Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
File: rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer (raw, json)
Hash identifier: E990lj743AX8Pkka6vT8y7rlHWPQvTf4sr211dmfVK8=
Subject key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C42DB86A04A4F37A79D54312AE15F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:47:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200000
AS: 200525
IP: 37.139.64.0/21
IP: 45.154.218.0/24
IP: 46.247.80.0/21
IP: 89.19.128.0/19
IP: 91.105.208.0/21
IP: 109.205.96.0/21
IP: 173.242.48.0/20
IP: 185.25.116.0/22
IP: 185.39.224.0/22
IP: 185.65.244.0/22
IP: 185.68.16.0/22
IP: 185.69.152.0/22
IP: 185.104.44.0/22
IP: 185.124.8.0/22
IP: 185.130.120.0/22
IP: 185.149.40.0/22
IP: 185.209.168.0/22
IP: 185.225.212.0/22
IP: 185.226.24.0/22
IP: 185.233.36.0 -- 185.233.47.255
IP: 185.233.116.0 -- 185.233.123.255
IP: 185.233.136.0/22
IP: 185.233.152.0/22
IP: 185.234.176.0/22
IP: 185.235.168.0/22
IP: 185.239.180.0/22
IP: 217.173.208.0/20
IP: 2a00:7a60::/32
IP: 2a04:8000::/29
IP: 2a05:480::/29
IP: 2a06:6440::/29
IP: 2a0c:680::/29
IP: 2a0c:780::/29
IP: 2a0c:880::/29
IP: 2a0c:a80::/29
IP: 2a0c:c80::/29
IP: 2a0c:d80::/29
IP: 2a0c:e80::/29
IP: 2a0c:6080::/29
IP: 2a0d:1100::/29
IP: 2a0d:6500::/29
IP: 2a0d:6f00::/29
IP: 2a0d:fc00::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:42:db:86:a0:4a:4f:37:a7:9d:54:31:2a:e1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:88:ec:b7:ae:cc:66:0e:5e:19:3e:66:8f:74:
7f:37:b4:b3:1a:71:4c:70:21:27:66:d8:5c:45:9c:
55:43:16:64:b1:20:aa:42:46:25:32:0b:0c:76:fd:
01:40:36:8a:4c:22:ee:71:aa:55:20:9d:0f:42:74:
05:49:99:3d:d5:ba:60:92:d6:13:b4:e6:5a:f9:2c:
6b:09:18:61:30:d1:02:3f:38:e9:26:b6:bf:c1:f1:
84:8c:98:c2:34:86:a9:5e:99:44:b1:43:84:4a:66:
cf:d4:db:e1:12:f8:97:69:85:5a:06:dd:10:93:71:
0b:7e:ca:ed:68:51:fe:9c:04:03:2c:e5:c9:37:a1:
20:56:59:b4:f1:fc:6b:af:c5:a9:85:66:4f:94:93:
68:c1:d8:de:98:f6:39:88:20:cc:0c:0c:bb:87:e4:
5b:a7:b3:be:94:6e:f3:7d:67:4c:59:b9:12:9d:a9:
81:0f:2a:d5:91:2d:0e:7f:f9:cc:de:aa:da:32:69:
7f:8f:9a:34:2e:1f:6a:9a:b3:7b:d0:22:27:34:9a:
3b:56:ba:2e:29:f2:29:5a:57:0d:0b:16:11:b1:69:
07:34:f8:ee:c5:2c:e1:97:2e:88:53:f6:35:1a:46:
fe:19:3a:40:cc:62:ba:fb:d7:69:c2:23:64:b2:b2:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.64.0/21
45.154.218.0/24
46.247.80.0/21
89.19.128.0/19
91.105.208.0/21
109.205.96.0/21
173.242.48.0/20
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.209.168.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.233.152.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
217.173.208.0/20
IPv6:
2a00:7a60::/32
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:680::/29
2a0c:780::/29
2a0c:880::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
2a0d:6f00::/29
