Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
File: 474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer (raw, json)
Hash identifier: worNhVpDPFNOalAr6ZLkOouyoOwNTx9D3Rx8E4yzAx8=
Subject key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D774D478ECBFE963CC88033493C609
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:48:30 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 5518
AS: 6747
AS: 6906
AS: 12578
AS: 47570
IP: 46.109.0.0/16
IP: 62.63.128.0/18
IP: 62.85.0.0/17
IP: 78.28.192.0/18
IP: 78.84.0.0/16
IP: 78.154.128.0/19
IP: 80.232.128.0/17
IP: 80.233.128.0/17
IP: 81.198.0.0/16
IP: 84.237.128.0/17
IP: 87.110.0.0/16
IP: 87.246.144.0 -- 87.246.191.255
IP: 91.105.0.0/17
IP: 94.100.0.0/20
IP: 95.68.0.0/17
IP: 185.38.56.0/22
IP: 185.87.204.0/22
IP: 194.8.9.0/24
IP: 194.8.16.0 -- 194.8.27.255
IP: 194.19.224.0/19
IP: 195.2.96.0/19
IP: 195.13.128.0/17
IP: 195.114.32.0/19
IP: 195.122.0.0/19
IP: 213.175.64.0/18
IP: 2a02:16d8::/32
IP: 2a02:2330::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:74:d4:78:ec:bf:e9:63:cc:88:03:34:93:c6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:ff:a8:93:20:30:15:3e:17:b5:f5:bf:38:
7b:a2:39:5a:e8:3f:24:9a:72:0c:25:4a:9b:a1:5d:
5d:49:3c:4a:fe:8b:ec:bf:93:c8:55:b2:9f:8b:21:
db:53:cf:4e:91:42:19:a4:0e:ea:b0:ab:b5:ac:8d:
8a:7f:fa:9e:f9:4b:5e:1f:4e:09:5a:3b:70:60:d7:
b5:29:9f:e3:ca:7c:6d:eb:1b:c2:12:60:37:83:87:
df:77:73:5b:cc:df:22:4b:c1:27:80:8f:a8:53:9c:
b2:fd:39:8a:53:91:9b:b4:43:9e:a4:b7:d6:8a:50:
4b:a8:28:32:09:a7:2c:87:43:96:67:73:e0:21:bc:
0b:42:b8:3d:28:89:61:1b:f3:cd:e8:7f:91:69:37:
dc:45:74:36:50:8f:51:61:47:e1:e2:1b:77:dd:35:
25:61:44:12:b5:84:93:a3:ef:2f:c5:d4:44:0f:04:
11:8f:6d:e1:61:92:e6:2b:64:52:68:c5:32:38:d1:
4d:59:bb:32:4d:ea:ad:57:e4:c3:e9:fd:75:d0:83:
4d:c8:7a:1b:1b:a7:76:92:6f:94:f6:9d:fb:bd:15:
e9:0f:b4:83:54:5f:6b:b1:b2:1e:09:a1:e8:dc:a6:
d0:ed:eb:dc:9d:dd:45:f0:a4:9a:9d:ae:40:c8:54:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.63.128.0/18
62.85.0.0/17
78.28.192.0/18
78.84.0.0/16
78.154.128.0/19
80.232.128.0/17
80.233.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
94.100.0.0/20
95.68.0.0/17
185.38.56.0/22
185.87.204.0/22
194.8.9.0/24
194.8.16.0-194.8.27.255
194.19.224.0/19
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
213.175.64.0/18
IPv6:
2a02:16d8::/32
2a02:2330::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5518
6747
6906
12578
47570
Signature Algorithm: sha256WithRSAEncryption
