Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
File: hwxYmk8iqcov-ZtMSPi99JKHFyU.cer (raw, json)
Hash identifier: megJQhaZV+gzOeWyw6HSeyP26Yr+beQERxc7VmHbJKM=
Subject key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194266BC09D23ECDE80F432C4DC510FDBFE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 09:49:43 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 1901
AS: 5423 -- 5424
AS: 8333
AS: 8447
AS: 8562
AS: 12382
AS: 12547
AS: 12656
AS: 12793
AS: 15824
AS: 16305
AS: 21285
AS: 25382
AS: 28834
AS: 41351
IP: 37.44.220.0/22
IP: 46.74.0.0/15
IP: 46.206.0.0/15
IP: 62.46.0.0/15
IP: 62.116.32.0/19
IP: 80.75.32.0/19
IP: 80.89.96.0/20
IP: 80.120.0.0/14
IP: 80.240.224.0/20
IP: 81.5.192.0/18
IP: 84.20.160.0/19
IP: 85.90.128.0/19
IP: 88.116.0.0/15
IP: 89.144.192.0/18
IP: 90.152.128.0/17
IP: 91.112.0.0/14
IP: 92.248.0.0/17
IP: 93.82.0.0/15
IP: 93.111.0.0/16
IP: 176.66.0.0/16
IP: 178.188.0.0/14
IP: 185.157.248.0/22
IP: 188.20.0.0/14
IP: 188.45.0.0/16
IP: 192.164.0.0 -- 192.164.37.255
IP: 192.164.39.0 -- 192.164.71.255
IP: 192.164.80.0 -- 192.164.159.255
IP: 192.164.208.0 -- 192.164.255.255
IP: 193.80.0.0/15
IP: 193.83.0.0/16
IP: 193.104.65.0/24
IP: 193.154.0.0/16
IP: 193.187.212.0 -- 193.187.243.255
IP: 194.48.124.0 -- 194.48.139.255
IP: 194.96.0.0/16
IP: 194.118.0.0/16
IP: 194.152.96.0/19
IP: 194.152.160.0/19
IP: 194.166.0.0/16
IP: 195.3.64.0/18
IP: 195.64.0.0/19
IP: 195.80.234.0/24
IP: 195.82.224.0/19
IP: 195.170.64.0/19
IP: 195.200.197.0/24
IP: 195.230.32.0/19
IP: 195.250.32.0/24
IP: 212.16.32.0/19
IP: 212.60.160.0/19
IP: 212.88.0.0/19
IP: 212.88.160.0/19
IP: 212.124.128.0/19
IP: 212.183.0.0/17
IP: 212.197.128.0/18
IP: 213.33.0.0/17
IP: 213.147.160.0/19
IP: 213.157.128.0/19
IP: 213.225.0.0/18
IP: 213.240.64.0/18
IP: 217.76.160.0/20
IP: 217.149.160.0/20
IP: 2001:850::/29
IP: 2001:870::/29
IP: 2001:890::/29
IP: 2001:4bb8::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c0:9d:23:ec:de:80:f4:32:c4:dc:51:0f:db:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a5:d5:ae:ea:55:1c:6c:36:45:af:42:dc:2c:
f4:01:2f:c4:87:80:40:2e:c5:d1:36:c4:a9:bd:63:
0d:d8:22:17:ca:af:8f:1b:48:47:db:8f:c6:e4:b9:
c8:6e:94:8f:d6:a6:51:df:a0:66:23:e7:25:a4:4b:
f0:86:3c:da:ed:e2:61:66:ee:7c:c8:6b:9d:1a:22:
7e:40:a2:a7:41:aa:bb:c6:45:52:49:76:5d:1d:b0:
7c:a4:88:bf:0a:7e:b6:b9:70:3a:6a:dc:d9:af:df:
a5:ce:1b:d5:61:97:0c:1f:e0:45:9f:fe:2a:08:7f:
69:f6:f3:90:c9:5b:49:6f:ef:41:9e:fc:38:82:81:
35:75:39:62:b0:bc:a0:07:4d:13:29:5a:1d:0b:d4:
81:18:10:64:b0:97:94:4b:c6:d2:e3:76:fe:71:03:
d8:68:ac:f6:6c:4e:c3:04:42:4b:4a:63:34:b3:24:
a3:7d:89:59:c0:34:eb:03:9a:9b:00:1d:48:6c:c9:
01:8a:83:1a:37:16:ba:4e:a0:65:91:88:82:44:48:
c3:96:f9:71:e6:52:fd:22:dd:68:92:1c:46:8d:95:
6e:3e:0f:a8:28:13:ed:83:bf:c8:a9:c9:d0:ee:b3:
db:0f:34:5a:0e:b5:4c:ff:3c:c6:2b:7c:c0:d7:31:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.220.0/22
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
90.152.128.0/17
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/16
178.188.0.0/14
185.157.248.0/22
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.37.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.104.65.0/24
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.80.234.0/24
195.82.224.0/19
195.170.64.0/19
195.200.197.0/24
