Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
File: 474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer (raw, json)
Hash identifier: xqrggDUPAsI4W66a+pmq08ORvlCMUHaggwQhW+wwS9M=
Subject key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F87E5EE74592CA1EFF10E29B403D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:30:01 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 5518
AS: 6747
AS: 6906
AS: 12578
AS: 47570
IP: 46.109.0.0/16
IP: 62.63.128.0/18
IP: 62.85.0.0/17
IP: 78.28.192.0/18
IP: 78.84.0.0/16
IP: 78.154.128.0/19
IP: 80.232.128.0/17
IP: 80.233.128.0/17
IP: 81.198.0.0/16
IP: 84.237.128.0/17
IP: 87.110.0.0/16
IP: 87.246.144.0 -- 87.246.191.255
IP: 91.105.0.0/17
IP: 94.100.0.0/20
IP: 95.68.0.0/17
IP: 185.38.56.0/22
IP: 185.87.204.0/22
IP: 194.8.9.0/24
IP: 194.8.16.0 -- 194.8.27.255
IP: 194.19.224.0/19
IP: 195.2.96.0/19
IP: 195.13.128.0/17
IP: 195.114.32.0/19
IP: 195.122.0.0/19
IP: 213.175.64.0/18
IP: 2a02:16d8::/32
IP: 2a02:2330::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Apr 2024 17:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:87:e5:ee:74:59:2c:a1:ef:f1:0e:29:b4:03:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:ff:a8:93:20:30:15:3e:17:b5:f5:bf:38:
7b:a2:39:5a:e8:3f:24:9a:72:0c:25:4a:9b:a1:5d:
5d:49:3c:4a:fe:8b:ec:bf:93:c8:55:b2:9f:8b:21:
db:53:cf:4e:91:42:19:a4:0e:ea:b0:ab:b5:ac:8d:
8a:7f:fa:9e:f9:4b:5e:1f:4e:09:5a:3b:70:60:d7:
b5:29:9f:e3:ca:7c:6d:eb:1b:c2:12:60:37:83:87:
df:77:73:5b:cc:df:22:4b:c1:27:80:8f:a8:53:9c:
b2:fd:39:8a:53:91:9b:b4:43:9e:a4:b7:d6:8a:50:
4b:a8:28:32:09:a7:2c:87:43:96:67:73:e0:21:bc:
0b:42:b8:3d:28:89:61:1b:f3:cd:e8:7f:91:69:37:
dc:45:74:36:50:8f:51:61:47:e1:e2:1b:77:dd:35:
25:61:44:12:b5:84:93:a3:ef:2f:c5:d4:44:0f:04:
11:8f:6d:e1:61:92:e6:2b:64:52:68:c5:32:38:d1:
4d:59:bb:32:4d:ea:ad:57:e4:c3:e9:fd:75:d0:83:
4d:c8:7a:1b:1b:a7:76:92:6f:94:f6:9d:fb:bd:15:
e9:0f:b4:83:54:5f:6b:b1:b2:1e:09:a1:e8:dc:a6:
d0:ed:eb:dc:9d:dd:45:f0:a4:9a:9d:ae:40:c8:54:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.63.128.0/18
62.85.0.0/17
78.28.192.0/18
78.84.0.0/16
78.154.128.0/19
80.232.128.0/17
80.233.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
94.100.0.0/20
95.68.0.0/17
185.38.56.0/22
185.87.204.0/22
194.8.9.0/24
194.8.16.0-194.8.27.255
194.19.224.0/19
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
213.175.64.0/18
IPv6:
2a02:16d8::/32
2a02:2330::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5518
6747
6906
12578
47570
Signature Algorithm: sha256WithRSAEncryption
