Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ytx04QgwQh1O7qmCRM_RtBGQN_8.cer
File: ytx04QgwQh1O7qmCRM_RtBGQN_8.cer (raw, json)
Hash identifier: VkLd4L2xl9UjOxyDS4VjuIQl2Ry9tSLQnnQzaEJoDFQ=
Subject key identifier: CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266C3A30B3A17A0B56DD4019DEDC1E95
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:50:14 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 141.71.0.0/16
IP: 192.108.51.0 -- 192.108.53.255
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3a:30:b3:a1:7a:0b:56:dd:40:19:de:dc:1e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cadc74e10830421d4eeea98244cfd1b4119037ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:09:b4:59:f3:cd:00:a3:1c:46:04:b2:e8:
fd:e6:44:92:71:08:ae:46:63:32:99:e4:1f:80:a7:
a0:ae:c8:39:c4:57:59:db:b1:07:21:d5:87:e8:e6:
f3:17:fa:65:70:63:65:29:a1:5e:4c:f1:18:f8:1a:
e3:07:5d:dd:57:99:2c:82:98:ee:28:a7:5e:79:2e:
eb:e5:77:e1:c8:af:a0:fb:81:fd:3c:4e:23:37:50:
bb:72:c7:6d:4f:80:3b:6c:33:4d:23:d1:a9:56:45:
c8:83:14:fc:f0:4f:ff:cf:c6:09:84:e3:87:b2:dc:
36:05:ab:66:a5:ff:f2:8d:3d:ae:16:be:71:0e:8d:
e2:05:94:99:16:3c:6a:6e:4c:ed:e5:50:73:84:02:
85:bc:9d:a7:10:c4:f7:34:93:20:9f:1d:0a:e0:15:
de:36:ae:ef:b6:57:2b:6d:f5:af:25:5e:f2:6d:c6:
4e:bd:c7:ab:5e:68:68:21:d8:5c:e7:06:10:11:08:
2f:a6:a1:dd:96:80:89:bc:00:11:41:a7:b4:9c:22:
bb:26:ca:72:f1:53:e2:35:4d:f7:9f:a4:ee:71:89:
02:1d:cb:4f:ed:04:2f:4a:f9:d9:6d:29:26:fa:40:
d6:8a:e9:f0:03:94:2e:b4:56:8d:f9:4a:35:e8:5c:
e4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DC:74:E1:08:30:42:1D:4E:EE:A9:82:44:CF:D1:B4:11:90:37:FF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8bff72-5c16-4484-acc2-7eb4c088590f/1/ytx04QgwQh1O7qmCRM_RtBGQN_8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.71.0.0/16
192.108.51.0-192.108.53.255
Signature Algorithm: sha256WithRSAEncryption
02:14:82:bb:cc:a3:b3:37:81:0c:a7:b9:f9:c0:79:75:b5:51:
ee:77:ba:9f:73:e0:5f:5f:9e:59:96:42:42:7a:5d:57:80:af:
f9:22:04:4b:6d:55:eb:de:16:8d:8c:af:52:84:fa:4e:6a:27:
09:59:81:ce:ee:0c:23:19:43:42:33:0f:48:61:54:21:f1:80:
3d:73:60:35:00:5b:f6:bf:be:bf:92:6b:da:f4:33:1f:a5:21:
68:10:64:6e:3f:e6:d7:94:f1:26:77:b6:76:ad:ee:1a:42:df:
23:b9:c6:6b:bb:34:09:f8:4c:20:bf:cb:65:38:48:17:2e:2a:
79:74:65:82:98:4b:50:5f:fd:1c:ed:b6:b2:91:71:dc:19:8c:
3d:46:c0:0f:34:56:58:a7:89:43:b0:92:15:aa:9c:6e:d1:5e:
ca:4f:51:9c:49:d3:1a:e5:c6:10:3c:5a:a2:74:45:dd:9f:ad:
e9:e7:0f:3f:86:ba:aa:33:f2:fd:25:ad:aa:4c:80:5b:11:31:
11:0d:6d:a4:dd:7b:7e:75:02:66:0f:fb:96:fc:3e:4e:c2:0c:
9c:be:ac:71:57:1f:ff:9d:c9:4e:53:7a:7d:52:f2:3b:d3:dc:
f3:52:07:11:e1:5b:54:42:d1:c7:51:92:38:64:9c:21:67:3e:
af:c9:d0:d9
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZQmbDows6F6C1bdQBne3B6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRjNzRlMTA4MzA0MjFkNGVlZWE5ODI0NGNmZDFiNDExOTAzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqngJtFnzzQCjHEYEsuj95kSScQiu
RmMymeQfgKegrsg5xFdZ27EHIdWH6ObzF/plcGNlKaFeTPEY+BrjB13dV5ksgpju
KKdeeS7r5XfhyK+g+4H9PE4jN1C7csdtT4A7bDNNI9GpVkXIgxT88E//z8YJhOOH
stw2Batmpf/yjT2uFr5xDo3iBZSZFjxqbkzt5VBzhAKFvJ2nEMT3NJMgnx0K4BXe
Nq7vtlcrbfWvJV7ybcZOvcerXmhoIdhc5wYQEQgvpqHdloCJvAARQae0nCK7Jspy
8VPiNU33n6TucYkCHctP7QQvSvnZbSkm+kDWiunwA5QutFaN+Uo16FzkTQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFMrcdOEIMEIdTu6pgkTP0bQRkDf/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkLzhiZmY3
Mi01YzE2LTQ0ODQtYWNjMi03ZWI0YzA4ODU5MGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvOGJmZjcy
LTVjMTYtNDQ4NC1hY2MyLTdlYjRjMDg4NTkwZi8xL3l0eDA0UWd3UWgxTzdxbUNS
TV9SdEJHUU5fOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCwGCCsGAQUF
BwEHAQH/BB0wGzAZBAIAATATAwMAjUcwDAMEAMBsMwMEAcBsNDANBgkqhkiG9w0B
AQsFAAOCAQEAAhSCu8yjszeBDKe5+cB5dbVR7ne6n3PgX1+eWZZCQnpdV4Cv+SIE
S21V694WjYyvUoT6TmonCVmBzu4MIxlDQjMPSGFUIfGAPXNgNQBb9r++v5Jr2vQz
H6UhaBBkbj/m15TxJne2dq3uGkLfI7nGa7s0CfhMIL/LZThIFy4qeXRlgphLUF/9
HO22spFx3BmMPUbADzRWWKeJQ7CSFaqcbtFeyk9RnEnTGuXGEDxaonRF3Z+t6ecP
P4a6qjPy/SWtqkyAWxExEQ1tpN17fnUCZg/7lvw+TsIMnL6scVcf/53JTlN6fVLy
O9Pc81IHEeFbVELRx1GSOGScIWc+r8nQ2Q==
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:37:05 2025 by rpki-client