2a0d:fc00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200000
200525
Signature Algorithm: sha256WithRSAEncryption
5f:8e:ac:45:a2:fd:6e:dc:fa:d0:7c:a2:ed:a9:73:70:2b:67:
bc:ce:a9:1f:26:76:7f:72:1e:91:93:e3:58:16:ff:c4:be:ad:
d2:9a:03:e3:3e:d6:2c:68:02:25:bd:a0:fe:4b:fa:95:8a:96:
58:17:c6:94:9f:c0:fd:39:19:a0:ca:e3:7d:f4:84:45:20:ca:
ef:01:2f:5a:4a:a8:ba:b8:1c:4c:9f:00:67:5a:5f:72:57:75:
f2:28:93:d5:c7:45:33:26:6b:5a:d9:0f:b9:ea:6d:87:ac:59:
ea:e2:b3:7d:e9:ee:d4:ce:ba:3b:6a:1c:32:c3:8e:09:73:4a:
3a:b4:6d:41:29:dd:1f:89:06:af:ea:13:24:73:ec:65:10:53:
f9:e2:ae:00:b2:00:e7:7b:64:3e:47:1f:82:3d:32:8a:99:0a:
be:b7:f5:93:3d:30:ac:62:db:e8:0e:14:49:1e:b2:99:e4:53:
64:1b:c0:30:5e:98:0d:23:6e:46:e8:01:40:82:09:b6:5b:3c:
cb:6a:a7:5b:fb:31:77:64:8f:70:e3:48:88:f1:87:92:85:42:
1d:34:16:4b:c6:72:a3:c5:b6:a7:e2:51:16:73:a7:29:0e:52:
6e:b6:c6:b5:e3:0a:99:50:c1:fb:3a:00:2c:9e:66:58:ee:8b:
6c:f3:6e:f8
-----BEGIN CERTIFICATE-----
MIIGxTCCBa2gAwIBAgISAZQfjELbhqBKTzennVQxKuFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhhMGUwYjFiMjFmMDkzMzMzYzA3NDgxNDViMTYyODQxOGNmMmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoojst67MZg5eGT5mj3R/N7SzGnFM
cCEnZthcRZxVQxZksSCqQkYlMgsMdv0BQDaKTCLucapVIJ0PQnQFSZk91bpgktYT
tOZa+SxrCRhhMNECPzjpJra/wfGEjJjCNIapXplEsUOESmbP1NvhEviXaYVaBt0Q
k3ELfsrtaFH+nAQDLOXJN6EgVlm08fxrr8WphWZPlJNowdjemPY5iCDMDAy7h+Rb
p7O+lG7zfWdMWbkSnamBDyrVkS0Of/nM3qraMml/j5o0Lh9qmrN70CInNJo7Vrou
KfIpWlcNCxYRsWkHNPjuxSzhly6IU/Y1Gkb+GTpAzGK6+9dpwiNksrKGtQIDAQAB
o4ID0TCCA80wHQYDVR0OBBYEFKyKDgsbIfCTMzwHSBRbFihBjPK1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzhjZTZh
MS0xMzBjLTQ4MGUtYTkwMy1kYjhlZmYxYjExYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvOGNlNmEx
LTEzMGMtNDgwZS1hOTAzLWRiOGVmZjFiMTFhMC8xL3JJb09DeHNoOEpNelBBZElG
RnNXS0VHTThyVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBSQYIKwYB
BQUHAQcBAf8EggE4MIIBNDCBuQQCAAEwgbIDBAMli0ADBAAtmtoDBAMu91ADBAVZ
E4ADBANbadADBANtzWADBASt8jADBAK5GXQDBAK5J+ADBAK5QfQDBAK5RBADBAK5
RZgDBAK5aCwDBAK5fAgDBAK5gngDBAK5lSgDBAK50agDBAK54dQDBAK54hgwDAME
ArnpJAMEBLnpIDAMAwQCuel0AwQCuel4AwQCuemIAwQCuemYAwQCueqwAwQCueuo
AwQCue+0AwQE2a3QMHYEAgACMHADBQAqAHpgAwUDKgSAAAMFAyoFBIADBQMqBmRA
AwUDKgwGgAMFAyoMB4ADBQMqDAiAAwUDKgwKgAMFAyoMDIADBQMqDA2AAwUDKgwO
gAMFAyoMYIADBQMqDREAAwUDKg1lAAMFAyoNbwADBQMqDfwAMB8GCCsGAQUFBwEI
AQH/BBAwDqAMMAoCAwMNQAIDAw9NMA0GCSqGSIb3DQEBCwUAA4IBAQBfjqxFov1u
3PrQfKLtqXNwK2e8zqkfJnZ/ch6Rk+NYFv/Evq3SmgPjPtYsaAIlvaD+S/qVipZY
F8aUn8D9ORmgyuN99IRFIMrvAS9aSqi6uBxMnwBnWl9yV3XyKJPVx0UzJmta2Q+5
6m2HrFnq4rN96e7Uzro7ahwyw44Jc0o6tG1BKd0fiQav6hMkc+xlEFP54q4AsgDn
e2Q+Rx+CPTKKmQq+t/WTPTCsYtvoDhRJHrKZ5FNkG8AwXpgNI25G6AFAggm2WzzL
aqdb+zF3ZI9w40iI8YeShUIdNBZLxnKjxban4lEWc6cpDlJutsa14wqZUMH7OgAs
nmZY7ots8274
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:59 2025 by rpki-client on console.sobornost.net