Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
File: BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer (raw, json)
Hash identifier: 4SqbqRr17tgAg8ajd8TTNsQzEwYEu+PX+2wg+XMnTVU=
Subject key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019348F2E672397FC90ECB2BFE1FB939D7F8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 20 Nov 2024 09:41:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8257
AS: 8290
AS: 8778
AS: 12426
AS: 31679
AS: 43451
AS: 52139
IP: 31.24.176.0/21
IP: 78.41.168.0/21
IP: 81.92.248.0/21
IP: 84.16.32.0/19
IP: 85.135.128.0/17
IP: 91.222.104.0/22
IP: 93.174.176.0/21
IP: 176.61.192.0/18
IP: 178.253.128.0/18
IP: 185.22.212.0/22
IP: 185.28.144.0/22
IP: 185.37.240.0/22
IP: 185.69.48.0/22
IP: 185.77.144.0/22
IP: 185.134.212.0/22
IP: 185.165.36.0/22
IP: 185.213.144.0/22
IP: 185.234.248.0/22
IP: 188.112.64.0/18
IP: 188.121.160.0/19
IP: 193.93.72.0/23
IP: 195.28.64.0/19
IP: 195.28.128.0/19
IP: 195.80.160.0/19
IP: 212.55.224.0/19
IP: 217.145.192.0/20
IP: 2a00:9060::/32
IP: 2a02:dd8::/29
IP: 2a03:a200::/32
IP: 2a06:f000::/29
IP: 2a0b:8940::/29
IP: 2a0b:f100::/29
IP: 2a0d:3700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:f2:e6:72:39:7f:c9:0e:cb:2b:fe:1f:b9:39:d7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 20 09:41:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:08:62:29:91:95:22:61:5e:eb:2d:28:46:
35:9c:74:15:fd:b7:ae:6f:01:d6:21:b3:fa:b7:0c:
e7:90:aa:d4:2d:81:b2:f0:f9:33:19:92:d4:f9:d6:
81:41:cc:c9:c9:8e:46:cd:3c:34:af:3f:2e:cb:fb:
8c:64:2b:10:3f:e1:11:0c:8e:eb:b2:81:91:e9:5f:
84:3d:c3:0b:22:f3:87:1f:25:72:e3:2b:61:b7:74:
be:da:f5:d8:ca:82:8f:5a:15:04:51:d9:15:6b:99:
3a:f6:8b:c1:2a:1c:bd:ab:e9:83:9a:9a:58:bb:f8:
7c:d3:da:be:13:34:eb:76:c5:c9:74:b3:15:7a:f3:
06:55:1e:5a:88:26:f3:32:9e:d4:b1:a8:78:72:c6:
f5:4d:74:a2:bb:4c:69:20:8d:53:4b:ea:f5:37:8e:
8e:fe:e3:d0:3f:6b:8f:d4:8a:37:75:ca:f7:3e:45:
7e:34:5c:68:04:5c:ca:8f:15:7a:5e:ea:b9:25:21:
81:eb:d2:eb:6a:fb:eb:a6:0b:c3:84:55:0a:65:5e:
f4:ca:e1:06:ed:3e:86:44:eb:1d:92:e3:52:94:23:
fb:6b:09:4e:1a:ef:65:8f:48:5c:87:c9:93:db:39:
d5:d6:bc:88:9c:be:37:89:aa:8d:ee:89:2c:08:05:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.176.0/21
78.41.168.0/21
81.92.248.0/21
84.16.32.0/19
85.135.128.0/17
91.222.104.0/22
93.174.176.0/21
176.61.192.0/18
178.253.128.0/18
185.22.212.0/22
185.28.144.0/22
185.37.240.0/22
