Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
File: CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer (raw, json)
Hash identifier: x100oKnDQ8vOz+9ty7qYoAHmthXGzPvQgB4/HM1E1do=
Subject key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019498BC7BD27FB9701E41DA8A0E74B626FF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 24 Jan 2025 14:34:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44285
AS: 48715
AS: 60248
IP: 5.1.43.0/24
IP: 37.32.32.0/21
IP: 37.75.243.0 -- 37.75.247.255
IP: 45.9.252.0/22
IP: 45.87.4.0/22
IP: 45.140.224.0/21
IP: 45.156.180.0/22
IP: 45.156.192.0/22
IP: 46.28.72.0/21
IP: 78.110.120.0/22
IP: 80.71.149.0/24
IP: 80.249.112.0 -- 80.249.114.255
IP: 84.47.224.0/21
IP: 85.198.24.0/22
IP: 85.198.48.0/20
IP: 88.135.36.0/22
IP: 91.236.168.0/23
IP: 91.247.171.0/24
IP: 130.193.77.0/24
IP: 152.89.44.0/22
IP: 185.18.212.0/22
IP: 185.36.228.0/24
IP: 185.51.200.0/22
IP: 185.58.240.0/22
IP: 185.112.148.0/22
IP: 185.121.128.0/22
IP: 185.128.136.0/22
IP: 185.141.104.0/22
IP: 185.141.132.0/22
IP: 185.170.8.0/24
IP: 185.173.129.0 -- 185.173.130.255
IP: 185.182.248.0/22
IP: 185.206.231.0/24
IP: 185.213.195.0/24
IP: 185.233.131.0/24
IP: 185.234.14.0/24
IP: 185.235.245.0/24
IP: 185.252.200.0/24
IP: 188.209.152.0/23
IP: 194.56.148.0/24
IP: 195.110.38.0/23
IP: 195.211.44.0/22
IP: 213.109.199.0/24
IP: 217.172.120.0/21
IP: 2a02:828::/29
IP: 2a09:b6c0::/29
IP: 2a0a:5e80::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:bc:7b:d2:7f:b9:70:1e:41:da:8a:0e:74:b6:26:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 24 14:34:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:8e:35:9b:d5:1c:fb:8b:43:f4:35:ef:97:
97:a1:3e:b7:6e:5a:f9:a1:6b:ae:c4:84:2a:c9:74:
6e:64:85:38:cf:3d:53:40:c7:91:9a:86:b0:df:cb:
fa:1a:c9:27:c0:6f:ba:eb:bf:04:71:a4:5c:e0:b2:
cf:eb:15:f4:aa:61:73:67:06:13:c7:9e:bf:d4:a8:
b1:5b:86:95:db:48:79:0b:d3:96:fa:44:c8:92:2a:
1c:2c:6f:f0:a6:a6:23:4e:17:79:c5:09:02:a0:cb:
3a:b7:47:92:b6:18:f5:21:89:db:b2:48:b3:cc:88:
63:20:9f:b0:21:67:8a:13:c6:55:9b:20:66:42:36:
64:8a:3f:17:ab:28:aa:21:83:e1:2b:d8:81:96:1f:
22:16:48:b5:92:34:e0:63:70:2a:4c:86:5c:65:78:
6a:62:79:e8:41:eb:56:c4:65:2a:26:76:82:e4:f7:
31:e3:0e:72:dd:13:59:a1:d2:1c:1b:a6:fa:18:1e:
fe:dc:71:5f:f2:b4:ab:62:4f:cb:41:95:ce:f0:6f:
1a:14:e1:87:99:2d:90:29:be:b2:b8:ae:a3:ed:21:
84:93:ad:03:a2:32:a2:bf:01:e8:65:90:5f:bf:d1:
56:65:74:9e:47:2f:8a:a1:85:14:e9:c5:1d:0e:41:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/22
45.140.224.0/21
45.156.180.0/22
45.156.192.0/22
46.28.72.0/21
78.110.120.0/22
80.71.149.0/24
80.249.112.0-80.249.114.255
84.47.224.0/21
85.198.24.0/22
85.198.48.0/20
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.148.0/22
185.121.128.0/22
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.182.248.0/22
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
194.56.148.0/24
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
