Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
File: 2dYxVsGDbxbDtDDv-7cqxpky6ps.cer (raw, json)
Hash identifier: D5gOT5DiaFng4D968QTkpYHPmLKG+ImpPNtlWPo1ZYc=
Subject key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942067F7DDAC1E7317BAA91BB7CC4EC3A0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 31.12.76.0/22
IP: 31.40.220.0/22
IP: 31.40.228.0/22
IP: 37.44.200.0/22
IP: 46.149.160.0/22
IP: 78.138.8.0/24
IP: 78.138.41.0/24
IP: 78.138.53.0 -- 78.138.55.255
IP: 78.138.63.0/24
IP: 80.240.98.0/23
IP: 80.240.116.0 -- 80.240.123.255
IP: 80.240.125.0/24
IP: 82.97.204.0/24
IP: 83.229.0.0/23
IP: 83.229.7.0/24
IP: 83.229.12.0/23
IP: 83.229.27.0/24
IP: 83.229.30.0/24
IP: 83.229.36.0/23
IP: 83.229.58.0 -- 83.229.60.255
IP: 83.229.66.0/24
IP: 83.229.92.0/24
IP: 83.229.110.0/24
IP: 83.229.114.0/24
IP: 83.229.116.0/22
IP: 91.196.180.0/22
IP: 103.14.104.0/22
IP: 185.4.226.0/24
IP: 185.18.40.0/22
IP: 185.51.23.0/24
IP: 185.182.20.0/22
IP: 185.240.128.0/22
IP: 185.254.104.0/22
IP: 185.255.164.0/22
IP: 188.190.104.0/22
IP: 188.190.120.0/22
IP: 193.31.56.0/22
IP: 193.32.96.0/22
IP: 193.42.56.0/22
IP: 193.47.56.0/22
IP: 194.31.176.0/22
IP: 194.41.120.0/22
IP: 194.99.60.0/22
IP: 194.187.36.0/22
IP: 195.3.136.0/22
IP: 195.216.128.0/22
IP: 212.103.56.0/22
IP: 212.107.0.0/22
IP: 213.255.193.0 -- 213.255.194.255
IP: 213.255.196.0/24
IP: 213.255.199.0/24
IP: 213.255.204.0/24
IP: 213.255.207.0/24
IP: 213.255.240.0/22
IP: 213.255.248.0/22
IP: 217.194.130.0/23
IP: 217.194.136.0/23
IP: 217.194.139.0/24
IP: 217.194.144.0/24
IP: 217.194.151.0 -- 217.194.152.255
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f7:dd:ac:1e:73:17:ba:a9:1b:b7:cc:4e:c3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:8c:8f:23:9f:7b:97:3d:28:34:a0:11:73:
d7:8b:0e:b9:51:2c:30:89:6c:0a:d8:91:c2:65:c6:
cd:a2:78:7e:9f:db:e8:17:94:c3:5c:46:53:5e:dd:
32:b1:c1:95:d2:5b:33:33:2c:3b:e3:f3:84:ef:c6:
b4:71:d1:72:5b:cc:44:24:a1:31:4e:c1:99:f1:d1:
d5:61:66:53:a1:91:ee:74:66:7b:d0:4b:0b:e0:5d:
09:ec:ed:df:45:81:0f:1e:3d:c9:33:06:df:df:1d:
04:dd:03:d0:83:c9:e9:d5:e8:92:6a:7c:ae:89:3e:
95:1a:1a:b9:8e:7e:0f:37:87:01:1b:e4:be:62:97:
11:1c:5f:57:2c:7c:3c:bc:28:7e:b6:7b:fd:63:23:
f5:67:28:ef:6e:c6:46:75:54:2d:40:98:b6:5e:be:
16:8b:db:6a:19:4f:16:cb:ad:f7:cb:e6:ae:11:3f:
58:2e:7b:49:26:c6:27:53:02:13:1c:97:fc:68:20:
d2:e4:f4:7c:55:b6:1e:3f:a2:e6:50:d5:66:dc:ea:
4b:5c:37:f8:ea:61:1e:31:e2:16:c2:83:66:47:c1:
b2:82:b8:94:ba:0b:65:a3:99:31:22:97:88:90:52:
00:2e:01:a9:3b:93:12:bc:fa:ce:78:47:c2:e8:0d:
cd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.76.0/22
31.40.220.0/22
31.40.228.0/22
37.44.200.0/22
46.149.160.0/22
78.138.8.0/24
78.138.41.0/24
78.138.53.0-78.138.55.255
78.138.63.0/24
80.240.98.0/23
80.240.116.0-80.240.123.255
80.240.125.0/24
82.97.204.0/24
83.229.0.0/23
83.229.7.0/24
83.229.12.0/23
83.229.27.0/24
83.229.30.0/24
83.229.36.0/23
83.229.58.0-83.229.60.255
83.229.66.0/24
83.229.92.0/24
83.229.110.0/24
83.229.114.0/24
83.229.116.0/22
91.196.180.0/22
103.14.104.0/22
185.4.226.0/24
185.18.40.0/22
185.51.23.0/24
185.182.20.0/22
185.240.128.0/22
185.254.104.0/22
185.255.164.0/22
188.190.104.0/22
188.190.120.0/22
193.31.56.0/22
193.32.96.0/22
193.42.56.0/22
