Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
File: KIVYUqS80b8eyBPzwTsPHzcvOXE.cer (raw, json)
Hash identifier: ZXbnq4dTnsDK7xJQaighWUoe49ysFG3cBqgcLXhFiM8=
Subject key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0195AEA4F43BF7786C799153368183B3B33D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 19 Mar 2025 13:43:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200532
AS: 202958
AS: 205231
AS: 207333
IP: 31.14.27.0/24
IP: 37.140.243.0/24
IP: 46.226.123.0/24
IP: 77.246.247.0/24
IP: 86.107.44.0/23
IP: 86.107.198.0/23
IP: 89.33.41.0/24
IP: 89.35.124.0/23
IP: 89.46.33.0 -- 89.46.34.255
IP: 89.207.248.0/21
IP: 91.243.71.0/24
IP: 92.114.7.0/24
IP: 93.115.14.0/24
IP: 185.98.4.0/22
IP: 185.100.64.0/22
IP: 185.111.104.0/22
IP: 185.113.132.0/22
IP: 185.116.192.0/22
IP: 185.121.80.0/22
IP: 185.125.88.0/22
IP: 185.129.48.0/22
IP: 185.249.192.0/22
IP: 188.241.216.0/23
IP: 188.244.115.0/24
IP: 193.201.11.0/24
IP: 194.4.56.0/22
IP: 194.146.40.0/22
IP: 213.109.146.0/24
IP: 2a06:940::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:a4:f4:3b:f7:78:6c:79:91:53:36:81:83:b3:b3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 19 13:43:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:07:fb:88:04:5a:d3:e1:f1:d9:43:13:d3:
23:77:41:33:d1:4d:ba:ed:fb:ef:15:1a:10:e3:7f:
c7:63:84:d4:d0:7c:5f:43:47:1d:9a:65:6b:fc:65:
67:30:ff:26:65:0a:1f:24:17:c4:56:20:5c:e0:ff:
cc:8d:3f:0c:d0:bb:9a:e1:27:27:cf:32:ea:7e:e2:
16:a3:38:e1:d8:a2:fa:1d:3e:ac:b5:53:d3:d6:32:
5b:60:0f:86:a7:54:4d:03:1c:75:29:a8:20:5c:2a:
84:bf:dc:9e:16:04:63:c8:26:2d:41:89:4f:f3:46:
62:06:a5:71:dc:10:4a:a0:12:7d:88:d9:1e:79:74:
87:cf:29:0f:40:c0:7c:2d:76:94:25:8d:67:24:2d:
6a:3b:fa:28:2f:30:c3:71:23:b3:ef:ef:a8:3c:63:
c1:0b:61:26:9c:45:a8:bc:77:08:65:5c:52:a0:58:
cf:ef:5c:6b:18:63:17:8f:d6:58:1e:40:71:70:01:
c1:81:dd:0f:fc:db:56:c8:c9:fb:43:66:89:7e:de:
4e:88:d7:c8:e1:62:2a:f2:c1:4b:1d:12:42:59:0a:
b1:23:a3:66:9a:c4:0e:51:3e:77:84:06:2f:ca:00:
55:07:72:2d:97:af:84:69:86:67:b4:09:54:46:02:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.35.124.0/23
89.46.33.0-89.46.34.255
89.207.248.0/21
91.243.71.0/24
92.114.7.0/24
93.115.14.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
185.249.192.0/22
188.241.216.0/23
188.244.115.0/24
193.201.11.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:940::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200532
202958
205231
207333
Signature Algorithm: sha256WithRSAEncryption
19:31:0f:4a:aa:cc:4f:91:ee:f5:0f:f5:df:e2:8d:fc:62:ed:
42:c5:01:f0:48:68:6d:0a:a1:a8:d5:93:34:48:80:af:bc:ed:
83:f5:5e:12:e5:d0:1e:d5:d1:e0:f4:b2:81:ff:5a:60:40:8d:
0a:13:e6:b7:00:30:0a:de:77:cb:2e:75:8d:bc:ea:5b:ee:a7:
62:9d:05:e7:79:1b:17:d7:d5:91:12:00:e2:29:c0:1f:cc:2b:
b0:20:71:85:c3:5e:54:68:e3:4f:56:75:78:ec:0c:43:63:b3:
b9:48:f0:b7:ca:5b:fd:33:c0:8e:03:74:2d:17:4c:e5:1c:c6:
00:dc:2a:da:5c:ee:e5:27:5b:51:7d:8b:c8:3e:a0:50:13:a6:
05:1c:8b:fe:3b:37:9e:ec:58:8e:8e:da:1e:1e:5c:b2:da:9a:
5a:46:a0:5a:7f:5c:6b:a7:be:b7:09:f5:8c:c5:62:c4:05:93:
0e:34:bb:be:a6:b2:44:08:dc:87:e7:0a:e6:53:dd:9e:f9:0b:
a9:42:b7:00:91:40:99:ca:1d:6b:74:ff:7f:86:37:50:4d:04:
05:21:d5:b5:b1:b2:7a:b9:5b:cc:bf:13:b0:9b:00:ad:31:c7:
60:a9:1c:49:6a:ee:c8:3b:4c:31:76:31:b1:5c:bf:78:c7:72:
2e:fc:8a:47
-----BEGIN CERTIFICATE-----
MIIGYTCCBUmgAwIBAgISAZWupPQ793hseZFTNoGDs7M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzE5MTM0MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NAH+4gEWtPh8dlDE9Mjd0Ez0U26
7fvvFRoQ43/HY4TU0HxfQ0cdmmVr/GVnMP8mZQofJBfEViBc4P/MjT8M0Lua4Scn
zzLqfuIWozjh2KL6HT6stVPT1jJbYA+Gp1RNAxx1KaggXCqEv9yeFgRjyCYtQYlP
80ZiBqVx3BBKoBJ9iNkeeXSHzykPQMB8LXaUJY1nJC1qO/ooLzDDcSOz7++oPGPB
C2EmnEWovHcIZVxSoFjP71xrGGMXj9ZYHkBxcAHBgd0P/NtWyMn7Q2aJft5OiNfI
4WIq8sFLHRJCWQqxI6NmmsQOUT53hAYvygBVB3Itl6+EaYZntAlURgJPgQIDAQAB
o4IDbTCCA2kwHQYDVR0OBBYEFCiFWFKkvNG/HsgT88E7Dx83LzlxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzBlMzZm
Yy1iYTBiLTRjZTYtYWY2YS03MDQ0NjNlYmFkMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMGUzNmZj
LWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4ZXlCUHp3
VHNQSHpjdk9YRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHcBggrBgEF
BQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAAfDhsDBAAljPMDBAAu4nsDBABN9vcD
BAFWaywDBAFWa8YDBABZISkDBAFZI3wwDAMEAFkuIQMEAFkuIgMEA1nP+AMEAFvz
RwMEAFxyBwMEAF1zDgMEArliBAMEArlkQAMEArlvaAMEArlxhAMEArl0wAMEArl5
UAMEArl9WAMEArmBMAMEArn5wAMEAbzx2AMEALz0cwMEAMHJCwMEAsIEOAMEAsKS
KAMEANVtkjANBAIAAjAHAwUDKgYJQDApBggrBgEFBQcBCAEB/wQaMBigFjAUAgMD
D1QCAwMYzgIDAyGvAgMDKeUwDQYJKoZIhvcNAQELBQADggEBABkxD0qqzE+R7vUP
9d/ijfxi7ULFAfBIaG0KoajVkzRIgK+87YP1XhLl0B7V0eD0soH/WmBAjQoT5rcA
MAred8sudY286lvup2KdBed5GxfX1ZESAOIpwB/MK7AgcYXDXlRo409WdXjsDENj
s7lI8LfKW/0zwI4DdC0XTOUcxgDcKtpc7uUnW1F9i8g+oFATpgUci/47N57sWI6O
2h4eXLLamlpGoFp/XGunvrcJ9YzFYsQFkw40u76mskQI3IfnCuZT3Z75C6lCtwCR
QJnKHWt0/3+GN1BNBAUh1bWxsnq5W8y/E7CbAK0xx2CpHElq7sg7TDF2MbFcv3jH
ci78ikc=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:15:03 2025 by rpki-client