Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
File: cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer (raw, json)
Hash identifier: UJFATmESNH/mNhlWa40jnVqcRzFPml4f892eGbCI4PE=
Subject key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F2C9804E4CE385D501445EBD70BFD43
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.mft
caRepository: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/
Notify URL: https://chloe.sobornost.net/rpki/news.xml
Certificate not before: Wed 01 Jan 2025 00:03:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.104.129.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:2c:98:04:e4:ce:38:5d:50:14:45:eb:d7:0b:fd:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:03:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fb:07:2d:6d:9c:e4:20:9d:9e:92:3a:f3:4a:
ed:7a:48:c2:07:0b:48:06:0c:57:a4:8c:03:0e:2e:
b8:b5:8d:9a:d3:41:a3:9b:23:d8:bc:df:96:56:fd:
c7:0a:96:46:f2:a9:d6:81:8e:4b:00:83:d2:e4:ac:
c2:7a:ce:1a:77:8c:92:74:c9:3e:dd:43:a1:cf:a2:
ba:4c:b9:9d:a3:5d:f3:93:cf:47:7e:37:f9:05:b1:
28:42:5b:dd:ac:d6:6f:d3:92:49:85:79:33:0a:1e:
cc:5d:d3:4b:51:fe:ae:2e:e1:a0:73:f4:07:4b:d9:
1a:6c:bd:23:10:a6:5d:67:a5:36:04:2f:7a:f5:1a:
3e:a3:a1:2b:e2:2e:07:1f:68:05:7e:00:54:a6:93:
65:68:77:31:0e:11:68:c8:da:dd:13:48:36:76:e7:
9c:39:d5:2f:41:dd:f0:ec:cc:48:16:bf:42:91:ab:
49:8e:dd:53:47:28:fc:e7:5c:94:33:5c:15:35:cb:
08:20:8a:89:79:5e:8c:5c:fb:70:86:8f:a2:cf:a2:
52:28:0a:8e:5e:ce:ba:a0:a3:f4:25:49:0a:27:6d:
26:49:1d:ba:79:d7:19:18:df:85:5a:85:64:d8:f8:
9d:d7:92:f1:fe:ba:3f:47:1c:98:20:68:c3:9a:61:
78:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/
RPKI Manifest - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.mft
RPKI Notify - URI:https://chloe.sobornost.net/rpki/news.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:3a:49:30:5c:11:7f:38:3d:94:e8:3c:76:28:a5:22:f0:61:
1e:75:ac:ee:5d:46:b1:94:9b:15:01:b1:54:6f:3c:95:48:aa:
36:29:d5:55:6f:97:a6:c1:ea:26:e8:dc:2c:3b:bd:b7:04:ea:
94:cc:64:7c:6e:4d:cf:f7:83:24:90:14:f9:c6:a7:f0:da:bc:
46:42:09:89:b6:20:25:c5:d6:1b:e6:97:7f:a6:fa:f8:3e:d1:
4f:e3:80:c3:34:f9:24:13:6b:4e:4e:fe:cd:90:3d:2e:82:cd:
46:81:79:1c:38:bd:24:da:c4:57:74:59:45:59:1d:38:5c:a3:
eb:7c:60:cc:48:80:60:03:35:4a:72:22:ca:03:13:bd:da:83:
43:e6:77:33:ea:68:1c:d9:dc:6e:31:2e:63:4c:11:69:cf:10:
48:e1:1d:22:92:45:50:da:ff:53:76:64:40:53:8f:6d:f6:e1:
55:60:97:14:b9:c8:3f:b4:01:68:eb:dd:e3:93:63:94:f6:19:
62:fd:e5:64:42:49:cf:fc:27:ef:63:ed:3d:e2:6d:92:d8:c9:
08:1a:4d:d0:19:42:6c:00:0c:47:55:76:b6:9b:d4:05:4c:d5:
3f:e0:77:a8:18:45:cc:c6:e2:d3:9c:a9:25:0c:87:1f:b2:bf:
65:33:bd:8b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQfLJgE5M44XVAURevXC/1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDAwMzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQxNGViYjI1NWRjMDU4ZDRiZmE1YTUxYzkzZjczZjgzMGFiODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fsHLW2c5CCdnpI680rtekjCBwtI
BgxXpIwDDi64tY2a00GjmyPYvN+WVv3HCpZG8qnWgY5LAIPS5KzCes4ad4ySdMk+
3UOhz6K6TLmdo13zk89Hfjf5BbEoQlvdrNZv05JJhXkzCh7MXdNLUf6uLuGgc/QH
S9kabL0jEKZdZ6U2BC969Ro+o6Er4i4HH2gFfgBUppNlaHcxDhFoyNrdE0g2duec
OdUvQd3w7MxIFr9CkatJjt1TRyj851yUM1wVNcsIIIqJeV6MXPtwho+iz6JSKAqO
Xs66oKP0JUkKJ20mSR26edcZGN+FWoVk2Pid15Lx/ro/RxyYIGjDmmF4dwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHHRTrslXcBY1L+lpRyT9z+DCriPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdwGCCsGAQUFBwELBIHPMIHMMDkGCCsGAQUFBzAFhi1yc3lu
YzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNzZi8wWAYIKwYB
BQUHMAqGTHJzeW5jOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxy
c3NmL2NkRk91eVZkd0ZqVXY2V2xISlAzUDRNS3VJOC5tZnQwNQYIKwYBBQUHMA2G
KWh0dHBzOi8vY2hsb2Uuc29ib3Jub3N0Lm5ldC9ycGtpL25ld3MueG1sMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RF
RkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiB
MA0GCSqGSIb3DQEBCwUAA4IBAQBMOkkwXBF/OD2U6Dx2KKUi8GEedazuXUaxlJsV
AbFUbzyVSKo2KdVVb5emweom6NwsO723BOqUzGR8bk3P94MkkBT5xqfw2rxGQgmJ
tiAlxdYb5pd/pvr4PtFP44DDNPkkE2tOTv7NkD0ugs1GgXkcOL0k2sRXdFlFWR04
XKPrfGDMSIBgAzVKciLKAxO92oND5ncz6mgc2dxuMS5jTBFpzxBI4R0ikkVQ2v9T
dmRAU49t9uFVYJcUucg/tAFo693jk2OU9hli/eVkQknP/CfvY+094m2S2MkIGk3Q
GUJsAAxHVXa2m9QFTNU/4HeoGEXMxuLTnKklDIcfsr9lM72L
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:25:58 2025 by rpki-client