Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
File: iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer (raw, json)
Hash identifier: rOE6ersfCCcx8TvH7LOO1PNkq4Alx3rpfV63UKdjx30=
Subject key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427486284C023D1979ECE8FFF58CF90B2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:42 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 49837
IP: 193.135.40.0/21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:62:84:c0:23:d1:97:9e:ce:8f:ff:58:cf:90:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:85:70:82:c1:20:e0:50:52:31:c8:61:89:
da:a1:89:dc:5e:9a:5a:4b:a0:71:f9:f9:db:8f:67:
16:11:bb:60:13:59:0c:96:70:59:f1:04:04:fa:67:
00:bc:6a:19:be:a6:ca:58:67:bb:a3:5b:4c:01:b9:
37:ca:4f:ca:fe:5a:f9:89:01:3d:05:72:ba:58:3f:
af:19:c2:59:be:1c:df:a5:7f:a2:6a:60:ec:85:06:
25:43:cb:6c:91:a4:c3:04:69:c5:f8:ed:7a:aa:b3:
5f:1d:43:93:3f:ef:ec:63:83:f8:6b:67:de:eb:e7:
af:c1:1a:34:9a:a7:2b:e0:e3:6d:d4:4a:a3:9d:f0:
ee:e2:70:9e:e8:a1:1d:97:d1:f8:27:ce:a2:9a:2e:
07:35:13:e2:61:95:c2:ec:1a:d2:07:b2:00:2e:26:
d2:32:37:99:ed:35:8f:a4:25:96:62:5a:6c:9f:30:
ba:51:72:e5:47:6e:4e:00:85:69:1b:31:fd:48:84:
fd:ef:75:38:8b:cf:c1:2c:58:3a:1d:d0:d1:cd:6f:
ed:08:fc:41:bc:58:bd:cd:9d:6f:b7:37:3d:0a:68:
93:b8:a1:9f:1e:61:c0:20:48:0f:f0:3c:df:b8:5b:
74:c6:da:66:72:57:db:82:56:5e:38:ed:13:36:36:
93:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.40.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49837
Signature Algorithm: sha256WithRSAEncryption
68:1d:5f:00:6e:14:13:40:29:f6:4b:a5:34:59:bc:e0:a6:b7:
04:16:43:10:a8:3a:b3:3e:8d:30:49:dd:e5:f5:f4:89:bc:0e:
ce:2d:e5:c1:d8:0b:84:c5:62:ee:4c:4f:72:11:57:56:81:d4:
42:3f:5d:03:18:91:20:73:1b:6d:e0:d4:d6:d9:3c:a3:6d:57:
26:78:b7:93:e3:b8:d1:df:fc:71:ec:81:f8:1a:42:0b:3c:2c:
8d:b2:4c:4e:6d:b1:c5:9c:de:23:b8:e7:e7:5e:7a:66:cc:fe:
42:37:85:f1:23:d1:f2:5b:0d:7f:33:b6:9f:a4:07:95:6f:2e:
34:39:2d:47:92:6e:2c:9e:e0:31:9f:6f:63:ec:aa:63:de:9a:
cd:d0:db:7e:5d:41:d5:02:b2:24:cf:04:48:59:56:68:6d:2b:
56:9b:61:b8:9f:f8:21:fc:c0:2c:3c:23:26:29:83:81:c8:b3:
1a:a7:87:1b:99:da:b9:7a:a1:d0:13:d3:bf:e2:85:de:44:02:
ee:ab:fa:06:4a:60:6b:c3:06:bd:1d:d3:2f:65:22:24:c7:a7:
25:41:45:b1:fd:2d:c6:4d:98:bf:0b:01:7e:69:db:be:6e:ec:
14:cd:4d:91:c7:92:22:66:22:ae:0a:01:4a:ef:24:ed:45:e6:
d8:1e:95:76
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQnSGKEwCPRl57Oj/9Yz5CyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFkOWMwY2U1YmEzOTA1YjQxOTcwYTA0ZTUxOTc2MDc2YzY3ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplaFcILBIOBQUjHIYYnaoYncXppa
S6Bx+fnbj2cWEbtgE1kMlnBZ8QQE+mcAvGoZvqbKWGe7o1tMAbk3yk/K/lr5iQE9
BXK6WD+vGcJZvhzfpX+iamDshQYlQ8tskaTDBGnF+O16qrNfHUOTP+/sY4P4a2fe
6+evwRo0mqcr4ONt1EqjnfDu4nCe6KEdl9H4J86imi4HNRPiYZXC7BrSB7IALibS
MjeZ7TWPpCWWYlpsnzC6UXLlR25OAIVpGzH9SIT973U4i8/BLFg6HdDRzW/tCPxB
vFi9zZ1vtzc9CmiTuKGfHmHAIEgP8DzfuFt0xtpmclfbglZeOO0TNjaTPwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFIqtnAzlujkFtBlwoE5Rl2B2xn4AMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2U0NDVl
NC0yNmJkLTQ4YzktODNkYi03YTBlY2U5YzBhZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZTQ0NWU0
LTI2YmQtNDhjOS04M2RiLTdhMGVjZTljMGFmOC8xL2lxMmNET1c2T1FXMEdYQ2dU
bEdYWUhiR2ZnQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDwYcoMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDCrTANBgkqhkiG9w0BAQsFAAOCAQEAaB1fAG4UE0Ap9kulNFm84Ka3BBZDEKg6
sz6NMEnd5fX0ibwOzi3lwdgLhMVi7kxPchFXVoHUQj9dAxiRIHMbbeDU1tk8o21X
Jni3k+O40d/8ceyB+BpCCzwsjbJMTm2xxZzeI7jn5156Zsz+QjeF8SPR8lsNfzO2
n6QHlW8uNDktR5JuLJ7gMZ9vY+yqY96azdDbfl1B1QKyJM8ESFlWaG0rVpthuJ/4
IfzALDwjJimDgcizGqeHG5nauXqh0BPTv+KF3kQC7qv6Bkpga8MGvR3TL2UiJMen
JUFFsf0txk2YvwsBfmnbvm7sFM1NkceSImYirgoBSu8k7UXm2B6Vdg==
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:21:10 2025 by rpki-client