Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
File: 4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer (raw, json)
Hash identifier: 98rsYKQMxVqOb14LryalaRKRe7drFkNlv8PysHQf7fE=
Subject key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DB177D9E7078B31CE9192D0C755DF4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43350
AS: 64437
IP: 5.104.136.0/21
IP: 37.143.32.0/21
IP: 37.153.168.0/22
IP: 37.156.228.0/22
IP: 37.156.252.0/22
IP: 46.166.128.0/19
IP: 46.166.176.0/20
IP: 77.247.176.0/21
IP: 85.159.232.0/21
IP: 89.38.160.0/22
IP: 92.114.100.0/22
IP: 109.201.128.0/19
IP: 176.126.232.0/22
IP: 185.7.76.0/22
IP: 185.11.144.0/22
IP: 185.45.193.0/24
IP: 185.62.188.0/22
IP: 185.82.201.0/24
IP: 185.82.203.0/24
IP: 185.106.121.0/24
IP: 185.107.36.0/22
IP: 185.107.44.0/22
IP: 185.107.56.0/22
IP: 185.107.68.0/22
IP: 185.107.80.0/22
IP: 185.107.92.0/22
IP: 185.107.100.0/22
IP: 185.107.116.0/22
IP: 185.117.74.0/23
IP: 185.183.96.0/24
IP: 185.198.57.0/24
IP: 185.244.150.0/24
IP: 188.209.48.0/20
IP: 194.36.189.0/24
IP: 212.92.104.0 -- 212.92.125.255
IP: 2a00:1768::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:17:7d:9e:70:78:b3:1c:e9:19:2d:0c:75:5d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:40:2a:d6:90:7e:c4:e7:21:ae:82:ca:0a:2e:
38:73:f7:d1:29:1a:18:27:33:4d:f0:03:c3:f2:a7:
d4:2f:ad:e7:ac:54:88:89:5c:85:eb:17:51:36:1e:
fa:ac:f7:73:b2:b6:71:64:7e:d5:ef:42:22:ce:45:
e0:73:6c:cb:e5:56:50:35:4b:d2:ed:f3:e9:dc:cc:
65:24:f8:b3:70:10:42:40:3a:d4:41:41:c3:ef:65:
0b:4e:73:b6:91:2a:ca:72:47:6c:d7:d0:10:6e:4c:
17:70:35:16:9b:25:43:90:84:1c:14:59:f5:3c:18:
91:40:78:4c:c6:2a:88:1b:28:d2:0a:db:16:c5:fb:
76:8f:dd:b9:bb:0d:fb:28:9e:59:91:71:41:00:81:
96:f2:7e:4c:8c:6b:ee:33:15:6f:0a:88:07:e8:2c:
a2:f0:48:4a:27:6e:26:9c:23:29:43:d8:12:8a:3a:
29:1d:3f:13:6d:09:71:a0:14:23:c5:7e:b9:bb:73:
9e:58:cb:2f:c8:23:5f:dd:7a:cf:29:57:05:f6:11:
4f:4d:89:45:7e:73:cc:09:65:ba:ba:02:8b:fc:7b:
3c:e4:6a:eb:87:69:45:91:2d:02:23:df:8e:78:20:
3c:86:c8:aa:d2:2f:85:88:1b:31:5f:39:61:aa:52:
d4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/22
37.156.252.0/22
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/22
185.7.76.0/22
185.11.144.0/22
185.45.193.0/24
185.62.188.0/22
185.82.201.0/24
185.82.203.0/24
185.106.121.0/24
185.107.36.0/22
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
185.117.74.0/23
185.183.96.0/24
185.198.57.0/24
185.244.150.0/24
188.209.48.0/20
194.36.189.0/24
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43350
64437
Signature Algorithm: sha256WithRSAEncryption
26:14:0e:21:2b:4f:4f:24:ee:92:7b:46:ad:d4:95:7b:af:c4:
e4:b1:1a:c6:ad:35:49:b8:10:05:8e:4e:61:5d:40:dd:2f:0b:
83:ac:c9:d7:c1:a7:cc:bf:df:5e:02:35:e7:6b:9e:fb:5c:48:
40:53:96:09:dc:4f:46:a7:35:e9:16:ee:b1:de:dc:e2:de:96:
6b:94:bb:7c:47:54:63:b1:e2:f7:27:48:a6:7b:56:42:5c:86:
b8:84:4c:70:8a:5b:75:f3:3f:4c:8d:99:39:77:17:de:fc:de:
39:df:aa:40:2b:17:f1:67:2b:2f:15:b4:43:1c:a1:e4:f2:1a:
71:8c:cf:bb:98:3d:c8:8f:d6:5e:8a:13:84:df:60:69:39:1b:
7a:20:1d:50:25:80:67:ef:45:27:c6:7c:e7:f6:b5:f7:97:36:
80:a9:65:1d:8a:c9:62:fd:1d:58:8f:02:af:75:78:d7:e0:ca:
f0:71:71:d9:23:8e:1a:2e:6e:ff:e9:d6:c5:12:94:ec:3e:89:
82:6d:9a:cd:2e:ad:ca:03:2d:1b:38:3b:b7:46:b7:d5:6a:3b:
54:ca:55:b9:26:c0:cc:da:3d:4d:40:5c:29:45:80:ee:d1:5b:
ef:47:f3:dd:cc:07:a1:aa:0c:bb:d5:0f:59:db:e5:57:94:84:
ea:b3:47:77
-----BEGIN CERTIFICATE-----
MIIGgjCCBWqgAwIBAgISAYzC2xd9nnB4sxzpGS0MdV30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTM4ZWMyNDJhNDNlOWM5ZDRjZWIyNWRjOTBlNTQ1MzM3M2QzZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UAq1pB+xOchroLKCi44c/fRKRoY
JzNN8APD8qfUL63nrFSIiVyF6xdRNh76rPdzsrZxZH7V70IizkXgc2zL5VZQNUvS
7fPp3MxlJPizcBBCQDrUQUHD72ULTnO2kSrKckds19AQbkwXcDUWmyVDkIQcFFn1
PBiRQHhMxiqIGyjSCtsWxft2j925uw37KJ5ZkXFBAIGW8n5MjGvuMxVvCogH6Cyi
8EhKJ24mnCMpQ9gSijopHT8TbQlxoBQjxX65u3OeWMsvyCNf3XrPKVcF9hFPTYlF
fnPMCWW6ugKL/Hs85Grrh2lFkS0CI9+OeCA8hsiq0i+FiBsxXzlhqlLUBwIDAQAB
o4IDjjCCA4owHQYDVR0OBBYEFOE47CQqQ+nJ1M6yXckOVFM3PT9GMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmLzBiN2Zk
My05MGYwLTQ1ZDEtOGE1OC02Nzg1Y2Q0NTY4NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvMGI3ZmQz
LTkwZjAtNDVkMS04YTU4LTY3ODVjZDQ1Njg3MS8xLzRUanNKQ3BENmNuVXpySmR5
UTVVVXpjOVAwWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBgYIKwYB
BQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQDBWiIAwQDJY8gAwQCJZmoAwQCJZzk
AwQCJZz8AwQFLqaAAwQELqawAwQDTfewAwQDVZ/oAwQCWSagAwQCXHJkAwQFbcmA
AwQCsH7oAwQCuQdMAwQCuQuQAwQAuS3BAwQCuT68AwQAuVLJAwQAuVLLAwQAuWp5
AwQCuWskAwQCuWssAwQCuWs4AwQCuWtEAwQCuWtQAwQCuWtcAwQCuWtkAwQCuWt0
AwQBuXVKAwQAubdgAwQAucY5AwQAufSWAwQEvNEwAwQAwiS9MAwDBAPUXGgDBAHU
XHwwDQQCAAIwBwMFAyoAF2gwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAKlWAgMA
+7UwDQYJKoZIhvcNAQELBQADggEBACYUDiErT08k7pJ7Rq3UlXuvxOSxGsatNUm4
EAWOTmFdQN0vC4OsydfBp8y/314CNedrnvtcSEBTlgncT0anNekW7rHe3OLelmuU
u3xHVGOx4vcnSKZ7VkJchriETHCKW3XzP0yNmTl3F9783jnfqkArF/FnKy8VtEMc
oeTyGnGMz7uYPciP1l6KE4TfYGk5G3ogHVAlgGfvRSfGfOf2tfeXNoCpZR2KyWL9
HViPAq91eNfgyvBxcdkjjhoubv/p1sUSlOw+iYJtms0urcoDLRs4O7dGt9VqO1TK
VbkmwMzaPU1AXClFgO7RW+9H893MB6GqDLvVD1nb5VeUhOqzR3c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:48:48 2024 by rpki-client on console-ams.rpki-client.org