Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
File: vfo6-DmqHc51j0ieLTGuIgkvyZo.cer (raw, json)
Hash identifier: 61hWXi+9ddRKYbLQbO7XhV6fM+JAOObnqjO6eNhkglo=
Subject key identifier: BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FD9F17B4BA030B218CCA2C3A93A9F8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 3304
AS: 5432
AS: 5488
AS: 28704
AS: 29005
IP: 37.62.0.0/16
IP: 37.184.0.0/15
IP: 46.178.0.0/15
IP: 62.4.128.0/17
IP: 62.235.0.0/16
IP: 80.200.0.0/15
IP: 80.236.128.0/17
IP: 81.11.128.0/17
IP: 81.169.0.0/17
IP: 81.240.0.0/13
IP: 83.134.0.0/16
IP: 87.64.0.0/14
IP: 88.197.128.0/17
IP: 91.176.0.0/13
IP: 91.190.208.0/21
IP: 92.48.128.0/18
IP: 109.128.0.0/12
IP: 178.144.0.0/15
IP: 185.2.92.0/22
IP: 188.5.0.0/16
IP: 193.28.47.0/24
IP: 193.74.0.0/16
IP: 193.75.128.0/17
IP: 193.91.96.0/19
IP: 193.121.0.0/16
IP: 193.243.136.0/23
IP: 194.78.0.0/16
IP: 194.119.224.0/19
IP: 195.0.0.0/17
IP: 195.13.0.0/19
IP: 195.74.192.0/19
IP: 195.95.0.0/17
IP: 195.207.0.0/16
IP: 195.238.0.0/19
IP: 212.233.0.0/19
IP: 212.239.128.0/17
IP: 213.49.0.0/16
IP: 213.177.128.0/19
IP: 213.181.32.0/19
IP: 217.136.0.0/16
IP: 2a02:a000::/26
IP: 2a04:6c40::/29
IP: 2a04:9f80::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9f:17:b4:ba:03:0b:21:8c:ca:2c:3a:93:a9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b9:9d:f0:f8:10:fe:0a:45:6a:7f:f0:3f:58:
4a:4e:9b:71:0c:36:15:e4:ec:75:8b:ee:f4:51:a1:
f3:4e:91:2d:97:90:bb:4b:23:80:c9:98:6d:31:66:
e0:4a:b3:21:1f:56:f5:8d:6e:f8:3e:e2:6b:48:3b:
53:31:ed:1d:16:ea:22:d1:ee:e4:93:2d:57:33:2f:
b7:73:3f:0b:15:6d:69:29:f9:be:a7:ff:c1:e6:2f:
e8:b2:fe:e4:a9:0d:ca:45:c5:c1:3b:02:bb:4f:27:
10:71:08:98:63:9f:e1:5b:87:5d:dc:76:13:89:dc:
05:09:8c:a3:c2:15:f8:eb:bd:2e:37:ab:2f:89:66:
db:4f:0d:ab:e7:e7:95:30:34:d0:55:91:ef:e6:41:
88:7e:4d:87:c5:be:64:4b:8e:10:39:c6:4d:07:4d:
14:e0:6b:67:87:00:13:7c:b6:fb:c8:98:4a:b3:64:
71:f9:08:39:a4:bd:25:ec:e9:58:fb:5a:3f:c1:8b:
12:3a:ac:b5:3e:75:16:4b:5f:41:ea:cf:d0:0d:1b:
8d:7a:1d:45:3a:c8:62:42:f9:4a:75:37:8f:a9:ce:
50:8a:4b:ef:7b:0d:85:c9:fc:d8:bc:6f:f7:3c:02:
a3:fc:81:66:a3:50:d3:d1:73:1a:d7:b4:85:8e:ff:
ef:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.62.0.0/16
37.184.0.0/15
46.178.0.0/15
62.4.128.0/17
62.235.0.0/16
80.200.0.0/15
80.236.128.0/17
81.11.128.0/17
81.169.0.0/17
81.240.0.0/13
83.134.0.0/16
87.64.0.0/14
88.197.128.0/17
91.176.0.0/13
91.190.208.0/21
92.48.128.0/18
109.128.0.0/12
178.144.0.0/15
185.2.92.0/22
188.5.0.0/16
193.28.47.0/24
193.74.0.0/16
193.75.128.0/17
193.91.96.0/19
193.121.0.0/16
193.243.136.0/23
194.78.0.0/16
194.119.224.0/19
195.0.0.0/17
195.13.0.0/19
195.74.192.0/19
195.95.0.0/17
195.207.0.0/16
195.238.0.0/19
212.233.0.0/19
212.239.128.0/17
213.49.0.0/16
213.177.128.0/19
213.181.32.0/19
217.136.0.0/16
IPv6:
2a02:a000::/26
