Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
File: 4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer (raw, json)
Hash identifier: C9hOrweStcb2g5plmoCgICrqr/QXjW+a1RBJoZ3ptH0=
Subject key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194258E481C284BCD1A4A8F8AB1373F1AA7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 05:47:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 43350
AS: 64437
IP: 5.104.136.0/21
IP: 37.143.32.0/21
IP: 37.153.168.0/22
IP: 37.156.228.0/22
IP: 37.156.252.0/22
IP: 46.166.128.0/19
IP: 46.166.176.0/20
IP: 77.247.176.0/21
IP: 85.159.232.0/21
IP: 89.38.160.0/22
IP: 92.114.100.0/22
IP: 109.201.128.0/19
IP: 176.126.232.0/22
IP: 185.7.76.0/22
IP: 185.11.144.0/22
IP: 185.45.193.0/24
IP: 185.62.188.0/22
IP: 185.82.201.0/24
IP: 185.82.203.0/24
IP: 185.106.121.0/24
IP: 185.107.36.0/22
IP: 185.107.44.0/22
IP: 185.107.56.0/22
IP: 185.107.68.0/22
IP: 185.107.80.0/22
IP: 185.107.92.0/22
IP: 185.107.100.0/22
IP: 185.107.116.0/22
IP: 185.117.74.0/23
IP: 185.183.96.0/24
IP: 185.198.57.0/24
IP: 185.244.150.0/24
IP: 188.209.48.0/20
IP: 194.36.189.0/24
IP: 212.92.104.0 -- 212.92.125.255
IP: 2a00:1768::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:48:1c:28:4b:cd:1a:4a:8f:8a:b1:37:3f:1a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:40:2a:d6:90:7e:c4:e7:21:ae:82:ca:0a:2e:
38:73:f7:d1:29:1a:18:27:33:4d:f0:03:c3:f2:a7:
d4:2f:ad:e7:ac:54:88:89:5c:85:eb:17:51:36:1e:
fa:ac:f7:73:b2:b6:71:64:7e:d5:ef:42:22:ce:45:
e0:73:6c:cb:e5:56:50:35:4b:d2:ed:f3:e9:dc:cc:
65:24:f8:b3:70:10:42:40:3a:d4:41:41:c3:ef:65:
0b:4e:73:b6:91:2a:ca:72:47:6c:d7:d0:10:6e:4c:
17:70:35:16:9b:25:43:90:84:1c:14:59:f5:3c:18:
91:40:78:4c:c6:2a:88:1b:28:d2:0a:db:16:c5:fb:
76:8f:dd:b9:bb:0d:fb:28:9e:59:91:71:41:00:81:
96:f2:7e:4c:8c:6b:ee:33:15:6f:0a:88:07:e8:2c:
a2:f0:48:4a:27:6e:26:9c:23:29:43:d8:12:8a:3a:
29:1d:3f:13:6d:09:71:a0:14:23:c5:7e:b9:bb:73:
9e:58:cb:2f:c8:23:5f:dd:7a:cf:29:57:05:f6:11:
4f:4d:89:45:7e:73:cc:09:65:ba:ba:02:8b:fc:7b:
3c:e4:6a:eb:87:69:45:91:2d:02:23:df:8e:78:20:
3c:86:c8:aa:d2:2f:85:88:1b:31:5f:39:61:aa:52:
d4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/22
37.156.252.0/22
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/22
185.7.76.0/22
185.11.144.0/22
185.45.193.0/24
185.62.188.0/22
185.82.201.0/24
185.82.203.0/24
185.106.121.0/24
185.107.36.0/22
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
185.117.74.0/23
185.183.96.0/24
185.198.57.0/24
185.244.150.0/24
188.209.48.0/20
194.36.189.0/24
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43350
64437
Signature Algorithm: sha256WithRSAEncryption
