Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
File: 3T1AERdeXfej9X0454FQosBf3R0.cer (raw, json)
Hash identifier: 68iN9C6vQSz1H/aYsJp4c1x/nIHVmiAL0fBOz0aCg2U=
Subject key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E9F1DA56AED02D375CF3F0410E016AF8A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Apr 2024 14:01:44 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 206805
IP: 45.84.152.0/22
IP: 45.145.188.0/22
IP: 80.85.248.0/21
IP: 176.119.0.0/21
IP: 178.159.32.0/23
IP: 185.159.111.0/24
IP: 185.228.48.0/22
IP: 185.247.192.0/22
IP: 188.64.149.0 -- 188.64.151.255
IP: 193.19.100.0/23
IP: 193.141.230.0/23
IP: 193.142.20.0/23
IP: 193.246.144.0/24
IP: 193.246.150.0/24
IP: 193.246.153.0/24
IP: 193.246.159.0/24
IP: 2a0c:ee00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a5:6a:ed:02:d3:75:cf:3f:04:10:e0:16:af:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:97:22:32:df:52:95:3a:9e:e3:82:4a:fa:cc:
9e:88:3c:6a:ab:da:f8:6b:f6:c5:65:6c:a1:95:8c:
1d:e4:4b:d3:da:bb:da:6b:32:8e:95:d8:ff:3e:de:
b3:a4:23:25:ba:a4:ab:e4:92:ca:d3:e1:44:70:bd:
9a:90:87:6a:04:df:71:99:ff:32:4c:4f:e4:52:6f:
4c:62:3d:c3:c8:5e:7c:d0:f3:31:69:13:44:19:ff:
ef:36:0a:68:27:d3:b5:6c:2e:83:bd:95:94:f7:6d:
0e:63:1c:dd:69:d4:f4:c0:81:89:cf:99:b2:fd:db:
c3:e0:db:f7:7d:e9:72:26:ed:aa:e1:df:6c:e8:f1:
4f:f5:a4:9f:cf:14:e4:6a:3b:a8:b1:3a:f7:de:84:
76:02:4a:e0:4d:5d:c4:c5:ff:15:b3:4c:99:b3:bb:
98:1f:ff:5a:1b:4c:a1:08:9f:81:03:d2:16:cc:98:
86:3e:98:6a:08:94:c2:c5:33:bd:15:8f:32:d1:a4:
47:c8:dd:0b:99:a8:f7:a6:af:79:26:23:76:1b:67:
92:80:69:b3:4e:21:32:ee:a4:e5:c1:c1:22:e9:0e:
19:6b:8c:24:50:23:41:7e:de:e1:2a:56:0f:17:ed:
be:24:f3:d6:3e:bd:ca:ea:e5:ac:57:2d:48:c7:2a:
f9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
176.119.0.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
IPv6:
2a0c:ee00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206805
Signature Algorithm: sha256WithRSAEncryption
3d:c1:31:10:25:67:52:59:bd:5a:cb:6b:f6:55:f4:58:6c:f1:
e2:c6:de:4a:20:84:81:4f:b5:1b:b6:f5:56:53:d8:fe:0c:0a:
9a:89:91:95:d0:fd:2d:8a:d8:4f:a7:bd:26:0b:91:94:96:d6:
a3:61:cb:b4:f6:08:94:aa:aa:19:eb:01:b4:78:b3:45:d8:46:
87:c2:1b:c9:f6:57:46:78:db:98:b6:98:03:40:c3:4f:43:74:
20:cc:8b:2c:84:a9:74:00:f6:62:e1:98:ce:90:41:10:7c:25:
7b:55:a2:b8:3d:57:62:b3:0b:0e:03:3b:09:f5:90:6b:d0:c0:
67:84:1f:60:9f:b2:ad:1c:58:ac:09:c4:ec:38:c7:3e:75:6d:
b6:30:ba:36:03:ea:4c:c2:f4:26:db:e3:fb:ab:c7:c6:cf:32:
02:d3:a2:2a:4d:83:22:ae:e2:43:21:92:27:cc:2d:65:1c:62:
b7:02:74:d1:77:24:bc:10:3a:88:f0:3b:a3:f0:e3:04:b2:78:
e7:6f:cd:03:fb:99:e8:ad:f8:f7:91:e6:9b:1a:f4:a3:f7:e9:
df:18:bc:2a:3b:ac:ab:ca:a8:53:1d:9c:c3:1c:6e:5c:ce:d0:
b8:66:21:13:0e:ca:40:45:55:c0:cc:5a:b5:64:3c:42:ad:c6:
d1:bf:a5:6c
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAY6fHaVq7QLTdc8/BBDgFq+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNkNDAxMTE3NWU1ZGY3YTNmNTdkMzhlNzgxNTBhMmMwNWZkZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJciMt9SlTqe44JK+syeiDxqq9r4
a/bFZWyhlYwd5EvT2rvaazKOldj/Pt6zpCMluqSr5JLK0+FEcL2akIdqBN9xmf8y
TE/kUm9MYj3DyF580PMxaRNEGf/vNgpoJ9O1bC6DvZWU920OYxzdadT0wIGJz5my
/dvD4Nv3felyJu2q4d9s6PFP9aSfzxTkajuosTr33oR2AkrgTV3Exf8Vs0yZs7uY
H/9aG0yhCJ+BA9IWzJiGPphqCJTCxTO9FY8y0aRHyN0Lmaj3pq95JiN2G2eSgGmz
TiEy7qTlwcEi6Q4Za4wkUCNBft7hKlYPF+2+JPPWPr3K6uWsVy1Ixyr5hwIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFN09QBEXXl33o/V9OOeBUKLAX90dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNlLzMwODU4
OS05MmZlLTQ1OTMtOTNlNC0yZDBhNzhiZTg5MmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMzA4NTg5
LTkyZmUtNDU5My05M2U0LTJkMGE3OGJlODkyZC8xLzNUMUFFUmRlWGZlajlYMDQ1
NEZRb3NCZjNSMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF
BQcBBwEB/wSBgTB/MG4EAgABMGgDBAItVJgDBAItkbwDBANQVfgDBAOwdwADBAGy
nyADBAC5n28DBAK55DADBAK598AwDAMEALxAlQMEA7xAkAMEAcETZAMEAcGN5gME
AcGOFAMEAMH2kAMEAMH2lgMEAMH2mQMEAMH2nzANBAIAAjAHAwUDKgzuADAaBggr
BgEFBQcBCAEB/wQLMAmgBzAFAgMDJ9UwDQYJKoZIhvcNAQELBQADggEBAD3BMRAl
Z1JZvVrLa/ZV9Fhs8eLG3koghIFPtRu29VZT2P4MCpqJkZXQ/S2K2E+nvSYLkZSW
1qNhy7T2CJSqqhnrAbR4s0XYRofCG8n2V0Z425i2mANAw09DdCDMiyyEqXQA9mLh
mM6QQRB8JXtVorg9V2KzCw4DOwn1kGvQwGeEH2Cfsq0cWKwJxOw4xz51bbYwujYD
6kzC9Cbb4/urx8bPMgLToipNgyKu4kMhkifMLWUcYrcCdNF3JLwQOojwO6Pw4wSy
eOdvzQP7meit+PeR5psa9KP36d8YvCo7rKvKqFMdnMMcblzO0LhmIRMOykBFVcDM
WrVkPEKtxtG/pWw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:00 2024 by rpki-client on console-fra.rpki-client.org