Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
File: A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer (raw, json)
Hash identifier: D5lSVdmi2/Llqir8MbPkBorW9T6wdRzKiPh6sY9Q58U=
Subject key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942067F30281DD054008A235ACA79EEB89
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2.57.176.0/22
IP: 45.135.248.0/22
IP: 45.140.236.0/22
IP: 45.142.236.0/22
IP: 45.146.80.0/22
IP: 45.148.36.0/22
IP: 45.149.100.0/22
IP: 45.149.184.0/22
IP: 45.151.44.0/22
IP: 45.152.240.0/22
IP: 45.153.4.0/22
IP: 45.154.104.0/22
IP: 45.155.16.0/22
IP: 45.157.16.0/22
IP: 45.158.8.0/22
IP: 45.158.168.0/22
IP: 91.198.66.0/24
IP: 91.198.77.0/24
IP: 91.198.115.0/24
IP: 91.198.123.0/24
IP: 91.199.163.0/24
IP: 91.199.166.0/24
IP: 91.199.168.0/24
IP: 91.199.172.0/24
IP: 91.206.2.0/24
IP: 141.98.156.0/22
IP: 147.78.120.0/22
IP: 152.89.248.0/22
IP: 176.105.224.0/22
IP: 185.155.220.0/22
IP: 192.166.82.0/23
IP: 192.166.114.0/23
IP: 193.0.234.0/23
IP: 193.5.10.0/23
IP: 193.25.207.0/24
IP: 193.29.96.0/22
IP: 193.111.116.0/23
IP: 193.111.124.0/23
IP: 193.142.4.0/24
IP: 193.142.6.0/24
IP: 193.142.18.0/24
IP: 193.142.22.0/24
IP: 193.151.180.0/22
IP: 193.161.206.0/24
IP: 193.161.245.0/24
IP: 193.164.1.0/24
IP: 193.164.10.0/24
IP: 193.176.54.0/23
IP: 193.176.128.0/23
IP: 194.5.146.0 -- 194.5.149.255
IP: 194.104.156.0/24
IP: 194.104.158.0/24
IP: 194.105.5.0/24
IP: 194.105.21.0/24
IP: 194.113.222.0/23
IP: 194.113.226.0/23
IP: 194.147.4.0/22
IP: 195.20.98.0/23
IP: 195.20.104.0/23
IP: 195.206.230.0/23
IP: 195.206.234.0/23
IP: 212.80.192.0/22
IP: 2a03:8b80::/29
IP: 2a03:f100::/29
IP: 2a04:7a80::/29
IP: 2a04:f3c0::/29
IP: 2a04:f700::/29
IP: 2a05:5040::/29
IP: 2a05:b600::/29
IP: 2a05:c580::/29
IP: 2a06:7680::/29
IP: 2a06:99c0::/29
IP: 2a07:6a40::/29
IP: 2a07:fc40::/29
IP: 2a09:40::/29
IP: 2a09:c0::/29
IP: 2a09:1c0::/29
IP: 2a09:240::/29
IP: 2a09:2240::/29
IP: 2a09:22c0::/29
IP: 2a09:fe80::/29
IP: 2a0a:5700::/29
IP: 2a0b:2e40::/29
IP: 2a0b:ca00::/29
IP: 2a0c:1c00::/29
IP: 2a0c:2cc0::/29
IP: 2a0c:43c0::/29
IP: 2a0c:4e00::/29
IP: 2a10:8740::/29
IP: 2a10:e180::/29
IP: 2a10:e280::/29
IP: 2a10:ec80::/29
IP: 2a10:ed80::/29
IP: 2a10:ee80::/29
IP: 2a10:ef80::/29
IP: 2a10:f080::/29
IP: 2a10:f100::/29
IP: 2a10:f180::/29
IP: 2a10:f280::/29
IP: 2a10:fd80::/29
IP: 2a10:fe80::/29
IP: 2a10:ff80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Jan 2025 05:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f3:02:81:dd:05:40:08:a2:35:ac:a7:9e:eb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:83:a8:2c:77:f2:4d:58:33:ad:08:cc:e4:30:
32:31:68:8f:e3:db:12:44:7a:23:b7:72:53:9e:de:
ec:6c:a8:35:e8:ff:09:bb:fd:54:80:0a:18:de:ce:
69:55:d9:da:6b:a0:f0:62:19:34:ba:05:d7:06:d5:
b2:ab:32:aa:5a:53:21:1b:16:22:63:ae:b6:e2:ff:
3d:92:ce:9f:f3:b0:4e:c6:53:bd:5b:70:5f:11:fb:
09:fc:b2:6d:fd:3f:82:46:d5:1f:8f:06:1a:9a:2f:
1a:25:c1:6c:68:e6:92:a4:31:86:12:6a:8e:de:f0:
74:7b:45:be:ba:25:7f:e0:62:0d:ec:da:a1:fe:3b:
82:af:70:23:0a:e9:19:44:24:7f:2e:ce:06:77:06:
d2:f6:44:b5:57:31:01:02:77:e5:50:ff:ad:2f:8f:
a9:01:73:83:f1:a0:b8:ae:44:49:7c:2d:8b:3c:0c:
3e:79:e3:1b:c3:05:b7:80:ac:98:a3:b2:11:a2:98:
29:22:06:10:b7:24:e6:6c:c2:05:7b:63:a2:98:ea:
09:2a:a5:c5:ed:8a:fe:93:fe:c9:b6:74:39:49:eb:
2e:82:22:24:e5:e0:e0:9e:80:a6:1c:a1:df:1b:ba:
b0:3d:62:09:f2:f5:d3:f7:20:e1:1d:ed:2e:a8:9e:
13:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.176.0/22
45.135.248.0/22
45.140.236.0/22
45.142.236.0/22
45.146.80.0/22
45.148.36.0/22
45.149.100.0/22
45.149.184.0/22
45.151.44.0/22
45.152.240.0/22
45.153.4.0/22
45.154.104.0/22
45.155.16.0/22
45.157.16.0/22
45.158.8.0/22
45.158.168.0/22
91.198.66.0/24
91.198.77.0/24
91.198.115.0/24
91.198.123.0/24
91.199.163.0/24
91.199.166.0/24
91.199.168.0/24
91.199.172.0/24
91.206.2.0/24
141.98.156.0/22
147.78.120.0/22
152.89.248.0/22
176.105.224.0/22
185.155.220.0/22
192.166.82.0/23
192.166.114.0/23
193.0.234.0/23
193.5.10.0/23
193.25.207.0/24
193.29.96.0/22
193.111.116.0/23
193.111.124.0/23
193.142.4.0/24
193.142.6.0/24
193.142.18.0/24
193.142.22.0/24
193.151.180.0/22
193.161.206.0/24
193.161.245.0/24
193.164.1.0/24
193.164.10.0/24
193.176.54.0/23
193.176.128.0/23
194.5.146.0-194.5.149.255
194.104.156.0/24
194.104.158.0/24
194.105.5.0/24
194.105.21.0/24
194.113.222.0/23
194.113.226.0/23
194.147.4.0/22
195.20.98.0/23
195.20.104.0/23
195.206.230.0/23
195.206.234.0/23
212.80.192.0/22
IPv6:
2a03:8b80::/29
2a03:f100::/29
2a04:7a80::/29
2a04:f3c0::/29
2a04:f700::/29
2a05:5040::/29
2a05:b600::/29
2a05:c580::/29
2a06:7680::/29
2a06:99c0::/29
2a07:6a40::/29
2a07:fc40::/29
2a09:40::/29
2a09:c0::/29
2a09:1c0::/29
2a09:240::/29
2a09:2240::/29
2a09:22c0::/29
2a09:fe80::/29
2a0a:5700::/29
2a0b:2e40::/29
2a0b:ca00::/29
2a0c:1c00::/29
2a0c:2cc0::/29
2a0c:43c0::/29
2a0c:4e00::/29
2a10:8740::/29
2a10:e180::/29
2a10:e280::/29
2a10:ec80::/29
2a10:ed80::/29
2a10:ee80::/29
2a10:ef80::/29
2a10:f080::/29
2a10:f100::/29
2a10:f180::/29
2a10:f280::/29
2a10:fd80::/29
2a10:fe80::/29
2a10:ff80::/29
Signature Algorithm: sha256WithRSAEncryption
79:16:46:d7:29:53:b6:7f:90:a9:eb:38:44:97:12:1f:70:3f:
ea:31:49:e2:09:9c:f8:d3:90:ca:80:c2:c7:3b:7b:93:04:01:
91:5c:32:1b:a4:63:55:06:d3:96:cc:44:dc:c7:c7:04:96:2e:
53:32:aa:aa:d4:bd:0c:e3:bf:e2:0a:f7:74:89:b9:f5:d6:ea:
5c:80:16:43:3a:ec:77:55:7f:1f:bd:cc:ca:b0:72:bd:90:c5:
54:ff:0e:42:78:56:d6:09:d1:ab:8e:b9:7b:a6:a7:11:e9:1f:
d5:90:5a:81:de:ac:d3:aa:c2:f3:dc:37:68:fa:50:c9:53:b1:
f7:44:8a:c2:72:5c:47:9f:d0:e6:46:c6:2d:36:70:36:73:96:
7d:c3:fd:c6:ef:da:5c:fc:9c:00:0b:30:1d:d3:76:3f:e5:96:
87:17:8e:09:c5:6e:ff:08:76:4a:15:e4:34:ed:5f:cf:97:61:
61:e4:5a:4a:68:92:80:52:d5:29:5c:e2:88:86:ed:9e:45:aa:
92:ed:9e:62:2b:74:aa:ac:a0:e1:52:67:7b:16:72:f2:65:fe:
78:d6:6c:79:56:85:7d:81:c1:67:35:06:6b:6d:ae:a6:b6:7b:
05:59:8c:48:3c:2e:f6:57:7d:aa:0d:9b:4b:be:60:a1:ab:f3:
e8:ea:86:8f
-----BEGIN CERTIFICATE-----
MIIIODCCByCgAwIBAgISAZQgZ/MCgd0FQAiiNaynnuuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2IxYmEzZmRiOTFkOGQ5ZWE3NmM1Nzc2MzIwZWI3ZWIyZDZlZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YOoLHfyTVgzrQjM5DAyMWiP49sS
RHojt3JTnt7sbKg16P8Ju/1UgAoY3s5pVdnaa6DwYhk0ugXXBtWyqzKqWlMhGxYi
Y6624v89ks6f87BOxlO9W3BfEfsJ/LJt/T+CRtUfjwYami8aJcFsaOaSpDGGEmqO
3vB0e0W+uiV/4GIN7Nqh/juCr3AjCukZRCR/Ls4GdwbS9kS1VzEBAnflUP+tL4+p
AXOD8aC4rkRJfC2LPAw+eeMbwwW3gKyYo7IRopgpIgYQtyTmbMIFe2OimOoJKqXF
7Yr+k/7JtnQ5SesugiIk5eDgnoCmHKHfG7qwPWIJ8vXT9yDhHe0uqJ4TywIDAQAB
o4IFRDCCBUAwHQYDVR0OBBYEFAOxuj/bkdjZ6nbFd2Mg636y1u2dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBm
NTU1LWRiYTctNDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Zm
MGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJiODRlLzAvMDNCMUJBM0ZEQjkx
RDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjCCAsEGCCsGAQUFBwEHAQH/BIICsDCCAqwwggGE
BAIAATCCAXwDBAICObADBAIth/gDBAItjOwDBAItjuwDBAItklADBAItlCQDBAIt
lWQDBAItlbgDBAItlywDBAItmPADBAItmQQDBAItmmgDBAItmxADBAItnRADBAIt
nggDBAItnqgDBABbxkIDBABbxk0DBABbxnMDBABbxnsDBABbx6MDBABbx6YDBABb
x6gDBABbx6wDBABbzgIDBAKNYpwDBAKTTngDBAKYWfgDBAKwaeADBAK5m9wDBAHA
plIDBAHApnIDBAHBAOoDBAHBBQoDBADBGc8DBALBHWADBAHBb3QDBAHBb3wDBADB
jgQDBADBjgYDBADBjhIDBADBjhYDBALBl7QDBADBoc4DBADBofUDBADBpAEDBADB
pAoDBAHBsDYDBAHBsIAwDAMEAcIFkgMEAcIFlAMEAMJonAMEAMJongMEAMJpBQME
AMJpFQMEAcJx3gMEAcJx4gMEAsKTBAMEAcMUYgMEAcMUaAMEAcPO5gMEAcPO6gME
AtRQwDCCASAEAgACMIIBGAMFAyoDi4ADBQMqA/EAAwUDKgR6gAMFAyoE88ADBQMq
BPcAAwUDKgVQQAMFAyoFtgADBQMqBcWAAwUDKgZ2gAMFAyoGmcADBQMqB2pAAwUD
Kgf8QAMFAyoJAEADBQMqCQDAAwUDKgkBwAMFAyoJAkADBQMqCSJAAwUDKgkiwAMF
AyoJ/oADBQMqClcAAwUDKgsuQAMFAyoLygADBQMqDBwAAwUDKgwswAMFAyoMQ8AD
BQMqDE4AAwUDKhCHQAMFAyoQ4YADBQMqEOKAAwUDKhDsgAMFAyoQ7YADBQMqEO6A
AwUDKhDvgAMFAyoQ8IADBQMqEPEAAwUDKhDxgAMFAyoQ8oADBQMqEP2AAwUDKhD+
gAMFAyoQ/4AwDQYJKoZIhvcNAQELBQADggEBAHkWRtcpU7Z/kKnrOESXEh9wP+ox
SeIJnPjTkMqAwsc7e5MEAZFcMhukY1UG05bMRNzHxwSWLlMyqqrUvQzjv+IK93SJ
ufXW6lyAFkM67HdVfx+9zMqwcr2QxVT/DkJ4VtYJ0auOuXumpxHpH9WQWoHerNOq
wvPcN2j6UMlTsfdEisJyXEef0OZGxi02cDZzln3D/cbv2lz8nAALMB3Tdj/llocX
jgnFbv8IdkoV5DTtX8+XYWHkWkpokoBS1Slc4oiG7Z5FqpLtnmIrdKqsoOFSZ3sW
cvJl/njWbHlWhX2BwWc1Bmttrqa2ewVZjEg8LvZXfaoNm0u+YKGr8+jqho8=
-----END CERTIFICATE-----
Generated at Sun Jan 19 10:20:40 2025 by rpki-client on console-ams.rpki-client.org