Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
File: 4tDEmg6X4NXzztO3trn3LKDLU9Y.cer (raw, json)
Hash identifier: /Ebs0A79NbicGCTuaXNNrAjI097D3QX0uraK6IRw0uA=
Subject key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7933BC271CFD1D1D59A24FF34869160
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:29:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 50495
AS: 199438
AS: 204646
IP: 2.56.20.0/22
IP: 2.58.12.0/22
IP: 5.180.220.0/22
IP: 5.183.92.0/22
IP: 5.253.240.0/22
IP: 45.10.232.0/22
IP: 45.13.92.0/22
IP: 45.80.164.0/22
IP: 45.82.220.0/22
IP: 45.86.160.0/22
IP: 45.89.208.0/22
IP: 45.93.96.0/22
IP: 45.135.16.0/22
IP: 45.137.244.0/22
IP: 45.142.80.0/22
IP: 45.146.204.0/22
IP: 45.153.40.0/22
IP: 46.30.188.0/22
IP: 62.192.180.0/22
IP: 77.83.232.0/22
IP: 83.136.221.0/24
IP: 84.39.200.0/22
IP: 85.208.32.0/22
IP: 91.204.48.0/22
IP: 91.223.99.0/24
IP: 91.223.102.0/24
IP: 91.223.126.0/24
IP: 91.223.163.0/24
IP: 91.239.64.0/24
IP: 92.118.12.0/22
IP: 92.246.68.0/22
IP: 96.125.144.0/20
IP: 147.78.112.0/22
IP: 171.22.4.0/22
IP: 171.22.248.0/22
IP: 176.119.202.0/24
IP: 185.134.220.0/22
IP: 185.166.253.0/24
IP: 185.244.8.0/22
IP: 185.247.188.0/22
IP: 185.253.196.0/22
IP: 193.31.32.0/22
IP: 193.42.224.0/22
IP: 194.5.224.0/22
IP: 194.39.32.0/22
IP: 194.93.52.0/22
IP: 194.116.248.0/22
IP: 195.38.0.0/22
IP: 195.234.99.0/24
IP: 212.103.40.0/22
IP: 2a06:ef40::/29
IP: 2a09:2c00::/29
IP: 2a09:6440::/29
IP: 2a0c:4440::/29
IP: 2a0d:2080::/29
IP: 2a0d:8440::/29
IP: 2a0e:e100::/29
IP: 2a0e:e400::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Apr 2024 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3b:c2:71:cf:d1:d1:d5:9a:24:ff:34:86:91:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e5:dc:80:7b:94:ba:26:5e:a1:af:fa:82:0b:
7c:28:5c:c7:22:b2:ee:08:e3:55:a9:f8:a6:df:9e:
7b:3f:c8:fa:b3:ef:ae:f6:7d:49:8b:d2:05:25:f7:
cd:6b:eb:85:93:99:6e:98:b9:93:2c:37:53:3c:30:
43:f1:3d:67:97:91:46:d2:b8:0c:d1:8a:8f:5b:47:
3c:7b:95:3c:8a:13:47:e7:de:95:a5:00:0f:6e:4f:
63:8c:c2:00:2e:b4:d0:0a:62:5c:9e:87:b1:73:22:
91:89:c5:8a:cb:80:af:96:85:a2:c0:57:09:3e:5a:
5e:c6:6f:6f:eb:13:90:9d:a1:c6:59:9b:63:0a:73:
bd:23:cb:8a:d4:40:ad:7e:2f:7a:a2:7f:c6:66:23:
6f:da:24:10:97:57:cf:61:af:69:fb:65:f3:c9:3c:
42:3d:78:f9:54:80:da:6c:97:52:06:a8:4f:9a:aa:
87:43:6c:5a:1a:f1:5e:11:3b:09:c4:1d:68:63:1c:
4a:f3:0d:4c:4e:aa:74:93:36:ce:45:4a:fe:b9:1a:
7c:87:c9:c6:ca:d4:09:68:ee:c9:54:59:8d:e4:56:
f4:c3:ef:57:fd:70:6c:42:de:4d:53:a0:79:f6:a4:
23:70:02:3e:b6:dc:e1:03:af:f4:8c:d8:be:42:9f:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.20.0/22
2.58.12.0/22
5.180.220.0/22
5.183.92.0/22
5.253.240.0/22
45.10.232.0/22
45.13.92.0/22
45.80.164.0/22
45.82.220.0/22
45.86.160.0/22
45.89.208.0/22
45.93.96.0/22
45.135.16.0/22
45.137.244.0/22
45.142.80.0/22
45.146.204.0/22
45.153.40.0/22
46.30.188.0/22
62.192.180.0/22
77.83.232.0/22
83.136.221.0/24
84.39.200.0/22
85.208.32.0/22
91.204.48.0/22
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
91.239.64.0/24
92.118.12.0/22
92.246.68.0/22
96.125.144.0/20
147.78.112.0/22
171.22.4.0/22
171.22.248.0/22
176.119.202.0/24
185.134.220.0/22
185.166.253.0/24
