Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kMjQcCLOUC2hNl5XO4w7FITfHoc.cer
File: kMjQcCLOUC2hNl5XO4w7FITfHoc.cer (raw, json)
Hash identifier: gIKuGr0i+nVPCHnQFTL57338bxj/6V8PL375OdbHVP0=
Subject key identifier: 90:C8:D0:70:22:CE:50:2D:A1:36:5E:57:3B:8C:3B:14:84:DF:1E:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1C1D1EBE7F2D0A098CE108C40021F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/kMjQcCLOUC2hNl5XO4w7FITfHoc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 141.98.40.0/22
IP: 2a06:e940::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c1:d1:eb:e7:f2:d0:a0:98:ce:10:8c:40:02:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90c8d07022ce502da1365e573b8c3b1484df1e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:60:15:01:91:d9:86:b7:f3:ae:02:e1:ba:
c5:12:e0:e0:7b:bf:1a:51:55:0a:29:c6:3b:89:64:
b1:83:ab:94:23:96:19:90:39:c5:83:65:a8:2a:4c:
e9:26:e8:0e:83:30:37:ef:90:97:af:c1:9e:85:36:
53:09:7f:b1:70:07:6c:64:b3:00:df:18:91:3b:de:
d5:55:ba:64:be:8c:b7:a3:8c:d9:a0:a2:29:68:5c:
77:ad:a2:89:50:21:1c:79:fe:b3:59:41:fd:3f:ed:
5b:89:a4:b0:96:4f:03:9f:d4:ba:70:22:2c:3a:bb:
49:d4:f4:10:fa:db:22:a9:32:91:fe:ea:10:b7:c1:
a8:a8:65:79:ca:7d:cd:32:94:59:86:38:30:fa:ec:
b7:2d:ea:78:6f:9d:5e:e4:8c:62:1c:8f:a8:01:77:
1b:d9:d3:65:a7:e5:20:22:a3:d2:dd:d8:f3:53:fe:
db:21:ba:88:e5:c6:b3:14:fd:92:26:6e:86:c4:ed:
b8:ae:48:6d:d5:d3:cf:01:80:e5:ba:3d:ff:d7:de:
2a:5b:b3:84:0b:c0:75:e8:f3:00:f2:a5:58:11:1e:
1e:a1:93:d4:4c:80:7d:a9:9d:16:1c:f3:a9:ed:08:
2a:bf:20:da:f8:06:7c:e5:47:77:30:b4:cc:88:12:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C8:D0:70:22:CE:50:2D:A1:36:5E:57:3B:8C:3B:14:84:DF:1E:87
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/kMjQcCLOUC2hNl5XO4w7FITfHoc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.40.0/22
IPv6:
2a06:e940::/29
Signature Algorithm: sha256WithRSAEncryption
71:57:c8:f7:e9:07:b5:10:b6:46:01:cf:0a:41:20:1f:81:de:
6f:41:2b:7b:86:ba:09:8a:7b:7d:94:c5:05:9a:9b:a7:db:b5:
03:fa:43:4c:02:19:cf:7b:48:8d:94:b2:b2:ef:c9:5d:6f:7f:
1b:42:5d:6d:5d:bb:86:c4:ca:7d:9a:cb:a0:fc:85:c4:c1:92:
90:9d:84:ee:e9:e7:57:7d:b9:40:69:5e:08:a5:f1:00:9d:c1:
9e:5a:a9:64:20:2b:5b:e5:b7:c2:4c:44:00:d2:7c:44:d2:63:
f0:c0:fc:36:46:64:93:b3:67:d4:f1:b9:91:96:41:25:55:58:
27:85:77:3f:10:c1:cc:65:d0:aa:60:5b:9d:f1:7f:f5:97:05:
01:9b:fc:72:8c:db:3b:40:d7:42:80:8b:f9:6d:40:cb:da:98:
87:19:76:b1:ff:5b:b4:24:18:7d:ab:b2:f6:63:6d:db:68:a3:
9b:dd:5b:d4:e6:ad:7d:b8:a0:6b:34:f1:70:e5:91:a9:5b:86:
29:db:be:d7:ce:6c:d1:5b:12:ec:10:d0:5c:f8:c5:dd:96:f8:
2c:c2:06:42:e7:ac:5e:65:ef:37:9b:c4:4a:54:1e:e8:57:da:
f9:38:e8:e3:56:81:82:fc:6e:ce:e8:c0:ce:72:6a:1a:7f:19:
59:d9:4c:11
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQhscHR6+fy0KCYzhCMQAIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM4ZDA3MDIyY2U1MDJkYTEzNjVlNTczYjhjM2IxNDg0ZGYxZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoBgFQGR2Ya3864C4brFEuDge78a
UVUKKcY7iWSxg6uUI5YZkDnFg2WoKkzpJugOgzA375CXr8GehTZTCX+xcAdsZLMA
3xiRO97VVbpkvoy3o4zZoKIpaFx3raKJUCEcef6zWUH9P+1biaSwlk8Dn9S6cCIs
OrtJ1PQQ+tsiqTKR/uoQt8GoqGV5yn3NMpRZhjgw+uy3Lep4b51e5IxiHI+oAXcb
2dNlp+UgIqPS3djzU/7bIbqI5cazFP2SJm6GxO24rkht1dPPAYDluj3/194qW7OE
C8B16PMA8qVYER4eoZPUTIB9qZ0WHPOp7QgqvyDa+AZ85Ud3MLTMiBIB0QIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJDI0HAizlAtoTZeVzuMOxSE3x6HMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5LzJiZGUw
MS0zNjVjLTQwODQtYTdkNi05ZTllNGNhZjMxNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvMmJkZTAx
LTM2NWMtNDA4NC1hN2Q2LTllOWU0Y2FmMzE3NS8xL2tNalFjQ0xPVUMyaE5sNVhP
NHc3RklUZkhvYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCjWIoMA0EAgACMAcDBQMqBulAMA0GCSqGSIb3
DQEBCwUAA4IBAQBxV8j36Qe1ELZGAc8KQSAfgd5vQSt7hroJint9lMUFmpun27UD
+kNMAhnPe0iNlLKy78ldb38bQl1tXbuGxMp9msug/IXEwZKQnYTu6edXfblAaV4I
pfEAncGeWqlkICtb5bfCTEQA0nxE0mPwwPw2RmSTs2fU8bmRlkElVVgnhXc/EMHM
ZdCqYFud8X/1lwUBm/xyjNs7QNdCgIv5bUDL2piHGXax/1u0JBh9q7L2Y23baKOb
3VvU5q19uKBrNPFw5ZGpW4Yp277XzmzRWxLsENBc+MXdlvgswgZC56xeZe83m8RK
VB7oV9r5OOjjVoGC/G7O6MDOcmoafxlZ2UwR
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:40:26 2025 by rpki-client