Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer
File: y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer (raw, json)
Hash identifier: hkveuEUS99Gyaq/7iDK6Dh66wVHzPM1RIPQSjWNrQ9k=
Subject key identifier: CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143A333097DF9D3ACEEC72845C6B251
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:47:48 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 12969
AS: 21268
AS: 31441
IP: 5.23.64.0/19
IP: 46.239.192.0/18
IP: 62.145.128.0/19
IP: 81.15.0.0/17
IP: 83.173.0.0/18
IP: 85.197.192.0/18
IP: 88.149.0.0/17
IP: 89.160.128.0/17
IP: 185.21.16.0/22
IP: 185.24.0.0/22
IP: 185.245.172.0/22
IP: 193.4.0.0 -- 193.4.57.255
IP: 193.4.60.0 -- 193.4.255.255
IP: 194.144.0.0/16
IP: 213.176.128.0/19
IP: 213.213.128.0/19
IP: 213.220.64.0/18
IP: 217.9.128.0/20
IP: 217.151.160.0/19
IP: 2a01:44c0::/32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:a3:33:09:7d:f9:d3:ac:ee:c7:28:45:c6:b2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb662ceeb726774b1b44c51ff1fc0df908bdebbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:fa:e3:42:a6:05:da:c9:f8:db:1f:72:e9:
01:3c:0d:1e:3d:45:31:ca:d7:ad:cd:ff:c3:be:20:
5c:d6:78:94:fe:4b:81:c3:46:e3:5f:df:98:77:6b:
7c:9e:50:8e:9c:fa:79:4f:e6:d1:f7:a2:3b:be:77:
a5:96:e0:fa:dc:d2:32:8c:96:3a:6d:9a:83:85:09:
c8:9b:50:2c:09:ed:b4:14:d7:97:9f:8a:fa:5c:81:
29:d8:a9:d2:7e:b3:fc:54:c2:af:fa:93:82:bc:76:
d8:a3:af:74:05:ea:da:5e:d8:17:86:b0:d7:7e:be:
08:84:57:e3:66:a7:61:9a:21:7d:bd:bd:d3:d2:7a:
80:3e:ef:4e:7f:07:36:4e:10:84:dc:69:32:36:64:
21:33:f7:f1:c0:9f:c9:b2:1f:22:d4:b8:d1:f5:a1:
3b:f7:bc:b5:ba:03:90:3e:9c:34:17:f8:c7:a8:0d:
5f:32:61:b7:9d:ed:ad:3a:c3:05:50:50:ed:21:c8:
ee:6b:2e:f7:96:e0:88:66:a5:f7:f0:74:00:a8:0d:
ba:7c:22:01:63:8a:43:c0:2f:cb:98:a2:be:a9:ed:
c8:29:76:0b:82:ee:3b:7b:98:49:4a:bc:f1:43:83:
60:d3:75:e1:ff:a4:eb:30:8c:bd:f8:93:42:4e:26:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.64.0/19
46.239.192.0/18
62.145.128.0/19
81.15.0.0/17
83.173.0.0/18
85.197.192.0/18
88.149.0.0/17
89.160.128.0/17
185.21.16.0/22
185.24.0.0/22
185.245.172.0/22
193.4.0.0-193.4.57.255
193.4.60.0-193.4.255.255
194.144.0.0/16
213.176.128.0/19
213.213.128.0/19
213.220.64.0/18
217.9.128.0/20
217.151.160.0/19
IPv6:
2a01:44c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12969
21268
31441
Signature Algorithm: sha256WithRSAEncryption
a9:7d:9b:36:da:02:01:e0:eb:f9:25:2e:73:8a:93:02:39:42:
31:fc:09:d7:ea:79:51:13:f6:52:a3:66:30:b2:3a:e7:28:26:
51:9c:4b:eb:e0:bc:7f:77:ca:fb:fc:21:92:14:1a:ec:df:dc:
0c:8d:65:c8:87:8a:a7:32:48:70:36:93:cf:ce:ba:3a:06:e4:
d8:f6:1b:81:43:c1:da:88:58:b0:5c:18:0d:aa:6f:43:da:77:
b4:7c:19:f8:ec:ff:6a:04:50:bf:07:7e:c4:0e:02:ff:b9:7d:
ce:24:6d:42:f8:0e:15:75:16:f8:04:98:85:2a:83:10:fc:35:
3f:ff:d8:b3:03:69:a3:d7:0c:ad:23:07:f5:b6:9c:7d:60:fe:
7d:70:a9:22:44:91:d3:96:b1:0c:a3:3d:75:0d:c6:8e:14:ca:
75:64:fb:df:88:70:d0:c7:d4:83:6d:07:c6:00:00:39:c9:71:
17:b1:8d:e3:d3:32:09:95:60:bf:a7:ee:49:e0:d0:27:33:23:
00:6c:af:8d:24:01:3d:3a:26:68:a6:b9:aa:31:81:22:d2:e2:
c0:7d:c6:32:8d:ae:09:3f:1f:6c:3f:42:0b:01:ae:c5:17:e4:
e1:15:6e:d0:e4:49:0f:7a:25:8a:d9:31:c5:aa:06:b4:28:97:
83:21:b0:95
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZQhQ6MzCX3506zuxyhFxrJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY2MmNlZWI3MjY3NzRiMWI0NGM1MWZmMWZjMGRmOTA4YmRlYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJX640KmBdrJ+NsfcukBPA0ePUUx
ytetzf/DviBc1niU/kuBw0bjX9+Yd2t8nlCOnPp5T+bR96I7vnelluD63NIyjJY6
bZqDhQnIm1AsCe20FNeXn4r6XIEp2KnSfrP8VMKv+pOCvHbYo690BeraXtgXhrDX
fr4IhFfjZqdhmiF9vb3T0nqAPu9Ofwc2ThCE3GkyNmQhM/fxwJ/Jsh8i1LjR9aE7
97y1ugOQPpw0F/jHqA1fMmG3ne2tOsMFUFDtIcjuay73luCIZqX38HQAqA26fCIB
Y4pDwC/LmKK+qe3IKXYLgu47e5hJSrzxQ4Ng03Xh/6TrMIy9+JNCTiZQHQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFMtmLO63JndLG0TFH/H8DfkIveu8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2E5NjJh
OS1hYmZmLTQ0OTUtODZjYy1iNTZjOGNjYjI5MzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvYTk2MmE5
LWFiZmYtNDQ5NS04NmNjLWI1NmM4Y2NiMjkzNS8xL3kyWXM3cmNtZDBzYlJNVWY4
ZndOLVFpOTY3dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGqBggrBgEF
BQcBBwEB/wSBmjCBlzCBhQQCAAEwfwMEBQUXQAMEBi7vwAMEBT6RgAMEB1EPAAME
BlOtAAMEBlXFwAMEB1iVAAMEB1mggAMEArkVEAMEArkYAAMEArn1rDALAwMCwQQD
BAHBBDgwCwMEAsEEPAMDAMEEAwMAwpADBAXVsIADBAXV1YADBAbV3EADBATZCYAD
BAXZl6AwDQQCAAIwBwMFACoBRMAwIQYIKwYBBQUHAQgBAf8EEjAQoA4wDAICMqkC
AlMUAgJ60TANBgkqhkiG9w0BAQsFAAOCAQEAqX2bNtoCAeDr+SUuc4qTAjlCMfwJ
1+p5URP2UqNmMLI65ygmUZxL6+C8f3fK+/whkhQa7N/cDI1lyIeKpzJIcDaTz866
Ogbk2PYbgUPB2ohYsFwYDapvQ9p3tHwZ+Oz/agRQvwd+xA4C/7l9ziRtQvgOFXUW
+ASYhSqDEPw1P//YswNpo9cMrSMH9bacfWD+fXCpIkSR05axDKM9dQ3GjhTKdWT7
34hw0MfUg20HxgAAOclxF7GN49MyCZVgv6fuSeDQJzMjAGyvjSQBPTomaKa5qjGB
ItLiwH3GMo2uCT8fbD9CCwGuxRfk4RVu0ORJD3olitkxxaoGtCiXgyGwlQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 16:51:47 2025 by rpki-client