Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bBvsP5NYZoqH0aFsRyL0HjwjgeI.cer
File: bBvsP5NYZoqH0aFsRyL0HjwjgeI.cer (raw, json)
Hash identifier: BkAZDnQsb667NCXRgp2oz4nxxFY1sjdsz0DEUlSSbrs=
Subject key identifier: 6C:1B:EC:3F:93:58:66:8A:87:D1:A1:6C:47:22:F4:1E:3C:23:81:E2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FD622E20649C3F1B2E47C2AD7E7AF7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/8c0473-e7d0-4e43-a7f9-797f4cc4b500/1/bBvsP5NYZoqH0aFsRyL0HjwjgeI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/8c0473-e7d0-4e43-a7f9-797f4cc4b500/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.161.8.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:62:2e:20:64:9c:3f:1b:2e:47:c2:ad:7e:7a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c1bec3f9358668a87d1a16c4722f41e3c2381e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:7d:ef:2b:3c:8c:5f:cc:32:c3:b7:ca:90:
8a:f7:d1:c1:aa:88:03:7e:c9:1a:75:81:13:64:e5:
74:d3:4a:49:d2:55:63:bf:5e:5e:5c:b1:3c:89:11:
20:f2:b2:8d:11:cd:b0:cb:04:16:a7:03:5f:13:83:
33:89:d3:2f:af:88:dd:b2:0b:74:6c:a7:bb:21:7a:
be:c6:2e:b9:09:b4:90:27:6e:ed:25:ff:75:7b:5a:
ab:e3:6a:a3:72:25:d3:cd:9e:20:5f:e4:57:bb:e4:
68:60:0f:c8:28:5b:4c:d9:34:42:2f:55:0a:f0:7d:
0e:bc:b7:27:1f:62:c5:3c:f3:17:eb:ef:0a:da:2c:
d9:40:6e:37:f7:15:c8:ea:83:0f:28:65:67:a4:9b:
c7:34:86:49:08:6c:33:70:83:c6:cf:11:69:f2:80:
3e:b8:14:6d:c7:a2:26:e4:8e:7f:94:f6:76:9e:80:
db:47:ab:29:21:1b:c0:5a:04:14:36:a2:9d:d6:dc:
54:9c:8b:67:a3:1d:aa:f7:c7:df:df:22:2c:61:e3:
3c:ca:77:dc:cc:bd:e1:be:05:52:7b:eb:b2:88:ed:
7a:c7:4e:28:90:9e:95:08:31:b6:8b:cf:54:0c:e5:
7d:14:36:d9:61:52:be:45:9c:13:e0:54:a5:75:f6:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1B:EC:3F:93:58:66:8A:87:D1:A1:6C:47:22:F4:1E:3C:23:81:E2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8c0473-e7d0-4e43-a7f9-797f4cc4b500/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8c0473-e7d0-4e43-a7f9-797f4cc4b500/1/bBvsP5NYZoqH0aFsRyL0HjwjgeI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.8.0/22
Signature Algorithm: sha256WithRSAEncryption
63:4c:8d:2e:ea:e9:ee:d8:23:fb:5e:b4:f3:1c:e2:02:ef:5a:
f0:76:8f:4a:4c:f3:d8:e5:c9:08:f6:37:79:97:13:c0:2a:d1:
3a:58:b3:97:5e:a9:9c:26:3a:63:77:78:17:94:9e:d0:67:f4:
ef:87:95:01:18:62:b2:84:2e:c1:3a:37:4c:b0:86:9f:ca:a1:
90:27:7d:81:2c:22:2e:70:23:c1:ad:d0:9a:6a:1b:12:0c:08:
62:ab:35:53:48:21:83:2f:c5:41:3b:4d:70:08:e7:a4:71:a5:
69:7c:cc:ee:15:1b:b0:cd:91:db:3c:38:b1:25:3c:d8:bc:ea:
1b:99:93:c6:06:f0:cd:3c:48:d4:90:e4:84:b6:fe:c9:df:77:
e4:b2:50:5b:03:65:58:ed:e9:9b:3a:a6:2c:8f:a4:e1:b2:f1:
98:5f:a2:60:9c:33:11:97:78:2d:01:5c:e0:6f:c2:de:1b:44:
df:8e:59:45:23:cf:53:24:23:3b:65:b6:e2:0b:8a:f3:cc:51:
90:7d:be:a2:f3:7a:b3:9c:40:60:db:85:54:59:34:d4:99:2c:
92:a0:eb:7c:51:f9:02:02:d8:6c:90:cc:4d:e7:49:77:5f:44:
e2:ee:69:06:92:e5:41:75:58:cc:ff:0f:05:f4:fc:81:33:79:
18:81:1f:a9
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQl/WIuIGScPxsuR8Ktfnr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFiZWMzZjkzNTg2NjhhODdkMWExNmM0NzIyZjQxZTNjMjM4MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvV97ys8jF/MMsO3ypCK99HBqogD
fskadYETZOV000pJ0lVjv15eXLE8iREg8rKNEc2wywQWpwNfE4MzidMvr4jdsgt0
bKe7IXq+xi65CbSQJ27tJf91e1qr42qjciXTzZ4gX+RXu+RoYA/IKFtM2TRCL1UK
8H0OvLcnH2LFPPMX6+8K2izZQG439xXI6oMPKGVnpJvHNIZJCGwzcIPGzxFp8oA+
uBRtx6Im5I5/lPZ2noDbR6spIRvAWgQUNqKd1txUnItnox2q98ff3yIsYeM8ynfc
zL3hvgVSe+uyiO16x04okJ6VCDG2i89UDOV9FDbZYVK+RZwT4FSldfaGtQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGwb7D+TWGaKh9GhbEci9B48I4HiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlLzhjMDQ3
My1lN2QwLTRlNDMtYTdmOS03OTdmNGNjNGI1MDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvOGMwNDcz
LWU3ZDAtNGU0My1hN2Y5LTc5N2Y0Y2M0YjUwMC8xL2JCdnNQNU5ZWm9xSDBhRnNS
eUwwSGp3amdlSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuaEIMA0GCSqGSIb3DQEBCwUAA4IBAQBjTI0u
6unu2CP7XrTzHOIC71rwdo9KTPPY5ckI9jd5lxPAKtE6WLOXXqmcJjpjd3gXlJ7Q
Z/Tvh5UBGGKyhC7BOjdMsIafyqGQJ32BLCIucCPBrdCaahsSDAhiqzVTSCGDL8VB
O01wCOekcaVpfMzuFRuwzZHbPDixJTzYvOobmZPGBvDNPEjUkOSEtv7J33fkslBb
A2VY7embOqYsj6ThsvGYX6JgnDMRl3gtAVzgb8LeG0TfjllFI89TJCM7ZbbiC4rz
zFGQfb6i83qznEBg24VUWTTUmSySoOt8UfkCAthskMxN50l3X0Ti7mkGkuVBdVjM
/w8F9PyBM3kYgR+p
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:41:06 2025 by rpki-client