Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
File: 5hwHyVFIjwTLOw_TOK-E135Gv1I.cer (raw, json)
Hash identifier: Im/KYrQctcBcj4hRTVIVJHl7u0Y0aSDwCvpQLbCFgx4=
Subject key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B6E4AD0CD7803FFC8141C12D6BA5A6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:29:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 15507
AS: 31242
AS: 39603
AS: 41642
AS: 42900
AS: 49269
AS: 49873
AS: 50481
AS: 197903
AS: 201019
AS: 203435
IP: 5.173.0.0/16
IP: 31.43.176.0/23
IP: 31.172.176.0/20
IP: 31.174.0.0/15
IP: 46.112.0.0/15
IP: 84.205.167.0 -- 84.205.169.255
IP: 84.205.176.0 -- 84.205.181.255
IP: 84.205.184.0 -- 84.205.186.255
IP: 84.205.188.0/22
IP: 85.14.64.0/18
IP: 89.25.128.0/17
IP: 89.108.192.0/18
IP: 91.90.176.0/20
IP: 91.192.225.0/24
IP: 91.193.184.0/22
IP: 91.195.42.0/23
IP: 91.227.199.0 -- 91.227.203.255
IP: 93.179.192.0/18
IP: 94.254.128.0/17
IP: 109.243.0.0/16
IP: 119.12.16.0/20
IP: 164.126.0.0/15
IP: 178.219.20.0 -- 178.219.31.255
IP: 185.54.184.0/22
IP: 185.89.184.0/22
IP: 185.135.0.0/22
IP: 185.219.200.0/22
IP: 188.33.0.0/16
IP: 188.117.128.0/18
IP: 193.106.244.0/22
IP: 193.108.34.0/23
IP: 193.201.36.0/24
IP: 194.150.96.0/22
IP: 195.242.69.0/24
IP: 205.201.55.0/24
IP: 213.179.72.0/22
IP: 2001:678:b18::/48
IP: 2a00:13a0::/32
IP: 2a00:1980::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e4:ad:0c:d7:80:3f:fc:81:41:c1:2d:6b:a5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:68:d8:2d:84:3f:20:13:db:d3:ca:14:5e:
50:c1:1c:7a:24:a1:3c:8b:3c:ba:91:7d:01:48:85:
5a:58:89:a5:6a:41:1f:4b:8b:e9:fa:c6:98:cf:ba:
a5:83:7a:5a:a9:1f:20:3b:01:30:a7:87:37:74:66:
c5:e2:b8:99:73:1e:2a:e5:46:1d:7f:40:7f:11:50:
9e:dd:e1:4a:35:1e:72:26:65:0f:f7:2f:53:6e:4f:
ec:44:d4:fd:aa:46:5d:a0:bf:0d:2b:aa:a3:6b:85:
49:d2:34:a1:84:76:00:a6:8c:c2:60:6e:07:a5:77:
b1:96:1b:05:9f:fd:01:85:78:11:b9:7b:31:75:34:
f4:9e:d8:3a:5f:e1:33:4a:0f:fe:67:b2:96:cc:cb:
cb:0c:60:ff:2d:9c:6a:b6:0c:2d:0d:02:87:c5:4f:
ba:5f:6a:71:1e:26:91:4b:db:cc:7d:a0:fc:a4:aa:
11:f3:0d:c9:2b:54:e4:e1:18:0c:56:f2:b3:a5:72:
03:4b:c7:f9:22:c4:4f:46:5e:4d:a3:85:e9:41:f3:
fa:d6:03:30:06:89:99:a1:a9:71:60:c0:9b:a8:dd:
6f:42:d3:52:79:d4:bd:e7:f2:2b:52:29:d2:9c:3c:
71:f9:e8:c9:8c:f5:c6:06:be:cb:99:67:f9:06:94:
dd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.0.0/16
31.43.176.0/23
31.172.176.0/20
31.174.0.0/15
46.112.0.0/15
84.205.167.0-84.205.169.255
84.205.176.0-84.205.181.255
84.205.184.0-84.205.186.255
84.205.188.0/22
85.14.64.0/18
89.25.128.0/17
89.108.192.0/18
91.90.176.0/20
91.192.225.0/24
91.193.184.0/22
91.195.42.0/23
91.227.199.0-91.227.203.255
93.179.192.0/18
94.254.128.0/17
109.243.0.0/16
119.12.16.0/20
164.126.0.0/15
178.219.20.0-178.219.31.255
185.54.184.0/22
185.89.184.0/22
185.135.0.0/22
185.219.200.0/22
188.33.0.0/16
188.117.128.0/18
193.106.244.0/22
193.108.34.0/23
193.201.36.0/24
194.150.96.0/22
195.242.69.0/24
205.201.55.0/24
213.179.72.0/22
IPv6:
2001:678:b18::/48
