Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
File: 5b15I6_brofQeyMI3TidnPCC7W0.cer (raw, json)
Hash identifier: 4gmyBH04RmdUdx/1PJUJuc+i07UtI1uw7EA5nYsLfVU=
Subject key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019493CD1889B7BD8438787B37E8289A856A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 23 Jan 2025 15:34:39 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 25052
AS: 44709
IP: 5.100.248.0/21
IP: 5.180.180.0/22
IP: 31.133.100.0/22
IP: 45.83.40.0/22
IP: 45.91.168.0/22
IP: 45.93.92.0/22
IP: 45.248.36.0/23
IP: 63.250.56.0/21
IP: 81.28.4.0/22
IP: 83.229.68.0 -- 83.229.75.255
IP: 83.229.80.0/21
IP: 91.202.168.0/22
IP: 91.223.106.0/24
IP: 91.223.169.0/24
IP: 91.223.236.0/24
IP: 91.226.72.0/24
IP: 91.226.76.0/24
IP: 91.228.126.0/23
IP: 93.93.205.0/24
IP: 103.13.208.0/22
IP: 103.45.244.0/22
IP: 103.240.144.0/22
IP: 103.241.64.0/22
IP: 109.207.76.0/22
IP: 185.28.152.0/22
IP: 185.47.172.0/22
IP: 185.53.208.0/22
IP: 185.56.72.0/22
IP: 185.127.16.0/22
IP: 185.139.228.0/24
IP: 185.139.230.0/23
IP: 185.144.156.0/22
IP: 185.159.72.0/22
IP: 185.162.124.0/22
IP: 185.181.8.0/22
IP: 185.220.204.0/22
IP: 185.227.108.0/22
IP: 185.237.12.0/22
IP: 185.237.96.0/22
IP: 185.241.4.0/22
IP: 185.247.116.0/22
IP: 185.253.72.0/23
IP: 185.253.75.0/24
IP: 188.191.147.0/24
IP: 193.168.172.0/22
IP: 193.218.207.128/25
IP: 194.36.88.0/22
IP: 194.37.80.0/22
IP: 194.146.24.0/23
IP: 194.146.38.0/23
IP: 195.28.180.0/23
IP: 195.238.120.0/22
IP: 212.80.204.0/22
IP: 212.86.104.0/23
IP: 2a00:9f60::/32
IP: 2a01:92e0::/32
IP: 2a02:40a0::/32
IP: 2a02:41e0::/32
IP: 2a04:d980::/29
IP: 2a06:c5c0::/29
IP: 2a07:3b80::/29
IP: 2a0a:b880::/29
IP: 2a0c:a600::/29
IP: 2a0c:c040::/29
IP: 2a0d:1240::/29
IP: 2a0d:be80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:cd:18:89:b7:bd:84:38:78:7b:37:e8:28:9a:85:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 23 15:34:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c4:46:11:ae:b5:ba:22:01:3b:c6:93:9e:49:
dd:53:d6:c1:eb:20:3f:3e:a8:3e:bd:4f:cb:a6:6e:
6b:0c:a4:30:58:31:71:03:99:ff:e1:60:53:7c:b1:
29:bc:82:dc:ba:ef:93:00:2f:c7:d9:4e:ed:7c:9d:
3b:71:7f:00:d3:d4:ba:fc:fc:3c:d8:85:38:5e:e7:
e7:e7:9a:90:26:6e:8c:46:66:f4:4d:f0:e9:ce:64:
75:a2:50:bb:86:6a:7d:b1:1b:9e:48:ef:73:8a:21:
78:45:b0:ce:7e:c8:fe:a9:26:a7:23:3c:aa:42:76:
63:ff:ce:75:eb:35:53:b3:73:4f:eb:13:e9:db:e8:
28:35:50:9d:b2:c6:95:22:c1:a1:69:1c:55:cb:0e:
ba:1d:30:92:09:45:f8:9a:3c:ab:94:3c:ef:9f:ef:
f8:fb:5e:c5:2d:eb:3c:f1:5f:a9:ab:54:ea:7a:84:
dc:7b:0c:18:ab:3a:dd:53:3d:bb:ea:f9:aa:96:fb:
a1:5e:f7:05:25:85:f0:44:55:1d:32:b2:cd:d9:a8:
9f:76:22:30:9b:cc:f4:fa:6d:ea:02:1a:3e:c1:db:
40:24:0c:5c:07:b0:fc:cc:ba:87:37:18:2b:57:74:
17:ca:8c:e7:a0:c3:13:bd:c6:c1:0d:08:21:34:0d:
bc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.248.0/21
5.180.180.0/22
31.133.100.0/22
45.83.40.0/22
45.91.168.0/22
45.93.92.0/22
45.248.36.0/23
63.250.56.0/21
81.28.4.0/22
83.229.68.0-83.229.75.255
83.229.80.0/21
91.202.168.0/22
91.223.106.0/24
91.223.169.0/24
91.223.236.0/24
91.226.72.0/24
91.226.76.0/24
91.228.126.0/23
93.93.205.0/24
103.13.208.0/22
103.45.244.0/22
103.240.144.0/22
103.241.64.0/22
109.207.76.0/22
185.28.152.0/22
185.47.172.0/22
185.53.208.0/22
185.56.72.0/22
185.127.16.0/22
185.139.228.0/24
185.139.230.0/23
185.144.156.0/22
185.159.72.0/22
185.162.124.0/22
185.181.8.0/22
185.220.204.0/22
185.227.108.0/22
185.237.12.0/22
185.237.96.0/22
185.241.4.0/22
185.247.116.0/22
185.253.72.0/23
185.253.75.0/24
188.191.147.0/24
193.168.172.0/22
193.218.207.128/25
194.36.88.0/22
194.37.80.0/22
194.146.24.0/23
194.146.38.0/23
195.28.180.0/23
195.238.120.0/22
212.80.204.0/22
212.86.104.0/23
IPv6:
2a00:9f60::/32
2a01:92e0::/32
2a02:40a0::/32
2a02:41e0::/32
2a04:d980::/29
2a06:c5c0::/29
2a07:3b80::/29
2a0a:b880::/29
2a0c:a600::/29
2a0c:c040::/29
2a0d:1240::/29
2a0d:be80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25052
44709
Signature Algorithm: sha256WithRSAEncryption
90:52:73:1b:78:6d:62:9a:f6:40:dd:57:6f:f8:9b:48:f7:ee:
9e:96:ed:71:eb:f3:da:cc:0e:29:73:a3:10:b2:2d:59:75:56:
9a:bf:62:80:60:c6:54:53:90:31:53:3a:62:93:fa:d5:bc:1b:
5a:ca:bb:7d:30:2c:93:0c:cd:ed:82:61:3c:91:4d:fa:af:a8:
36:3a:16:a9:6f:8b:c7:3c:84:df:e9:69:0b:b6:da:23:9b:4b:
5c:96:80:ec:96:81:99:d2:d9:00:95:2d:24:87:cd:d1:c7:57:
79:ef:91:a7:c2:73:12:08:04:e5:1e:5f:88:82:1e:0b:d3:1a:
43:15:1e:e6:94:b7:97:ca:65:2a:87:07:a2:49:08:2a:83:f7:
77:6a:42:08:ba:3a:3d:f5:3d:87:ac:9b:aa:be:a0:56:50:d2:
24:0b:94:8b:58:13:21:93:12:ff:b0:44:49:5f:9f:b5:3c:f2:
18:f9:ee:6f:6c:f8:24:bb:7f:9b:3c:a9:b2:aa:b1:d8:b8:f5:
49:df:d3:65:3d:09:ce:e7:3e:1a:0b:8c:5e:b3:a6:51:5d:38:
27:de:3c:f4:b6:39:7f:9e:72:b8:c2:53:9f:19:d4:23:4f:9e:
d6:51:c3:ea:ad:7a:09:97:ee:9a:1c:95:e3:3a:98:ff:a6:6a:
e5:57:e3:33
-----BEGIN CERTIFICATE-----
MIIHRTCCBi2gAwIBAgISAZSTzRiJt72EOHh7N+gomoVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTIzMTUzNDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJkNzkyM2FmZGJhZTg3ZDA3YjIzMDhkZDM4OWQ5Y2YwODJlZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sRGEa61uiIBO8aTnkndU9bB6yA/
Pqg+vU/Lpm5rDKQwWDFxA5n/4WBTfLEpvILcuu+TAC/H2U7tfJ07cX8A09S6/Pw8
2IU4Xufn55qQJm6MRmb0TfDpzmR1olC7hmp9sRueSO9ziiF4RbDOfsj+qSanIzyq
QnZj/8516zVTs3NP6xPp2+goNVCdssaVIsGhaRxVyw66HTCSCUX4mjyrlDzvn+/4
+17FLes88V+pq1TqeoTcewwYqzrdUz276vmqlvuhXvcFJYXwRFUdMrLN2aifdiIw
m8z0+m3qAho+wdtAJAxcB7D8zLqHNxgrV3QXyoznoMMTvcbBDQghNA28HwIDAQAB
o4IEUTCCBE0wHQYDVR0OBBYEFOW9eSOv266H0HsjCN04nZzwgu1tMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U1LzI2OTIy
OS0yMGViLTRmMWMtYTEzZS0yNmQxZTU0NTc4ZjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvMjY5MjI5
LTIwZWItNGYxYy1hMTNlLTI2ZDFlNTQ1NzhmMS8xLzViMTVJNl9icm9mUWV5TUkz
VGlkblBDQzdXMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBygYIKwYB
BQUHAQcBAf8EggG5MIIBtTCCAVUEAgABMIIBTQMEAwVk+AMEAgW0tAMEAh+FZAME
Ai1TKAMEAi1bqAMEAi1dXAMEAS34JAMEAz/6OAMEAlEcBDAMAwQCU+VEAwQCU+VI
AwQDU+VQAwQCW8qoAwQAW99qAwQAW9+pAwQAW9/sAwQAW+JIAwQAW+JMAwQBW+R+
AwQAXV3NAwQCZw3QAwQCZy30AwQCZ/CQAwQCZ/FAAwQCbc9MAwQCuRyYAwQCuS+s
AwQCuTXQAwQCuThIAwQCuX8QAwQAuYvkAwQBuYvmAwQCuZCcAwQCuZ9IAwQCuaJ8
AwQCubUIAwQCudzMAwQCueNsAwQCue0MAwQCue1gAwQCufEEAwQCufd0AwQBuf1I
AwQAuf1LAwQAvL+TAwQCwaisAwUHwdrPgAMEAsIkWAMEAsIlUAMEAcKSGAMEAcKS
JgMEAcMctAMEAsPueAMEAtRQzAMEAdRWaDBaBAIAAjBUAwUAKgCfYAMFACoBkuAD
BQAqAkCgAwUAKgJB4AMFAyoE2YADBQMqBsXAAwUDKgc7gAMFAyoKuIADBQMqDKYA
AwUDKgzAQAMFAyoNEkADBQMqDb6AMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAmHc
AgMArqUwDQYJKoZIhvcNAQELBQADggEBAJBScxt4bWKa9kDdV2/4m0j37p6W7XHr
89rMDilzoxCyLVl1Vpq/YoBgxlRTkDFTOmKT+tW8G1rKu30wLJMMze2CYTyRTfqv
qDY6Fqlvi8c8hN/paQu22iObS1yWgOyWgZnS2QCVLSSHzdHHV3nvkafCcxIIBOUe
X4iCHgvTGkMVHuaUt5fKZSqHB6JJCCqD93dqQgi6Oj31PYesm6q+oFZQ0iQLlItY
EyGTEv+wRElfn7U88hj57m9s+CS7f5s8qbKqsdi49Unf02U9Cc7nPhoLjF6zplFd
OCfePPS2OX+ecrjCU58Z1CNPntZRw+qtegmX7pocleM6mP+mauVX4zM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:59 2025 by rpki-client