Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
File: JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer (raw, json)
Hash identifier: sth7y8mwf9ZJx11uMGtwH41aF7SAg0uDT8pg181ik/8=
Subject key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942067BA9BC7E4235E2D8F1FF8F5CB4B44
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 3303
AS: 6837
AS: 8300
AS: 21273
AS: 202088
AS: 205762
IP: 46.245.144.0/21
IP: 78.110.128.0/20
IP: 91.216.229.0/24
IP: 138.187.0.0 -- 138.188.255.255
IP: 138.190.0.0/16
IP: 163.168.0.0/16
IP: 164.128.0.0/16
IP: 171.25.0.0/17
IP: 185.39.92.0/22
IP: 185.84.76.0/22
IP: 185.106.64.0/22
IP: 188.92.48.0/21
IP: 193.5.0.0/24
IP: 193.5.3.0 -- 193.5.7.255
IP: 193.5.12.0/22
IP: 193.5.20.0/23
IP: 193.5.23.0/24
IP: 193.5.29.0 -- 193.5.30.255
IP: 193.5.32.0 -- 193.5.38.255
IP: 193.5.40.0/24
IP: 193.5.52.0/24
IP: 193.5.59.0/24
IP: 193.5.61.0/24
IP: 193.5.63.0/24
IP: 193.5.70.0 -- 193.5.75.255
IP: 193.5.112.0/22
IP: 193.5.122.0/24
IP: 193.5.156.0 -- 193.5.167.255
IP: 193.5.179.0/24
IP: 193.5.224.0/20
IP: 193.5.252.0/24
IP: 193.47.226.0 -- 193.47.233.255
IP: 193.134.36.0 -- 193.134.43.255
IP: 193.134.88.0/22
IP: 193.134.95.0/24
IP: 193.134.248.0/23
IP: 193.134.255.0 -- 193.135.1.255
IP: 193.135.3.0/24
IP: 193.135.14.0/24
IP: 193.135.16.0/22
IP: 193.135.22.0/23
IP: 193.135.26.0/23
IP: 193.135.100.0/24
IP: 193.135.110.0/23
IP: 193.135.128.0 -- 193.135.133.255
IP: 193.135.136.0/24
IP: 193.135.139.0 -- 193.135.145.255
IP: 193.135.148.0/23
IP: 193.135.154.0/23
IP: 193.135.158.0 -- 193.135.161.255
IP: 193.135.173.0/24
IP: 193.135.214.0/23
IP: 193.135.218.0/24
IP: 193.135.224.0/20
IP: 193.135.248.0/22
IP: 193.135.255.0/24
IP: 193.222.64.0/19
IP: 193.223.1.0 -- 193.223.63.255
IP: 193.223.112.0 -- 193.223.175.255
IP: 193.246.0.0/22
IP: 193.246.6.0 -- 193.246.11.255
IP: 193.246.16.0/21
IP: 193.246.32.0 -- 193.246.50.255
IP: 193.246.56.0 -- 193.246.61.255
IP: 193.246.98.0 -- 193.246.100.255
IP: 193.246.104.0/23
IP: 193.246.112.0/21
IP: 193.246.127.0/24
IP: 193.246.172.0/23
IP: 193.246.202.0 -- 193.246.205.255
IP: 193.246.208.0/20
IP: 193.246.242.0 -- 193.246.244.255
IP: 193.246.246.0/24
IP: 193.246.248.0/22
IP: 193.247.36.0 -- 193.247.47.255
IP: 193.247.64.0/23
IP: 193.247.68.0/22
IP: 193.247.80.0/24
IP: 193.247.86.0/24
IP: 193.247.90.0 -- 193.247.92.255
IP: 193.247.104.0 -- 193.247.106.255
IP: 193.247.145.0/24
IP: 193.247.151.0/24
IP: 193.247.160.0/23
IP: 193.247.166.0 -- 193.247.179.255
