Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
File: fINUmPNRmaFXGWTYVcOHd1FoGrk.cer (raw, json)
Hash identifier: tYyvWmj2Im5uUjnjdT05wR1sYcwb8Vpj9xfdFtJ4WCY=
Subject key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B3B90839879BC27E43B524A0E04C75
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:49:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29024
AS: 61207
IP: 87.237.208.0/21
IP: 89.221.240.0/20
IP: 91.189.40.0/21
IP: 185.3.48.0/22
IP: 185.15.120.0/22
IP: 185.187.252.0/22
IP: 185.215.196.0/22
IP: 195.35.82.0/23
IP: 2a02:fc00::/29
IP: 2a0f:440::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b9:08:39:87:9b:c2:7e:43:b5:24:a0:e0:4c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c835498f35199a1571964d855c3877751681ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:33:c5:6a:99:86:0e:75:1b:89:24:0e:0f:
4d:d1:75:4a:f6:58:69:5f:64:e7:fa:9e:42:28:f0:
48:86:97:9a:da:2f:60:a3:ba:65:2c:80:31:6d:b3:
75:f5:74:3a:85:6b:88:ec:78:fb:50:65:5a:3a:a7:
76:77:ca:47:83:21:15:1d:86:33:64:71:bb:73:a8:
81:38:b4:e3:a0:57:5f:c3:f2:9e:f7:96:8d:30:15:
4c:83:f8:e1:d7:40:55:b8:e8:53:79:7c:a8:8b:a4:
8b:2a:75:df:2a:bf:a0:f0:ed:e5:08:74:a8:ec:65:
94:97:af:6d:57:97:81:36:ca:17:16:71:5f:a4:53:
c8:81:7e:ff:ae:c4:7b:d0:07:e0:2c:95:e4:01:9c:
41:a6:71:85:17:1e:75:08:66:3d:c4:54:fb:8b:9d:
6e:e9:1b:36:9f:4b:3a:43:79:17:fa:a5:2b:00:a4:
65:82:52:3f:54:f0:bf:f6:cc:5d:85:d8:3e:55:a2:
8f:b3:b1:37:ed:96:31:89:b1:90:c8:b7:f7:b4:25:
32:04:02:2b:e9:35:e3:e2:8c:37:d8:94:33:24:ed:
44:f9:35:97:b6:6d:9b:5b:5b:ec:29:22:fc:94:44:
73:95:41:c0:33:e2:74:37:67:21:a7:be:83:e5:03:
9f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.208.0/21
89.221.240.0/20
91.189.40.0/21
185.3.48.0/22
185.15.120.0/22
185.187.252.0/22
185.215.196.0/22
195.35.82.0/23
IPv6:
2a02:fc00::/29
2a0f:440::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29024
61207
Signature Algorithm: sha256WithRSAEncryption
9f:e4:ff:8a:cb:8f:56:c2:0b:7f:d1:bc:c6:5a:3a:98:3b:6e:
40:26:d1:d5:4c:47:5f:07:c8:50:13:01:31:ef:e1:f1:59:11:
5b:3d:d5:a5:36:d7:06:4d:18:24:50:7b:bf:f5:a6:42:f0:53:
56:83:ea:5a:87:42:c9:17:58:de:e1:7f:ee:ba:f5:69:fc:ff:
74:83:e2:52:8a:aa:87:7d:ae:9e:bf:c8:78:ae:8b:b2:cd:f9:
99:0b:d5:d0:23:07:7e:d1:9e:50:ab:42:06:a1:15:4b:c4:1f:
b4:18:2d:f4:44:4c:a7:fe:d8:91:ed:35:8a:bd:e9:54:52:cc:
9d:af:5b:d8:d7:75:eb:27:ff:64:fb:43:ce:7d:dd:19:cc:f8:
6e:bb:ae:2e:1a:53:85:0d:54:dd:dc:aa:c8:d2:ef:80:9a:e7:
45:3f:00:f8:a9:87:62:c2:86:e9:9c:9f:da:2a:33:29:1d:de:
0d:79:68:55:b5:df:be:bd:99:8e:9d:12:70:83:4e:91:4f:e4:
ab:1c:dd:c0:ea:04:ff:d9:16:22:5b:ea:0e:f3:40:11:35:34:
d0:4a:71:e9:ee:76:c9:83:65:cc:ea:28:9f:ba:a9:0c:7f:0c:
bd:4c:a6:08:e5:4d:2a:c8:aa:0c:a8:62:0e:8f:6d:5e:10:51:
e8:f2:00:c5
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZQks7kIOYebwn5DtSSg4Ex1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzgzNTQ5OGYzNTE5OWExNTcxOTY0ZDg1NWMzODc3NzUxNjgxYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXwzxWqZhg51G4kkDg9N0XVK9lhp
X2Tn+p5CKPBIhpea2i9go7plLIAxbbN19XQ6hWuI7Hj7UGVaOqd2d8pHgyEVHYYz
ZHG7c6iBOLTjoFdfw/Ke95aNMBVMg/jh10BVuOhTeXyoi6SLKnXfKr+g8O3lCHSo
7GWUl69tV5eBNsoXFnFfpFPIgX7/rsR70AfgLJXkAZxBpnGFFx51CGY9xFT7i51u
6Rs2n0s6Q3kX+qUrAKRlglI/VPC/9sxdhdg+VaKPs7E37ZYxibGQyLf3tCUyBAIr
6TXj4ow32JQzJO1E+TWXtm2bW1vsKSL8lERzlUHAM+J0N2chp76D5QOfRwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFHyDVJjzUZmhVxlk2FXDh3dRaBq5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBjLzlmOGFl
Mi0wZmI1LTRjMDQtYWQ5My00Y2U0NzdkYmI0MDcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMvOWY4YWUy
LTBmYjUtNGMwNC1hZDkzLTRjZTQ3N2RiYjQwNy8xL2ZJTlVtUE5SbWFGWEdXVFlW
Y09IZDFGb0dyay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8GCCsGAQUF
BwEHAQH/BFAwTjA2BAIAATAwAwQDV+3QAwQEWd3wAwQDW70oAwQCuQMwAwQCuQ94
AwQCubv8AwQCudfEAwQBwyNSMBQEAgACMA4DBQMqAvwAAwUDKg8EQDAeBggrBgEF
BQcBCAEB/wQPMA2gCzAJAgJxYAIDAO8XMA0GCSqGSIb3DQEBCwUAA4IBAQCf5P+K
y49Wwgt/0bzGWjqYO25AJtHVTEdfB8hQEwEx7+HxWRFbPdWlNtcGTRgkUHu/9aZC
8FNWg+pah0LJF1je4X/uuvVp/P90g+JSiqqHfa6ev8h4rouyzfmZC9XQIwd+0Z5Q
q0IGoRVLxB+0GC30REyn/tiR7TWKvelUUsydr1vY13XrJ/9k+0POfd0ZzPhuu64u
GlOFDVTd3KrI0u+AmudFPwD4qYdiwobpnJ/aKjMpHd4NeWhVtd++vZmOnRJwg06R
T+SrHN3A6gT/2RYiW+oO80ARNTTQSnHp7nbJg2XM6iifuqkMfwy9TKYI5U0qyKoM
qGIOj21eEFHo8gDF
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:20:33 2025 by rpki-client