185.244.8.0/22
185.247.188.0/22
185.253.196.0/22
193.31.32.0/22
193.42.224.0/22
194.5.224.0/22
194.39.32.0/22
194.93.52.0/22
194.116.248.0/22
195.38.0.0/22
195.234.99.0/24
212.103.40.0/22
IPv6:
2a06:ef40::/29
2a09:2c00::/29
2a09:6440::/29
2a0c:4440::/29
2a0d:2080::/29
2a0d:8440::/29
2a0e:e100::/29
2a0e:e400::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
50495
199438
204646
Signature Algorithm: sha256WithRSAEncryption
6f:8d:97:21:d0:93:3e:29:81:80:15:e6:21:7e:6a:66:c0:af:
32:c6:7e:42:93:59:82:32:83:17:85:f4:69:22:f1:3d:42:9d:
44:23:6c:25:30:67:e7:f6:4c:71:e6:bb:44:b3:b0:f0:1f:4f:
3c:71:ef:88:13:74:b7:5a:14:40:19:14:20:3a:b3:19:e4:79:
10:c3:67:1a:83:95:73:24:a4:a6:fa:66:73:9b:27:34:f3:b2:
3d:92:87:db:e2:17:76:82:ce:43:57:ef:d6:9d:34:a8:3b:aa:
1d:1e:f0:ce:2a:f6:97:67:2a:fa:2b:e2:80:fe:fe:33:24:ec:
80:fe:d2:05:bd:ba:4e:63:ce:30:a7:94:01:36:1c:2a:22:a8:
9b:8d:3c:0d:a9:f5:93:a0:51:f3:18:c3:32:f7:89:f8:02:e5:
bc:cf:7a:b1:cf:7b:e2:3f:85:8e:76:b2:18:18:a3:b9:44:2a:
44:f1:5b:30:3f:81:42:4d:89:71:ea:4b:95:18:62:5b:16:c7:
e8:91:84:15:85:51:2d:1d:d9:89:6c:27:7f:06:c0:ba:e9:ac:
5f:fe:36:29:36:24:8e:07:26:e1:12:1d:de:21:b1:66:fa:92:
70:32:c4:13:d9:d9:da:6d:45:41:7d:ae:00:b7:a0:ff:cd:35:
6e:76:dc:31
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgISAYzHkzvCcc/R0dWaJP80hpFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OXcgHuUuiZeoa/6ggt8KFzHIrLu
CONVqfim3557P8j6s++u9n1Ji9IFJffNa+uFk5lumLmTLDdTPDBD8T1nl5FG0rgM
0YqPW0c8e5U8ihNH596VpQAPbk9jjMIALrTQCmJcnoexcyKRicWKy4CvloWiwFcJ
Plpexm9v6xOQnaHGWZtjCnO9I8uK1ECtfi96on/GZiNv2iQQl1fPYa9p+2XzyTxC
PXj5VIDabJdSBqhPmqqHQ2xaGvFeETsJxB1oYxxK8w1MTqp0kzbORUr+uRp8h8nG
ytQJaO7JVFmN5Fb0w+9X/XBsQt5NU6B59qQjcAI+ttzhA6/0jNi+Qp8dFwIDAQAB
o4IEGjCCBBYwHQYDVR0OBBYEFOLQxJoOl+DV887Tt7a59yygy1PWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwLzlmMGY3
YS0xMWViLTQzODMtYmM2YS00NjkwYTAwNzE0MWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAvOWYwZjdh
LTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Yenp0TzN0
cm4zTEtETFU5WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBjQYIKwYB
BQUHAQcBAf8EggF8MIIBeDCCATQEAgABMIIBLAMEAgI4FAMEAgI6DAMEAgW03AME
AgW3XAMEAgX98AMEAi0K6AMEAi0NXAMEAi1QpAMEAi1S3AMEAi1WoAMEAi1Z0AME
Ai1dYAMEAi2HEAMEAi2J9AMEAi2OUAMEAi2SzAMEAi2ZKAMEAi4evAMEAj7AtAME
Ak1T6AMEAFOI3QMEAlQnyAMEAlXQIAMEAlvMMAMEAFvfYwMEAFvfZgMEAFvffgME
AFvfowMEAFvvQAMEAlx2DAMEAlz2RAMEBGB9kAMEApNOcAMEAqsWBAMEAqsW+AME
ALB3ygMEArmG3AMEALmm/QMEArn0CAMEArn3vAMEArn9xAMEAsEfIAMEAsEq4AME
AsIF4AMEAsInIAMEAsJdNAMEAsJ0+AMEAsMmAAMEAMPqYwMEAtRnKDA+BAIAAjA4
AwUDKgbvQAMFAyoJLAADBQMqCWRAAwUDKgxEQAMFAyoNIIADBQMqDYRAAwUDKg7h
AAMFAyoO5AAwJAYIKwYBBQUHAQgBAf8EFTAToBEwDwIDAMU/AgMDCw4CAwMfZjAN
BgkqhkiG9w0BAQsFAAOCAQEAb42XIdCTPimBgBXmIX5qZsCvMsZ+QpNZgjKDF4X0
aSLxPUKdRCNsJTBn5/ZMcea7RLOw8B9PPHHviBN0t1oUQBkUIDqzGeR5EMNnGoOV
cySkpvpmc5snNPOyPZKH2+IXdoLOQ1fv1p00qDuqHR7wzir2l2cq+ivigP7+MyTs
gP7SBb26TmPOMKeUATYcKiKom408Dan1k6BR8xjDMveJ+ALlvM96sc974j+Fjnay
GBijuUQqRPFbMD+BQk2JcepLlRhiWxbH6JGEFYVRLR3ZiWwnfwbAuumsX/42KTYk
jgcm4RId3iGxZvqScDLEE9nZ2m1FQX2uALeg/801bnbcMQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:16:13 2024 by rpki-client on console-fra.rpki-client.org