Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
File: xypST5sbOAHb18iaFgrsB2tX5yk.cer (raw, json)
Hash identifier: DHKt9rSIyNDfH8KUjqT3pBQnkfjfs0q3QwUvfA3stZA=
Subject key identifier: C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FC34A023D829739E61E638362226B1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:49:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 91.205.188.0/22
IP: 176.118.224.0/19
IP: 2a0c:70c0::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:34:a0:23:d8:29:73:9e:61:e6:38:36:22:26:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:c6:f6:d2:33:5b:b1:2b:51:24:cf:66:22:
ea:e0:13:14:7d:c4:56:1e:59:5a:13:bd:00:a8:6e:
01:a4:87:f1:d1:97:c4:f7:1b:70:d2:d0:e2:d6:5d:
b2:35:07:f1:ad:9f:d0:1d:9f:bc:38:bc:a9:c6:3d:
0f:87:9e:9b:ef:2a:64:83:44:f4:a9:1a:fe:f6:66:
c8:a9:b9:0e:63:5b:f2:f6:56:eb:ed:d5:db:3e:7b:
0a:02:ce:72:de:4d:ba:ab:8d:6a:d4:82:ec:b2:fe:
01:29:cc:89:37:23:09:7c:39:8a:0c:41:3d:a3:a2:
0e:0b:7e:14:cd:fc:dc:20:e1:95:36:05:6b:b0:78:
49:05:0a:9b:55:fe:f3:7c:7f:f0:1a:f9:e1:60:9d:
28:9e:2b:5e:a7:5a:57:85:78:08:1e:34:9f:09:b7:
4f:d1:a3:d4:75:6c:fb:98:a9:7d:a9:75:05:76:6c:
e4:fe:63:e5:e3:30:3e:47:47:8a:e3:c2:59:5f:b6:
fc:1d:f3:74:f6:25:60:eb:b2:90:a4:a5:93:f4:18:
85:af:2b:eb:ac:66:27:35:fd:52:2e:b3:92:d0:ec:
fa:e4:0e:17:25:31:00:4d:80:19:9d:d3:0b:e2:c9:
90:d9:82:00:92:a5:b2:10:05:f1:c9:49:f9:17:16:
ef:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.188.0/22
176.118.224.0/19
IPv6:
2a0c:70c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d9:3a:32:46:4f:42:89:d5:df:c5:5e:41:93:81:72:ff:69:
ac:14:f6:35:01:78:ac:c4:cd:ba:36:d3:d4:70:81:78:45:00:
ea:a2:0d:08:f1:34:19:b8:cc:d4:ad:f7:77:90:f5:a8:7d:6e:
f4:ea:5b:57:8f:24:2b:0b:93:9b:9f:11:f7:64:aa:14:98:04:
70:f9:52:78:50:da:14:c9:0c:9b:e2:ca:da:0a:96:04:ce:81:
cc:60:ee:0e:cf:65:23:fa:1b:c8:4b:e3:53:00:7a:c0:83:36:
d9:70:00:fe:9a:00:4f:eb:98:e0:51:6a:be:1c:3d:ab:b6:2e:
ab:a6:cf:4d:77:38:68:05:d3:76:3a:c0:24:19:3d:ca:95:64:
fc:76:12:d6:d1:20:52:4f:6f:fe:4a:0c:ef:f7:fe:12:07:59:
e8:23:8d:87:e3:50:ff:89:b4:cb:6f:bd:29:85:ad:6d:73:52:
cf:e2:7c:c4:9c:a0:d8:ca:49:a8:7c:8e:59:79:cf:4e:b9:ba:
37:7c:ec:e0:49:63:2c:00:d0:ca:5f:02:6a:4e:85:20:44:28:
6d:10:fd:25:fa:f2:99:9e:e9:84:c9:be:38:23:64:ac:bf:df:
99:df:d8:5d:b0:b4:2f:c8:57:3a:99:17:27:a5:72:a7:f2:f5:
94:ae:84:c3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQi/DSgI9gpc55h5jg2IiaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJhNTI0ZjliMWIzODAxZGJkN2M4OWExNjBhZWMwNzZiNTdlNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/XG9tIzW7ErUSTPZiLq4BMUfcRW
HllaE70AqG4BpIfx0ZfE9xtw0tDi1l2yNQfxrZ/QHZ+8OLypxj0Ph56b7ypkg0T0
qRr+9mbIqbkOY1vy9lbr7dXbPnsKAs5y3k26q41q1ILssv4BKcyJNyMJfDmKDEE9
o6IOC34UzfzcIOGVNgVrsHhJBQqbVf7zfH/wGvnhYJ0onitep1pXhXgIHjSfCbdP
0aPUdWz7mKl9qXUFdmzk/mPl4zA+R0eK48JZX7b8HfN09iVg67KQpKWT9BiFryvr
rGYnNf1SLrOS0Oz65A4XJTEATYAZndML4smQ2YIAkqWyEAXxyUn5FxbvwQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFMcqUk+bGzgB29fImhYK7AdrV+cpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzczLzRlM2Nj
Mi0xYTMzLTQ5NWEtOTk5Zi1kN2E2ODRhNTdiMTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMvNGUzY2My
LTFhMzMtNDk1YS05OTlmLWQ3YTY4NGE1N2IxOS8xL3h5cFNUNXNiT0FIYjE4aWFG
Z3JzQjJ0WDV5ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW828AwQFsHbgMA0EAgACMAcDBQMqDHDAMA0G
CSqGSIb3DQEBCwUAA4IBAQAO2ToyRk9CidXfxV5Bk4Fy/2msFPY1AXisxM26NtPU
cIF4RQDqog0I8TQZuMzUrfd3kPWofW706ltXjyQrC5ObnxH3ZKoUmARw+VJ4UNoU
yQyb4sraCpYEzoHMYO4Oz2Uj+hvIS+NTAHrAgzbZcAD+mgBP65jgUWq+HD2rti6r
ps9NdzhoBdN2OsAkGT3KlWT8dhLW0SBST2/+Sgzv9/4SB1noI42H41D/ibTLb70p
ha1tc1LP4nzEnKDYykmofI5Zec9Oubo3fOzgSWMsANDKXwJqToUgRChtEP0l+vKZ
numEyb44I2Ssv9+Z39hdsLQvyFc6mRcnpXKn8vWUroTD
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:08:32 2025 by rpki-client