Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-PvIQVghSG6P4IYLW-w-koO4A4U.cer
File: 1-PvIQVghSG6P4IYLW-w-koO4A4U.cer (raw, json)
Hash identifier: k6JYJCu7v8zfiV0tW9rA7KTGoA3xH/DrlUspfVdFZMo=
Subject key identifier: F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942067F0A7AF1BD6E0277A6C3BFED2496B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/1-PvIQVghSG6P4IYLW-w-koO4A4U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 31169
IP: 37.18.48.0/21
IP: 45.134.208.0/22
IP: 45.144.76.0/22
IP: 79.170.80.0/21
IP: 84.247.63.0/24
IP: 89.34.22.0/23
IP: 89.45.165.0/24
IP: 91.126.0.0/20
IP: 92.114.96.0/23
IP: 185.28.128.0/22
IP: 193.247.181.0/24
IP: 193.247.183.0/24
IP: 193.247.192.0/24
IP: 193.247.202.0/24
IP: 194.104.97.0 -- 194.104.98.255
IP: 194.104.112.0/24
IP: 194.104.126.0/24
IP: 195.88.32.0/23
IP: 217.17.208.0/20
IP: 2a04:2740::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f0:a7:af:1b:d6:e0:27:7a:6c:3b:fe:d2:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8fbc8415821486e8fe0860b5bec3e9283b80385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:66:ee:1f:ca:5f:1a:ae:6b:48:b7:1a:85:
e9:a0:7e:f2:c3:2d:b3:1a:9d:60:51:6a:b9:77:38:
42:d5:95:f1:31:c7:96:0a:ba:e4:7f:81:ae:b3:6f:
c0:50:6f:4b:3c:ee:70:26:6f:36:d5:1d:aa:9d:ba:
23:96:42:44:1b:b4:18:c9:2e:9e:90:40:99:58:a5:
42:f9:31:a6:d1:53:09:54:9d:9f:26:b7:3f:e2:da:
48:b8:ca:f5:05:fb:26:23:24:ed:b6:a5:83:8e:e2:
36:26:76:10:26:af:8e:3d:bb:78:b9:74:ed:80:12:
62:eb:df:2f:87:17:8c:e5:68:cc:bf:13:2d:6f:62:
f9:d3:7a:6f:c9:9b:d6:10:5e:82:c2:3f:70:aa:0a:
0b:60:db:82:5d:b7:61:a5:36:5b:e0:f5:55:f6:ee:
48:dd:9a:8f:05:f7:71:08:bb:5c:13:d1:fc:77:a8:
cf:d3:c6:24:1f:73:fb:90:7b:80:3b:4f:5c:56:fa:
43:c4:c5:58:8c:17:f3:a3:fb:4b:cc:62:a6:bd:1f:
0c:46:9b:e0:65:97:04:21:c6:12:0b:fa:19:6d:9d:
f2:ea:32:a2:07:d6:a7:75:12:bf:26:10:0f:56:8f:
3a:d2:90:06:b3:f3:24:48:ed:a9:50:fb:74:61:f9:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FB:C8:41:58:21:48:6E:8F:E0:86:0B:5B:EC:3E:92:83:B8:03:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/361c57-ea42-47e2-a68f-ec967b511d7f/1/1-PvIQVghSG6P4IYLW-w-koO4A4U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.48.0/21
45.134.208.0/22
45.144.76.0/22
79.170.80.0/21
84.247.63.0/24
89.34.22.0/23
89.45.165.0/24
91.126.0.0/20
92.114.96.0/23
185.28.128.0/22
193.247.181.0/24
193.247.183.0/24
193.247.192.0/24
193.247.202.0/24
194.104.97.0-194.104.98.255
194.104.112.0/24
194.104.126.0/24
195.88.32.0/23
217.17.208.0/20
IPv6:
2a04:2740::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
31169
