17:a7:
ee:28:8f:72:a2:58:b7:f7:30:67:b2:c1:ba:fe:27:
0c:1d:c5:ef:09:18:a8:75:6b:5b:28:4f:9c:14:33:
82:d4:81:1f:4e:c3:75:1a:1b:7d:9b:f9:6a:9b:fe:
f3:b5:e8:d9:00:8f:c3:19:89:83:c2:ce:dd:b0:c6:
9d:4e:37:8a:15:c1:62:76:a5:ec:e8:00:4e:80:76:
c3:91:91:95:3d:1c:7f:d6:a6:70:22:7a:94:49:9e:
30:03:0f:3f:fa:05:b1:b9:c0:20:5d:1c:7a:f0:43:
62:85:27:db:55:71:51:e8:7e:09:4f:3d:35:db:3c:
30:a3:6f:f2:14:34:42:57:ad:b5:d2:0b:7f:21:94:
5d:19:35:32:c4:fc:cd:3c:5d:96:f3:0f:0c:55:8c:
8d:98:00:91:60:6e:1b:01:55:38:48:00:84:34:70:
24:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.64.0/22
92.119.108.0/22
152.89.100.0/22
185.29.68.0/22
185.69.8.0/22
185.88.52.0/22
185.110.76.0/22
185.223.240.0/22
185.227.8.0/22
IPv6:
2a03:7ce0::/32
2a04:41c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199952
Signature Algorithm: sha256WithRSAEncryption
87:d4:02:5a:31:b8:20:5d:d5:12:ef:4c:c3:69:4f:57:6c:24:
7c:82:3c:dc:51:77:a1:e2:e1:25:52:93:9b:1d:3e:55:10:fb:
34:08:07:b2:02:72:75:3c:38:8f:37:c8:87:bf:2a:9b:9d:13:
8a:24:f8:8c:37:67:7b:04:d0:21:ed:96:96:25:09:11:5d:38:
ed:25:1f:31:d4:6f:96:d8:8a:7b:b4:98:86:75:dd:75:c4:59:
4a:da:a7:be:3a:b5:3d:47:df:6b:0e:a8:5c:e5:87:a0:7e:0e:
38:a0:bf:04:41:a5:04:3a:4a:a4:31:d0:a0:a1:2a:5b:a5:c2:
db:cf:1d:b4:84:2c:0f:a2:bd:4e:49:9e:72:89:3f:a8:c3:d2:
2e:3b:b5:43:ef:23:de:78:72:e0:fc:c2:35:31:18:05:24:ca:
76:ba:c3:03:d1:28:a3:43:d9:4f:e2:6a:6b:e2:e1:59:03:b2:
f4:b5:77:41:04:a4:f8:1a:9a:a1:d4:9a:46:05:9b:da:94:07:
1d:ed:0f:48:3d:16:72:d1:0c:61:aa:f6:00:da:0b:bf:4c:29:
a9:d0:67:09:5c:e6:d5:ad:83:8a:5f:a0:2d:6f:8c:03:9b:02:
9a:de:e6:23:40:13:13:90:99:61:61:f5:80:48:3e:b4:48:7a:
d3:fc:f8:4f
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZQhskB2eCBttd58+r71rCmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc2ZGZmNjFhODMwNTY3NTk3N2U4NmY1MmVlZTY3NDVkNjQyOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAMD1d+nIp2XCoIhyWUqwDII7F6G
KaZ+LpXl95hYGm6D/2+5ejkWlTC7JU9jYItVvPBpvj1QuO+5KvkppKxSjJvOtY4P
zgqyUbF/tl/s4V4gHbSPtBuGF6fuKI9yoli39zBnssG6/icMHcXvCRiodWtbKE+c
FDOC1IEfTsN1Ght9m/lqm/7ztejZAI/DGYmDws7dsMadTjeKFcFidqXs6ABOgHbD
kZGVPRx/1qZwInqUSZ4wAw8/+gWxucAgXRx68ENihSfbVXFR6H4JTz012zwwo2/y
FDRCV6210gt/IZRdGTUyxPzNPF2W8w8MVYyNmACRYG4bAVU4SACENHAk1wIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFGZ23/YagwVnWXfob1Lu5nRdZCj0MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzZjYjIz
ZS03YzY1LTQ2YjMtOWI2ZC03YzY2MzVkYTg5MmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvNmNiMjNl
LTdjNjUtNDZiMy05YjZkLTdjNjYzNWRhODkyZC8xL1puYmY5aHFEQldkWmQtaHZV
dTdtZEYxa0tQUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUF
BwEHAQH/BFYwVDA8BAIAATA2AwQCLUJAAwQCXHdsAwQCmFlkAwQCuR1EAwQCuUUI
AwQCuVg0AwQCuW5MAwQCud/wAwQCueMIMBQEAgACMA4DBQAqA3zgAwUDKgRBwDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDDRAwDQYJKoZIhvcNAQELBQADggEBAIfU
AloxuCBd1RLvTMNpT1dsJHyCPNxRd6Hi4SVSk5sdPlUQ+zQIB7ICcnU8OI83yIe/
KpudE4ok+Iw3Z3sE0CHtlpYlCRFdOO0lHzHUb5bYinu0mIZ13XXEWUrap746tT1H
32sOqFzlh6B+DjigvwRBpQQ6SqQx0KChKlulwtvPHbSELA+ivU5JnnKJP6jD0i47
tUPvI954cuD8wjUxGAUkyna6wwPRKKND2U/iamvi4VkDsvS1d0EEpPgamqHUmkYF
m9qUBx3tD0g9FnLRDGGq9gDaC79MKanQZwlc5tWtg4pfoC1vjAObApre5iNAExOQ
mWFh9YBIPrRIetP8+E8=
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:24:38 2025 by rpki-client