Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bS1XQJK6k5ov_3GqH46O2WFTCzA.cer
File: bS1XQJK6k5ov_3GqH46O2WFTCzA.cer (raw, json)
Hash identifier: +evI/ZaF8gE25RZTs3JzDZt93KhZpAp3EWfDgAauVbU=
Subject key identifier: 6D:2D:57:40:92:BA:93:9A:2F:FF:71:AA:1F:8E:8E:D9:61:53:0B:30
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422201CA7B405748150C20A1F3564C35F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/bS1XQJK6k5ov_3GqH46O2WFTCzA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.169.220.0/24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1c:a7:b4:05:74:81:50:c2:0a:1f:35:64:c3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d2d574092ba939a2fff71aa1f8e8ed961530b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f3:45:3b:b7:4a:69:fe:13:3f:fd:45:d9:94:
d3:84:f8:86:4d:d2:74:2d:e1:f9:7c:99:24:32:df:
90:1a:d6:bd:6c:53:69:a9:b5:f8:c0:4a:df:eb:37:
08:81:f4:67:a4:cf:68:13:d9:95:50:47:d0:8b:cb:
c8:9a:3b:fa:49:6d:6a:ad:3e:75:d2:d9:a1:2e:70:
a0:9a:2a:85:32:5d:62:9e:d1:76:00:3a:7c:c3:5c:
15:83:4d:65:57:9f:e9:06:c9:fe:7e:0b:4f:ea:68:
68:16:6b:08:dc:00:83:32:78:4e:02:75:97:4d:4d:
91:23:57:75:14:67:fe:6b:6f:d8:6f:76:b0:37:9a:
a9:2d:ce:38:61:4f:2d:50:aa:4a:54:d4:b1:7d:c7:
f0:12:a2:cc:f3:b7:53:86:e1:68:5a:a6:b1:fe:81:
f9:37:63:29:d4:83:2b:30:38:b2:39:b6:5a:a7:ef:
b3:08:57:30:82:c2:d8:93:a4:83:48:40:72:40:36:
57:ef:56:d1:73:57:48:c1:63:74:71:da:4c:31:f6:
b4:b3:81:21:09:a6:c7:55:03:a8:be:94:2f:7d:cd:
24:45:3e:3d:43:71:25:88:ee:e2:25:07:ff:75:0f:
0f:2e:9a:f8:9d:54:c7:78:fb:c1:52:be:d5:ff:5b:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2D:57:40:92:BA:93:9A:2F:FF:71:AA:1F:8E:8E:D9:61:53:0B:30
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/597cc3-3611-4628-bd7c-dbad1f4a4123/1/bS1XQJK6k5ov_3GqH46O2WFTCzA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.220.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ba:4c:1b:1d:ed:3b:01:dc:e2:f1:4f:63:c8:c9:c5:64:fb:
50:ab:d0:82:30:e4:1a:f5:6c:f2:32:a8:94:92:94:81:14:d3:
6c:c9:d3:7a:25:bb:9c:1f:90:aa:6c:ed:d6:1e:24:5f:ee:51:
c3:68:9b:47:29:e1:21:24:a9:90:ac:4b:dc:87:61:d1:82:86:
d3:d1:f2:4e:ff:ae:3e:2c:81:1a:75:0d:c5:c1:5a:22:5e:99:
44:fe:59:27:ac:fc:e4:39:49:8c:13:10:c3:d9:18:5a:1a:27:
f3:f4:6d:22:c9:11:7c:99:8e:2e:77:e6:99:11:ad:96:02:f2:
8e:39:27:11:70:a9:b4:7b:43:39:49:0e:b2:cc:c4:5e:e4:1c:
d4:fe:a6:95:34:d3:2d:34:f6:0f:a5:f7:95:03:9d:53:75:d1:
78:f5:ba:17:da:14:a9:6b:9a:60:7e:9f:f8:df:9a:d6:6a:31:
cf:b3:8c:30:21:f9:87:62:c2:0f:77:95:85:51:2d:2b:7e:df:
79:de:21:1d:af:92:2b:08:e9:2a:3c:34:35:b5:88:46:f6:3f:
75:a5:c2:2c:0b:2e:14:c3:97:c2:07:82:05:22:1a:fc:c2:00:
a5:64:f9:16:f4:d6:3b:89:c6:62:ed:28:87:95:52:f9:c9:52:
62:63:30:0b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZQiIByntAV0gVDCCh81ZMNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJkNTc0MDkyYmE5MzlhMmZmZjcxYWExZjhlOGVkOTYxNTMwYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/NFO7dKaf4TP/1F2ZTThPiGTdJ0
LeH5fJkkMt+QGta9bFNpqbX4wErf6zcIgfRnpM9oE9mVUEfQi8vImjv6SW1qrT51
0tmhLnCgmiqFMl1intF2ADp8w1wVg01lV5/pBsn+fgtP6mhoFmsI3ACDMnhOAnWX
TU2RI1d1FGf+a2/Yb3awN5qpLc44YU8tUKpKVNSxfcfwEqLM87dThuFoWqax/oH5
N2Mp1IMrMDiyObZap++zCFcwgsLYk6SDSEByQDZX71bRc1dIwWN0cdpMMfa0s4Eh
CabHVQOovpQvfc0kRT49Q3EliO7iJQf/dQ8PLpr4nVTHePvBUr7V/1sAUwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFG0tV0CSupOaL/9xqh+OjtlhUwswMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVlLzU5N2Nj
My0zNjExLTQ2MjgtYmQ3Yy1kYmFkMWY0YTQxMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUvNTk3Y2Mz
LTM2MTEtNDYyOC1iZDdjLWRiYWQxZjRhNDEyMy8xL2JTMVhRSks2azVvdl8zR3FI
NDZPMldGVEN6QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwqncMA0GCSqGSIb3DQEBCwUAA4IBAQBhukwb
He07Adzi8U9jyMnFZPtQq9CCMOQa9WzyMqiUkpSBFNNsydN6JbucH5CqbO3WHiRf
7lHDaJtHKeEhJKmQrEvch2HRgobT0fJO/64+LIEadQ3FwVoiXplE/lknrPzkOUmM
ExDD2RhaGifz9G0iyRF8mY4ud+aZEa2WAvKOOScRcKm0e0M5SQ6yzMRe5BzU/qaV
NNMtNPYPpfeVA51TddF49boX2hSpa5pgfp/435rWajHPs4wwIfmHYsIPd5WFUS0r
ft953iEdr5IrCOkqPDQ1tYhG9j91pcIsCy4Uw5fCB4IFIhr8wgClZPkW9NY7icZi
7SiHlVL5yVJiYzAL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:46 2025 by rpki-client on console.sobornost.net