Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
File: xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer (raw, json)
Hash identifier: oB8SYqec40e/kY8V+yFiPtOwhRjkvPC04SxX5MWCdMw=
Subject key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425213625D1D4C327502001EF88141D49
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:48:41 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 39912
AS: 41905
AS: 44752
AS: 62155
IP: 37.186.0.0 -- 37.186.4.255
IP: 37.186.6.0 -- 37.186.23.255
IP: 77.220.96.0 -- 77.220.115.255
IP: 77.220.120.0/21
IP: 78.142.64.0/23
IP: 78.142.68.0 -- 78.142.79.255
IP: 78.142.96.0 -- 78.142.117.255
IP: 78.142.122.0 -- 78.142.127.255
IP: 81.94.48.0 -- 81.94.54.255
IP: 81.94.56.0/21
IP: 91.206.224.0/23
IP: 92.42.16.0/22
IP: 92.63.208.0 -- 92.63.212.255
IP: 92.63.214.0 -- 92.63.223.255
IP: 93.185.128.0/20
IP: 95.143.80.0/20
IP: 193.37.144.0/24
IP: 195.16.224.0 -- 195.16.238.255
IP: 195.16.241.0 -- 195.16.243.255
IP: 195.16.245.0 -- 195.16.247.255
IP: 195.16.251.0/24
IP: 195.16.253.0 -- 195.16.255.255
IP: 195.137.238.0/23
IP: 195.140.136.0/22
IP: 213.139.252.0/22
IP: 2001:7f8:4a::/48
IP: 2a00:e98::/32
IP: 2a00:eb0::/32
IP: 2a01:f8::/32
IP: 2a01:100::/32
IP: 2a04:a680::/29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:36:25:d1:d4:c3:27:50:20:01:ef:88:14:1d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:22:07:44:7c:cb:ff:ba:00:86:17:b6:f8:56:
5a:97:71:ca:57:78:f0:e4:32:f1:9c:9b:56:74:c7:
55:ce:24:b7:a1:5c:82:ee:39:b4:9f:1f:1c:00:4f:
34:00:7a:60:e9:2d:21:8f:f3:64:e3:5e:2f:37:d4:
2b:17:1a:f5:b1:f6:dc:64:80:2d:3d:33:a5:2d:a7:
87:20:d4:78:79:9d:e0:3d:0b:2b:07:a1:01:67:7a:
ea:14:a3:4b:7b:45:bf:8e:72:e7:65:ab:d2:32:92:
1f:da:31:ee:04:ff:04:5f:d4:30:72:b0:fd:71:78:
2d:bb:00:a6:12:a8:28:8d:2b:25:df:57:c0:f8:29:
e3:5f:d4:d2:38:9b:73:28:71:14:4b:95:ba:27:3a:
59:61:cc:95:ca:7f:48:43:e4:dc:c7:89:39:04:d8:
35:bf:0a:ed:6d:ea:93:77:b0:d8:4c:76:41:f8:8e:
4e:79:5b:18:c3:24:46:c7:e3:cb:f0:a7:0c:21:9f:
85:ff:26:f5:1a:24:a4:c7:3b:4f:14:c6:39:6f:f1:
6d:8a:05:1c:f9:5f:9d:5e:e8:62:dc:b2:39:96:80:
24:1e:1a:94:b0:61:fb:0a:4c:4b:4e:a9:ee:a6:01:
13:02:95:33:60:92:14:95:f9:8f:52:15:eb:57:28:
ad:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.186.0.0-37.186.4.255
37.186.6.0-37.186.23.255
77.220.96.0-77.220.115.255
77.220.120.0/21
78.142.64.0/23
78.142.68.0-78.142.79.255
78.142.96.0-78.142.117.255
78.142.122.0-78.142.127.255
81.94.48.0-81.94.54.255
81.94.56.0/21
91.206.224.0/23
92.42.16.0/22
92.63.208.0-92.63.212.255
92.63.214.0-92.63.223.255
93.185.128.0/20
95.143.80.0/20
193.37.144.0/24
195.16.224.0-195.16.238.255
195.16.241.0-195.16.243.255
195.16.245.0-195.16.247.255
195.16.251.0/24
195.16.253.0-195.16.255.255
195.137.238.0/23
195.140.136.0/22
213.139.252.0/22
IPv6:
2001:7f8:4a::/48
2a00:e98::/32
2a00:eb0::/32
2a01:f8::/32
2a01:100::/32