217.172.120.0/21
IPv6:
2a02:828::/29
2a09:b6c0::/29
2a0a:5e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44285
48715
60248
Signature Algorithm: sha256WithRSAEncryption
2a:b7:93:e9:bf:a3:eb:20:cc:72:38:6a:56:3d:5f:1d:d1:f1:
15:06:88:3d:98:23:45:ef:ba:26:be:70:46:da:e0:ed:f6:80:
70:02:51:39:9f:1f:a5:2a:22:51:7c:ea:63:10:41:01:6a:b1:
d4:8d:b3:bc:0a:ae:e7:d0:17:62:77:8d:c8:15:e3:4d:0a:8b:
5f:c9:39:b3:f6:c4:58:6c:39:5b:ec:f7:34:a7:55:28:3d:76:
f5:f0:73:ac:23:fd:b2:50:c9:c4:0e:53:36:50:af:f7:5b:b6:
93:37:cf:4f:43:8b:4a:c8:a6:26:72:e5:8d:6d:b1:b8:5a:2d:
5f:e8:08:e1:4a:e5:cb:07:a6:d3:b8:6e:62:ee:1f:79:b9:6d:
a4:0c:56:9c:a7:81:df:97:f7:5f:fa:22:1c:83:15:24:81:10:
f6:41:14:fd:f8:df:d1:94:cd:3a:df:9b:71:7e:03:1d:90:78:
75:50:0f:3e:4f:b3:07:0a:94:90:6d:72:df:4c:44:46:c3:21:
ee:fe:56:60:f5:64:6a:74:82:89:dc:a7:d8:64:b6:b0:43:c9:
81:3b:e3:60:21:5e:ba:a6:a2:45:6a:e3:86:3e:f0:a0:0e:84:
6d:ee:ae:61:b7:f9:1c:c2:86:69:0b:d6:8c:12:10:2d:57:6a:
39:9c:f7:7c
-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgISAZSYvHvSf7lwHkHaig50tib/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTI0MTQzNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHmONZvVHPuLQ/Q175eXoT63blr5
oWuuxIQqyXRuZIU4zz1TQMeRmoaw38v6GsknwG+6678EcaRc4LLP6xX0qmFzZwYT
x56/1KixW4aV20h5C9OW+kTIkiocLG/wpqYjThd5xQkCoMs6t0eSthj1IYnbskiz
zIhjIJ+wIWeKE8ZVmyBmQjZkij8XqyiqIYPhK9iBlh8iFki1kjTgY3AqTIZcZXhq
YnnoQetWxGUqJnaC5Pcx4w5y3RNZodIcG6b6GB7+3HFf8rSrYk/LQZXO8G8aFOGH
mS2QKb6yuK6j7SGEk60DojKivwHoZZBfv9FWZXSeRy+KoYUU6cUdDkE2hQIDAQAB
o4ID6zCCA+cwHQYDVR0OBBYEFAgbeiLlHPuc+EIF5ESZmK1V2PBlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2M1MTVj
OS1kZjA4LTQyNmMtODBlNi0wMzY3MjY4ZmY4NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvYzUxNWM5
LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6NFFnWGtS
Sm1ZclZYWThHVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBXgYIKwYB
BQUHAQcBAf8EggFNMIIBSTCCASgEAgABMIIBIAMEAAUBKwMEAyUgIDAMAwQAJUvz
AwQDJUvwAwQCLQn8AwQCLVcEAwQDLYzgAwQCLZy0AwQCLZzAAwQDLhxIAwQCTm54
AwQAUEeVMAwDBARQ+XADBABQ+XIDBANUL+ADBAJVxhgDBARVxjADBAJYhyQDBAFb
7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5JOQDBAK5M8gDBAK5OvADBAK5
cJQDBAK5eYADBAK5gIgDBAK5jWgDBAK5jYQDBAC5qggwDAMEALmtgQMEALmtggME
Arm2+AMEALnO5wMEALnVwwMEALnpgwMEALnqDgMEALnr9QMEALn8yAMEAbzRmAME
AMI4lAMEAcNuJgMEAsPTLAMEANVtxwMEA9mseDAbBAIAAjAVAwUDKgIIKAMFAyoJ
tsADBQMqCl6AMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8CAwCs/QIDAL5LAgMA61gw
DQYJKoZIhvcNAQELBQADggEBACq3k+m/o+sgzHI4alY9Xx3R8RUGiD2YI0Xvuia+
cEba4O32gHACUTmfH6UqIlF86mMQQQFqsdSNs7wKrufQF2J3jcgV400Ki1/JObP2
xFhsOVvs9zSnVSg9dvXwc6wj/bJQycQOUzZQr/dbtpM3z09Di0rIpiZy5Y1tsbha
LV/oCOFK5csHptO4bmLuH3m5baQMVpyngd+X91/6IhyDFSSBEPZBFP3439GUzTrf
m3F+Ax2QeHVQDz5PswcKlJBtct9MREbDIe7+VmD1ZGp0goncp9hktrBDyYE742Ah
XrqmokVq44Y+8KAOhG3urmG3+RzChmkL1owSEC1Xajmc93w=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:08:16 2025 by rpki-client