Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
File: AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer (raw, json)
Hash identifier: i+37FcBrwC31UKk45TOPwBXGWh7TDcL4oAKEVOBrnJ8=
Subject key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BCEAC496C47B45AB98040A787A52EF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:34:10 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35699
IP: 45.130.132.0/22
IP: 45.133.138.0/23
IP: 45.137.240.0/22
IP: 45.145.244.0/22
IP: 45.151.224.0/22
IP: 45.230.12.0/22
IP: 62.56.192.0/20
IP: 64.190.114.0/23
IP: 66.45.120.0/21
IP: 70.34.224.0/20
IP: 74.126.176.0/20
IP: 86.111.60.0/22
IP: 87.236.180.0/22
IP: 91.126.16.0 -- 91.126.255.255
IP: 98.96.184.0/21
IP: 103.202.232.0/22
IP: 110.93.8.0/22
IP: 135.129.224.0/20
IP: 143.131.192.0/18
IP: 147.136.252.0/23
IP: 147.161.64.0/18
IP: 173.243.32.0/20
IP: 185.203.208.0/22
IP: 185.239.36.0/22
IP: 212.97.88.0/21
IP: 216.147.96.0/20
IP: 2a00:1af0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 01:58:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ea:c4:96:c4:7b:45:ab:98:04:0a:78:7a:52:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:6e:64:bb:3f:67:13:90:4d:d1:48:ed:72:
85:b2:5b:07:d8:b8:30:96:e8:f6:dc:7f:96:50:99:
79:cf:88:ec:34:54:59:a3:ec:d1:a9:fc:d7:d7:45:
3f:c9:55:7c:c7:a9:3a:d0:90:7c:b0:cc:9b:49:c0:
04:b1:f4:75:f4:5d:74:04:99:6c:fc:8e:4b:b8:aa:
8d:ba:f2:5b:aa:d1:6c:86:92:e4:78:00:34:ae:76:
16:d3:6a:09:31:c8:d8:70:06:bd:8f:7e:f2:ea:71:
a1:da:50:cf:0c:64:db:3f:92:fd:9d:e7:ab:21:6a:
2f:ee:54:82:77:4b:f4:3b:88:a2:8a:38:cb:82:a7:
fa:9b:cc:d8:98:0b:87:3d:b5:62:fc:d6:1c:f4:fa:
17:fe:70:3d:cb:da:df:5e:be:73:c5:e0:a5:cf:38:
d2:fc:03:96:de:ed:7d:52:2f:43:1d:b0:f2:1f:c0:
51:78:a2:2e:03:f0:23:9d:bd:db:ef:ad:ad:32:d5:
73:f5:35:19:e4:44:06:b1:40:a4:c8:a6:75:06:64:
3e:9f:ea:dd:c8:43:44:c3:75:49:a7:ff:50:1f:2c:
c3:fb:37:00:c3:c7:6a:3c:c6:e8:46:09:78:d6:b9:
1a:f6:62:a0:77:94:8c:ec:2f:44:68:1c:b3:c5:91:
c9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.132.0/22
45.133.138.0/23
45.137.240.0/22
45.145.244.0/22
45.151.224.0/22
45.230.12.0/22
62.56.192.0/20
64.190.114.0/23
66.45.120.0/21
70.34.224.0/20
74.126.176.0/20
86.111.60.0/22
87.236.180.0/22
91.126.16.0-91.126.255.255
98.96.184.0/21
103.202.232.0/22
110.93.8.0/22
135.129.224.0/20
143.131.192.0/18
147.136.252.0/23
147.161.64.0/18
173.243.32.0/20
185.203.208.0/22
185.239.36.0/22
212.97.88.0/21
216.147.96.0/20
IPv6:
2a00:1af0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35699
Signature Algorithm: sha256WithRSAEncryption