195.230.32.0/19
195.250.32.0/24
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.76.160.0/20
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
1901
5423-5424
8333
8447
8562
12382
12547
12656
12793
15824
16305
21285
25382
28834
41351
Signature Algorithm: sha256WithRSAEncryption
3a:75:d9:db:b4:51:86:94:57:9c:86:17:71:74:ae:fe:7c:9d:
4a:ca:3c:9a:94:58:34:4b:c2:16:96:26:cc:3d:0d:d4:af:90:
c5:26:6f:0a:a3:e3:06:7b:c7:b8:17:b2:4e:fb:9c:c4:ec:b9:
7b:ac:49:1b:54:88:ed:8d:1c:2a:99:b2:f5:8d:d8:63:25:8a:
31:6b:b0:cd:45:23:9e:12:95:ad:b4:af:ff:bb:3a:0f:74:58:
2b:66:13:da:9c:f3:4e:17:6d:d0:f6:5e:53:c0:a1:1e:ca:c6:
19:c7:ac:a3:6b:b7:80:23:a8:e5:bc:0b:09:f7:fe:64:d3:be:
12:bc:5a:4d:ae:a3:c1:71:c0:a6:a7:5d:dd:08:b6:73:4d:9c:
8c:7e:15:69:cd:65:7f:eb:38:0b:4e:57:62:6b:68:d8:67:dc:
08:38:f1:e9:ec:10:38:76:fb:b2:13:58:df:49:8a:03:0d:c1:
79:f4:81:1d:28:6b:25:c4:b2:ca:5b:79:a8:80:9d:a2:3a:89:
91:73:7e:0b:f1:c5:c7:3e:0f:46:a5:ce:2d:45:a3:e0:a1:5b:
cc:fe:d6:57:33:00:f3:5f:57:39:03:7a:61:f7:60:10:75:3d:
e8:58:67:57:24:fe:4a:19:e2:69:bb:7b:f7:36:b0:c9:ee:66:
c3:71:8d:16
-----BEGIN CERTIFICATE-----
MIIHhDCCBmygAwIBAgISAZQma8CdI+zegPQyxNxRD9v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzBjNTg5YTRmMjJhOWNhMmZmOTliNGM0OGY4YmRmNDkyODcxNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aXVrupVHGw2Ra9C3Cz0AS/Eh4BA
LsXRNsSpvWMN2CIXyq+PG0hH24/G5LnIbpSP1qZR36BmI+clpEvwhjza7eJhZu58
yGudGiJ+QKKnQaq7xkVSSXZdHbB8pIi/Cn62uXA6atzZr9+lzhvVYZcMH+BFn/4q
CH9p9vOQyVtJb+9Bnvw4goE1dTlisLygB00TKVodC9SBGBBksJeUS8bS43b+cQPY
aKz2bE7DBEJLSmM0sySjfYlZwDTrA5qbAB1IbMkBioMaNxa6TqBlkYiCREjDlvlx
5lL9It1okhxGjZVuPg+oKBPtg7/IqcnQ7rPbDzRaDrVM/zzGK3zA1zELDwIDAQAB
o4IEkDCCBIwwHQYDVR0OBBYEFIcMWJpPIqnKL/mbTEj4vfSShxclMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2Y1MDVi
NS0wZTQ2LTRiM2YtYmYxYi04NDlkM2E2YjljMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvZjUwNWI1
LTBlNDYtNGIzZi1iZjFiLTg0OWQzYTZiOWMyZC8xL2h3eFltazhpcWNvdi1adE1T
UGk5OUpLSEZ5VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBzwYIKwYB
BQUHAQcBAf8EggG+MIIBujCCAZIEAgABMIIBigMEAiUs3AMDAS5KAwMBLs4DAwE+
LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQGUQXAAwQFVBSgAwQFVVqA
AwMBWHQDBAZZkMADBAdamIADAwJbcAMEB1z4AAMDAV1SAwMAXW8DAwCwQgMDArK8
AwQCuZ34AwMCvBQDAwC8LTALAwMCwKQDBAHApCQwDAMEAMCkJwMEA8CkQDAMAwQE
wKRQAwQFwKSAMAsDBATApNADAwDApAMDAcFQAwMAwVMDBADBaEEDAwDBmjAMAwQC
wbvUAwQCwbvwMAwDBALCMHwDBALCMIgDAwDCYAMDAMJ2AwQFwphgAwQFwpigAwMA
wqYDBAbDA0ADBAXDQAADBADDUOoDBAXDUuADBAXDqkADBADDyMUDBAXD5iADBADD
+iADBAXUECADBAXUPKADBAXUWAADBAXUWKADBAXUfIADBAfUtwADBAbUxYADBAfV
IQADBAXVk6ADBAXVnYADBAbV4QADBAbV8EADBATZTKADBATZlaAwIgQCAAIwHAMF
AyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwWAYIKwYBBQUHAQgBAf8ESTBHoEUw
QwICB20wCAICFS8CAhUwAgIgjQICIP8CAiFyAgIwXgICMQMCAjFwAgIx+QICPdAC
Aj+xAgJTJQICYyYCAnCiAgMAoYcwDQYJKoZIhvcNAQELBQADggEBADp12du0UYaU
V5yGF3F0rv58nUrKPJqUWDRLwhaWJsw9DdSvkMUmbwqj4wZ7x7gXsk77nMTsuXus
SRtUiO2NHCqZsvWN2GMlijFrsM1FI54Sla20r/+7Og90WCtmE9qc804XbdD2XlPA
oR7KxhnHrKNrt4AjqOW8Cwn3/mTTvhK8Wk2uo8FxwKanXd0ItnNNnIx+FWnNZX/r
OAtOV2JraNhn3Ag48ensEDh2+7ITWN9JigMNwXn0gR0oayXEsspbeaiAnaI6iZFz
fgvxxcc+D0alzi1Fo+ChW8z+1lczAPNfVzkDemH3YBB1PehYZ1ck/koZ4mm7e/c2
sMnuZsNxjRY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:23:10 2025 by rpki-client