Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
File: BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer (raw, json)
Hash identifier: GEXUubVnli/Vs87mbhmobXj91g8MLw+9THEOuZJYC9U=
Subject key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2A59BF73A25A371FBA2C7C2C9F11A7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8257
AS: 8290
AS: 8778
AS: 12426
AS: 31679
AS: 43451
AS: 52139
AS: 204948
IP: 31.24.176.0/21
IP: 78.41.168.0/21
IP: 81.92.248.0/21
IP: 84.16.32.0/19
IP: 85.135.128.0/17
IP: 91.222.104.0/22
IP: 93.174.176.0/21
IP: 176.61.192.0/18
IP: 178.253.128.0/18
IP: 185.22.212.0/22
IP: 185.28.144.0/22
IP: 185.37.240.0/22
IP: 185.69.48.0/22
IP: 185.77.144.0/22
IP: 185.134.212.0/22
IP: 185.165.36.0/22
IP: 185.213.144.0/22
IP: 185.234.248.0/22
IP: 188.112.64.0/18
IP: 188.121.160.0/19
IP: 195.28.64.0/19
IP: 195.28.128.0/19
IP: 195.80.160.0/19
IP: 212.55.224.0/19
IP: 217.145.192.0/20
IP: 2001:67c:2670::/48
IP: 2a00:9060::/32
IP: 2a02:dd8::/29
IP: 2a03:a200::/32
IP: 2a0b:f100::/29
IP: 2a0d:3700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:59:bf:73:a2:5a:37:1f:ba:2c:7c:2c:9f:11:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:08:62:29:91:95:22:61:5e:eb:2d:28:46:
35:9c:74:15:fd:b7:ae:6f:01:d6:21:b3:fa:b7:0c:
e7:90:aa:d4:2d:81:b2:f0:f9:33:19:92:d4:f9:d6:
81:41:cc:c9:c9:8e:46:cd:3c:34:af:3f:2e:cb:fb:
8c:64:2b:10:3f:e1:11:0c:8e:eb:b2:81:91:e9:5f:
84:3d:c3:0b:22:f3:87:1f:25:72:e3:2b:61:b7:74:
be:da:f5:d8:ca:82:8f:5a:15:04:51:d9:15:6b:99:
3a:f6:8b:c1:2a:1c:bd:ab:e9:83:9a:9a:58:bb:f8:
7c:d3:da:be:13:34:eb:76:c5:c9:74:b3:15:7a:f3:
06:55:1e:5a:88:26:f3:32:9e:d4:b1:a8:78:72:c6:
f5:4d:74:a2:bb:4c:69:20:8d:53:4b:ea:f5:37:8e:
8e:fe:e3:d0:3f:6b:8f:d4:8a:37:75:ca:f7:3e:45:
7e:34:5c:68:04:5c:ca:8f:15:7a:5e:ea:b9:25:21:
81:eb:d2:eb:6a:fb:eb:a6:0b:c3:84:55:0a:65:5e:
f4:ca:e1:06:ed:3e:86:44:eb:1d:92:e3:52:94:23:
fb:6b:09:4e:1a:ef:65:8f:48:5c:87:c9:93:db:39:
d5:d6:bc:88:9c:be:37:89:aa:8d:ee:89:2c:08:05:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.176.0/21
78.41.168.0/21
81.92.248.0/21
84.16.32.0/19
85.135.128.0/17
91.222.104.0/22
93.174.176.0/21
176.61.192.0/18
178.253.128.0/18
185.22.212.0/22
185.28.144.0/22
185.37.240.0/22
185.69.48.0/22
185.77.144.0/22
185.134.212.0/22
185.165.36.0/22
185.213.144.0/22
185.234.248.0/22
188.112.64.0/18
188.121.160.0/19
195.28.64.0/19
195.28.128.0/19
195.80.160.0/19
212.55.224.0/19
217.145.192.0/20
IPv6:
2001:67c:2670::/48
2a00:9060::/32
2a02:dd8::/29
2a03:a200::/32
2a0b:f100::/29
2a0d:3700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8257
8290
8778
12426
31679
43451