76:c1:c1:82:d4:35:c9:d9:40:da:5e:6c:b8:bd:84:18:78:d0:
b7:c4:c9:d2:60:b0:22:05:bb:f8:08:c9:fe:16:7d:bd:46:c3:
fb:15:ea:ca:72:15:e0:ae:43:fe:77:7d:70:06:b5:ae:0e:24:
4c:07:24:8c:eb:97:90:77:4f:cb:c1:ba:f2:88:97:0d:d7:36:
74:2b:87:0e:2c:fe:20:f9:d8:31:40:bf:3e:ce:f0:bf:34:1b:
f0:5f:ee:20:86:e9:15:63:19:2f:dd:48:35:3c:c0:c0:7c:79:
4b:5f:6c:13:9a:98:73:80:8a:33:d9:2b:51:c5:fc:54:2f:3f:
71:ae:af:8f:06:23:bb:1c:f7:71:de:70:d9:e7:72:26:10:6d:
37:90:f5:87:92:73:fc:52:94:c3:73:65:1f:37:a6:cb:fb:f9:
8b:4b:e7:c1:70:23:18:98:fe:62:a6:7d:32:f8:98:b5:01:e3:
a3:1d:32:ac:64:74:f3:21:b7:f3:b4:1e:66:9a:6d:a7:03:92:
ae:8c:12:61:09:a0:e1:74:ad:f5:5b:37:52:0f:27:66:4d:7b:
c6:f2:6e:e5:50:6e:2f:39:bb:90:35:bb:39:b4:27:c1:44:4b:
c2:60:70:d0:33:76:fc:7a:6d:d4:e1:75:32:fc:a9:46:33:3c:
66:1e:f8:62
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAZQj13TUeOy/6WPMiAM0k8YJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFD/qJMgMBU+F7X1vzh7ojla6D8k
mnIMJUqboV1dSTxK/ovsv5PIVbKfiyHbU89OkUIZpA7qsKu1rI2Kf/qe+UteH04J
WjtwYNe1KZ/jynxt6xvCEmA3g4ffd3NbzN8iS8EngI+oU5yy/TmKU5GbtEOepLfW
ilBLqCgyCacsh0OWZ3PgIbwLQrg9KIlhG/PN6H+RaTfcRXQ2UI9RYUfh4ht33TUl
YUQStYSTo+8vxdREDwQRj23hYZLmK2RSaMUyONFNWbsyTeqtV+TD6f110INNyHob
G6d2km+U9p37vRXpD7SDVF9rsbIeCaHo3KbQ7evcnd1F8KSana5AyFRfNwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFOO+B8sf1PHjySIwO2cKiBuC5hSRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzhmNWZh
ZS1kYTkwLTQzMTQtYmZmYy1kNGVlMWQzODllMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvOGY1ZmFl
LWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQSklqQTda
d3FJRzRMbUZKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHVBggrBgEF
BQcBBwEB/wSBxTCBwjCBqQQCAAEwgaIDAwAubQMEBj4/gAMEBz5VAAMEBk4cwAMD
AE5UAwQFTpqAAwQHUOiAAwQHUOmAAwMAUcYDBAdU7YADAwBXbjAMAwQEV/aQAwQG
V/aAAwQHW2kAAwQEXmQAAwQHX0QAAwQCuSY4AwQCuVfMAwQAwggJMAwDBATCCBAD
BALCCBgDBAXCE+ADBAXDAmADBAfDDYADBAXDciADBAXDegADBAbVr0AwFAQCAAIw
DgMFACoCFtgDBQMqAiMwMCoGCCsGAQUFBwEIAQH/BBswGaAXMBUCAhWOAgIaWwIC
GvoCAjEiAgMAudIwDQYJKoZIhvcNAQELBQADggEBAHbBwYLUNcnZQNpebLi9hBh4
0LfEydJgsCIFu/gIyf4Wfb1Gw/sV6spyFeCuQ/53fXAGta4OJEwHJIzrl5B3T8vB
uvKIlw3XNnQrhw4s/iD52DFAvz7O8L80G/Bf7iCG6RVjGS/dSDU8wMB8eUtfbBOa
mHOAijPZK1HF/FQvP3Gur48GI7sc93HecNnnciYQbTeQ9YeSc/xSlMNzZR83psv7
+YtL58FwIxiY/mKmfTL4mLUB46MdMqxkdPMht/O0HmaabacDkq6MEmEJoOF0rfVb
N1IPJ2ZNe8bybuVQbi85u5A1uzm0J8FES8JgcNAzdvx6bdThdTL8qUYzPGYe+GI=
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:56:13 2025 by rpki-client