Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer
File: aOO6h-OpNGjMOzw_YPpj1ehTwxQ.cer (raw, json)
Hash identifier: 97sKa6Nc/pm2EuDZg2XyS6GNwhORYcjkq55nRecgCSo=
Subject key identifier: 68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143979C6433CC07C0594102B878DE03
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:47:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 195.49.240.0/21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:97:9c:64:33:cc:07:c0:59:41:02:b8:78:de:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68e3ba87e3a93468cc3b3c3f60fa63d5e853c314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:91:17:6d:5f:e9:03:07:6a:29:66:0b:c1:ce:
24:61:78:94:93:fb:92:be:32:5b:3d:4c:95:f6:74:
8c:cc:2c:1f:dc:47:ef:a3:b4:ff:8f:aa:80:b1:4c:
65:5c:1a:e6:bb:bb:e0:38:f1:82:ac:70:1c:a6:b8:
51:bd:64:32:49:9e:7a:c7:48:bc:25:67:d2:12:ee:
a6:1a:be:48:0e:0a:de:e7:7f:86:22:f3:b5:cb:6f:
d8:d8:05:0e:6e:50:d5:67:2e:c3:bf:6d:b5:e5:df:
0c:9e:42:4f:3a:f4:cf:63:86:47:13:27:11:41:a5:
9f:34:15:99:4d:ad:97:7d:74:0e:9c:55:94:9d:d7:
fa:be:75:4c:4b:2e:42:2b:87:0c:ab:eb:86:e8:d3:
5e:9f:61:52:c1:e2:22:f2:ea:91:95:70:89:57:39:
e2:e1:c0:38:a5:58:5d:15:e9:a8:37:af:c8:51:06:
5a:48:7c:0a:a2:e0:a2:52:bd:7b:63:1d:47:7d:89:
83:b1:8f:28:7a:27:20:1b:f8:76:c7:0b:2f:c5:df:
18:ca:e4:0c:9c:8c:4f:8d:f9:0a:31:d7:99:55:1a:
22:cd:1f:98:fc:0e:b5:9d:f6:f9:c3:bf:75:fc:6f:
80:0a:2c:06:ea:1c:54:44:7e:fe:f7:9a:cf:23:5f:
ef:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E3:BA:87:E3:A9:34:68:CC:3B:3C:3F:60:FA:63:D5:E8:53:C3:14
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1eff17-65ec-45ea-a75d-96eb07f7825b/1/aOO6h-OpNGjMOzw_YPpj1ehTwxQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.240.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:86:9b:39:dd:8f:45:1e:4f:64:8a:1e:7d:aa:d6:55:8f:f9:
02:27:73:94:2e:95:5e:85:40:71:f1:0b:25:5c:fa:23:66:f0:
dc:2d:1c:f7:a4:7c:7c:9c:08:d0:08:f2:b1:a2:c7:2f:f5:71:
21:ef:1e:fd:f7:a1:3b:be:4e:f7:79:f2:19:33:8d:3c:07:75:
04:d0:be:47:1a:bb:10:52:64:d5:dd:61:50:fd:14:d8:f8:e2:
e7:cb:c9:b5:6f:0e:19:b2:64:b9:1d:7a:2d:73:53:6b:a9:4e:
fb:28:7d:5b:4f:bc:33:cc:95:4c:f6:b8:b7:ae:89:26:40:42:
66:d8:f3:cf:c9:aa:b0:be:fd:51:90:50:91:7d:ca:1d:f7:41:
92:6a:4f:22:c8:3b:8c:ae:7f:79:eb:88:79:58:2f:23:d5:a7:
05:33:44:3f:d5:58:75:a6:07:7b:5d:41:41:00:09:76:00:2e:
13:ad:96:9e:fe:68:c8:a9:78:8d:02:c1:77:7a:3c:38:ca:f1:
5d:11:e5:b3:88:9e:34:f1:b9:f9:38:2b:bc:b6:35:10:b8:0c:
40:71:33:91:53:d3:7c:78:55:ff:97:60:04:63:a1:3a:d4:05:
60:6d:01:b0:d5:0d:36:12:c4:96:20:9a:d4:4c:c0:7c:68:44:
54:a3:3b:0c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQhQ5ecZDPMB8BZQQK4eN4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUzYmE4N2UzYTkzNDY4Y2MzYjNjM2Y2MGZhNjNkNWU4NTNjMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpEXbV/pAwdqKWYLwc4kYXiUk/uS
vjJbPUyV9nSMzCwf3Efvo7T/j6qAsUxlXBrmu7vgOPGCrHAcprhRvWQySZ56x0i8
JWfSEu6mGr5IDgre53+GIvO1y2/Y2AUOblDVZy7Dv2215d8MnkJPOvTPY4ZHEycR
QaWfNBWZTa2XfXQOnFWUndf6vnVMSy5CK4cMq+uG6NNen2FSweIi8uqRlXCJVzni
4cA4pVhdFemoN6/IUQZaSHwKouCiUr17Yx1HfYmDsY8oeicgG/h2xwsvxd8YyuQM
nIxPjfkKMdeZVRoizR+Y/A61nfb5w791/G+ACiwG6hxURH7+95rPI1/vowIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGjjuofjqTRozDs8P2D6Y9XoU8MUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YwLzFlZmYx
Ny02NWVjLTQ1ZWEtYTc1ZC05NmViMDdmNzgyNWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAvMWVmZjE3
LTY1ZWMtNDVlYS1hNzVkLTk2ZWIwN2Y3ODI1Yi8xL2FPTzZoLU9wTkdqTU96d19Z
UHBqMWVoVHd4US5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDwzHwMA0GCSqGSIb3DQEBCwUAA4IBAQCMhps5
3Y9FHk9kih59qtZVj/kCJ3OULpVehUBx8QslXPojZvDcLRz3pHx8nAjQCPKxoscv
9XEh7x7996E7vk73efIZM408B3UE0L5HGrsQUmTV3WFQ/RTY+OLny8m1bw4ZsmS5
HXotc1NrqU77KH1bT7wzzJVM9ri3rokmQEJm2PPPyaqwvv1RkFCRfcod90GSak8i
yDuMrn9564h5WC8j1acFM0Q/1Vh1pgd7XUFBAAl2AC4TrZae/mjIqXiNAsF3ejw4
yvFdEeWziJ408bn5OCu8tjUQuAxAcTORU9N8eFX/l2AEY6E61AVgbQGw1Q02EsSW
IJrUTMB8aERUozsM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:30 2025 by rpki-client on console.sobornost.net