Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AyHqOVCODhemUf6SrCnqOIMtC_8.cer
File: AyHqOVCODhemUf6SrCnqOIMtC_8.cer (raw, json)
Hash identifier: TbzO52v8UTBy2UlZlkGSL+zinHjNBc1DuEzq4n+rReg=
Subject key identifier: 03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFAB0AA5F39FC950093B8C6E54EF5A1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 78.31.32.0/21
IP: 85.202.64.0/20
IP: 91.198.144.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b0:aa:5f:39:fc:95:00:93:b8:c6:e5:4e:f5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0321ea39508e0e17a651fe92ac29ea38832d0bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:35:66:d7:03:47:49:ec:91:52:17:03:45:
e0:ec:41:53:6b:58:c2:21:ab:d9:84:8b:ee:2e:78:
84:ba:6f:ad:b4:5b:5e:98:9b:b5:9c:a2:0a:44:7f:
a1:2c:7b:9b:9f:f7:86:6d:06:8c:bb:49:05:fb:87:
0e:f5:6a:94:7b:43:37:6e:89:8d:7b:73:5b:92:f8:
af:e6:12:43:7f:46:84:62:13:98:8f:aa:be:6c:a6:
19:07:d3:b1:d4:90:e3:3a:cd:b4:ec:88:2f:53:a7:
d8:be:c5:f3:9b:cc:3a:14:d9:4e:1a:b1:2c:5c:18:
8d:bf:f0:ab:e3:0f:f1:5f:d7:b7:46:f6:11:47:99:
c3:7a:a2:43:a4:78:fe:7c:f1:65:87:1d:ce:13:0e:
2e:02:9f:24:dd:94:11:67:9a:9d:78:41:74:1b:2b:
00:b7:4e:06:79:23:b8:84:a1:9c:1b:16:dc:6c:c8:
94:17:e7:64:ab:61:b5:74:82:bc:8a:9a:3d:f0:42:
ac:fc:aa:8b:51:cd:99:a9:ae:7b:dd:20:1e:34:92:
25:2e:4c:d5:2f:31:35:07:04:3f:0a:12:f6:22:78:
f4:0e:47:e6:4f:a5:28:68:c6:0b:18:0d:4a:97:4b:
56:bb:d1:0e:af:ca:e0:90:74:7d:2f:57:3f:b9:2f:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:21:EA:39:50:8E:0E:17:A6:51:FE:92:AC:29:EA:38:83:2D:0B:FF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c4817e-8281-42f7-9f4d-8cf805511002/1/AyHqOVCODhemUf6SrCnqOIMtC_8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.32.0/21
85.202.64.0/20
91.198.144.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e5:1c:b6:a6:e2:55:61:40:12:d6:b1:6d:63:11:da:a6:40:
64:d0:47:f7:81:21:a1:be:7b:bd:88:2b:32:49:70:f4:41:18:
ed:4b:9d:90:dd:8d:d3:f5:2c:f8:73:97:a3:c8:3e:4b:84:20:
9d:97:e4:ff:bc:5a:a9:d6:13:12:23:36:9e:63:10:e4:ba:5b:
0c:c6:24:9e:2b:77:d1:88:ed:0e:39:48:9f:4f:ff:73:78:f7:
9b:83:f1:bc:62:f2:81:e1:17:fc:5b:5e:25:47:1e:fb:cb:04:
84:19:c7:0e:e6:c4:79:74:a4:bf:b3:14:1b:78:5a:64:9d:e6:
fb:41:ea:22:85:66:1c:55:d7:3f:d9:cd:08:3f:78:bf:87:b3:
1e:ff:8b:1f:65:7c:be:f3:5b:43:ab:6d:46:a3:39:bb:da:be:
18:a0:3e:cd:11:1a:8f:68:5c:ff:d6:3f:23:55:ae:31:a8:f8:
42:cc:4e:f6:10:0b:8c:b7:ec:0c:75:1a:45:f3:35:09:e3:15:
24:a5:39:28:0d:2b:62:91:a3:93:85:ce:84:3f:91:60:eb:6f:
9e:3d:61:14:18:65:a9:5f:14:e4:50:73:1f:3e:54:0c:20:cb:
9c:68:28:95:dd:cd:e6:2a:fb:4e:81:16:14:f2:09:71:b9:dc:
81:0d:60:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQf+rCqXzn8lQCTuMblTvWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIxZWEzOTUwOGUwZTE3YTY1MWZlOTJhYzI5ZWEzODgzMmQwYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviU1ZtcDR0nskVIXA0Xg7EFTa1jC
IavZhIvuLniEum+ttFtemJu1nKIKRH+hLHubn/eGbQaMu0kF+4cO9WqUe0M3bomN
e3Nbkviv5hJDf0aEYhOYj6q+bKYZB9Ox1JDjOs207IgvU6fYvsXzm8w6FNlOGrEs
XBiNv/Cr4w/xX9e3RvYRR5nDeqJDpHj+fPFlhx3OEw4uAp8k3ZQRZ5qdeEF0GysA
t04GeSO4hKGcGxbcbMiUF+dkq2G1dIK8ipo98EKs/KqLUc2Zqa573SAeNJIlLkzV
LzE1BwQ/ChL2Inj0DkfmT6UoaMYLGA1Kl0tWu9EOr8rgkHR9L1c/uS9++QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFAMh6jlQjg4XplH+kqwp6jiDLQv/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2M0ODE3
ZS04MjgxLTQyZjctOWY0ZC04Y2Y4MDU1MTEwMDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvYzQ4MTdl
LTgyODEtNDJmNy05ZjRkLThjZjgwNTUxMTAwMi8xL0F5SHFPVkNPRGhlbVVmNlNy
Q25xT0lNdENfOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQDTh8gAwQEVcpAAwQAW8aQMA0GCSqGSIb3DQEB
CwUAA4IBAQAX5Ry2puJVYUAS1rFtYxHapkBk0Ef3gSGhvnu9iCsySXD0QRjtS52Q
3Y3T9Sz4c5ejyD5LhCCdl+T/vFqp1hMSIzaeYxDkulsMxiSeK3fRiO0OOUifT/9z
ePebg/G8YvKB4Rf8W14lRx77ywSEGccO5sR5dKS/sxQbeFpkneb7QeoihWYcVdc/
2c0IP3i/h7Me/4sfZXy+81tDq21Gozm72r4YoD7NERqPaFz/1j8jVa4xqPhCzE72
EAuMt+wMdRpF8zUJ4xUkpTkoDStikaOThc6EP5Fg62+ePWEUGGWpXxTkUHMfPlQM
IMucaCiV3c3mKvtOgRYU8glxudyBDWAw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:59 2025 by rpki-client on console.sobornost.net