Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
File: KQn__NgaZryYtinUwFeSR2RfD-Q.cer (raw, json)
Hash identifier: qluRdnk9k5le7RrdJAUgK/RM8OE94l6Sm5D3PlCi8x4=
Subject key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942144049925E1D139D104C83E2DDADD68
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:13 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29290
AS: 35744
AS: 43345
AS: 48635
AS: 200549
AS: 200746
AS: 200837
AS: 202861
AS: 205631
IP: 2.57.56.0/22
IP: 5.157.80.0/21
IP: 31.25.96.0/21
IP: 31.186.168.0/21
IP: 62.221.248.0/21
IP: 79.99.128.0/21
IP: 92.63.168.0/21
IP: 93.180.64.0/21
IP: 93.187.220.0/22
IP: 109.72.80.0/20
IP: 109.106.160.0/19
IP: 145.131.0.0 -- 145.131.47.255
IP: 185.27.172.0/22
IP: 185.37.68.0/22
IP: 185.56.144.0/22
IP: 185.66.248.0/22
IP: 185.87.184.0/22
IP: 185.94.228.0/22
IP: 185.95.28.0/22
IP: 185.103.156.0/22
IP: 185.103.240.0/22
IP: 185.107.212.0/22
IP: 185.107.224.0/22
IP: 185.109.216.0 -- 185.109.227.255
IP: 185.159.240.0/22
IP: 185.175.200.0/22
IP: 185.182.56.0/22
IP: 185.187.12.0/22
IP: 185.223.32.0/22
IP: 185.224.88.0/22
IP: 185.233.28.0/22
IP: 195.39.204.0/23
IP: 195.39.214.0/23
IP: 195.238.74.0/23
IP: 2a00:f10::/29
IP: 2a01:b940::/29
IP: 2a02:40c0::/29
IP: 2a03:3060::/29
IP: 2a04:6bc0::/29
IP: 2a04:76c0::/29
IP: 2a05:1500::/29
IP: 2a06:4040::/29
IP: 2a06:4080::/29
IP: 2a06:5200::/29
IP: 2a0b:7280::/29
IP: 2a0b:8f80::/29
IP: 2a0c:84c0::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:04:99:25:e1:d1:39:d1:04:c8:3e:2d:da:dd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:52:29:71:00:05:18:f4:5e:71:9e:70:d4:af:
37:43:20:af:cb:b1:48:83:0f:27:d5:de:3f:f4:ab:
08:76:c3:0e:10:0c:04:5a:7d:88:7a:98:88:71:69:
c3:b2:0b:a2:89:f6:da:3b:dd:e3:2b:da:09:89:24:
0a:10:67:06:0a:31:4c:f5:e6:34:3d:a2:73:dc:33:
6c:e3:93:f4:08:26:12:72:d3:d9:b8:e9:d2:eb:89:
b1:1c:13:84:24:86:40:6c:07:31:07:c3:f5:57:3e:
87:b6:d9:22:03:d8:98:a7:fb:12:84:ff:4e:62:24:
24:fc:37:48:81:03:52:38:64:73:b4:a3:28:b1:97:
2a:6b:7c:e6:75:67:64:e1:74:7c:ef:ba:08:9e:c5:
a3:ef:46:11:cc:82:23:20:09:c9:25:ed:b6:4d:73:
6c:56:32:56:37:17:74:38:da:07:36:1e:29:7c:1a:
e3:82:e6:f4:41:04:4c:80:62:d3:2a:3e:2c:c8:a0:
c0:4a:5a:86:47:de:28:6b:a6:79:b3:d2:b7:75:e3:
d9:04:93:a6:a8:35:7b:00:bd:eb:51:72:77:d7:1d:
6c:60:58:8c:c6:2d:ab:d3:de:df:14:05:be:1b:35:
da:a1:00:b9:96:1f:c8:a4:cd:7b:34:00:ba:97:ee:
cb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.56.0/22
5.157.80.0/21
31.25.96.0/21
31.186.168.0/21
62.221.248.0/21
79.99.128.0/21
92.63.168.0/21
93.180.64.0/21
93.187.220.0/22
109.72.80.0/20
109.106.160.0/19
145.131.0.0-145.131.47.255
185.27.172.0/22
185.37.68.0/22
185.56.144.0/22
185.66.248.0/22
185.87.184.0/22
185.94.228.0/22
185.95.28.0/22
185.103.156.0/22
185.103.240.0/22
185.107.212.0/22
185.107.224.0/22
185.109.216.0-185.109.227.255
185.159.240.0/22
185.175.200.0/22
185.182.56.0/22
185.187.12.0/22
185.223.32.0/22
185.224.88.0/22
185.233.28.0/22
195.39.204.0/23
195.39.214.0/23
195.238.74.0/23
IPv6:
2a00:f10::/29
2a01:b940::/29
2a02:40c0::/29
2a03:3060::/29