IP: 193.247.186.0/24
IP: 193.247.193.0/24
IP: 193.247.201.0/24
IP: 193.247.204.0/24
IP: 193.247.212.0/24
IP: 193.247.217.0 -- 193.247.235.255
IP: 193.247.244.0/22
IP: 193.247.250.0/24
IP: 193.247.255.0/24
IP: 194.6.160.0/19
IP: 194.11.96.0/20
IP: 194.11.144.0/21
IP: 194.40.249.0/24
IP: 194.60.217.0/24
IP: 194.69.2.0 -- 194.69.5.255
IP: 194.88.192.0/23
IP: 194.147.231.0/24
IP: 194.209.0.0/16
IP: 195.35.121.0/24
IP: 195.65.0.0/16
IP: 195.144.32.0/19
IP: 195.176.128.0/19
IP: 195.176.192.0/19
IP: 212.117.96.0/19
IP: 212.243.0.0/16
IP: 217.192.0.0/15
IP: 2001:918::/29
IP: 2a01:8b00::/32
IP: 2a02:a90::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ba:9b:c7:e4:23:5e:2d:8f:1f:f8:f5:cb:4b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2663f3db152e055ac145bdbb429e018654204c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:db:c4:8d:2b:bd:3e:13:df:55:7f:71:7e:ca:
5f:95:38:c2:7d:d6:c8:d7:8c:2f:cf:1a:49:8f:d5:
c2:ec:62:97:23:a4:8d:cb:f1:cc:cb:70:71:08:dd:
11:45:0e:41:e6:3d:3c:37:ef:aa:68:af:20:d6:90:
3b:a5:c8:91:66:30:d8:90:89:fb:b2:d7:e3:43:14:
a8:19:58:b3:1b:06:ba:e0:97:04:78:d1:b9:e6:a7:
f1:3c:45:60:22:82:1d:36:ad:5a:e0:0e:4e:18:7d:
3b:fe:a2:87:b8:ac:68:2e:ac:ed:ea:00:ee:a9:9f:
cd:23:b4:b8:fd:b2:7c:c5:6e:15:10:ed:25:e0:fe:
32:2b:a6:a8:9c:a7:29:e7:a6:3d:e5:29:75:9d:1c:
ec:1b:4f:b0:1e:75:60:5e:eb:a9:b5:7b:63:b9:3c:
4c:8f:64:ba:80:78:eb:8f:92:15:af:c1:bb:17:47:
c4:85:fb:66:2b:cf:fb:74:89:ee:d9:4f:e3:40:10:
d6:37:c0:ce:a4:f7:9b:19:76:43:9e:04:9f:dd:bd:
8b:84:c3:aa:10:e9:9f:25:fb:b1:22:61:8b:f0:a5:
b6:42:de:df:3d:ed:c6:af:24:f7:b1:56:d3:34:0b:
22:ec:e3:66:2d:ad:4b:00:fa:f6:c8:f7:49:8f:91:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.144.0/21
78.110.128.0/20
91.216.229.0/24
138.187.0.0-138.188.255.255
138.190.0.0/16
163.168.0.0/16
164.128.0.0/16
171.25.0.0/17
185.39.92.0/22
185.84.76.0/22
185.106.64.0/22
188.92.48.0/21
193.5.0.0/24
193.5.3.0-193.5.7.255
193.5.12.0/22
193.5.20.0/23
193.5.23.0/24
193.5.29.0-193.5.30.255
193.5.32.0-193.5.38.255
193.5.40.0/24
193.5.52.0/24
193.5.59.0/24
193.5.61.0/24
193.5.63.0/24
193.5.70.0-193.5.75.255
193.5.112.0/22
193.5.122.0/24
193.5.156.0-193.5.167.255
193.5.179.0/24
193.5.224.0/20
193.5.252.0/24
193.47.226.0-193.47.233.255
193.134.36.0-193.134.43.255
193.134.88.0/22
193.134.95.0/24
193.134.248.0/23
193.134.255.0-193.135.1.255
193.135.3.0/24
193.135.14.0/24
193.135.16.0/22
193.135.22.0/23
193.135.26.0/23
193.135.100.0/24
193.135.110.0/23
