Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
File: 250Zf7vuKh3MtPVXIqghDTEFsEI.cer (raw, json)
Hash identifier: H0wWRk3adH3/iCVcb4wDBnibNFyiWQLZAcHI8CKqsqg=
Subject key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3489831130E50DCDA2C0B0E911E88CE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:23 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8437
AS: 12635
AS: 15554
AS: 25255
AS: 213259
IP: 46.57.0.0/17
IP: 46.220.0.0/16
IP: 62.116.0.0/19
IP: 62.116.64.0/18
IP: 62.218.0.0/16
IP: 77.116.0.0/14
IP: 78.142.128.0/18
IP: 81.3.192.0/18
IP: 81.189.0.0/16
IP: 86.59.0.0/17
IP: 91.141.0.0/17
IP: 91.186.128.0/19
IP: 94.245.192.0/18
IP: 109.126.64.0/18
IP: 178.112.0.0/14
IP: 178.165.128.0/17
IP: 185.91.144.0/22
IP: 188.118.192.0/18
IP: 194.24.128.0/19
IP: 195.70.224.0/19
IP: 195.96.0.0/19
IP: 195.248.32.0/19
IP: 212.27.64.0/18
IP: 212.152.128.0/17
IP: 213.90.0.0/17
IP: 213.94.64.0/18
IP: 213.129.224.0/19
IP: 213.235.192.0/18
IP: 2001:858::/32
IP: 2001:938::/32
IP: 2001:4b68::/29
IP: 2a02:2860::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:98:31:13:0e:50:dc:da:2c:0b:0e:91:1e:88:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:46:3c:9b:a2:b8:09:03:bb:c7:73:57:d6:
b9:03:3d:8a:82:2e:70:6a:80:80:5c:d1:c3:90:e9:
dd:58:07:8f:f3:02:d2:bd:80:70:32:c1:34:06:fe:
74:be:50:da:88:05:37:41:16:a3:b5:36:62:33:73:
48:73:d1:52:7a:4c:4e:a6:9d:2d:b6:40:a4:27:74:
c5:ab:e9:2c:db:be:57:85:62:d7:52:a5:2c:61:c9:
89:6f:75:73:57:28:c0:a6:b1:28:be:29:9e:75:71:
ef:d9:07:81:45:98:4c:d1:37:15:87:a8:9e:9c:3c:
bb:f2:58:df:e6:1d:8c:4e:61:d4:94:ef:e8:f1:8e:
aa:f2:e3:b6:13:1c:e5:b5:80:a2:40:98:e9:96:2c:
5e:6d:02:c0:a3:e5:c1:ba:d3:ef:34:78:9f:2b:74:
97:15:ae:d8:3c:64:ba:41:90:36:25:ff:59:42:0e:
90:ab:f6:3e:a9:b8:ab:56:1d:e5:16:0a:19:ac:40:
ff:eb:3a:ab:ca:61:41:09:b8:1f:9f:d0:77:3d:4c:
5e:42:77:86:60:39:74:d9:52:71:17:be:51:db:ab:
83:9c:4d:0b:07:c1:fe:bc:56:39:05:af:79:f4:62:
d3:87:ba:53:23:57:86:9c:20:36:0c:ba:a5:0c:80:
06:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.0.0/17
46.220.0.0/16
62.116.0.0/19
62.116.64.0/18
62.218.0.0/16
77.116.0.0/14
78.142.128.0/18
81.3.192.0/18
81.189.0.0/16
86.59.0.0/17
91.141.0.0/17
91.186.128.0/19
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
185.91.144.0/22
188.118.192.0/18
194.24.128.0/19
195.70.224.0/19
195.96.0.0/19
195.248.32.0/19
212.27.64.0/18
212.152.128.0/17
213.90.0.0/17
213.94.64.0/18
213.129.224.0/19
213.235.192.0/18
IPv6:
2001:858::/32
2001:938::/32
2001:4b68::/29
2a02:2860::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8437
12635
15554
25255
213259
Signature Algorithm: sha256WithRSAEncryption
