Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer
File: o3gRjbBeTJPnb6HxyVZ5xwW-sgg.cer (raw, json)
Hash identifier: BaeuovlinU9t1tPuDkNfzQdf4r7RuuruUVv3CCzBs8k=
Subject key identifier: A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942444A9E6B5E40AF60048BB96FBDD5844
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:47:47 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2001:67c:2ef0::/48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a9:e6:b5:e4:0a:f6:00:48:bb:96:fb:dd:58:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a378118db05e4c93e76fa1f1c95679c705beb208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ca:de:ba:1e:63:a9:ae:bb:95:46:22:ff:6c:
18:23:da:85:2e:89:0b:f5:86:3e:d1:a8:52:12:94:
95:de:54:97:84:e9:20:2f:c3:0f:b8:29:a7:e2:3d:
24:ad:ae:55:aa:1c:a0:70:a9:ba:be:47:82:c7:88:
b3:65:d0:49:1d:f0:29:08:5d:c9:0c:3e:25:ca:3b:
57:aa:6e:33:6c:8d:a3:d8:68:ca:23:da:7c:ec:43:
1c:d5:7b:a7:13:62:f3:10:02:a7:40:30:9c:ca:11:
b2:5c:f3:72:e4:7e:54:fd:64:e0:8f:68:d2:b3:3f:
bf:cc:6c:7d:f6:3e:18:da:0f:b6:6a:25:13:0e:c3:
18:7a:87:00:6e:67:1d:ef:21:e9:32:a6:8e:36:3c:
01:20:97:5d:3c:4f:46:fb:d2:15:56:90:0b:04:92:
40:c3:f6:d8:a5:92:46:fd:4e:fa:a3:b6:fa:93:0e:
63:f9:9a:d5:64:18:a8:3c:81:ca:6a:b4:40:1c:7a:
b3:62:b4:72:8b:c1:a3:36:86:b5:ae:97:48:75:1f:
d1:a4:47:03:8a:2c:0f:9c:c4:c2:a1:23:37:7f:a9:
f5:15:a8:89:65:2e:9c:2f:23:2c:ff:e6:2f:e9:2b:
00:51:10:20:f7:dd:62:93:7a:ae:a5:00:c9:ac:8e:
1b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:78:11:8D:B0:5E:4C:93:E7:6F:A1:F1:C9:56:79:C7:05:BE:B2:08
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/0f355a-3a0a-46ec-b07f-866607af2fa5/1/o3gRjbBeTJPnb6HxyVZ5xwW-sgg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ef0::/48
Signature Algorithm: sha256WithRSAEncryption
a5:4c:7f:4b:be:e1:e4:c0:62:7a:d0:89:40:e9:e6:f9:2f:4e:
55:58:15:a1:b2:1d:82:b9:45:c5:88:d6:4c:63:df:5b:84:3a:
36:a6:bb:c7:24:6f:da:a4:5c:36:0f:5f:a2:5c:d3:dc:cb:66:
7d:c1:09:1e:15:ff:6f:55:c6:65:c0:f4:60:01:81:89:b6:08:
e8:15:5b:a8:95:fd:4b:57:77:00:ea:cc:3a:44:87:06:94:21:
1d:33:55:d3:89:ad:f3:9f:a9:3f:14:fd:92:d9:64:3a:a8:e5:
bb:4c:9c:35:38:ee:9a:13:be:25:6b:ae:a7:af:95:b0:ee:34:
53:c9:89:d3:f2:ba:13:5f:57:88:b8:f3:75:67:db:a0:9c:aa:
90:3b:e2:2d:2e:14:ec:9a:55:5d:01:0f:b5:05:b8:e0:a3:a2:
87:f3:55:b4:52:eb:c3:11:32:6d:bc:2d:36:2e:43:79:71:28:
69:6c:7b:1e:b1:22:7b:88:e6:74:01:94:73:a9:60:62:57:52:
ea:3e:ff:7d:d1:b1:88:34:64:df:04:a8:ac:b0:6b:e7:60:bd:
18:36:32:3e:9c:64:3d:a4:e1:36:03:a4:41:cf:fb:2e:cf:bb:
08:f1:73:bb:d9:56:3b:fa:8b:07:bf:14:24:33:08:bf:b6:2e:
0b:ff:ea:a5
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZQkRKnmteQK9gBIu5b73VhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc4MTE4ZGIwNWU0YzkzZTc2ZmExZjFjOTU2NzljNzA1YmViMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMreuh5jqa67lUYi/2wYI9qFLokL
9YY+0ahSEpSV3lSXhOkgL8MPuCmn4j0kra5VqhygcKm6vkeCx4izZdBJHfApCF3J
DD4lyjtXqm4zbI2j2GjKI9p87EMc1XunE2LzEAKnQDCcyhGyXPNy5H5U/WTgj2jS
sz+/zGx99j4Y2g+2aiUTDsMYeocAbmcd7yHpMqaONjwBIJddPE9G+9IVVpALBJJA
w/bYpZJG/U76o7b6kw5j+ZrVZBioPIHKarRAHHqzYrRyi8GjNoa1rpdIdR/RpEcD
iiwPnMTCoSM3f6n1FaiJZS6cLyMs/+Yv6SsAURAg991ik3qupQDJrI4bDQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFKN4EY2wXkyT52+h8clWeccFvrIIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5LzBmMzU1
YS0zYTBhLTQ2ZWMtYjA3Zi04NjY2MDdhZjJmYTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvMGYzNTVh
LTNhMGEtNDZlYy1iMDdmLTg2NjYwN2FmMmZhNS8xL28zZ1JqYkJlVEpQbmI2SHh5
Vlo1eHdXLXNnZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC7wMA0GCSqGSIb3DQEBCwUAA4IBAQCl
TH9LvuHkwGJ60IlA6eb5L05VWBWhsh2CuUXFiNZMY99bhDo2prvHJG/apFw2D1+i
XNPcy2Z9wQkeFf9vVcZlwPRgAYGJtgjoFVuolf1LV3cA6sw6RIcGlCEdM1XTia3z
n6k/FP2S2WQ6qOW7TJw1OO6aE74la66nr5Ww7jRTyYnT8roTX1eIuPN1Z9ugnKqQ
O+ItLhTsmlVdAQ+1Bbjgo6KH81W0UuvDETJtvC02LkN5cShpbHsesSJ7iOZ0AZRz
qWBiV1LqPv990bGINGTfBKissGvnYL0YNjI+nGQ9pOE2A6RBz/suz7sI8XO72VY7
+osHvxQkMwi/ti4L/+ql
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:50 2025 by rpki-client on console.sobornost.net