Signature Algorithm: sha256WithRSAEncryption
38:1e:f5:f4:89:2c:4b:25:83:38:7c:a5:e7:20:fa:c7:bc:50:
bf:63:44:56:5d:08:a8:9a:d8:b8:43:ec:ae:1f:94:06:29:cc:
9a:85:31:82:fd:01:62:c0:f1:7d:82:a9:d5:2b:b9:ca:93:a0:
e8:b5:d8:a1:55:9a:6c:d4:9a:dc:46:05:f6:e4:3d:5f:ba:8c:
ba:8c:a4:83:49:f2:e1:0a:28:bf:9f:bb:19:98:a9:7e:2b:70:
5d:c3:77:e6:59:30:e7:1e:82:f1:8e:7d:f9:ad:da:cb:a1:ea:
30:68:ed:d3:4a:ef:6c:c6:1f:ed:2a:02:e2:40:42:a3:f4:90:
7c:9b:21:2d:a6:24:13:de:1a:61:da:04:f6:5b:8a:de:e5:74:
e3:6b:04:3f:55:21:f8:f1:36:4f:9c:3c:be:b6:c0:23:cf:69:
e9:8a:08:fa:68:4f:1a:85:ce:b6:6d:bc:75:d6:97:2c:e0:bb:
82:8e:37:81:dc:53:f2:f7:29:6e:28:12:49:c2:6b:db:cb:b5:
51:ef:3b:7b:f7:1e:aa:49:ac:3e:be:20:34:15:fa:bd:c3:4e:
bf:e9:11:76:3b:52:80:2b:32:7a:5f:14:46:10:25:0b:74:25:
05:fe:4e:61:5e:56:38:ec:7e:b9:24:44:66:66:d2:5c:74:3d:
4c:1c:0f:9b
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZQgZ/CnrxvW4Cd6bDv+0klrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZiYzg0MTU4MjE0ODZlOGZlMDg2MGI1YmVjM2U5MjgzYjgwMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpVm7h/KXxqua0i3GoXpoH7ywy2z
Gp1gUWq5dzhC1ZXxMceWCrrkf4Gus2/AUG9LPO5wJm821R2qnbojlkJEG7QYyS6e
kECZWKVC+TGm0VMJVJ2fJrc/4tpIuMr1BfsmIyTttqWDjuI2JnYQJq+OPbt4uXTt
gBJi698vhxeM5WjMvxMtb2L503pvyZvWEF6Cwj9wqgoLYNuCXbdhpTZb4PVV9u5I
3ZqPBfdxCLtcE9H8d6jP08YkH3P7kHuAO09cVvpDxMVYjBfzo/tLzGKmvR8MRpvg
ZZcEIcYSC/oZbZ3y6jKiB9andRK/JhAPVo860pAGs/MkSO2pUPt0YflkhQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFPj7yEFYIUhuj+CGC1vsPpKDuAOFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBhLzM2MWM1
Ny1lYTQyLTQ3ZTItYTY4Zi1lYzk2N2I1MTFkN2YvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvMzYxYzU3
LWVhNDItNDdlMi1hNjhmLWVjOTY3YjUxMWQ3Zi8xLzEtUHZJUVZnaFNHNlA0SVlM
Vy13LWtvTzRBNFUubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpQYIKwYB
BQUHAQcBAf8EgZUwgZIwgYAEAgABMHoDBAMlEjADBAIthtADBAItkEwDBANPqlAD
BABU9z8DBAFZIhYDBABZLaUDBARbfgADBAFccmADBAK5HIADBADB97UDBADB97cD
BADB98ADBADB98owDAMEAMJoYQMEAMJoYgMEAMJocAMEAMJofgMEAcNYIAMEBNkR
0DANBAIAAjAHAwUDKgQnQDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgJ5wTANBgkq
hkiG9w0BAQsFAAOCAQEAOB719IksSyWDOHyl5yD6x7xQv2NEVl0IqJrYuEPsrh+U
BinMmoUxgv0BYsDxfYKp1Su5ypOg6LXYoVWabNSa3EYF9uQ9X7qMuoykg0ny4Qoo
v5+7GZipfitwXcN35lkw5x6C8Y59+a3ay6HqMGjt00rvbMYf7SoC4kBCo/SQfJsh
LaYkE94aYdoE9luK3uV042sEP1Uh+PE2T5w8vrbAI89p6YoI+mhPGoXOtm28ddaX
LOC7go43gdxT8vcpbigSScJr28u1Ue87e/ceqkmsPr4gNBX6vcNOv+kRdjtSgCsy
el8URhAlC3QlBf5OYV5WOOx+uSREZmbSXHQ9TBwPmw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:31 2025 by rpki-client