2a04:a680::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39912
41905
44752
62155
Signature Algorithm: sha256WithRSAEncryption
0e:bb:fb:b7:1a:88:01:5f:ed:d9:65:c7:e2:51:38:99:04:de:
a7:2a:bf:42:82:1e:e9:1b:5d:92:0c:ce:ad:f9:83:d7:60:91:
e4:30:f0:e8:af:55:ee:3a:66:51:99:b9:c9:6e:d7:2d:b7:35:
6d:50:a6:7c:3e:90:58:5e:7f:a2:df:f3:7f:78:1d:92:25:48:
42:77:84:95:b2:03:37:68:92:ab:46:d2:8d:70:71:e0:a7:41:
f1:d8:7f:41:c2:18:63:05:8e:01:a4:60:0c:23:35:e2:77:55:
99:e1:99:78:1e:a2:8f:3d:d1:31:62:79:61:98:4d:e3:32:d3:
d0:8b:7f:8e:0a:f4:03:a1:d0:10:03:32:41:05:95:8f:32:6a:
d0:c0:13:0f:63:47:84:06:83:ee:f5:39:53:7d:a9:8d:2a:87:
1f:f2:1a:bb:48:bf:cc:a4:d1:27:3b:fd:50:1c:91:14:5c:bb:
e1:1b:98:f8:8b:34:ab:0a:59:b9:14:4f:a0:da:b7:3b:6d:a7:
b3:4a:18:3c:53:90:9d:26:5f:13:61:84:9e:a0:7e:cf:6d:eb:
a6:c4:b2:0c:ed:69:ff:09:62:54:39:ba:4c:51:f9:96:b9:51:
4a:e6:d4:13:fd:2e:d7:c3:6e:ac:ae:6c:c7:6f:4d:14:b4:6a:
eb:40:23:03
-----BEGIN CERTIFICATE-----
MIIG1jCCBb6gAwIBAgISAZQlITYl0dTDJ1AgAe+IFB1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQxNzM4YmFhYjk4OGIxZDY4NjkzYmIwNWUyOWJmYmI0ZjBmNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiIHRHzL/7oAhhe2+FZal3HKV3jw
5DLxnJtWdMdVziS3oVyC7jm0nx8cAE80AHpg6S0hj/Nk414vN9QrFxr1sfbcZIAt
PTOlLaeHINR4eZ3gPQsrB6EBZ3rqFKNLe0W/jnLnZavSMpIf2jHuBP8EX9QwcrD9
cXgtuwCmEqgojSsl31fA+CnjX9TSOJtzKHEUS5W6JzpZYcyVyn9IQ+Tcx4k5BNg1
vwrtbeqTd7DYTHZB+I5OeVsYwyRGx+PL8KcMIZ+F/yb1GiSkxztPFMY5b/FtigUc
+V+dXuhi3LI5loAkHhqUsGH7CkxLTqnupgETApUzYJIUlfmPUhXrVyitswIDAQAB
o4ID4jCCA94wHQYDVR0OBBYEFMRBc4uquYix1oaTuwXim/u08PZxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkzL2Y4MzE0
ZS1hM2JjLTQ1ZTktYTlmNS00Yzk4ZDlhNTE0MDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMvZjgzMTRl
LWEzYmMtNDVlOS1hOWY1LTRjOThkOWE1MTQwNS8xL3hFRnppNnE1aUxIV2hwTzdC
ZUtiLTdUdzluRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBUAYIKwYB
BQUHAQcBAf8EggE/MIIBOzCCAQMEAgABMIH8MAsDAwElugMEACW6BDAMAwQBJboG
AwQDJboQMAwDBAVN3GADBAJN3HADBANN3HgDBAFOjkAwDAMEAk6ORAMEBE6OQDAM
AwQFTo5gAwQBTo50MAwDBAFOjnoDBAdOjgAwDAMEBFFeMAMEAFFeNgMEA1FeOAME
AVvO4AMEAlwqEDAMAwQEXD/QAwQAXD/UMAwDBAFcP9YDBAVcP8ADBARduYADBARf
j1ADBADBJZAwDAMEBcMQ4AMEAMMQ7jAMAwQAwxDxAwQCwxDwMAwDBADDEPUDBAPD
EPADBADDEPswCwMEAMMQ/QMDAMMQAwQBw4nuAwQCw4yIAwQC1Yv8MDIEAgACMCwD
BwAgAQf4AEoDBQAqAA6YAwUAKgAOsAMFACoBAPgDBQAqAQEAAwUDKgSmgDApBggr
BgEFBQcBCAEB/wQaMBigFjAUAgMAm+gCAwCjsQIDAK7QAgMA8sswDQYJKoZIhvcN
AQELBQADggEBAA67+7caiAFf7dllx+JROJkE3qcqv0KCHukbXZIMzq35g9dgkeQw
8OivVe46ZlGZuclu1y23NW1Qpnw+kFhef6Lf8394HZIlSEJ3hJWyAzdokqtG0o1w
ceCnQfHYf0HCGGMFjgGkYAwjNeJ3VZnhmXgeoo890TFieWGYTeMy09CLf44K9AOh
0BADMkEFlY8yatDAEw9jR4QGg+71OVN9qY0qhx/yGrtIv8yk0Sc7/VAckRRcu+Eb
mPiLNKsKWbkUT6Datzttp7NKGDxTkJ0mXxNhhJ6gfs9t66bEsgztaf8JYlQ5ukxR
+Za5UUrm1BP9LtfDbqyubMdvTRS0autAIwM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:15 2025 by rpki-client on console.sobornost.net