193.135.128.0-193.135.133.255
193.135.136.0/24
193.135.139.0-193.135.145.255
193.135.148.0/23
193.135.154.0/23
193.135.158.0-193.135.161.255
193.135.173.0/24
193.135.214.0/23
193.135.218.0/24
193.135.224.0/20
193.135.248.0/22
193.135.255.0/24
193.222.64.0/19
193.223.1.0-193.223.63.255
193.223.112.0-193.223.175.255
193.246.0.0/22
193.246.6.0-193.246.11.255
193.246.16.0/21
193.246.32.0-193.246.50.255
193.246.56.0-193.246.61.255
193.246.98.0-193.246.100.255
193.246.104.0/23
193.246.112.0/21
193.246.127.0/24
193.246.172.0/23
193.246.202.0-193.246.205.255
193.246.208.0/20
193.246.242.0-193.246.244.255
193.246.246.0/24
193.246.248.0/22
193.247.36.0-193.247.47.255
193.247.64.0/23
193.247.68.0/22
193.247.80.0/24
193.247.86.0/24
193.247.90.0-193.247.92.255
193.247.104.0-193.247.106.255
193.247.145.0/24
193.247.151.0/24
193.247.160.0/23
193.247.166.0-193.247.179.255
193.247.186.0/24
193.247.193.0/24
193.247.201.0/24
193.247.204.0/24
193.247.212.0/24
193.247.217.0-193.247.235.255
193.247.244.0/22
193.247.250.0/24
193.247.255.0/24
194.6.160.0/19
194.11.96.0/20
194.11.144.0/21
194.40.249.0/24
194.60.217.0/24
194.69.2.0-194.69.5.255
194.88.192.0/23
194.147.231.0/24
194.209.0.0/16
195.35.121.0/24
195.65.0.0/16
195.144.32.0/19
195.176.128.0/19
195.176.192.0/19
212.117.96.0/19
212.243.0.0/16
217.192.0.0/15
IPv6:
2001:918::/29
2a01:8b00::/32
2a02:a90::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3303
6837
8300
21273
202088
205762
Signature Algorithm: sha256WithRSAEncryption
1b:7f:24:36:9a:ad:8a:9f:85:08:90:f0:af:97:85:c9:d7:ee:
fc:93:00:83:a6:49:67:2e:bf:a2:03:f1:99:45:e4:19:e0:6e:
08:83:ab:9a:43:9a:3d:7d:40:e3:31:0c:d2:26:ca:2e:11:65:
3f:37:06:d5:4a:b4:a7:6c:52:f0:76:eb:61:13:13:4b:43:e3:
b0:4a:63:41:87:b3:b0:8d:26:63:c6:7b:1c:e7:f3:a7:1e:f1:
17:25:4d:b4:d3:f8:14:fb:bf:0e:95:f4:89:40:a2:01:27:08:
66:a3:42:58:c7:dd:2e:27:bb:00:a7:92:36:e3:63:ac:1b:37:
c2:ff:5b:2c:7a:e3:60:82:83:48:97:65:12:91:90:98:48:34:
ec:2b:2f:39:4b:11:bf:0b:24:72:69:22:2f:8b:b2:f8:e1:59:
98:73:91:52:ef:d5:3d:52:e4:de:7f:97:90:2e:76:97:0c:2e:
2e:95:15:2c:43:54:2c:59:3b:5e:a4:31:72:9f:89:5e:57:02:
bf:02:f2:bb:69:ac:18:87:59:ff:ba:28:8b:61:56:d5:da:bc:
6f:e9:67:8d:bb:a5:c5:da:a7:28:ce:85:a5:71:4a:68:74:49:
19:a0:b8:a7:1f:01:09:18:fc:67:85:3a:14:fa:1f:cd:96:c4:
6c:64:f9:63
-----BEGIN CERTIFICATE-----
MIIJKzCCCBOgAwIBAgISAZQgZ7qbx+QjXi2PH/j1y0tEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9vEjSu9PhPfVX9xfspflTjCfdbI