9e:5f:93:92:cc:b3:85:56:3c:74:bd:da:a3:60:3b:41:ed:47:
62:6f:14:31:72:80:b8:6e:eb:bf:67:73:63:79:21:f7:29:87:
dd:9b:e6:82:f3:58:7d:5e:ce:ae:34:27:69:fe:38:de:e6:d4:
c7:4e:0c:ee:bc:e0:69:e5:a0:9b:af:82:21:ac:de:93:51:d5:
01:5e:07:29:d9:03:67:32:7f:8f:ff:33:bb:a5:03:fc:90:51:
67:16:2a:f4:1a:da:0a:2d:23:a7:7e:67:66:3b:0e:67:16:ac:
92:8c:be:83:31:02:c5:db:9f:76:f3:df:14:ce:af:dd:62:55:
b0:89:12:fe:16:40:62:b6:45:7a:a8:8f:6a:30:9e:22:48:0e:
e0:39:6d:dc:ec:31:9d:54:09:3c:30:42:4f:ff:d5:be:cf:1f:
1e:22:af:59:a5:01:70:8e:f5:85:20:e3:1e:8f:65:e7:03:96:
f7:d3:bc:91:ea:5a:21:31:21:8e:b5:54:eb:0b:3d:27:3e:fb:
ec:22:d3:6a:04:09:a0:2d:3f:f3:06:d6:1d:a8:de:87:50:65:
09:01:a5:23:f0:3b:1f:f2:9c:db:3f:08:60:bc:fb:c4:08:7d:
e3:38:57:07:b5:0b:c6:3d:40:c8:ad:40:1b:28:f7:ca:96:a8:
b9:96:aa:52
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISAYzDSJgxEw5Q3NosCw6RHojOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjlkMTk3ZmJiZWUyYTFkY2NiNGY1NTcyMmE4MjEwZDMxMDViMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNZGPJuiuAkDu8dzV9a5Az2Kgi5w
aoCAXNHDkOndWAeP8wLSvYBwMsE0Bv50vlDaiAU3QRajtTZiM3NIc9FSekxOpp0t
tkCkJ3TFq+ks275XhWLXUqUsYcmJb3VzVyjAprEovimedXHv2QeBRZhM0TcVh6ie
nDy78ljf5h2MTmHUlO/o8Y6q8uO2ExzltYCiQJjplixebQLAo+XButPvNHifK3SX
Fa7YPGS6QZA2Jf9ZQg6Qq/Y+qbirVh3lFgoZrED/6zqrymFBCbgfn9B3PUxeQneG
YDl02VJxF75R26uDnE0LB8H+vFY5Ba959GLTh7pTI1eGnCA2DLqlDIAGewIDAQAB
o4IDdjCCA3IwHQYDVR0OBBYEFNudGX+77iodzLT1VyKoIQ0xBbBCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhLzA5ZDEz
Ny00NzdiLTRlZmUtYTNkMy00YjIzOTU2ZmJkODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvMDlkMTM3
LTQ3N2ItNGVmZS1hM2QzLTRiMjM5NTZmYmQ4Ni8xLzI1MFpmN3Z1S2gzTXRQVlhJ
cWdoRFRFRnNFSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHkBggrBgEF
BQcBBwEB/wSB1DCB0TCBqgQCAAEwgaMDBAcuOQADAwAu3AMEBT50AAMEBj50QAMD
AD7aAwMCTXQDBAZOjoADBAZRA8ADAwBRvQMEB1Y7AAMEB1uNAAMEBVu6gAMEBl71
wAMEBm1+QAMDArJwAwQHsqWAAwQCuVuQAwQGvHbAAwQFwhiAAwQFw0bgAwQFw2AA
AwQFw/ggAwQG1BtAAwQH1JiAAwQH1VoAAwQG1V5AAwQF1YHgAwQG1evAMCIEAgAC
MBwDBQAgAQhYAwUAIAEJOAMFAyABS2gDBQMqAihgMCoGCCsGAQUFBwEIAQH/BBsw
GaAXMBUCAiD1AgIxWwICPMICAmKnAgMDQQswDQYJKoZIhvcNAQELBQADggEBAJ5f
k5LMs4VWPHS92qNgO0HtR2JvFDFygLhu679nc2N5Ifcph92b5oLzWH1ezq40J2n+
ON7m1MdODO684GnloJuvgiGs3pNR1QFeBynZA2cyf4//M7ulA/yQUWcWKvQa2got
I6d+Z2Y7DmcWrJKMvoMxAsXbn3bz3xTOr91iVbCJEv4WQGK2RXqoj2owniJIDuA5
bdzsMZ1UCTwwQk//1b7PHx4ir1mlAXCO9YUg4x6PZecDlvfTvJHqWiExIY61VOsL
PSc+++wi02oECaAtP/MG1h2o3odQZQkBpSPwOx/ynNs/CGC8+8QIfeM4Vwe1C8Y9
QMitQBso98qWqLmWqlI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:00:57 2024 by rpki-client on console-ams.rpki-client.org