2a04:6bc0::/29
2a04:76c0::/29
2a05:1500::/29
2a06:4040::/29
2a06:4080::/29
2a06:5200::/29
2a0b:7280::/29
2a0b:8f80::/29
2a0c:84c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29290
35744
43345
48635
200549
200746
200837
202861
205631
Signature Algorithm: sha256WithRSAEncryption
3f:ad:d9:59:03:b1:e0:1c:1b:cc:8f:24:4b:dd:3e:94:2b:0f:
e1:92:cf:82:93:d8:30:34:6d:17:09:fd:75:d5:f1:a3:36:12:
d6:31:87:bd:60:15:2c:4f:82:23:12:cc:f9:c6:f4:32:0a:32:
d5:86:f1:00:fb:d5:98:91:c6:e5:f0:41:57:3f:b1:2e:f3:85:
21:11:22:7c:b8:4a:f8:cd:dc:a5:2d:c5:54:27:c8:de:67:12:
27:06:c8:c1:cd:cc:8d:fa:ae:30:23:f5:98:f5:2a:0a:a9:46:
fd:98:bd:19:3b:c2:ee:b4:64:2b:8d:77:5c:4d:d1:ea:9c:ca:
65:e3:de:d6:d3:ff:c8:b4:96:fa:35:1b:ab:67:82:c4:89:41:
c0:a3:93:a7:9d:60:41:bc:2c:82:9a:e3:41:7e:d5:f5:b0:5b:
12:48:91:84:0d:f4:03:ab:44:0c:3d:aa:96:22:94:97:4e:0f:
42:27:77:5d:5e:d1:4c:ab:84:aa:a9:11:52:7a:49:1e:13:7b:
63:ff:d8:6e:c0:b6:50:c6:8f:cf:e5:7c:7b:37:42:92:57:ea:
f5:fb:f0:ba:53:75:2e:5e:c2:64:21:44:b3:1a:17:68:c9:bc:
d8:fa:b8:12:80:c8:2c:23:5c:45:81:9e:a6:75:11:fb:05:83:
3e:ad:6d:1c
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgISAZQhRASZJeHROdEEyD4t2t1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTA5ZmZmY2Q4MWE2NmJjOThiNjI5ZDRjMDU3OTI0NzY0NWYwZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVIpcQAFGPRecZ5w1K83QyCvy7FI
gw8n1d4/9KsIdsMOEAwEWn2IepiIcWnDsguiifbaO93jK9oJiSQKEGcGCjFM9eY0
PaJz3DNs45P0CCYSctPZuOnS64mxHBOEJIZAbAcxB8P1Vz6HttkiA9iYp/sShP9O
YiQk/DdIgQNSOGRztKMosZcqa3zmdWdk4XR877oInsWj70YRzIIjIAnJJe22TXNs
VjJWNxd0ONoHNh4pfBrjgub0QQRMgGLTKj4syKDASlqGR94oa6Z5s9K3dePZBJOm
qDV7AL3rUXJ31x1sYFiMxi2r097fFAW+GzXaoQC5lh/IpM17NAC6l+7LyQIDAQAB
o4IEBzCCBAMwHQYDVR0OBBYEFCkJ//zYGma8mLYp1MBXkkdkXw/kMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmL2RlMzA0
MS05NTM2LTQ5MmUtYTljZC1mMmFlN2JjN2VjYzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvZGUzMDQx
LTk1MzYtNDkyZS1hOWNkLWYyYWU3YmM3ZWNjNS8xL0tRbl9fTmdhWnJ5WXRpblV3
RmVTUjJSZkQtUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBXQYIKwYB
BQUHAQcBAf8EggFMMIIBSDCB4gQCAAEwgdsDBAICOTgDBAMFnVADBAMfGWADBAMf
uqgDBAM+3fgDBANPY4ADBANcP6gDBANdtEADBAJdu9wDBARtSFADBAVtaqAwCwMD
AJGDAwQEkYMgAwQCuRusAwQCuSVEAwQCuTiQAwQCuUL4AwQCuVe4AwQCuV7kAwQC
uV8cAwQCuWecAwQCuWfwAwQCuWvUAwQCuWvgMAwDBAO5bdgDBAK5beADBAK5n/AD
BAK5r8gDBAK5tjgDBAK5uwwDBAK53yADBAK54FgDBAK56RwDBAHDJ8wDBAHDJ9YD
BAHD7kowYQQCAAIwWwMFAyoADxADBQMqAblAAwUDKgJAwAMFAyoDMGADBQMqBGvA
AwUDKgR2wAMFAyoFFQADBQMqBkBAAwUDKgZAgAMFAyoGUgADBQMqC3KAAwUDKguP
gAMFAyoMhMAwQQYIKwYBBQUHAQgBAf8EMjAwoC4wLAICcmoCAwCLoAIDAKlRAgMA
vfsCAwMPZQIDAxAqAgMDEIUCAwMYbQIDAyM/MA0GCSqGSIb3DQEBCwUAA4IBAQA/
rdlZA7HgHBvMjyRL3T6UKw/hks+Ck9gwNG0XCf111fGjNhLWMYe9YBUsT4IjEsz5
xvQyCjLVhvEA+9WYkcbl8EFXP7Eu84UhESJ8uEr4zdylLcVUJ8jeZxInBsjBzcyN
+q4wI/WY9SoKqUb9mL0ZO8LutGQrjXdcTdHqnMpl497W0//ItJb6NRurZ4LEiUHA
o5OnnWBBvCyCmuNBftX1sFsSSJGEDfQDq0QMPaqWIpSXTg9CJ3ddXtFMq4SqqRFS
ekkeE3tj/9huwLZQxo/P5Xx7N0KSV+r1+/C6U3UuXsJkIUSzGhdoybzY+rgSgMgs
I1xFgZ6mdRH7BYM+rW0c
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:16:23 2025 by rpki-client