4a:f8:2a:5a:5f:37:c8:2a:ec:65:a8:f2:40:4b:e2:5e:d9:98:
e9:8a:b1:99:5e:ac:67:89:8b:b0:82:10:d1:fa:38:43:11:c4:
b0:9c:8a:eb:79:5f:bd:d3:1b:ee:7d:f0:3e:2c:1e:94:72:3e:
09:52:cc:6e:34:b8:0a:4d:14:6d:55:d8:35:ac:93:34:df:5a:
b2:0f:4d:8d:20:0e:e5:a3:36:47:5e:54:99:0c:04:cc:fd:1e:
91:d6:85:3c:24:eb:75:ed:f0:bb:38:d8:18:74:f7:44:53:4e:
86:58:f5:44:f1:c3:6d:23:6f:92:fe:f0:35:79:46:58:bb:6f:
00:b8:7a:6c:b0:b7:71:32:c3:a5:bf:be:e9:c0:65:c8:6c:14:
e2:38:ee:db:7e:99:00:5c:cf:3c:59:8f:16:32:5c:cc:7b:ea:
9a:29:82:74:41:a4:4c:ba:9a:64:7a:99:ba:65:06:92:4e:00:
b9:82:ea:10:4f:0e:86:29:f3:58:02:96:11:02:59:d9:68:77:
f7:62:d5:66:28:a6:b2:9d:e4:97:bb:ce:db:55:68:56:28:24:
d4:08:c5:91:6f:ef:b0:55:95:6f:45:1a:0e:1e:7f:44:ca:da:
44:05:87:fb:35:46:1a:05:1d:b8:63:44:d2:9b:2d:8f:9a:d1:
b6:3c:8d:57
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAYzIb4fl7nRZLKHv8Q4ptAPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFD/qJMgMBU+F7X1vzh7ojla6D8k
mnIMJUqboV1dSTxK/ovsv5PIVbKfiyHbU89OkUIZpA7qsKu1rI2Kf/qe+UteH04J
WjtwYNe1KZ/jynxt6xvCEmA3g4ffd3NbzN8iS8EngI+oU5yy/TmKU5GbtEOepLfW
ilBLqCgyCacsh0OWZ3PgIbwLQrg9KIlhG/PN6H+RaTfcRXQ2UI9RYUfh4ht33TUl
YUQStYSTo+8vxdREDwQRj23hYZLmK2RSaMUyONFNWbsyTeqtV+TD6f110INNyHob
G6d2km+U9p37vRXpD7SDVF9rsbIeCaHo3KbQ7evcnd1F8KSana5AyFRfNwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFOO+B8sf1PHjySIwO2cKiBuC5hSRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzhmNWZh
ZS1kYTkwLTQzMTQtYmZmYy1kNGVlMWQzODllMGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvOGY1ZmFl
LWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQSklqQTda
d3FJRzRMbUZKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHVBggrBgEF
BQcBBwEB/wSBxTCBwjCBqQQCAAEwgaIDAwAubQMEBj4/gAMEBz5VAAMEBk4cwAMD
AE5UAwQFTpqAAwQHUOiAAwQHUOmAAwMAUcYDBAdU7YADAwBXbjAMAwQEV/aQAwQG
V/aAAwQHW2kAAwQEXmQAAwQHX0QAAwQCuSY4AwQCuVfMAwQAwggJMAwDBATCCBAD
BALCCBgDBAXCE+ADBAXDAmADBAfDDYADBAXDciADBAXDegADBAbVr0AwFAQCAAIw
DgMFACoCFtgDBQMqAiMwMCoGCCsGAQUFBwEIAQH/BBswGaAXMBUCAhWOAgIaWwIC
GvoCAjEiAgMAudIwDQYJKoZIhvcNAQELBQADggEBAEr4KlpfN8gq7GWo8kBL4l7Z
mOmKsZlerGeJi7CCENH6OEMRxLCciut5X73TG+598D4sHpRyPglSzG40uApNFG1V
2DWskzTfWrIPTY0gDuWjNkdeVJkMBMz9HpHWhTwk63Xt8Ls42Bh090RTToZY9UTx
w20jb5L+8DV5Rli7bwC4emywt3Eyw6W/vunAZchsFOI47tt+mQBczzxZjxYyXMx7
6popgnRBpEy6mmR6mbplBpJOALmC6hBPDoYp81gClhECWdlod/di1WYoprKd5Je7
zttVaFYoJNQIxZFv77BVlW9FGg4ef0TK2kQFh/s1RhoFHbhjRNKbLY+a0bY8jVc=
-----END CERTIFICATE-----
Generated at Wed Apr 24 00:08:59 2024 by rpki-client on console-fra.rpki-client.org