Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
File: 2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer (raw, json)
Hash identifier: TJvnKMo+3GOpqSlkYl9lzuITUdpQqlhuo9l1DEmrw48=
Subject key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194BC9FC1A5A604006FF2831F378195B153
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 31 Jan 2025 13:49:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29119
AS: 31577
AS: 56882
AS: 60494
IP: 5.35.200.0/21
IP: 5.154.0.0/17
IP: 5.154.172.0/23
IP: 5.154.185.0/24
IP: 5.154.234.0/23
IP: 5.154.241.0/24
IP: 5.159.240.0/21
IP: 31.3.120.0/21
IP: 31.14.200.0/21
IP: 31.200.240.0/21
IP: 37.72.0.0/19
IP: 37.153.88.0/21
IP: 37.209.160.0/21
IP: 37.230.64.0/19
IP: 45.252.236.0/22
IP: 46.251.252.0/22
IP: 78.136.64.0/18
IP: 83.136.184.0/21
IP: 84.232.0.0/17
IP: 84.236.128.0/17
IP: 85.204.140.0/22
IP: 86.104.24.0/23
IP: 86.104.27.0/24
IP: 86.105.156.0/22
IP: 88.148.0.0/17
IP: 89.32.160.0/21
IP: 89.34.120.0/22
IP: 89.35.148.0/22
IP: 89.37.227.0/24
IP: 89.40.80.0/24
IP: 89.40.203.0/24
IP: 89.43.74.0 -- 89.43.77.255
IP: 89.43.84.0/22
IP: 89.44.64.0/21
IP: 89.45.240.0/24
IP: 89.45.242.0 -- 89.45.247.255
IP: 89.46.136.0/21
IP: 91.228.91.0/24
IP: 93.113.48.0/22
IP: 93.114.252.0/22
IP: 93.115.156.0/22
IP: 93.115.204.0/22
IP: 93.119.28.0/22
IP: 93.119.156.0/22
IP: 94.24.32.0/22
IP: 94.24.40.0/21
IP: 94.24.104.0/22
IP: 94.76.128.0/18
IP: 94.176.136.0/21
IP: 94.176.194.0/23
IP: 94.177.152.0/21
IP: 95.129.112.0/21
IP: 95.178.32.0/22
IP: 95.178.38.0/24
IP: 95.178.112.0/21
IP: 103.82.48.0/22
IP: 109.167.0.0/17
IP: 115.42.52.0/22
IP: 151.237.192.0/19
IP: 159.253.248.0/21
IP: 168.245.196.0/23
IP: 176.56.96.0/19
IP: 176.227.144.0/20
IP: 178.156.0.0/17
IP: 185.23.120.0/22
IP: 185.25.196.0/22
IP: 185.27.124.0/22
IP: 185.32.112.0/22
IP: 185.40.144.0/22
IP: 185.40.180.0/22
IP: 185.59.64.0/22
IP: 185.99.248.0/22
IP: 185.130.152.0/22
IP: 185.132.164.0/22
IP: 185.150.204.0/22
IP: 185.155.68.0/22
IP: 185.193.8.0/22
IP: 185.218.188.0/22
IP: 185.225.149.0 -- 185.225.151.255
IP: 185.226.231.0/24
IP: 188.64.96.0/21
IP: 188.227.128.0/19
IP: 188.240.36.0/22
IP: 188.240.43.0/24
IP: 212.63.124.0/22
IP: 212.237.236.0/22
IP: 213.170.224.0/19
IP: 217.61.64.0 -- 217.61.87.255
IP: 2a00:8a80::/29
IP: 2a00:f640::/29
IP: 2a02:69a0::/32
IP: 2a03:1cc0::/32
IP: 2a03:ae80::/32
IP: 2a07:6840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:9f:c1:a5:a6:04:00:6f:f2:83:1f:37:81:95:b1:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 31 13:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:51:14:5e:4a:c4:35:86:fa:f0:1f:75:08:dc:
1c:1a:59:2a:22:23:64:1a:02:a6:ab:89:73:fa:af:
4f:7d:f4:da:d2:31:d4:e1:46:bf:a6:37:c6:23:b7:
a0:d0:a7:07:22:c2:43:c2:f5:8d:ca:cf:ec:40:c5:
4d:eb:17:80:47:31:8d:59:19:9e:c3:7e:0e:29:d5:
6d:ba:45:5e:45:fa:25:e5:b5:6c:60:b6:f6:98:1a:
7d:7b:ad:c7:a3:7d:c7:19:75:9d:45:3a:f5:49:00:
80:de:2b:2d:69:04:a3:e3:2d:75:0c:de:73:03:ab:
70:b7:40:07:79:6b:59:cf:c2:26:82:13:ac:27:50:
1a:6c:3b:87:f0:e8:37:7f:87:9e:4c:1b:60:01:89:
87:81:b8:48:ca:4f:c0:86:9a:4d:71:9f:d2:81:0f:
cd:b9:a7:f1:1e:d7:83:e1:ab:04:ac:da:5f:45:db:
52:01:4e:7d:c0:69:1e:f6:8a:ce:28:3f:e2:4c:cb:
02:9d:07:5d:93:46:65:17:78:93:36:f4:dd:0c:3f:
6b:8c:2b:39:56:b8:7c:ca:00:ad:cc:99:aa:7a:e1:
6e:94:46:eb:d5:44:b8:ce:c3:28:f0:b5:5b:eb:0a:
1e:c9:ca:62:06:2d:ed:11:b4:ff:5f:cc:1c:96:8d:
f4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.200.0/21
5.154.0.0/17
5.154.172.0/23
5.154.185.0/24
5.154.234.0/23
5.154.241.0/24
5.159.240.0/21
31.3.120.0/21
31.14.200.0/21
31.200.240.0/21
37.72.0.0/19
37.153.88.0/21
37.209.160.0/21
37.230.64.0/19
45.252.236.0/22
46.251.252.0/22
78.136.64.0/18
83.136.184.0/21
84.232.0.0/17
84.236.128.0/17
85.204.140.0/22
86.104.24.0/23
86.104.27.0/24
86.105.156.0/22
88.148.0.0/17
89.32.160.0/21
89.34.120.0/22
89.35.148.0/22
89.37.227.0/24
89.40.80.0/24
89.40.203.0/24
89.43.74.0-89.43.77.255
89.43.84.0/22
89.44.64.0/21
89.45.240.0/24
89.45.242.0-89.45.247.255
89.46.136.0/21
91.228.91.0/24
93.113.48.0/22
93.114.252.0/22
93.115.156.0/22
93.115.204.0/22
93.119.28.0/22
93.119.156.0/22
94.24.32.0/22
94.24.40.0/21
94.24.104.0/22
94.76.128.0/18
94.176.136.0/21
94.176.194.0/23
94.177.152.0/21
95.129.112.0/21
95.178.32.0/22
95.178.38.0/24
95.178.112.0/21
103.82.48.0/22
109.167.0.0/17
115.42.52.0/22
151.237.192.0/19
159.253.248.0/21
168.245.196.0/23
176.56.96.0/19
176.227.144.0/20
178.156.0.0/17
185.23.120.0/22
185.25.196.0/22
185.27.124.0/22
185.32.112.0/22
185.40.144.0/22
185.40.180.0/22
185.59.64.0/22
185.99.248.0/22
185.130.152.0/22
185.132.164.0/22
185.150.204.0/22
185.155.68.0/22
185.193.8.0/22
185.218.188.0/22
185.225.149.0-185.225.151.255
185.226.231.0/24
188.64.96.0/21
188.227.128.0/19
188.240.36.0/22
188.240.43.0/24
212.63.124.0/22
212.237.236.0/22
213.170.224.0/19
217.61.64.0-217.61.87.255
IPv6:
2a00:8a80::/29
2a00:f640::/29
2a02:69a0::/32
2a03:1cc0::/32
2a03:ae80::/32
2a07:6840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29119
31577
56882
60494
Signature Algorithm: sha256WithRSAEncryption
3f:f5:29:e4:36:71:5b:78:b8:a2:a8:11:eb:90:a2:a3:c2:e2:
ba:ad:f4:4c:36:74:70:94:d8:c3:b5:1e:c8:85:f3:c8:0b:38:
d9:4c:ff:f8:be:ec:01:e6:c1:ec:94:cf:df:f4:aa:29:a0:5e:
d5:c6:69:0f:5f:c4:a2:39:e7:b5:78:73:b3:d7:22:6b:5a:ab:
66:c6:06:7f:2f:25:85:9e:95:95:c4:83:9a:2f:00:9a:19:bc:
ec:24:47:17:6d:45:1c:c7:f9:32:63:db:c6:37:8f:8f:ba:9e:
7c:b6:75:e3:93:3c:79:4b:79:f1:e8:da:51:f7:c3:42:a3:19:
9f:dd:69:5c:05:12:6f:63:0c:84:88:6a:cf:3b:51:05:bc:8a:
17:76:77:c0:99:35:10:e5:0c:ea:c7:2f:09:44:0d:91:6b:87:
ba:4c:a1:bd:50:07:e0:99:65:36:f0:d6:29:7d:76:ca:71:8d:
2d:7d:06:ab:50:1a:de:64:f0:5e:0d:f1:60:c1:82:53:7d:8c:
ae:99:2d:9a:2f:e7:1b:0f:c4:29:2f:6b:11:a1:c4:6f:13:7b:
84:0c:d7:af:33:b3:90:f7:6d:dd:ed:f3:10:d8:b0:f8:c3:43:
7f:d9:ef:d7:70:66:5a:1b:ca:b7:0d:1c:33:8d:a9:18:99:78:
5b:32:30:1f
-----BEGIN CERTIFICATE-----
MIIIBzCCBu+gAwIBAgISAZS8n8GlpgQAb/KDHzeBlbFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTMxMTM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FEUXkrENYb68B91CNwcGlkqIiNk
GgKmq4lz+q9PffTa0jHU4Ua/pjfGI7eg0KcHIsJDwvWNys/sQMVN6xeARzGNWRme
w34OKdVtukVeRfol5bVsYLb2mBp9e63Ho33HGXWdRTr1SQCA3istaQSj4y11DN5z
A6twt0AHeWtZz8ImghOsJ1AabDuH8Og3f4eeTBtgAYmHgbhIyk/AhppNcZ/SgQ/N
uafxHteD4asErNpfRdtSAU59wGke9orOKD/iTMsCnQddk0ZlF3iTNvTdDD9rjCs5
Vrh8ygCtzJmqeuFulEbr1US4zsMo8LVb6woeycpiBi3tEbT/X8wclo30qwIDAQAB
o4IFEzCCBQ8wHQYDVR0OBBYEFNqvF7ABXbt82ZLybN/wHE4mILc+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1L2M4OTcz
Yy0zY2ZhLTQ2MDQtODExMC1jZjA2ZDE5ODNiYTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvYzg5NzNj
LTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6Wmt2SnMz
X0FjVGlZZ3R6NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICgwYIKwYB
BQUHAQcBAf8EggJyMIICbjCCAjgEAgABMIICMAMEAwUjyAMEBwWaAAMEAQWarAME
AAWauQMEAQWa6gMEAAWa8QMEAwWf8AMEAx8DeAMEAx8OyAMEAx/I8AMEBSVIAAME
AyWZWAMEAyXRoAMEBSXmQAMEAi387AMEAi77/AMEBk6IQAMEA1OIuAMEB1ToAAME
B1TsgAMEAlXMjAMEAVZoGAMEAFZoGwMEAlZpnAMEB1iUAAMEA1kgoAMEAlkieAME
AlkjlAMEAFkl4wMEAFkoUAMEAFkoyzAMAwQBWStKAwQBWStMAwQCWStUAwQDWSxA
AwQAWS3wMAwDBAFZLfIDBANZLfADBANZLogDBABb5FsDBAJdcTADBAJdcvwDBAJd
c5wDBAJdc8wDBAJddxwDBAJdd5wDBAJeGCADBANeGCgDBAJeGGgDBAZeTIADBANe
sIgDBAFesMIDBANesZgDBANfgXADBAJfsiADBABfsiYDBANfsnADBAJnUjADBAdt
pwADBAJzKjQDBAWX7cADBAOf/fgDBAGo9cQDBAWwOGADBASw45ADBAeynAADBAK5
F3gDBAK5GcQDBAK5G3wDBAK5IHADBAK5KJADBAK5KLQDBAK5O0ADBAK5Y/gDBAK5
gpgDBAK5hKQDBAK5lswDBAK5m0QDBAK5wQgDBAK52rwwDAMEALnhlQMEA7nhkAME
ALni5wMEA7xAYAMEBbzjgAMEArzwJAMEALzwKwMEAtQ/fAMEAtTt7AMEBdWq4DAM
AwQG2T1AAwQD2T1QMDAEAgACMCoDBQMqAIqAAwUDKgD2QAMFACoCaaADBQAqAxzA
AwUAKgOugAMFAyoHaEAwJwYIKwYBBQUHAQgBAf8EGDAWoBQwEgICcb8CAntZAgMA
3jICAwDsTjANBgkqhkiG9w0BAQsFAAOCAQEAP/Up5DZxW3i4oqgR65Cio8Liuq30
TDZ0cJTYw7UeyIXzyAs42Uz/+L7sAebB7JTP3/SqKaBe1cZpD1/EojnntXhzs9ci
a1qrZsYGfy8lhZ6VlcSDmi8Amhm87CRHF21FHMf5MmPbxjePj7qefLZ145M8eUt5
8ejaUffDQqMZn91pXAUSb2MMhIhqzztRBbyKF3Z3wJk1EOUM6scvCUQNkWuHukyh
vVAH4JllNvDWKX12ynGNLX0Gq1Aa3mTwXg3xYMGCU32Mrpktmi/nGw/EKS9rEaHE
bxN7hAzXrzOzkPdt3e3zENiw+MNDf9nv13BmWhvKtw0cM42pGJl4WzIwHw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:18:14 2025 by rpki-client