193.47.56.0/22
194.31.176.0/22
194.41.120.0/22
194.99.60.0/22
194.187.36.0/22
195.3.136.0/22
195.216.128.0/22
212.103.56.0/22
212.107.0.0/22
213.255.193.0-213.255.194.255
213.255.196.0/24
213.255.199.0/24
213.255.204.0/24
213.255.207.0/24
213.255.240.0/22
213.255.248.0/22
217.194.130.0/23
217.194.136.0/23
217.194.139.0/24
217.194.144.0/24
217.194.151.0-217.194.152.255
Signature Algorithm: sha256WithRSAEncryption
8c:ec:6a:47:14:4c:e5:55:d6:b6:e3:9c:46:61:a9:77:b0:f4:
6d:e1:ac:2b:75:fd:74:9b:88:a8:a6:6c:88:03:6d:05:d7:b1:
ca:96:c1:d3:4a:e9:91:5f:cf:28:f3:b2:92:fe:04:8b:f5:a8:
c9:9d:3c:d9:37:77:74:36:75:21:14:d0:49:ee:03:44:ca:c0:
61:90:31:ab:9f:47:67:8c:84:71:38:24:03:11:44:05:d5:7d:
ab:18:5b:2f:71:16:e4:7c:06:76:78:4a:17:be:d7:75:42:1b:
9b:d1:42:24:f0:4b:9c:6e:ef:c6:ea:5c:a4:07:37:36:18:80:
0c:e4:b6:ec:8a:46:cd:80:5b:3d:d6:86:15:87:a4:9f:35:68:
24:0b:61:af:ee:2b:4c:ed:ec:5f:25:48:79:66:49:03:ed:60:
38:23:86:a1:5b:fa:ff:58:0f:e0:64:b8:80:7a:83:e8:9d:71:
4d:c5:80:2d:3f:bc:80:77:d2:da:50:eb:81:82:1d:70:60:fd:
ca:e5:86:d1:27:b6:84:34:60:00:17:f6:fc:aa:8a:ea:9f:fc:
97:5a:86:6a:05:90:df:d2:04:0e:c1:59:08:1d:2a:2b:df:c7:
c1:14:22:0a:af:05:c4:02:67:0a:5d:0a:87:70:a5:34:d5:97:
68:56:ef:b0
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgISAZQgZ/fdrB5zF7qpG7fMTsOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQ2MzE1NmMxODM2ZjE2YzNiNDMwZWZmYmI3MmFjNjk5MzJlYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlniMjyOfe5c9KDSgEXPXiw65USww
iWwK2JHCZcbNonh+n9voF5TDXEZTXt0yscGV0lszMyw74/OE78a0cdFyW8xEJKEx
TsGZ8dHVYWZToZHudGZ70EsL4F0J7O3fRYEPHj3JMwbf3x0E3QPQg8np1eiSanyu
iT6VGhq5jn4PN4cBG+S+YpcRHF9XLHw8vCh+tnv9YyP1ZyjvbsZGdVQtQJi2Xr4W
i9tqGU8Wy633y+auET9YLntJJsYnUwITHJf8aCDS5PR8VbYeP6LmUNVm3OpLXDf4
6mEeMeIWwoNmR8GygriUugtlo5kxIpeIkFIALgGpO5MSvPrOeEfC6A3NMwIDAQAB
o4IEGDCCBBQwHQYDVR0OBBYEFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3LzhmNDZi
ZS0wMjhiLTRkMDMtYTk3My1mZGEwMTFlNWM5NzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvOGY0NmJl
LTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8xLzJkWXhWc0dEYnhiRHRERHYt
N2NxeHBreTZwcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBsQYIKwYB
BQUHAQcBAf8EggGgMIIBnDCCAZgEAgABMIIBkAMEAh8MTAMEAh8o3AMEAh8o5AME
AiUsyAMEAi6VoAMEAE6KCAMEAE6KKTAMAwQAToo1AwQDToowAwQAToo/AwQBUPBi
MAwDBAJQ8HQDBAJQ8HgDBABQ8H0DBABSYcwDBAFT5QADBABT5QcDBAFT5QwDBABT
5RsDBABT5R4DBAFT5SQwDAMEAVPlOgMEAFPlPAMEAFPlQgMEAFPlXAMEAFPlbgME
AFPlcgMEAlPldAMEAlvEtAMEAmcOaAMEALkE4gMEArkSKAMEALkzFwMEArm2FAME
ArnwgAMEArn+aAMEArn/pAMEAry+aAMEAry+eAMEAsEfOAMEAsEgYAMEAsEqOAME
AsEvOAMEAsIfsAMEAsIpeAMEAsJjPAMEAsK7JAMEAsMDiAMEAsPYgAMEAtRnOAME
AtRrADAMAwQA1f/BAwQA1f/CAwQA1f/EAwQA1f/HAwQA1f/MAwQA1f/PAwQC1f/w
AwQC1f/4AwQB2cKCAwQB2cKIAwQA2cKLAwQA2cKQMAwDBADZwpcDBADZwpgwDQYJ
KoZIhvcNAQELBQADggEBAIzsakcUTOVV1rbjnEZhqXew9G3hrCt1/XSbiKimbIgD
bQXXscqWwdNK6ZFfzyjzspL+BIv1qMmdPNk3d3Q2dSEU0EnuA0TKwGGQMaufR2eM
hHE4JAMRRAXVfasYWy9xFuR8BnZ4She+13VCG5vRQiTwS5xu78bqXKQHNzYYgAzk
tuyKRs2AWz3WhhWHpJ81aCQLYa/uK0zt7F8lSHlmSQPtYDgjhqFb+v9YD+BkuIB6
g+idcU3FgC0/vIB30tpQ64GCHXBg/crlhtEntoQ0YAAX9vyqiuqf/JdahmoFkN/S
BA7BWQgdKivfx8EUIgqvBcQCZwpdCodwpTTVl2hW77A=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:20:15 2025 by rpki-client