2a00:13a0::/32
2a00:1980::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15507
31242
39603
41642
42900
49269
49873
50481
197903
201019
203435
Signature Algorithm: sha256WithRSAEncryption
85:94:bb:4c:df:a1:0b:c3:c2:4d:5f:d8:bf:79:7f:88:18:d4:
6d:59:28:fa:a1:aa:39:dd:43:6b:f6:41:77:2f:1e:c2:cc:52:
dc:0a:a2:04:91:12:a3:26:8c:85:39:e9:9f:48:9f:99:aa:0e:
ee:5e:8f:48:7c:be:e6:86:f0:88:26:4d:8a:5b:e0:c3:33:9a:
4b:7e:8a:ee:6c:6d:25:0e:25:cf:39:6b:91:03:28:bb:98:92:
9f:eb:2a:14:ae:4f:d0:80:e1:7e:31:52:c0:5c:73:e8:51:68:
c7:fc:1e:4d:9c:c0:cd:8a:24:14:63:5c:18:92:3b:3d:3e:d8:
98:d2:f8:92:6b:b1:5c:32:50:36:6c:4d:eb:a6:8e:8f:bb:b3:
33:13:bc:57:7d:ce:27:04:3a:a1:87:e2:33:79:c8:ea:19:e8:
c6:bd:a3:64:cd:19:aa:a3:19:21:ad:14:34:9a:68:6c:ba:25:
0e:70:6e:68:28:42:3e:f9:de:8e:2d:83:20:32:a9:bd:d3:e0:
e5:3d:9d:10:a7:16:a3:d4:77:eb:d0:f7:70:8d:ea:6c:7a:be:
bf:6c:38:54:a0:de:8e:0f:d1:1d:04:cd:51:0e:e5:87:4b:bb:
29:bb:b6:98:9c:86:2b:3e:ff:1f:a4:c4:ec:6a:c4:ea:96:e0:
fe:4f:c6:56
-----BEGIN CERTIFICATE-----
MIIG4DCCBcigAwIBAgISAYzDtuStDNeAP/yBQcEta6WmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjFjMDdjOTUxNDg4ZjA0Y2IzYjBmZDMzOGFmODRkNzdlNDZiZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxypo2C2EPyAT29PKFF5QwRx6JKE8
izy6kX0BSIVaWImlakEfS4vp+saYz7qlg3paqR8gOwEwp4c3dGbF4riZcx4q5UYd
f0B/EVCe3eFKNR5yJmUP9y9Tbk/sRNT9qkZdoL8NK6qja4VJ0jShhHYApozCYG4H
pXexlhsFn/0BhXgRuXsxdTT0ntg6X+EzSg/+Z7KWzMvLDGD/LZxqtgwtDQKHxU+6
X2pxHiaRS9vMfaD8pKoR8w3JK1Tk4RgMVvKzpXIDS8f5IsRPRl5No4XpQfP61gMw
BomZoalxYMCbqN1vQtNSedS95/IrUinSnDxx+ejJjPXGBr7LmWf5BpTdfQIDAQAB
o4ID7DCCA+gwHQYDVR0OBBYEFOYcB8lRSI8EyzsP0zivhNd+Rr9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzJkYmE1
Yy05YTkwLTQwNTItYTFlYi02YTg0NzdjYjZjMmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvMmRiYTVj
LTlhOTAtNDA1Mi1hMWViLTZhODQ3N2NiNmMyYS8xLzVod0h5VkZJandUTE93X1RP
Sy1FMTM1R3YxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBOQYIKwYB
BQUHAQcBAf8EggEoMIIBJDCCAQEEAgABMIH6AwMABa0DBAEfK7ADBAQfrLADAwEf
rgMDAS5wMAwDBABUzacDBAFUzagwDAMEBFTNsAMEAVTNtDAMAwQDVM24AwQAVM26
AwQCVM28AwQGVQ5AAwQHWRmAAwQGWWzAAwQEW1qwAwQAW8DhAwQCW8G4AwQBW8Mq
MAwDBABb48cDBAJb48gDBAZds8ADBAde/oADAwBt8wMEBHcMEAMDAaR+MAwDBAKy
2xQDBAWy2wADBAK5NrgDBAK5WbgDBAK5hwADBAK528gDAwC8IQMEBrx1gAMEAsFq
9AMEAcFsIgMEAMHJJAMEAsKWYAMEAMPyRQMEAM3JNwMEAtWzSDAdBAIAAjAXAwcA
IAEGeAsYAwUAKgAToAMFAyoAGYAwSgYIKwYBBQUHAQgBAf8EOzA5oDcwNQICPJMC
AnoKAgMAmrMCAwCiqgIDAKeUAgMAwHUCAwDC0QIDAMUxAgMDBQ8CAwMROwIDAxqr
MA0GCSqGSIb3DQEBCwUAA4IBAQCFlLtM36ELw8JNX9i/eX+IGNRtWSj6oao53UNr
9kF3Lx7CzFLcCqIEkRKjJoyFOemfSJ+Zqg7uXo9IfL7mhvCIJk2KW+DDM5pLforu
bG0lDiXPOWuRAyi7mJKf6yoUrk/QgOF+MVLAXHPoUWjH/B5NnMDNiiQUY1wYkjs9
PtiY0viSa7FcMlA2bE3rpo6Pu7MzE7xXfc4nBDqhh+IzecjqGejGvaNkzRmqoxkh
rRQ0mmhsuiUOcG5oKEI++d6OLYMgMqm90+DlPZ0Qpxaj1Hfr0Pdwjepser6/bDhU
oN6OD9EdBM1RDuWHS7spu7aYnIYrPv8fpMTsasTqluD+T8ZW
-----END CERTIFICATE-----
Generated at Thu Apr 18 21:04:19 2024 by rpki-client on console-ams.rpki-client.org