52139
204948
Signature Algorithm: sha256WithRSAEncryption
12:c8:61:82:42:b1:4c:b7:98:21:7d:3d:71:69:d9:f7:9f:e4:
33:6c:3a:9a:c9:93:c3:5f:5a:c0:ef:b7:d2:ec:ad:5c:17:16:
83:bb:8b:fd:c5:d9:b7:f0:78:fb:f4:6f:9c:68:4f:43:a7:6c:
3b:c9:60:b6:9e:4f:68:2c:89:b4:16:be:77:b4:22:c3:c3:b8:
a5:f6:9f:b0:26:c6:e2:31:54:a6:61:e0:4f:36:c8:94:a9:78:
de:98:47:66:7a:9e:14:4a:a5:2c:ff:7c:a9:af:1f:dc:26:77:
8a:e3:b4:c6:0f:3e:64:ea:0d:d8:2e:ba:54:4b:b1:7f:03:c4:
d5:5b:28:e5:bc:02:c6:b5:7f:c8:2f:99:ee:68:ce:e2:c9:b8:
a0:7b:e6:42:7f:14:ee:58:cd:e1:09:2e:75:44:be:43:8b:be:
47:9e:6c:a5:d3:8e:b1:8a:1a:fe:84:8b:e2:e1:68:97:f4:21:
60:51:4b:3c:25:9e:89:af:9d:08:c0:53:78:c7:83:52:4d:40:
5c:3b:e9:29:87:17:45:79:89:be:ee:04:2a:8f:19:16:d5:38:
ce:2c:9e:1f:75:34:9b:2f:49:6b:58:96:84:55:6e:1a:9e:61:
2b:01:c3:0d:62:bf:f9:14:fd:26:a2:13:f9:f9:aa:a9:61:12:
0e:6a:07:47
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAYzKKlm/c6JaNx+6LHwsnxGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzUIYimRlSJhXustKEY1nHQV/beu
bwHWIbP6twznkKrULYGy8PkzGZLU+daBQczJyY5GzTw0rz8uy/uMZCsQP+ERDI7r
soGR6V+EPcMLIvOHHyVy4ytht3S+2vXYyoKPWhUEUdkVa5k69ovBKhy9q+mDmppY
u/h809q+EzTrdsXJdLMVevMGVR5aiCbzMp7Usah4csb1TXSiu0xpII1TS+r1N46O
/uPQP2uP1Io3dcr3PkV+NFxoBFzKjxV6Xuq5JSGB69LravvrpgvDhFUKZV70yuEG
7T6GROsdkuNSlCP7awlOGu9lj0hch8mT2znV1ryInL43iaqN7oksCAUnAQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFASirizQlDMwGMQdqvtHTGz6gNB9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzYzNGEx
Mi1lNThjLTQ1NWMtODkzMy02ZTZlOGQ5MzAzZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvNjM0YTEy
LWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpBWXhCMnEt
MGRNYlBxQTBIMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHnBggrBgEF
BQcBBwEB/wSB1zCB1DCBnQQCAAEwgZYDBAMfGLADBANOKagDBANRXPgDBAVUECAD
BAdVh4ADBAJb3mgDBANdrrADBAawPcADBAay/YADBAK5FtQDBAK5HJADBAK5JfAD
BAK5RTADBAK5TZADBAK5htQDBAK5pSQDBAK51ZADBAK56vgDBAa8cEADBAW8eaAD
BAXDHEADBAXDHIADBAXDUKADBAXUN+ADBATZkcAwMgQCAAIwLAMHACABBnwmcAMF
ACoAkGADBQMqAg3YAwUAKgOiAAMFAyoL8QADBQMqDTcAMDgGCCsGAQUFBwEIAQH/
BCkwJ6AlMCMCAiBBAgIgYgICIkoCAjCKAgJ7vwIDAKm7AgMAy6sCAwMglDANBgkq
hkiG9w0BAQsFAAOCAQEAEshhgkKxTLeYIX09cWnZ95/kM2w6msmTw19awO+30uyt
XBcWg7uL/cXZt/B4+/RvnGhPQ6dsO8lgtp5PaCyJtBa+d7Qiw8O4pfafsCbG4jFU
pmHgTzbIlKl43phHZnqeFEqlLP98qa8f3CZ3iuO0xg8+ZOoN2C66VEuxfwPE1Vso
5bwCxrV/yC+Z7mjO4sm4oHvmQn8U7ljN4QkudUS+Q4u+R55spdOOsYoa/oSL4uFo
l/QhYFFLPCWeia+dCMBTeMeDUk1AXDvpKYcXRXmJvu4EKo8ZFtU4ziyeH3U0my9J
a1iWhFVuGp5hKwHDDWK/+RT9JqIT+fmqqWESDmoHRw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:43:28 2024 by rpki-client on console-ams.rpki-client.org