Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
File: M8NCwGqsw1nTlDn_WN76jqGHV0g.cer (raw, json)
Hash identifier: KTLRA6qlRo2Ah/EndqirXHZOVXh7pbim3vLGyNK22ow=
Subject key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FAEB0A6F55E103882A29DE9AE6BA60
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:47:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 13165
AS: 34441
AS: 39575
AS: 41826
AS: 42870
AS: 50374
AS: 50443
AS: 50691
AS: 50753
AS: 51209
AS: 51238
AS: 60513
AS: 197693
AS: 198350
AS: 198960
AS: 198973 -- 198974
IP: 45.146.64.0/22
IP: 109.236.240.0/20
IP: 185.216.100.0/22
IP: 193.34.164.0/23
IP: 193.43.182.0/24
IP: 213.128.192.0/19
IP: 217.22.168.0/22
IP: 2a04:4980::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:eb:0a:6f:55:e1:03:88:2a:29:de:9a:e6:ba:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33c342c06aacc359d39439ff58defa8ea1875748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:2b:74:ee:64:a9:40:f4:6b:63:83:06:fb:
3d:36:63:3c:cf:e8:85:96:cb:24:27:3a:e8:06:c7:
47:90:05:93:de:1a:f8:5b:72:c5:58:81:9b:f5:f7:
1a:60:b7:08:6e:cf:49:62:20:2a:0d:99:52:bc:4d:
a8:d3:59:50:6d:3d:56:02:02:9d:29:8b:5e:4f:37:
ca:7c:f0:8c:6e:4e:a8:cc:a1:08:d3:1e:15:19:e6:
ef:f0:4d:76:4b:d0:8f:e8:7c:8b:e1:22:a3:d8:64:
ba:04:aa:44:e0:30:4f:f2:b1:5e:33:01:36:32:0e:
f8:ec:9b:61:11:a3:e0:01:1f:a6:17:f5:9a:3e:60:
5a:85:70:9d:72:be:36:e7:70:20:98:f9:79:97:09:
28:f8:4c:9d:e2:a3:a7:95:9d:18:c0:00:53:e3:36:
d4:5e:8e:d3:3d:73:7a:2b:a2:39:20:6b:ed:08:ea:
ec:71:b2:a3:cd:85:ba:6d:45:74:6f:0a:22:8c:78:
5b:1e:f4:c6:94:0b:8d:3b:ad:af:f4:63:b1:b0:98:
6c:81:65:81:88:30:57:23:9c:78:87:ce:5b:ab:38:
50:6f:db:e9:7a:41:d7:b8:a6:57:c1:6d:6c:4e:bf:
b7:99:bd:c8:7a:3e:90:5a:3c:cf:57:51:19:db:a2:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.64.0/22
109.236.240.0/20
185.216.100.0/22
193.34.164.0/23
193.43.182.0/24
213.128.192.0/19
217.22.168.0/22
IPv6:
2a04:4980::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13165
34441
39575
41826
42870
50374
50443
50691
50753
51209
51238
60513
197693
198350
198960
198973-198974
Signature Algorithm: sha256WithRSAEncryption
77:8d:4f:16:96:f4:a6:87:c3:10:96:85:ee:24:f6:ad:68:97:
ad:03:b1:21:ed:ea:22:9b:ed:97:f6:40:64:3b:94:40:db:c8:
2f:8b:8c:dc:16:9f:1a:25:c6:1b:c6:43:15:97:b7:b8:71:b3:
fc:ff:94:e8:1a:98:57:5f:84:56:78:75:4e:fb:9a:6b:ba:61:
6c:3c:22:e3:d9:23:6d:33:b9:8c:a7:0b:e2:90:93:b4:e9:c9:
47:60:6a:44:11:93:ec:0c:52:60:bf:be:7a:74:a4:3f:68:08:
c5:ef:04:ed:aa:ba:67:b4:8b:f9:e0:89:9c:e3:a2:3f:c0:54:
d3:ad:42:6c:61:43:a0:dd:9b:b0:c7:a2:af:3a:ec:c3:e3:9a:
6d:b6:3e:d7:87:9e:a5:4b:f0:c9:b2:c5:a6:4c:36:ed:0d:bc:
e4:38:b2:a3:44:12:54:85:c0:a2:a5:d0:51:9b:b0:99:16:3b:
f0:55:e4:89:d3:cb:7a:28:f7:9d:ca:5f:37:53:44:fd:86:1a:
0e:c1:b2:d8:10:bf:16:48:1a:5b:fa:6f:1d:15:cc:ae:a9:79:
78:c8:ad:cf:c8:63:10:c9:0f:0b:6d:41:d3:9d:99:29:d5:4a:
5e:39:84:ec:64:d7:64:42:ad:70:0b:b6:6d:da:0e:4b:c9:90:
bb:6d:39:59
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZQi+usKb1XhA4gqKd6a5rpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2MzNDJjMDZhYWNjMzU5ZDM5NDM5ZmY1OGRlZmE4ZWExODc1NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04MrdO5kqUD0a2ODBvs9NmM8z+iF
lsskJzroBsdHkAWT3hr4W3LFWIGb9fcaYLcIbs9JYiAqDZlSvE2o01lQbT1WAgKd
KYteTzfKfPCMbk6ozKEI0x4VGebv8E12S9CP6HyL4SKj2GS6BKpE4DBP8rFeMwE2
Mg747JthEaPgAR+mF/WaPmBahXCdcr4253AgmPl5lwko+Eyd4qOnlZ0YwABT4zbU
Xo7TPXN6K6I5IGvtCOrscbKjzYW6bUV0bwoijHhbHvTGlAuNO62v9GOxsJhsgWWB
iDBXI5x4h85bqzhQb9vpekHXuKZXwW1sTr+3mb3Iej6QWjzPV1EZ26IaGwIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFDPDQsBqrMNZ05Q5/1je+o6hh1dIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VlL2M1NWZk
Zi1hNjhhLTRhYTAtYjhjNS03ZjIzMzM2MDQ5OTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUvYzU1ZmRm
LWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8xL004TkN3R3FzdzFuVGxEbl9X
Tjc2anFHSFYwZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQCLZJAAwQEbezwAwQCudhkAwQBwSKkAwQAwSu2
AwQF1YDAAwQC2RaoMA0EAgACMAcDBQMqBEmAMGsGCCsGAQUFBwEIAQH/BFwwWqBY
MFYCAjNtAgMAhokCAwCalwIDAKNiAgMAp3YCAwDExgIDAMULAgMAxgMCAwDGQQID
AMgJAgMAyCYCAwDsYQIDAwQ9AgMDBs4CAwMJMDAKAgMDCT0CAwMJPjANBgkqhkiG
9w0BAQsFAAOCAQEAd41PFpb0pofDEJaF7iT2rWiXrQOxIe3qIpvtl/ZAZDuUQNvI
L4uM3BafGiXGG8ZDFZe3uHGz/P+U6BqYV1+EVnh1Tvuaa7phbDwi49kjbTO5jKcL
4pCTtOnJR2BqRBGT7AxSYL++enSkP2gIxe8E7aq6Z7SL+eCJnOOiP8BU061CbGFD
oN2bsMeirzrsw+OabbY+14eepUvwybLFpkw27Q285Diyo0QSVIXAoqXQUZuwmRY7
8FXkidPLeij3ncpfN1NE/YYaDsGy2BC/FkgaW/pvHRXMrql5eMitz8hjEMkPC21B
052ZKdVKXjmE7GTXZEKtcAu2bdoOS8mQu205WQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:30:23 2025 by rpki-client on console.sobornost.net