Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/WVskOnIz5XHDwXPrgkkRGQYyYBk.cer
File: WVskOnIz5XHDwXPrgkkRGQYyYBk.cer (raw, json)
Hash identifier: 8Q1EmiXGF4Piq0Ho+yC40LrLlogXylQpmFRRymIXPSU=
Subject key identifier: 59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019634AB6BA0EE8FE18D2E65BE1FB48342BF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/WVskOnIz5XHDwXPrgkkRGQYyYBk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 14 Apr 2025 14:19:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 39824
IP: 46.36.128.0/19
IP: 62.84.32.0/19
IP: 79.134.32.0/20
IP: 80.249.137.0 -- 80.249.143.255
IP: 80.249.152.0/21
IP: 81.88.144.0/20
IP: 109.239.32.0/20
IP: 185.98.76.0/22
IP: 185.98.88.0/22
IP: 185.100.224.0/22
IP: 185.102.116.0/22
IP: 185.102.128.0/22
IP: 185.103.168.0/22
IP: 185.103.176.0/22
IP: 185.103.184.0/22
IP: 185.106.156.0/22
IP: 212.45.80.0/20
IP: 213.232.196.0/23
IP: 213.232.201.0/24
IP: 213.232.218.0 -- 213.232.224.255
IP: 213.232.230.0/23
IP: 213.232.242.0 -- 213.232.244.255
IP: 213.232.246.0/23
IP: 2a06:1a00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:ab:6b:a0:ee:8f:e1:8d:2e:65:be:1f:b4:83:42:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 14 14:19:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=595b243a7233e571c3c173eb8249111906326019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:45:03:ce:15:8b:66:2f:39:09:c4:75:e1:
f4:00:cf:fd:7f:12:e1:fb:2e:57:59:01:da:71:b6:
89:f9:5a:8c:1f:32:83:af:75:67:2e:3e:f2:ef:a5:
b0:74:d8:b6:84:f9:2a:2a:4f:5e:5f:da:d9:f6:3d:
5a:bc:60:5f:6a:2d:e1:89:92:d7:67:63:86:7f:a3:
55:c1:a2:22:c4:63:34:1c:2c:c6:01:8e:2f:d6:78:
68:7e:6a:4b:73:71:e8:77:41:2e:49:69:14:47:94:
2e:44:18:91:7e:71:29:6f:fd:54:4c:52:57:6a:0a:
da:f2:58:8b:21:cc:15:cd:1b:d2:d8:62:dd:ca:ea:
c5:d3:7c:d8:e3:2e:0e:30:57:af:db:5c:d0:57:91:
26:d3:7b:05:2e:7b:f9:cd:40:af:84:df:17:4d:b2:
5f:97:d6:e7:d6:1b:b5:3f:d1:a1:56:3b:8b:d0:d0:
d1:26:63:d9:e7:6f:ea:d9:3f:7e:5f:49:9e:46:bd:
9e:f9:e7:7e:b1:7c:b6:43:f0:7c:ff:f5:dc:e3:d8:
87:80:79:dc:33:22:bd:b9:c9:a2:b8:9b:a5:60:55:
8f:98:12:df:81:00:72:b2:b9:2a:b6:1a:3c:0b:e2:
39:b4:22:e8:d7:df:46:98:c3:d6:f7:ab:d0:85:40:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5B:24:3A:72:33:E5:71:C3:C1:73:EB:82:49:11:19:06:32:60:19
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/e9e087-e768-44d8-9ec8-88e4466915f8/1/WVskOnIz5XHDwXPrgkkRGQYyYBk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.128.0/19
62.84.32.0/19
79.134.32.0/20
80.249.137.0-80.249.143.255
80.249.152.0/21
81.88.144.0/20
109.239.32.0/20
185.98.76.0/22
185.98.88.0/22
185.100.224.0/22
185.102.116.0/22
185.102.128.0/22
185.103.168.0/22
185.103.176.0/22
185.103.184.0/22
185.106.156.0/22
212.45.80.0/20
213.232.196.0/23
213.232.201.0/24
213.232.218.0-213.232.224.255
213.232.230.0/23
