Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
File: A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer (raw, json)
Hash identifier: isKkGWWDQfDK4QHetuFxVlwjxkBYZCm3iSEpAvHoi5M=
Subject key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7244A6C340A4A1A17A67CCE5A68C99D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:28:13 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 2.57.176.0/22
IP: 45.135.248.0/22
IP: 45.140.236.0/22
IP: 45.142.236.0/22
IP: 45.146.80.0/22
IP: 45.148.36.0/22
IP: 45.149.100.0/22
IP: 45.149.184.0/22
IP: 45.151.44.0/22
IP: 45.152.240.0/22
IP: 45.153.4.0/22
IP: 45.154.104.0/22
IP: 45.155.16.0/22
IP: 45.157.16.0/22
IP: 45.158.8.0/22
IP: 45.158.168.0/22
IP: 91.198.66.0/24
IP: 91.198.77.0/24
IP: 91.198.115.0/24
IP: 91.198.123.0/24
IP: 91.199.163.0/24
IP: 91.199.166.0/24
IP: 91.199.168.0/24
IP: 91.199.172.0/24
IP: 91.206.2.0/24
IP: 141.98.156.0/22
IP: 147.78.120.0/22
IP: 152.89.248.0/22
IP: 176.105.224.0/22
IP: 185.155.220.0/22
IP: 192.166.82.0/23
IP: 192.166.114.0/23
IP: 193.0.234.0/23
IP: 193.5.10.0/23
IP: 193.25.207.0/24
IP: 193.29.96.0/22
IP: 193.111.116.0/23
IP: 193.111.124.0/23
IP: 193.142.4.0/24
IP: 193.142.6.0/24
IP: 193.142.18.0/24
IP: 193.142.22.0/24
IP: 193.151.180.0/22
IP: 193.161.206.0/24
IP: 193.161.245.0/24
IP: 193.164.1.0/24
IP: 193.164.10.0/24
IP: 193.176.54.0/23
IP: 193.176.128.0/23
IP: 194.5.146.0 -- 194.5.149.255
IP: 194.104.156.0/24
IP: 194.104.158.0/24
IP: 194.105.5.0/24
IP: 194.105.21.0/24
IP: 194.113.222.0/23
IP: 194.113.226.0/23
IP: 194.147.4.0/22
IP: 195.20.98.0/23
IP: 195.20.104.0/23
IP: 195.206.230.0/23
IP: 195.206.234.0/23
IP: 212.80.192.0/22
IP: 2a03:8b80::/29
IP: 2a03:f100::/29
IP: 2a04:7a80::/29
IP: 2a04:f3c0::/29
IP: 2a04:f700::/29
IP: 2a05:5040::/29
IP: 2a05:b600::/29
IP: 2a05:c580::/29
IP: 2a06:7680::/29
IP: 2a06:99c0::/29
IP: 2a07:6a40::/29
IP: 2a07:fc40::/29
IP: 2a09:40::/29
IP: 2a09:c0::/29
IP: 2a09:1c0::/29
IP: 2a09:240::/29
IP: 2a09:2240::/29
IP: 2a09:22c0::/29
IP: 2a09:fe80::/29
IP: 2a0a:5700::/29
IP: 2a0b:2e40::/29
IP: 2a0b:ca00::/29
IP: 2a0c:1c00::/29
IP: 2a0c:2cc0::/29
IP: 2a0c:43c0::/29
IP: 2a0c:4e00::/29
IP: 2a10:8740::/29
IP: 2a10:e180::/29
IP: 2a10:e280::/29
IP: 2a10:ec80::/29
IP: 2a10:ed80::/29
IP: 2a10:ee80::/29
IP: 2a10:ef80::/29
IP: 2a10:f080::/29
IP: 2a10:f100::/29
IP: 2a10:f180::/29
IP: 2a10:f280::/29
IP: 2a10:fd80::/29
IP: 2a10:fe80::/29
IP: 2a10:ff80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:24:4a:6c:34:0a:4a:1a:17:a6:7c:ce:5a:68:c9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:28:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:83:a8:2c:77:f2:4d:58:33:ad:08:cc:e4:30:
32:31:68:8f:e3:db:12:44:7a:23:b7:72:53:9e:de:
ec:6c:a8:35:e8:ff:09:bb:fd:54:80:0a:18:de:ce:
69:55:d9:da:6b:a0:f0:62:19:34:ba:05:d7:06:d5:
b2:ab:32:aa:5a:53:21:1b:16:22:63:ae:b6:e2:ff:
3d:92:ce:9f:f3:b0:4e:c6:53:bd:5b:70:5f:11:fb:
09:fc:b2:6d:fd:3f:82:46:d5:1f:8f:06:1a:9a:2f:
1a:25:c1:6c:68:e6:92:a4:31:86:12:6a:8e:de:f0:
74:7b:45:be:ba:25:7f:e0:62:0d:ec:da:a1:fe:3b:
82:af:70:23:0a:e9:19:44:24:7f:2e:ce:06:77:06:
d2:f6:44:b5:57:31:01:02:77:e5:50:ff:ad:2f:8f:
a9:01:73:83:f1:a0:b8:ae:44:49:7c:2d:8b:3c:0c:
3e:79:e3:1b:c3:05:b7:80:ac:98:a3:b2:11:a2:98:
29:22:06:10:b7:24:e6:6c:c2:05:7b:63:a2:98:ea:
09:2a:a5:c5:ed:8a:fe:93:fe:c9:b6:74:39:49:eb:
2e:82:22:24:e5:e0:e0:9e:80:a6:1c:a1:df:1b:ba:
b0:3d:62:09:f2:f5:d3:f7:20:e1:1d:ed:2e:a8:9e:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.176.0/22
45.135.248.0/22
45.140.236.0/22
45.142.236.0/22
45.146.80.0/22
45.148.36.0/22
45.149.100.0/22
45.149.184.0/22
45.151.44.0/22
45.152.240.0/22
45.153.4.0/22
45.154.104.0/22
45.155.16.0/22
45.157.16.0/22
45.158.8.0/22
45.158.168.0/22
91.198.66.0/24
91.198.77.0/24
91.198.115.0/24
91.198.123.0/24
91.199.163.0/24
91.199.166.0/24
91.199.168.0/24
91.199.172.0/24
91.206.2.0/24
141.98.156.0/22
147.78.120.0/22
152.89.248.0/22
176.105.224.0/22
185.155.220.0/22
192.166.82.0/23
192.166.114.0/23
193.0.234.0/23
193.5.10.0/23
193.25.207.0/24
193.29.96.0/22
193.111.116.0/23
193.111.124.0/23
193.142.4.0/24
193.142.6.0/24
193.142.18.0/24
193.142.22.0/24
193.151.180.0/22
193.161.206.0/24
193.161.245.0/24
193.164.1.0/24
193.164.10.0/24
193.176.54.0/23
193.176.128.0/23
194.5.146.0-194.5.149.255
194.104.156.0/24
194.104.158.0/24
194.105.5.0/24
194.105.21.0/24
194.113.222.0/23
194.113.226.0/23
194.147.4.0/22
195.20.98.0/23
195.20.104.0/23
195.206.230.0/23
195.206.234.0/23
212.80.192.0/22
IPv6:
2a03:8b80::/29
2a03:f100::/29
2a04:7a80::/29
2a04:f3c0::/29
2a04:f700::/29
2a05:5040::/29
2a05:b600::/29
2a05:c580::/29
2a06:7680::/29
2a06:99c0::/29
2a07:6a40::/29
2a07:fc40::/29
2a09:40::/29
2a09:c0::/29
2a09:1c0::/29
2a09:240::/29
2a09:2240::/29
2a09:22c0::/29
2a09:fe80::/29
2a0a:5700::/29
2a0b:2e40::/29
2a0b:ca00::/29
2a0c:1c00::/29
2a0c:2cc0::/29
2a0c:43c0::/29
2a0c:4e00::/29
2a10:8740::/29
2a10:e180::/29
2a10:e280::/29
2a10:ec80::/29
2a10:ed80::/29
2a10:ee80::/29
2a10:ef80::/29
2a10:f080::/29
2a10:f100::/29
2a10:f180::/29
2a10:f280::/29
2a10:fd80::/29
2a10:fe80::/29
2a10:ff80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:38:6e:a1:33:ed:52:bc:fa:05:a6:3b:41:68:05:14:12:34:
0a:01:57:2f:49:4e:26:80:82:f1:f2:09:87:32:a2:56:22:b1:
f0:a2:ee:da:8b:ab:b4:3f:6b:30:dc:07:62:8c:a4:b5:3b:32:
ba:b9:e5:dc:df:fa:02:21:35:8d:d1:d0:74:df:08:10:a5:07:
3a:f6:a5:65:02:57:77:e7:65:d4:5b:f0:08:e8:88:e4:c7:20:
1b:ad:e3:9f:96:5b:b5:1d:cc:ff:d2:0e:62:ca:5e:9a:72:9a:
19:25:d6:a6:24:05:96:c2:d2:88:7c:00:64:40:96:b1:dc:15:
c8:90:4f:91:39:5e:30:08:c2:d6:4c:40:f4:b6:9c:26:6f:a0:
2e:b5:e6:40:24:54:c6:59:ee:5e:39:db:5d:b7:07:74:6f:a8:
e4:90:f3:bd:dc:17:70:c4:84:b5:13:e9:a2:1d:71:e8:e1:00:
bc:25:31:c8:08:16:94:f9:b4:b2:61:15:d6:86:50:ce:d7:16:
fc:e6:69:4e:83:2d:ca:48:6b:d4:27:ef:1a:a6:62:42:51:3c:
ec:cf:75:72:ca:fb:a0:96:22:3b:98:2e:50:9c:28:88:aa:d4:
d3:e6:bd:00:ce:54:99:c3:86:23:7d:44:85:dc:eb:b7:4d:45:
1e:d1:86:cd
-----BEGIN CERTIFICATE-----
MIIIODCCByCgAwIBAgISAYzHJEpsNApKGhemfM5aaMmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2IxYmEzZmRiOTFkOGQ5ZWE3NmM1Nzc2MzIwZWI3ZWIyZDZlZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YOoLHfyTVgzrQjM5DAyMWiP49sS
RHojt3JTnt7sbKg16P8Ju/1UgAoY3s5pVdnaa6DwYhk0ugXXBtWyqzKqWlMhGxYi
Y6624v89ks6f87BOxlO9W3BfEfsJ/LJt/T+CRtUfjwYami8aJcFsaOaSpDGGEmqO
3vB0e0W+uiV/4GIN7Nqh/juCr3AjCukZRCR/Ls4GdwbS9kS1VzEBAnflUP+tL4+p
AXOD8aC4rkRJfC2LPAw+eeMbwwW3gKyYo7IRopgpIgYQtyTmbMIFe2OimOoJKqXF
7Yr+k/7JtnQ5SesugiIk5eDgnoCmHKHfG7qwPWIJ8vXT9yDhHe0uqJ4TywIDAQAB
o4IFRDCCBUAwHQYDVR0OBBYEFAOxuj/bkdjZ6nbFd2Mg636y1u2dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBm
NTU1LWRiYTctNDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Zm
MGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJiODRlLzAvMDNCMUJBM0ZEQjkx
RDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjCCAsEGCCsGAQUFBwEHAQH/BIICsDCCAqwwggGE
BAIAATCCAXwDBAICObADBAIth/gDBAItjOwDBAItjuwDBAItklADBAItlCQDBAIt
lWQDBAItlbgDBAItlywDBAItmPADBAItmQQDBAItmmgDBAItmxADBAItnRADBAIt
nggDBAItnqgDBABbxkIDBABbxk0DBABbxnMDBABbxnsDBABbx6MDBABbx6YDBABb
x6gDBABbx6wDBABbzgIDBAKNYpwDBAKTTngDBAKYWfgDBAKwaeADBAK5m9wDBAHA
plIDBAHApnIDBAHBAOoDBAHBBQoDBADBGc8DBALBHWADBAHBb3QDBAHBb3wDBADB
jgQDBADBjgYDBADBjhIDBADBjhYDBALBl7QDBADBoc4DBADBofUDBADBpAEDBADB
pAoDBAHBsDYDBAHBsIAwDAMEAcIFkgMEAcIFlAMEAMJonAMEAMJongMEAMJpBQME
AMJpFQMEAcJx3gMEAcJx4gMEAsKTBAMEAcMUYgMEAcMUaAMEAcPO5gMEAcPO6gME
AtRQwDCCASAEAgACMIIBGAMFAyoDi4ADBQMqA/EAAwUDKgR6gAMFAyoE88ADBQMq
BPcAAwUDKgVQQAMFAyoFtgADBQMqBcWAAwUDKgZ2gAMFAyoGmcADBQMqB2pAAwUD
Kgf8QAMFAyoJAEADBQMqCQDAAwUDKgkBwAMFAyoJAkADBQMqCSJAAwUDKgkiwAMF
AyoJ/oADBQMqClcAAwUDKgsuQAMFAyoLygADBQMqDBwAAwUDKgwswAMFAyoMQ8AD
BQMqDE4AAwUDKhCHQAMFAyoQ4YADBQMqEOKAAwUDKhDsgAMFAyoQ7YADBQMqEO6A
AwUDKhDvgAMFAyoQ8IADBQMqEPEAAwUDKhDxgAMFAyoQ8oADBQMqEP2AAwUDKhD+
gAMFAyoQ/4AwDQYJKoZIhvcNAQELBQADggEBAF44bqEz7VK8+gWmO0FoBRQSNAoB
Vy9JTiaAgvHyCYcyolYisfCi7tqLq7Q/azDcB2KMpLU7Mrq55dzf+gIhNY3R0HTf
CBClBzr2pWUCV3fnZdRb8AjoiOTHIBut45+WW7UdzP/SDmLKXppymhkl1qYkBZbC
0oh8AGRAlrHcFciQT5E5XjAIwtZMQPS2nCZvoC615kAkVMZZ7l452123B3RvqOSQ
873cF3DEhLUT6aIdcejhALwlMcgIFpT5tLJhFdaGUM7XFvzmaU6DLcpIa9Qn7xqm
YkJRPOzPdXLK+6CWIjuYLlCcKIiq1NPmvQDOVJnDhiN9RIXc67dNRR7Rhs0=
-----END CERTIFICATE-----
Generated at Tue May 21 00:23:08 2024 by rpki-client on console-fra.rpki-client.org