37:02:2d:85:22:0f:ae:2a:49:48:1c:48:aa:61:71:9e:33:3b:
67:6b:6d:3e:fa:18:86:a4:64:16:11:78:fc:ef:1d:e6:8f:a0:
5e:c9:df:d0:49:ea:5a:03:30:4c:e5:74:42:59:f1:22:4e:f3:
89:71:ed:a4:31:df:c2:cd:9e:e1:87:ce:1a:44:e5:b5:2b:cf:
cb:04:fd:e8:c8:1b:b3:7f:88:2d:4b:8a:b5:17:fc:44:32:a8:
22:f7:1e:7b:c6:89:bb:21:0c:56:2e:1d:8d:a7:c7:42:f4:03:
d7:11:51:6a:98:cb:b4:81:c6:cf:2b:f0:03:d9:6e:36:c6:f2:
4c:60:03:1d:85:c9:5f:00:a3:a0:f6:d4:ea:fb:d5:0b:12:1d:
c3:a0:34:13:14:1a:f5:92:0e:37:49:4d:67:5b:1a:02:e4:1a:
9f:98:77:80:65:b5:e7:89:b8:29:c2:21:df:6f:59:53:85:03:
8a:54:a7:61:93:9f:ee:1e:83:9f:14:a3:45:71:93:43:11:f0:
89:3f:20:45:3c:f9:a7:d7:c5:54:5f:82:ee:38:cd:2e:12:a8:
4d:b5:34:af:80:ee:22:b5:9b:06:86:a5:ea:39:a2:08:b8:6d:
ec:c9:02:15:79:64:00:d5:de:a2:6b:b0:e0:c4:84:3a:ef:1d:
bb:e3:b9:33
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYzJvOrElsR7RauYBAp4elLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTcwYTE2OWI2Y2Q0MTEwMjIyNzllOWZmOTk3ZjEzNGZmNTRhYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHVuZLs/ZxOQTdFI7XKFslsH2Lgw
luj23H+WUJl5z4jsNFRZo+zRqfzX10U/yVV8x6k60JB8sMybScAEsfR19F10BJls
/I5LuKqNuvJbqtFshpLkeAA0rnYW02oJMcjYcAa9j37y6nGh2lDPDGTbP5L9neer
IWov7lSCd0v0O4iiijjLgqf6m8zYmAuHPbVi/NYc9PoX/nA9y9rfXr5zxeClzzjS
/AOW3u19Ui9DHbDyH8BReKIuA/Ajnb3b762tMtVz9TUZ5EQGsUCkyKZ1BmQ+n+rd
yENEw3VJp/9QHyzD+zcAw8dqPMboRgl41rka9mKgd5SM7C9EaByzxZHJ7wIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFAFwoWm2zUEQIieen/mX8TT/VKscMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzFlNzc3
Zi05ODZiLTRlMzQtOGQ4MS03ZDRiYjIzODA0ODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvMWU3Nzdm
LTk4NmItNGUzNC04ZDgxLTdkNGJiMjM4MDQ4Ny8xL0FYQ2hhYmJOUVJBaUo1NmYt
WmZ4TlA5VXF4dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHPBggrBgEF
BQcBBwEB/wSBvzCBvDCBqgQCAAEwgaMDBAItgoQDBAEthYoDBAItifADBAItkfQD
BAItl+ADBAIt5gwDBAQ+OMADBAFAvnIDBANCLXgDBARGIuADBARKfrADBAJWbzwD
BAJX7LQwCwMEBFt+EAMDAFt+AwQDYmC4AwQCZ8roAwQCbl0IAwQEh4HgAwQGj4PA
AwQBk4j8AwQGk6FAAwQErfMgAwQCucvQAwQCue8kAwQD1GFYAwQE2JNgMA0EAgAC
MAcDBQMqABrwMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCLczANBgkqhkiG9w0B
AQsFAAOCAQEANwIthSIPripJSBxIqmFxnjM7Z2ttPvoYhqRkFhF4/O8d5o+gXsnf
0EnqWgMwTOV0QlnxIk7ziXHtpDHfws2e4YfOGkTltSvPywT96Mgbs3+ILUuKtRf8
RDKoIvcee8aJuyEMVi4djafHQvQD1xFRapjLtIHGzyvwA9luNsbyTGADHYXJXwCj
oPbU6vvVCxIdw6A0ExQa9ZION0lNZ1saAuQan5h3gGW154m4KcIh329ZU4UDilSn
YZOf7h6DnxSjRXGTQxHwiT8gRTz5p9fFVF+C7jjNLhKoTbU0r4DuIrWbBoal6jmi
CLht7MkCFXlkANXeomuw4MSEOu8du+O5Mw==
-----END CERTIFICATE-----
Generated at Wed Apr 24 03:54:40 2024 by rpki-client on console-ams.rpki-client.org