40:44:e0:93:8b:7d:f1:8d:6e:4d:1c:fc:7f:42:b5:8b:08:29:
27:7b:fa:af:57:e5:44:0b:1f:47:c5:50:6f:24:26:3e:24:f0:
04:4a:30:b1:2c:df:9e:ef:40:03:e3:c6:c6:4f:91:36:9f:40:
d5:23:0a:8a:1b:24:d5:32:3e:76:34:06:30:d4:0c:4d:40:40:
c1:db:22:90:46:f7:e2:e5:2f:13:47:46:d4:74:37:c1:22:90:
e3:ec:52:d2:a4:84:27:34:a4:2b:a1:cf:fb:16:76:5a:9c:50:
62:f3:e0:0d:ee:7e:45:9b:1f:43:93:b7:b8:1d:af:21:b1:03:
30:bf:01:e8:21:5e:5a:d0:13:3f:8a:be:b9:88:b7:f4:9a:97:
98:b9:87:fa:93:86:6a:7f:76:c8:15:34:97:7b:50:49:1f:7f:
9f:2b:b2:5f:db:a9:0f:a1:2a:96:ed:e2:c7:0b:c8:09:8f:79:
92:b3:54:1b:e8:84:6e:cc:4e:93:73:7e:60:8e:ff:0e:cb:01:
21:4e:0c:20:ee:88:64:d1:16:7d:4b:3b:a5:b2:10:60:9e:1d:
a5:95:fd:2f:de:47:b9:a9:63:52:d0:a3:df:af:97:f0:35:f7:
a4:5a:2a:1b:b6:6c:b1:50:4c:50:e6:ac:8c:30:ce:43:dc:56:
4b:8d:a4:3f
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgISAZQljkgcKEvNGkqPirE3PxqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM4ZWMyNDJhNDNlOWM5ZDRjZWIyNWRjOTBlNTQ1MzM3M2QzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UAq1pB+xOchroLKCi44c/fRKRoY
JzNN8APD8qfUL63nrFSIiVyF6xdRNh76rPdzsrZxZH7V70IizkXgc2zL5VZQNUvS
7fPp3MxlJPizcBBCQDrUQUHD72ULTnO2kSrKckds19AQbkwXcDUWmyVDkIQcFFn1
PBiRQHhMxiqIGyjSCtsWxft2j925uw37KJ5ZkXFBAIGW8n5MjGvuMxVvCogH6Cyi
8EhKJ24mnCMpQ9gSijopHT8TbQlxoBQjxX65u3OeWMsvyCNf3XrPKVcF9hFPTYlF
fnPMCWW6ugKL/Hs85Grrh2lFkS0CI9+OeCA8hsiq0i+FiBsxXzlhqlLUBwIDAQAB
o4IDjjCCA4owHQYDVR0OBBYEFOE47CQqQ+nJ1M6yXckOVFM3PT9GMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmLzBiN2Zk
My05MGYwLTQ1ZDEtOGE1OC02Nzg1Y2Q0NTY4NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvMGI3ZmQz
LTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8xLzRUanNKQ3BENmNuVXpySmR5
UTVVVXpjOVAwWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBgYIKwYB
BQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQDBWiIAwQDJY8gAwQCJZmoAwQCJZzk
AwQCJZz8AwQFLqaAAwQELqawAwQDTfewAwQDVZ/oAwQCWSagAwQCXHJkAwQFbcmA
AwQCsH7oAwQCuQdMAwQCuQuQAwQAuS3BAwQCuT68AwQAuVLJAwQAuVLLAwQAuWp5
AwQCuWskAwQCuWssAwQCuWs4AwQCuWtEAwQCuWtQAwQCuWtcAwQCuWtkAwQCuWt0
AwQBuXVKAwQAubdgAwQAucY5AwQAufSWAwQEvNEwAwQAwiS9MAwDBAPUXGgDBAHU
XHwwDQQCAAIwBwMFAyoAF2gwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAKlWAgMA
+7UwDQYJKoZIhvcNAQELBQADggEBAEBE4JOLffGNbk0c/H9CtYsIKSd7+q9X5UQL
H0fFUG8kJj4k8ARKMLEs357vQAPjxsZPkTafQNUjCoobJNUyPnY0BjDUDE1AQMHb
IpBG9+LlLxNHRtR0N8EikOPsUtKkhCc0pCuhz/sWdlqcUGLz4A3ufkWbH0OTt7gd
ryGxAzC/AeghXlrQEz+KvrmIt/Sal5i5h/qThmp/dsgVNJd7UEkff58rsl/bqQ+h
Kpbt4scLyAmPeZKzVBvohG7MTpNzfmCO/w7LASFODCDuiGTRFn1LO6WyEGCeHaWV
/S/eR7mpY1LQo9+vl/A196RaKhu2bLFQTFDmrIwwzkPcVkuNpD8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:53:20 2025 by rpki-client