Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
File: AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer (raw, json)
Hash identifier: lPDysdTnomAhiM1bvUq1hEWXuLD0BfloA60fz6QeWt4=
Subject key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942521E1E9D95FB192F6074A861CD43DB8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35699
IP: 45.130.132.0/22
IP: 45.133.138.0/23
IP: 45.137.240.0/22
IP: 45.145.244.0/22
IP: 45.151.224.0/22
IP: 45.230.12.0/22
IP: 62.56.192.0/20
IP: 64.190.114.0/23
IP: 66.45.120.0/21
IP: 70.34.224.0/20
IP: 74.126.176.0/20
IP: 86.111.60.0/22
IP: 87.236.180.0/22
IP: 91.126.16.0 -- 91.126.255.255
IP: 98.96.184.0/21
IP: 103.202.232.0/22
IP: 110.93.8.0/22
IP: 135.129.224.0/20
IP: 143.131.192.0/18
IP: 147.136.252.0/23
IP: 147.161.64.0/18
IP: 173.243.32.0/20
IP: 185.203.208.0/22
IP: 185.239.36.0/22
IP: 212.97.88.0/21
IP: 216.147.96.0/20
IP: 2a00:1af0::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e1:e9:d9:5f:b1:92:f6:07:4a:86:1c:d4:3d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:6e:64:bb:3f:67:13:90:4d:d1:48:ed:72:
85:b2:5b:07:d8:b8:30:96:e8:f6:dc:7f:96:50:99:
79:cf:88:ec:34:54:59:a3:ec:d1:a9:fc:d7:d7:45:
3f:c9:55:7c:c7:a9:3a:d0:90:7c:b0:cc:9b:49:c0:
04:b1:f4:75:f4:5d:74:04:99:6c:fc:8e:4b:b8:aa:
8d:ba:f2:5b:aa:d1:6c:86:92:e4:78:00:34:ae:76:
16:d3:6a:09:31:c8:d8:70:06:bd:8f:7e:f2:ea:71:
a1:da:50:cf:0c:64:db:3f:92:fd:9d:e7:ab:21:6a:
2f:ee:54:82:77:4b:f4:3b:88:a2:8a:38:cb:82:a7:
fa:9b:cc:d8:98:0b:87:3d:b5:62:fc:d6:1c:f4:fa:
17:fe:70:3d:cb:da:df:5e:be:73:c5:e0:a5:cf:38:
d2:fc:03:96:de:ed:7d:52:2f:43:1d:b0:f2:1f:c0:
51:78:a2:2e:03:f0:23:9d:bd:db:ef:ad:ad:32:d5:
73:f5:35:19:e4:44:06:b1:40:a4:c8:a6:75:06:64:
3e:9f:ea:dd:c8:43:44:c3:75:49:a7:ff:50:1f:2c:
c3:fb:37:00:c3:c7:6a:3c:c6:e8:46:09:78:d6:b9:
1a:f6:62:a0:77:94:8c:ec:2f:44:68:1c:b3:c5:91:
c9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
66.45.120.0/21
70.34.224.0/20
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
212.97.88.0/21
216.147.96.0/20
IPv6:
2a00:1af0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35699
Signature Algorithm: sha256WithRSAEncryption
87:60:c3:01:a9:d9:50:54:cd:16:bc:41:e1:3a:81:7b:4e:3d:
21:d5:75:c6:22:29:65:fd:72:8f:44:01:03:24:b6:50:34:52:
0f:fc:21:8b:5e:d3:cc:f7:c7:34:3b:73:af:d2:bb:c1:e9:04:
cd:9c:9b:33:56:71:6c:01:f1:be:13:44:c7:39:e5:30:e2:84:
36:37:c4:72:62:25:f3:2b:50:e2:e0:6c:80:c1:e6:4e:64:51:
b9:e0:46:25:17:5c:97:09:8a:72:3d:57:57:88:fd:26:c8:10:
05:3e:e3:83:86:7d:71:b8:6e:e1:99:bb:2d:dc:f1:92:1c:28:
99:eb:75:24:bf:34:8e:85:bf:b2:3b:69:4f:94:d1:39:0d:d7:
00:d1:3b:85:ed:f2:7e:c7:99:81:f0:8b:08:57:aa:dc:c7:7e:
d2:83:92:62:8a:10:a8:7b:ec:4c:f2:ee:0e:fe:26:48:f4:94:
78:e3:fb:61:86:d2:04:1a:03:14:0c:37:02:3c:34:68:7f:77:
61:d8:39:c7:45:39:3c:c5:c7:18:c9:44:3a:90:6d:db:bc:3a:
9e:5a:4f:bc:a3:1c:94:6d:fd:35:46:58:40:a9:91:46:ce:65:
85:81:e7:26:93:6f:b9:e6:96:54:70:75:9e:dd:c0:9b:7a:ab:
92:ae:49:e7
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZQlIeHp2V+xkvYHSoYc1D24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTcwYTE2OWI2Y2Q0MTEwMjIyNzllOWZmOTk3ZjEzNGZmNTRhYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHVuZLs/ZxOQTdFI7XKFslsH2Lgw
luj23H+WUJl5z4jsNFRZo+zRqfzX10U/yVV8x6k60JB8sMybScAEsfR19F10BJls
/I5LuKqNuvJbqtFshpLkeAA0rnYW02oJMcjYcAa9j37y6nGh2lDPDGTbP5L9neer
IWov7lSCd0v0O4iiijjLgqf6m8zYmAuHPbVi/NYc9PoX/nA9y9rfXr5zxeClzzjS
/AOW3u19Ui9DHbDyH8BReKIuA/Ajnb3b762tMtVz9TUZ5EQGsUCkyKZ1BmQ+n+rd
yENEw3VJp/9QHyzD+zcAw8dqPMboRgl41rka9mKgd5SM7C9EaByzxZHJ7wIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFAFwoWm2zUEQIieen/mX8TT/VKscMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzFlNzc3
Zi05ODZiLTRlMzQtOGQ4MS03ZDRiYjIzODA0ODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvMWU3Nzdm
LTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8xL0FYQ2hhYmJOUVJBaUo1NmYt
WmZ4TlA5VXF4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHPBggrBgEF
BQcBBwEB/wSBvzCBvDCBqgQCAAEwgaMDBAItgoQDBAEthYoDBAItifADBAItkfQD
BAItl+ADBAIt5gwDBAQ+OMADBAFAvnIDBANCLXgDBARGIuADBARKfrADBAJWbzwD
BAJX7LQwCwMEBFt+EAMDAFt+AwQDYmC4AwQCZ8roAwQCbl0IAwQEh4HgAwQGj4PA
AwQBk4j8AwQGk6FAAwQErfMgAwQCucvQAwQCue8kAwQD1GFYAwQE2JNgMA0EAgAC
MAcDBQMqABrwMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLczANBgkqhkiG9w0B
AQsFAAOCAQEAh2DDAanZUFTNFrxB4TqBe049IdV1xiIpZf1yj0QBAyS2UDRSD/wh
i17TzPfHNDtzr9K7wekEzZybM1ZxbAHxvhNExznlMOKENjfEcmIl8ytQ4uBsgMHm
TmRRueBGJRdclwmKcj1XV4j9JsgQBT7jg4Z9cbhu4Zm7Ldzxkhwomet1JL80joW/
sjtpT5TROQ3XANE7he3yfseZgfCLCFeq3Md+0oOSYooQqHvsTPLuDv4mSPSUeOP7
YYbSBBoDFAw3Ajw0aH93Ydg5x0U5PMXHGMlEOpBt27w6nlpPvKMclG39NUZYQKmR
Rs5lhYHnJpNvueaWVHB1nt3Am3qrkq5J5w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:27 2025 by rpki-client