Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
File: 2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer (raw, json)
Hash identifier: xx9HLMu9X2brMWNn5Vx6rEWsRSg/nA++oebmS7g5SLs=
Subject key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01932F40D0560CFD95CBA8F4B50926543531
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 15 Nov 2024 09:56:37 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 29119
AS: 31577
AS: 56882
AS: 60494
IP: 5.35.200.0/21
IP: 5.154.0.0/17
IP: 5.154.172.0/23
IP: 5.154.185.0/24
IP: 5.154.234.0/23
IP: 5.154.241.0/24
IP: 5.159.240.0/21
IP: 31.3.120.0/21
IP: 31.14.200.0/21
IP: 31.200.240.0/21
IP: 37.72.0.0/19
IP: 37.153.88.0/21
IP: 37.209.160.0/21
IP: 37.230.64.0/19
IP: 45.252.236.0/22
IP: 46.251.252.0/22
IP: 78.136.64.0/18
IP: 83.136.184.0/21
IP: 84.232.0.0/17
IP: 84.236.128.0/17
IP: 85.204.140.0/22
IP: 86.104.24.0/23
IP: 86.104.27.0/24
IP: 86.105.156.0/22
IP: 88.148.0.0/17
IP: 89.32.160.0/21
IP: 89.34.120.0/22
IP: 89.35.148.0/22
IP: 89.37.227.0/24
IP: 89.40.80.0/24
IP: 89.40.203.0/24
IP: 89.43.74.0 -- 89.43.77.255
IP: 89.43.84.0/22
IP: 89.44.64.0/21
IP: 89.45.240.0/21
IP: 89.46.136.0/21
IP: 91.228.91.0/24
IP: 93.113.48.0/22
IP: 93.114.252.0/22
IP: 93.115.156.0/22
IP: 93.115.204.0/22
IP: 93.119.28.0/22
IP: 93.119.156.0/22
IP: 94.24.32.0/22
IP: 94.24.40.0/21
IP: 94.24.104.0/22
IP: 94.76.128.0/18
IP: 94.176.136.0/21
IP: 94.176.194.0/23
IP: 94.177.152.0/21
IP: 95.129.112.0/21
IP: 95.178.32.0/22
IP: 95.178.38.0/24
IP: 95.178.112.0/21
IP: 103.82.48.0/22
IP: 109.167.0.0/17
IP: 115.42.52.0/22
IP: 151.237.192.0/19
IP: 159.253.248.0/21
IP: 168.245.196.0/23
IP: 176.56.96.0/19
IP: 176.227.144.0/20
IP: 178.156.0.0/17
IP: 185.23.120.0/22
IP: 185.25.196.0/22
IP: 185.27.124.0/22
IP: 185.32.112.0/22
IP: 185.40.144.0/22
IP: 185.40.180.0/22
IP: 185.59.64.0/22
IP: 185.99.248.0/22
IP: 185.130.152.0/22
IP: 185.132.164.0/22
IP: 185.150.204.0/22
IP: 185.155.68.0/22
IP: 185.193.8.0/22
IP: 185.218.188.0/22
IP: 185.225.149.0 -- 185.225.151.255
IP: 185.226.231.0/24
IP: 188.64.96.0/21
IP: 188.227.128.0/19
IP: 188.240.36.0/22
IP: 188.240.43.0/24
IP: 212.63.124.0/22
IP: 212.237.236.0/22
IP: 213.170.224.0/19
IP: 217.61.64.0 -- 217.61.87.255
IP: 2a00:8a80::/29
IP: 2a00:f640::/29
IP: 2a02:69a0::/32
IP: 2a03:1cc0::/32
IP: 2a03:ae80::/32
IP: 2a07:6840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:40:d0:56:0c:fd:95:cb:a8:f4:b5:09:26:54:35:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 15 09:56:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:51:14:5e:4a:c4:35:86:fa:f0:1f:75:08:dc:
1c:1a:59:2a:22:23:64:1a:02:a6:ab:89:73:fa:af:
4f:7d:f4:da:d2:31:d4:e1:46:bf:a6:37:c6:23:b7:
a0:d0:a7:07:22:c2:43:c2:f5:8d:ca:cf:ec:40:c5:
4d:eb:17:80:47:31:8d:59:19:9e:c3:7e:0e:29:d5:
6d:ba:45:5e:45:fa:25:e5:b5:6c:60:b6:f6:98:1a:
7d:7b:ad:c7:a3:7d:c7:19:75:9d:45:3a:f5:49:00:
80:de:2b:2d:69:04:a3:e3:2d:75:0c:de:73:03:ab:
70:b7:40:07:79:6b:59:cf:c2:26:82:13:ac:27:50:
1a:6c:3b:87:f0:e8:37:7f:87:9e:4c:1b:60:01:89:
87:81:b8:48:ca:4f:c0:86:9a:4d:71:9f:d2:81:0f:
cd:b9:a7:f1:1e:d7:83:e1:ab:04:ac:da:5f:45:db:
52:01:4e:7d:c0:69:1e:f6:8a:ce:28:3f:e2:4c:cb:
02:9d:07:5d:93:46:65:17:78:93:36:f4:dd:0c:3f:
6b:8c:2b:39:56:b8:7c:ca:00:ad:cc:99:aa:7a:e1:
6e:94:46:eb:d5:44:b8:ce:c3:28:f0:b5:5b:eb:0a:
1e:c9:ca:62:06:2d:ed:11:b4:ff:5f:cc:1c:96:8d:
f4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.200.0/21
5.154.0.0/17
5.154.172.0/23
5.154.185.0/24
5.154.234.0/23
5.154.241.0/24
5.159.240.0/21
31.3.120.0/21
31.14.200.0/21
31.200.240.0/21
37.72.0.0/19
37.153.88.0/21
37.209.160.0/21
37.230.64.0/19
45.252.236.0/22
46.251.252.0/22
78.136.64.0/18
83.136.184.0/21
84.232.0.0/17
84.236.128.0/17
85.204.140.0/22
86.104.24.0/23
86.104.27.0/24
86.105.156.0/22
88.148.0.0/17
89.32.160.0/21
89.34.120.0/22
89.35.148.0/22
89.37.227.0/24
89.40.80.0/24
89.40.203.0/24
89.43.74.0-89.43.77.255
89.43.84.0/22
89.44.64.0/21
89.45.240.0/21
89.46.136.0/21
91.228.91.0/24
93.113.48.0/22
93.114.252.0/22
93.115.156.0/22
93.115.204.0/22
93.119.28.0/22
93.119.156.0/22
94.24.32.0/22
94.24.40.0/21
94.24.104.0/22
94.76.128.0/18
94.176.136.0/21
94.176.194.0/23
94.177.152.0/21
95.129.112.0/21
95.178.32.0/22
95.178.38.0/24
95.178.112.0/21
103.82.48.0/22
109.167.0.0/17
115.42.52.0/22
151.237.192.0/19
159.253.248.0/21
168.245.196.0/23
176.56.96.0/19
176.227.144.0/20
178.156.0.0/17
185.23.120.0/22
185.25.196.0/22
185.27.124.0/22
185.32.112.0/22
185.40.144.0/22
185.40.180.0/22
185.59.64.0/22
185.99.248.0/22
185.130.152.0/22
185.132.164.0/22
185.150.204.0/22
185.155.68.0/22
185.193.8.0/22
185.218.188.0/22
185.225.149.0-185.225.151.255
185.226.231.0/24
188.64.96.0/21
188.227.128.0/19
188.240.36.0/22
188.240.43.0/24
212.63.124.0/22
212.237.236.0/22
213.170.224.0/19
217.61.64.0-217.61.87.255
IPv6:
2a00:8a80::/29
2a00:f640::/29
2a02:69a0::/32
2a03:1cc0::/32
2a03:ae80::/32
2a07:6840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29119
31577
56882
60494
Signature Algorithm: sha256WithRSAEncryption
97:08:2f:32:e3:d4:29:56:46:4d:4f:46:de:cc:e3:ec:b1:65:
79:de:b8:f9:d5:83:ad:0a:da:af:2e:26:c6:73:27:61:5e:1a:
e7:7d:8e:96:04:25:5d:8d:fa:40:cf:ba:50:59:e3:a5:86:60:
40:39:2c:96:31:62:b2:01:56:0c:eb:3b:91:f7:f4:a8:fd:35:
97:84:8a:77:4b:21:4d:57:fc:c4:9f:b3:6d:9b:03:6e:a4:24:
35:32:c6:fd:3d:f2:d0:df:38:c8:46:28:a5:88:6b:99:cb:bd:
57:05:d9:a4:05:af:11:5e:4c:47:56:85:13:5b:13:27:42:62:
7d:5e:75:01:72:f8:15:3f:47:97:b7:1d:98:20:8e:44:40:d3:
52:8e:d6:30:24:78:53:dd:13:01:c6:e9:ac:9a:21:46:43:3e:
fd:e6:32:5e:5e:29:d8:09:6c:33:9d:bc:57:2a:15:52:e5:7e:
84:a3:0e:28:d7:0d:e7:fc:31:63:68:d5:ec:8f:d1:4c:27:67:
0f:34:1d:19:1a:57:32:c1:f3:15:b3:9e:49:59:f2:47:81:19:
ce:11:16:2e:ba:fd:94:98:a8:f5:47:c0:84:cf:c1:ca:19:d2:
eb:2c:a5:51:28:f4:74:f2:ad:3c:f2:26:53:9d:09:24:72:fe:
76:bc:25:6c
-----BEGIN CERTIFICATE-----
MIIH+TCCBuGgAwIBAgISAZMvQNBWDP2Vy6j0tQkmVDUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTE1MDk1NjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FEUXkrENYb68B91CNwcGlkqIiNk
GgKmq4lz+q9PffTa0jHU4Ua/pjfGI7eg0KcHIsJDwvWNys/sQMVN6xeARzGNWRme
w34OKdVtukVeRfol5bVsYLb2mBp9e63Ho33HGXWdRTr1SQCA3istaQSj4y11DN5z
A6twt0AHeWtZz8ImghOsJ1AabDuH8Og3f4eeTBtgAYmHgbhIyk/AhppNcZ/SgQ/N
uafxHteD4asErNpfRdtSAU59wGke9orOKD/iTMsCnQddk0ZlF3iTNvTdDD9rjCs5
Vrh8ygCtzJmqeuFulEbr1US4zsMo8LVb6woeycpiBi3tEbT/X8wclo30qwIDAQAB
o4IFBTCCBQEwHQYDVR0OBBYEFNqvF7ABXbt82ZLybN/wHE4mILc+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1L2M4OTcz
Yy0zY2ZhLTQ2MDQtODExMC1jZjA2ZDE5ODNiYTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvYzg5NzNj
LTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6Wmt2SnMz
X0FjVGlZZ3R6NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICdQYIKwYB
BQUHAQcBAf8EggJkMIICYDCCAioEAgABMIICIgMEAwUjyAMEBwWaAAMEAQWarAME
AAWauQMEAQWa6gMEAAWa8QMEAwWf8AMEAx8DeAMEAx8OyAMEAx/I8AMEBSVIAAME
AyWZWAMEAyXRoAMEBSXmQAMEAi387AMEAi77/AMEBk6IQAMEA1OIuAMEB1ToAAME
B1TsgAMEAlXMjAMEAVZoGAMEAFZoGwMEAlZpnAMEB1iUAAMEA1kgoAMEAlkieAME
AlkjlAMEAFkl4wMEAFkoUAMEAFkoyzAMAwQBWStKAwQBWStMAwQCWStUAwQDWSxA
AwQDWS3wAwQDWS6IAwQAW+RbAwQCXXEwAwQCXXL8AwQCXXOcAwQCXXPMAwQCXXcc
AwQCXXecAwQCXhggAwQDXhgoAwQCXhhoAwQGXkyAAwQDXrCIAwQBXrDCAwQDXrGY
AwQDX4FwAwQCX7IgAwQAX7ImAwQDX7JwAwQCZ1IwAwQHbacAAwQCcyo0AwQFl+3A
AwQDn/34AwQBqPXEAwQFsDhgAwQEsOOQAwQHspwAAwQCuRd4AwQCuRnEAwQCuRt8
AwQCuSBwAwQCuSiQAwQCuSi0AwQCuTtAAwQCuWP4AwQCuYKYAwQCuYSkAwQCuZbM
AwQCuZtEAwQCucEIAwQCudq8MAwDBAC54ZUDBAO54ZADBAC54ucDBAO8QGADBAW8
44ADBAK88CQDBAC88CsDBALUP3wDBALU7ewDBAXVquAwDAMEBtk9QAMEA9k9UDAw
BAIAAjAqAwUDKgCKgAMFAyoA9kADBQAqAmmgAwUAKgMcwAMFACoDroADBQMqB2hA
MCcGCCsGAQUFBwEIAQH/BBgwFqAUMBICAnG/AgJ7WQIDAN4yAgMA7E4wDQYJKoZI
hvcNAQELBQADggEBAJcILzLj1ClWRk1PRt7M4+yxZXneuPnVg60K2q8uJsZzJ2Fe
Gud9jpYEJV2N+kDPulBZ46WGYEA5LJYxYrIBVgzrO5H39Kj9NZeEindLIU1X/MSf
s22bA26kJDUyxv098tDfOMhGKKWIa5nLvVcF2aQFrxFeTEdWhRNbEydCYn1edQFy
+BU/R5e3HZggjkRA01KO1jAkeFPdEwHG6ayaIUZDPv3mMl5eKdgJbDOdvFcqFVLl
foSjDijXDef8MWNo1eyP0UwnZw80HRkaVzLB8xWznklZ8keBGc4RFi66/ZSYqPVH
wITPwcoZ0usspVEo9HTyrTzyJlOdCSRy/na8JWw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:34:41 2024 by rpki-client on console-fra.rpki-client.org