14wvzxpJj9XC7GKXI6SNy/HMy3BxCN0RRQ5B5j08N++qaK8g1pA7pciRZjDYkIn7
stfjQxSoGVizGwa64JcEeNG55qfxPEVgIoIdNq1a4A5OGH07/qKHuKxoLqzt6gDu
qZ/NI7S4/bJ8xW4VEO0l4P4yK6aonKcp56Y95Sl1nRzsG0+wHnVgXuuptXtjuTxM
j2S6gHjrj5IVr8G7F0fEhftmK8/7dInu2U/jQBDWN8DOpPebGXZDngSf3b2LhMOq
EOmfJfuxImGL8KW2Qt7fPe3GryT3sVbTNAsi7ONmLa1LAPr2yPdJj5FWtwIDAQAB
o4IGNzCCBjMwHQYDVR0OBBYEFCZj89sVLgVawUW9u0KeAYZUIEyNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5L2M4YzZm
Ni01OTVjLTQ1YjEtYTc2ZS1iZDE5MjY3NmM5YmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvYzhjNmY2
LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZyQlJiMjdR
cDRCaGxRZ1RJMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIDnwYIKwYB
BQUHAQcBAf8EggOOMIIDijCCA2kEAgABMIIDYQMEAy71kAMEBE5ugAMEAFvY5TAK
AwMAirsDAwCKvAMDAIq+AwMAo6gDAwCkgAMEB6sZAAMEArknXAMEArlUTAMEArlq
QAMEA7xcMAMEAMEFADAMAwQAwQUDAwQDwQUAAwQCwQUMAwQBwQUUAwQAwQUXMAwD
BADBBR0DBADBBR4wDAMEBcEFIAMEAMEFJgMEAMEFKAMEAMEFNAMEAMEFOwMEAMEF
PQMEAMEFPzAMAwQBwQVGAwQCwQVIAwQCwQVwAwQAwQV6MAwDBALBBZwDBAPBBaAD
BADBBbMDBATBBeADBADBBfwwDAMEAcEv4gMEAcEv6DAMAwQCwYYkAwQCwYYoAwQC
wYZYAwQAwYZfAwQBwYb4MAwDBADBhv8DBAHBhwADBADBhwMDBADBhw4DBALBhxAD
BAHBhxYDBAHBhxoDBADBh2QDBAHBh24wDAMEB8GHgAMEAcGHhAMEAMGHiDAMAwQA
wYeLAwQBwYeQAwQBwYeUAwQBwYeaMAwDBAHBh54DBAHBh6ADBADBh60DBAHBh9YD
BADBh9oDBATBh+ADBALBh/gDBADBh/8DBAXB3kAwDAMEAMHfAQMEBsHfADAMAwQE
wd9wAwQEwd+gAwQCwfYAMAwDBAHB9gYDBALB9ggDBAPB9hAwDAMEBcH2IAMEAMH2
MjAMAwQDwfY4AwQBwfY8MAwDBAHB9mIDBADB9mQDBAHB9mgDBAPB9nADBADB9n8D
BAHB9qwwDAMEAcH2ygMEAcH2zAMEBMH20DAMAwQBwfbyAwQAwfb0AwQAwfb2AwQC
wfb4MAwDBALB9yQDBATB9yADBAHB90ADBALB90QDBADB91ADBADB91YwDAMEAcH3
WgMEAMH3XDAMAwQDwfdoAwQAwfdqAwQAwfeRAwQAwfeXAwQBwfegMAwDBAHB96YD
BALB97ADBADB97oDBADB98EDBADB98kDBADB98wDBADB99QwDAMEAMH32QMEAsH3
6AMEAsH39AMEAMH3+gMEAMH3/wMEBcIGoAMEBMILYAMEA8ILkAMEAMIo+QMEAMI8
2TAMAwQBwkUCAwQBwkUEAwQBwljAAwQAwpPnAwMAwtEDBADDI3kDAwDDQQMEBcOQ
IAMEBcOwgAMEBcOwwAMEBdR1YAMDANTzAwMB2cAwGwQCAAIwFQMFAyABCRgDBQAq
AYsAAwUAKgIKkDAvBggrBgEFBQcBCAEB/wQgMB6gHDAaAgIM5wICGrUCAiBsAgJT
GQIDAxVoAgMDI8IwDQYJKoZIhvcNAQELBQADggEBABt/JDaarYqfhQiQ8K+XhcnX
7vyTAIOmSWcuv6ID8ZlF5BngbgiDq5pDmj19QOMxDNImyi4RZT83BtVKtKdsUvB2
62ETE0tD47BKY0GHs7CNJmPGexzn86ce8RclTbTT+BT7vw6V9IlAogEnCGajQljH
3S4nuwCnkjbjY6wbN8L/Wyx642CCg0iXZRKRkJhINOwrLzlLEb8LJHJpIi+Lsvjh
WZhzkVLv1T1S5N5/l5AudpcMLi6VFSxDVCxZO16kMXKfiV5XAr8C8rtprBiHWf+6
KIthVtXavG/pZ427pcXapyjOhaVxSmh0SRmguKcfAQkY/GeFOhT6H82WxGxk+WM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:14:32 2025 by rpki-client