213.232.242.0-213.232.244.255
213.232.246.0/23
IPv6:
2a06:1a00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39824
Signature Algorithm: sha256WithRSAEncryption
62:31:57:6b:ce:80:51:17:32:90:95:d8:33:2a:f3:60:f5:01:
99:33:53:d1:83:9a:a3:cf:0f:b0:c4:f2:01:bc:5a:b6:42:44:
9f:93:52:af:48:1d:93:cb:31:f7:b2:d2:e1:4b:40:68:56:d0:
e8:72:96:aa:61:56:77:e3:cf:8e:0f:f6:94:27:dc:c0:fc:50:
cb:27:71:c7:ed:28:6a:33:d3:ac:44:99:88:a0:0b:03:0f:f9:
17:ea:54:3c:44:a4:31:67:40:2f:2e:f9:7c:e0:ed:08:b4:1e:
4a:c4:70:bf:9b:b8:6c:64:2f:2d:ff:23:04:69:46:10:68:e0:
0b:49:e9:4b:77:42:c2:b8:3e:9b:a7:98:b6:7e:80:f7:03:24:
1f:0d:ae:72:40:c4:b2:52:9e:a1:ee:66:d3:c8:89:6b:78:64:
05:66:1e:7c:60:d4:71:80:8b:c2:e1:8c:0c:6b:30:b0:a9:9d:
28:07:17:c2:d6:c5:f5:99:7f:1b:4c:75:11:f8:1d:32:af:61:
24:74:5c:ce:d4:ed:1e:58:0f:3b:32:e7:d4:89:e6:94:ef:74:
7f:c1:5e:61:6f:f4:49:5d:b7:76:36:19:2f:b8:73:f3:b9:3a:
46:ab:cf:a8:39:e8:18:bb:c7:ea:1c:7e:f1:79:54:4a:52:74:
74:02:b0:f0
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgISAZY0q2ug7o/hjS5lvh+0g0K/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDE0MTQxOTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTViMjQzYTcyMzNlNTcxYzNjMTczZWI4MjQ5MTExOTA2MzI2MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutBFA84Vi2YvOQnEdeH0AM/9fxLh
+y5XWQHacbaJ+VqMHzKDr3VnLj7y76WwdNi2hPkqKk9eX9rZ9j1avGBfai3hiZLX
Z2OGf6NVwaIixGM0HCzGAY4v1nhofmpLc3Hod0EuSWkUR5QuRBiRfnEpb/1UTFJX
agra8liLIcwVzRvS2GLdyurF03zY4y4OMFev21zQV5Em03sFLnv5zUCvhN8XTbJf
l9bn1hu1P9GhVjuL0NDRJmPZ52/q2T9+X0meRr2e+ed+sXy2Q/B8//Xc49iHgHnc
MyK9ucmiuJulYFWPmBLfgQBysrkqtho8C+I5tCLo199GmMPW96vQhUAK3QIDAQAB
o4IDUDCCA0wwHQYDVR0OBBYEFFlbJDpyM+Vxw8Fz64JJERkGMmAZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0L2U5ZTA4
Ny1lNzY4LTQ0ZDgtOWVjOC04OGU0NDY2OTE1ZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvZTllMDg3
LWU3NjgtNDRkOC05ZWM4LTg4ZTQ0NjY5MTVmOC8xL1dWc2tPbkl6NVhIRHdYUHJn
a2tSR1FZeVlCay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHOBggrBgEF
BQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUuJIADBAU+VCADBARPhiAwDAMEAFD5
iQMEBFD5gAMEA1D5mAMEBFFYkAMEBG3vIAMEArliTAMEArliWAMEArlk4AMEArlm
dAMEArlmgAMEArlnqAMEArlnsAMEArlnuAMEArlqnAMEBNQtUAMEAdXoxAMEANXo
yTAMAwQB1ejaAwQA1ejgAwQB1ejmMAwDBAHV6PIDBADV6PQDBAHV6PYwDQQCAAIw
BwMFAyoGGgAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAJuQMA0GCSqGSIb3DQEB
CwUAA4IBAQBiMVdrzoBRFzKQldgzKvNg9QGZM1PRg5qjzw+wxPIBvFq2QkSfk1Kv
SB2TyzH3stLhS0BoVtDocpaqYVZ348+OD/aUJ9zA/FDLJ3HH7ShqM9OsRJmIoAsD
D/kX6lQ8RKQxZ0AvLvl84O0ItB5KxHC/m7hsZC8t/yMEaUYQaOALSelLd0LCuD6b
p5i2foD3AyQfDa5yQMSyUp6h7mbTyIlreGQFZh58YNRxgIvC4YwMazCwqZ0oBxfC
1sX1mX8bTHUR+B0yr2EkdFzO1O0eWA87MufUieaU73R/wV5hb/RJXbd2NhkvuHPz
uTpGq8+oOegYu8fqHH7xeVRKUnR0ArDw
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:47:19 2025 by rpki-client