2a04:6c40::/29
2a04:9f80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3304
5432
5488
28704
29005
Signature Algorithm: sha256WithRSAEncryption
0d:50:b1:a9:b2:45:9f:74:a4:f5:6d:91:9c:dc:b3:50:8f:d6:
64:c3:ae:1f:c3:79:b7:8a:67:41:6c:e5:29:d4:5a:1d:a9:71:
00:03:69:05:1b:6d:3c:bf:83:34:bb:1f:a5:02:c1:7d:3c:54:
da:02:c7:d7:7a:87:55:af:e8:68:b9:9c:30:b2:0f:7d:66:7c:
76:f1:6b:0b:d0:59:83:b4:a8:1d:2e:16:5a:3b:2f:9f:f0:d5:
d6:f0:1e:25:95:8c:77:9d:3b:13:f0:49:a9:b4:9b:da:05:12:
1e:03:60:44:fc:3f:20:2b:2f:b7:ce:44:4c:f9:b5:96:e1:d4:
6e:c5:05:c1:c9:6e:03:93:68:5e:18:fc:75:b9:07:b2:df:69:
d4:f6:73:d3:b2:f8:75:e0:bb:46:ac:b2:2b:5a:72:1d:34:ab:
b4:dc:b1:e1:b4:ec:db:10:24:27:be:03:4b:8a:23:fb:1d:d6:
f4:f8:7b:5a:bf:57:b2:b6:91:64:33:ce:6c:51:3b:fa:94:cc:
a5:8e:97:db:4f:34:dd:f9:be:be:7c:21:bc:96:d7:90:cf:9e:
d6:25:14:a1:f6:c7:9b:7e:e7:b6:37:fb:84:b9:52:03:c1:0a:
c9:15:0b:47:72:50:bd:fb:96:5a:5c:57:81:dc:4c:5f:5d:26:
2d:34:50:1c
-----BEGIN CERTIFICATE-----
MIIGoDCCBYigAwIBAgISAZQl/Z8XtLoDCyGMyiw6k6n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGZhM2FmODM5YWExZGNlNzU4ZjQ4OWUyZDMxYWUyMjA5MmZjOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bmd8PgQ/gpFan/wP1hKTptxDDYV
5Ox1i+70UaHzTpEtl5C7SyOAyZhtMWbgSrMhH1b1jW74PuJrSDtTMe0dFuoi0e7k
ky1XMy+3cz8LFW1pKfm+p//B5i/osv7kqQ3KRcXBOwK7TycQcQiYY5/hW4dd3HYT
idwFCYyjwhX4670uN6sviWbbTw2r5+eVMDTQVZHv5kGIfk2Hxb5kS44QOcZNB00U
4GtnhwATfLb7yJhKs2Rx+Qg5pL0l7OlY+1o/wYsSOqy1PnUWS19B6s/QDRuNeh1F
OshiQvlKdTePqc5Qikvvew2FyfzYvG/3PAKj/IFmo1DT0XMa17SFjv/v9QIDAQAB
o4IDrDCCA6gwHQYDVR0OBBYEFL36Ovg5qh3OdY9Ini0xriIJL8maMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkLzhjZGJj
NS05MzY1LTRhMGMtYjlhMy1hZTc3NDZmMDk2MzAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQvOGNkYmM1
LTkzNjUtNGEwYy1iOWEzLWFlNzc0NmYwOTYzMC8xL3ZmbzYtRG1xSGM1MWowaWVM
VEd1SWdrdnlaby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBGgYIKwYB
BQUHAQcBAf8EggEJMIIBBTCB5QQCAAEwgd4DAwAlPgMDASW4AwMBLrIDBAc+BIAD
AwA+6wMDAVDIAwQHUOyAAwQHUQuAAwQHUakAAwMDUfADAwBThgMDAldAAwQHWMWA
AwMDW7ADBANbvtADBAZcMIADAwRtgAMDAbKQAwQCuQJcAwMAvAUDBADBHC8DAwDB
SgMEB8FLgAMEBcFbYAMDAMF5AwQBwfOIAwMAwk4DBAXCd+ADBAfDAAADBAXDDQAD
BAXDSsADBAfDXwADAwDDzwMEBcPuAAMEBdTpAAMEB9TvgAMDANUxAwQF1bGAAwQF
1bUgAwMA2YgwGwQCAAIwFQMFBioCoAADBQMqBGxAAwUDKgSfgDApBggrBgEFBQcB
CAEB/wQaMBigFjAUAgIM6AICFTgCAhVwAgJwIAICcU0wDQYJKoZIhvcNAQELBQAD
ggEBAA1QsamyRZ90pPVtkZzcs1CP1mTDrh/DebeKZ0Fs5SnUWh2pcQADaQUbbTy/
gzS7H6UCwX08VNoCx9d6h1Wv6Gi5nDCyD31mfHbxawvQWYO0qB0uFlo7L5/w1dbw
HiWVjHedOxPwSam0m9oFEh4DYET8PyArL7fOREz5tZbh1G7FBcHJbgOTaF4Y/HW5
B7LfadT2c9Oy+HXgu0assitach00q7TcseG07NsQJCe+A0uKI/sd1vT4e1q/V7K2
kWQzzmxRO/qUzKWOl9tPNN35vr58IbyW15DPntYlFKH2x5t+57Y3+4S5UgPBCskV
C0dyUL37llpcV4HcTF9dJi00UBw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:59:17 2025 by rpki-client