Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TcOR3GFf1KOtEMDyq4sKUG0Dntg.cer
File: TcOR3GFf1KOtEMDyq4sKUG0Dntg.cer (raw, json)
Hash identifier: 3B/Rbk+LmPHHXHRFXm7YtDtbHv3eUc2odbKHKLPLcXI=
Subject key identifier: 4D:C3:91:DC:61:5F:D4:A3:AD:10:C0:F2:AB:8B:0A:50:6D:03:9E:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942521FA4302D060C52AF969389BC21A80
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/TcOR3GFf1KOtEMDyq4sKUG0Dntg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.117.228.0/22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fa:43:02:d0:60:c5:2a:f9:69:38:9b:c2:1a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc391dc615fd4a3ad10c0f2ab8b0a506d039ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:55:b1:43:28:be:92:75:bb:7d:a9:33:82:d5:
18:2f:fa:ef:65:87:4e:aa:6f:49:a4:3d:8d:f0:88:
c6:1c:24:35:e7:1f:7b:02:4d:fe:b2:18:00:65:59:
c7:c8:51:b8:ef:87:df:86:46:83:ae:87:9c:7c:2e:
ed:4a:2d:57:23:7a:81:27:30:3e:fb:9e:36:d0:4a:
53:a8:3c:60:94:d5:09:ff:3b:d8:98:d3:1b:3d:84:
14:7d:be:84:02:44:0c:c5:49:0c:95:b9:5a:6d:99:
1e:92:1d:9b:4f:d3:be:f9:d3:34:12:72:a1:36:99:
e3:3d:c8:f9:a3:f2:2b:18:36:98:e3:19:7d:18:71:
ce:91:cc:f8:97:db:ce:95:48:39:b4:d9:41:d4:43:
d0:b9:25:da:7d:11:77:71:89:b0:a4:6b:7b:b9:2c:
ec:97:cb:11:04:8c:31:15:82:3d:a4:90:ae:59:04:
b0:fc:29:79:74:ec:57:7e:b4:40:1a:64:c1:14:3e:
01:3e:e0:67:ed:58:ce:ea:5d:88:17:55:21:3b:94:
45:26:f7:a1:45:21:43:90:79:46:83:f3:7e:c8:fd:
fa:b5:fd:63:5f:06:19:c0:4c:34:fc:cd:9c:8e:77:
31:8e:44:1f:4a:e7:aa:03:6f:19:01:14:5c:26:df:
3a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C3:91:DC:61:5F:D4:A3:AD:10:C0:F2:AB:8B:0A:50:6D:03:9E:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d66a58-fdf5-491e-b511-fd2915d4cd5a/1/TcOR3GFf1KOtEMDyq4sKUG0Dntg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.228.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:a7:ac:ae:e9:34:d2:06:7a:39:73:4d:88:2c:61:6c:7e:93:
cc:c1:c0:c5:21:fc:68:4f:00:0f:53:f7:0e:24:87:7b:89:dd:
0b:5f:ed:34:ed:e3:26:ec:dd:c6:60:c7:e6:ea:d4:3c:2e:de:
41:b5:13:20:f1:a2:9d:81:34:45:b8:12:3e:f9:77:27:4f:24:
6d:c1:aa:b0:46:4e:c5:50:45:99:c6:68:57:ab:17:df:de:0a:
f0:32:5f:db:17:c3:0e:63:5a:db:ca:4e:85:7d:30:2f:01:8b:
b0:12:88:ae:52:b7:4c:59:c8:1d:23:6d:26:2f:d9:ac:e7:3c:
12:4e:9c:65:4d:d0:3d:2a:3b:8e:47:af:07:58:1e:83:bc:4a:
73:ed:e9:44:4d:8f:ef:8e:7d:c3:d9:6f:1f:7f:4b:34:11:7f:
7a:90:7b:72:a1:85:f0:7e:bb:6b:2e:ff:65:4a:e3:2a:15:a0:
bb:8f:07:d7:87:85:0c:8c:d4:b4:7a:5e:80:39:39:2e:e0:80:
c7:3f:b0:fe:f5:f2:18:ec:54:50:3f:91:a0:46:d2:50:03:bb:
f8:3a:e9:bc:02:91:f4:96:f1:24:c3:46:af:df:0e:12:43:8f:
09:d5:a8:c8:f8:76:ea:d9:17:6d:4f:fc:46:55:1e:8d:6d:7c:
41:12:f8:cf
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQlIfpDAtBgxSr5aTibwhqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMzOTFkYzYxNWZkNGEzYWQxMGMwZjJhYjhiMGE1MDZkMDM5ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFWxQyi+knW7fakzgtUYL/rvZYdO
qm9JpD2N8IjGHCQ15x97Ak3+shgAZVnHyFG474ffhkaDroecfC7tSi1XI3qBJzA+
+5420EpTqDxglNUJ/zvYmNMbPYQUfb6EAkQMxUkMlblabZkekh2bT9O++dM0EnKh
NpnjPcj5o/IrGDaY4xl9GHHOkcz4l9vOlUg5tNlB1EPQuSXafRF3cYmwpGt7uSzs
l8sRBIwxFYI9pJCuWQSw/Cl5dOxXfrRAGmTBFD4BPuBn7VjO6l2IF1UhO5RFJveh
RSFDkHlGg/N+yP36tf1jXwYZwEw0/M2cjncxjkQfSueqA28ZARRcJt86owIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFE3DkdxhX9SjrRDA8quLClBtA57YMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjL2Q2NmE1
OC1mZGY1LTQ5MWUtYjUxMS1mZDI5MTVkNGNkNWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvZDY2YTU4
LWZkZjUtNDkxZS1iNTExLWZkMjkxNWQ0Y2Q1YS8xL1RjT1IzR0ZmMUtPdEVNRHlx
NHNLVUcwRG50Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuXXkMA0GCSqGSIb3DQEBCwUAA4IBAQCwp6yu
6TTSBno5c02ILGFsfpPMwcDFIfxoTwAPU/cOJId7id0LX+007eMm7N3GYMfm6tQ8
Lt5BtRMg8aKdgTRFuBI++XcnTyRtwaqwRk7FUEWZxmhXqxff3grwMl/bF8MOY1rb
yk6FfTAvAYuwEoiuUrdMWcgdI20mL9ms5zwSTpxlTdA9KjuOR68HWB6DvEpz7elE
TY/vjn3D2W8ff0s0EX96kHtyoYXwfrtrLv9lSuMqFaC7jwfXh4UMjNS0el6AOTku
4IDHP7D+9fIY7FRQP5GgRtJQA7v4Oum8ApH0lvEkw0av3w4SQ48J1ajI+Hbq2Rdt
T/xGVR6NbXxBEvjP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:02 2025 by rpki-client on console.sobornost.net