Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
File: XeHEMjIqoQWMPm_lf2N0qSlgacE.cer (raw, json)
Hash identifier: Mcll2BD1pH/N3kiuWRZ8d1I+ZidF665YY1CP/7qgL/Y=
Subject key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D64537433BB092EE701110F80F2A19
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 91.223.206.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:45:37:43:3b:b0:92:ee:70:11:10:f8:0f:2a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f3:72:cd:f9:f5:c1:f4:8c:e5:7b:bc:00:ab:
4d:a0:5a:e7:46:89:5d:84:a1:e8:1f:f5:9d:95:ff:
79:c7:b7:a6:33:81:11:c8:aa:76:6c:a7:b4:f9:d9:
30:fd:3a:db:77:a7:6b:8a:34:31:f9:4c:a0:51:d9:
da:73:3c:a1:aa:79:a2:13:b2:6f:cc:64:8b:18:3b:
3e:62:a2:e0:47:cf:8a:e1:be:af:3e:f8:64:01:e4:
15:85:ed:0c:3f:b7:da:9c:df:f5:ee:a9:88:54:ac:
bf:89:1d:50:f3:6a:72:3b:92:ea:ce:6b:61:2e:fd:
27:a2:91:39:1f:97:78:36:e9:ca:e5:e8:37:36:90:
b0:a4:06:20:4a:92:73:5b:88:41:46:5c:27:49:9b:
5a:c5:12:f0:f5:b0:9b:1b:e0:b0:52:15:90:80:48:
37:2d:fc:df:26:2b:50:81:8e:7b:aa:68:02:03:41:
b2:c5:c1:4f:3a:6a:53:61:dd:08:69:66:57:03:1e:
34:07:76:18:23:f3:21:b2:25:d4:61:74:93:3e:cf:
c2:be:56:b9:f3:eb:90:53:b5:fc:34:f3:f7:28:78:
4b:1c:04:4b:1e:ae:7b:6f:99:3e:d8:52:b0:87:f1:
a0:1f:59:d5:ba:79:87:3a:3d:26:61:00:22:f4:e1:
87:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.206.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ae:78:41:96:88:20:2f:c4:58:94:ca:fb:12:0a:65:c8:67:
3e:42:f8:91:ff:2d:b2:d6:de:29:d1:5d:5e:31:f9:f8:17:75:
b7:fa:3a:06:64:e2:bd:46:54:08:99:74:cc:5c:69:7a:ba:0c:
6b:6e:af:8c:6c:ba:ad:6d:da:0f:b9:4c:dc:bc:26:32:2f:eb:
b9:19:fb:55:d6:6c:04:fe:2c:13:ac:ba:7e:02:2f:6e:6d:f1:
d0:b9:e1:ae:4e:5f:40:27:b4:cb:ad:9f:ce:7f:9d:2c:a6:ec:
44:65:8f:00:66:7c:31:57:52:e8:93:64:46:d6:5a:a4:c1:fa:
b3:64:2d:d4:c9:47:63:7c:2c:90:98:b6:63:7d:dc:23:8b:8c:
0d:04:0a:7a:fa:8e:bf:72:fb:cf:6e:ea:d7:a3:f6:47:df:fb:
d5:7b:eb:81:28:f2:42:89:4b:ed:6c:4f:b8:7d:37:bd:bb:e6:
42:32:24:ff:47:b5:c9:2a:7b:bc:37:b2:b5:a7:dd:1f:d0:7f:
fb:04:f2:d6:74:27:ed:ca:c2:05:83:64:7d:bb:c9:7c:fb:35:
85:b3:3b:14:31:f4:b8:57:c7:e2:8b:ce:6b:1a:40:8b:c0:22:
b3:d5:70:07:e6:01:97:03:b1:b0:d5:0d:c3:94:d1:40:7f:47:
74:3e:09:ad
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQg1kU3Qzuwku5wERD4DyoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUxYzQzMjMyMmFhMTA1OGMzZTZmZTU3ZjYzNzRhOTI5NjA2OWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/Nyzfn1wfSM5Xu8AKtNoFrnRold
hKHoH/Wdlf95x7emM4ERyKp2bKe0+dkw/Trbd6drijQx+UygUdnaczyhqnmiE7Jv
zGSLGDs+YqLgR8+K4b6vPvhkAeQVhe0MP7fanN/17qmIVKy/iR1Q82pyO5Lqzmth
Lv0nopE5H5d4NunK5eg3NpCwpAYgSpJzW4hBRlwnSZtaxRLw9bCbG+CwUhWQgEg3
LfzfJitQgY57qmgCA0GyxcFPOmpTYd0IaWZXAx40B3YYI/MhsiXUYXSTPs/Cvla5
8+uQU7X8NPP3KHhLHARLHq57b5k+2FKwh/GgH1nVunmHOj0mYQAi9OGHmQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFF3hxDIyKqEFjD5v5X9jdKkpYGnBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0LzMzNzk2
ZS03ZDVmLTQ3NWMtYjU2OS1kNzhiYjZmNWI4ZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvMzM3OTZl
LTdkNWYtNDc1Yy1iNTY5LWQ3OGJiNmY1YjhmNS8xL1hlSEVNaklxb1FXTVBtX2xm
Mk4wcVNsZ2FjRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW9/OMA0GCSqGSIb3DQEBCwUAA4IBAQAtrnhB
loggL8RYlMr7EgplyGc+QviR/y2y1t4p0V1eMfn4F3W3+joGZOK9RlQImXTMXGl6
ugxrbq+MbLqtbdoPuUzcvCYyL+u5GftV1mwE/iwTrLp+Ai9ubfHQueGuTl9AJ7TL
rZ/Of50spuxEZY8AZnwxV1Lok2RG1lqkwfqzZC3UyUdjfCyQmLZjfdwji4wNBAp6
+o6/cvvPburXo/ZH3/vVe+uBKPJCiUvtbE+4fTe9u+ZCMiT/R7XJKnu8N7K1p90f
0H/7BPLWdCftysIFg2R9u8l8+zWFszsUMfS4V8fii85rGkCLwCKz1XAH5gGXA7Gw
1Q3DlNFAf0d0Pgmt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:12 2025 by rpki-client on console.sobornost.net