185.69.48.0/22
185.77.144.0/22
185.134.212.0/22
185.165.36.0/22
185.213.144.0/22
185.234.248.0/22
188.112.64.0/18
188.121.160.0/19
193.93.72.0/23
195.28.64.0/19
195.28.128.0/19
195.80.160.0/19
212.55.224.0/19
217.145.192.0/20
IPv6:
2a00:9060::/32
2a02:dd8::/29
2a03:a200::/32
2a06:f000::/29
2a0b:8940::/29
2a0b:f100::/29
2a0d:3700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8257
8290
8778
12426
31679
43451
52139
Signature Algorithm: sha256WithRSAEncryption
09:4a:2d:28:dd:b1:ec:b1:75:cf:6e:7c:11:25:a4:22:73:b6:
32:b3:cb:5c:a0:f2:31:8d:d9:46:4b:86:bf:09:db:1c:c8:13:
30:6b:21:98:5d:3f:40:32:34:8e:5f:e0:95:57:69:aa:c7:6a:
f4:41:d9:59:b7:2c:95:6f:7f:2a:49:08:cd:9b:0b:26:d7:78:
10:e7:3e:df:75:c9:3f:fd:cc:40:40:99:4c:34:08:3c:40:39:
ea:f7:77:55:28:d7:5d:9e:76:3f:3d:53:8d:e1:49:7c:9b:4b:
0a:e4:a3:fb:fe:6e:e0:25:5f:9f:ce:af:99:cf:4d:eb:9c:0b:
a2:a3:c6:0a:20:cd:49:fe:7c:b6:c5:8f:1e:39:87:95:32:b7:
69:8f:99:94:4a:a7:e2:18:d4:71:5c:34:c0:6a:9e:f1:af:20:
f3:b6:e4:ba:51:23:27:d4:2e:0f:d2:02:c0:5e:a2:e8:c1:76:
05:26:e0:f2:bd:8a:da:71:fe:a9:8e:05:5a:bc:9d:4d:f8:94:
2b:61:89:e8:63:0c:ba:9c:65:85:da:42:2d:26:e4:3a:6a:96:
9e:6b:43:67:2b:e6:f0:80:9e:77:f8:bd:be:36:6f:02:bf:92:
b6:77:35:cb:56:83:68:19:3b:5c:13:08:b2:24:61:e7:3d:80:
35:3c:56:c0
-----BEGIN CERTIFICATE-----
MIIGgTCCBWmgAwIBAgISAZNI8uZyOX/JDssr/h+5Odf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTIwMDk0MTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzUIYimRlSJhXustKEY1nHQV/beu
bwHWIbP6twznkKrULYGy8PkzGZLU+daBQczJyY5GzTw0rz8uy/uMZCsQP+ERDI7r
soGR6V+EPcMLIvOHHyVy4ytht3S+2vXYyoKPWhUEUdkVa5k69ovBKhy9q+mDmppY
u/h809q+EzTrdsXJdLMVevMGVR5aiCbzMp7Usah4csb1TXSiu0xpII1TS+r1N46O
/uPQP2uP1Io3dcr3PkV+NFxoBFzKjxV6Xuq5JSGB69LravvrpgvDhFUKZV70yuEG
7T6GROsdkuNSlCP7awlOGu9lj0hch8mT2znV1ryInL43iaqN7oksCAUnAQIDAQAB
o4IDjTCCA4kwHQYDVR0OBBYEFASirizQlDMwGMQdqvtHTGz6gNB9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhLzYzNGEx
Mi1lNThjLTQ1NWMtODkzMy02ZTZlOGQ5MzAzZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvNjM0YTEy
LWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpBWXhCMnEt
MGRNYlBxQTBIMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHyBggrBgEF
BQcBBwEB/wSB4jCB3zCBowQCAAEwgZwDBAMfGLADBANOKagDBANRXPgDBAVUECAD
BAdVh4ADBAJb3mgDBANdrrADBAawPcADBAay/YADBAK5FtQDBAK5HJADBAK5JfAD
BAK5RTADBAK5TZADBAK5htQDBAK5pSQDBAK51ZADBAK56vgDBAa8cEADBAW8eaAD
BAHBXUgDBAXDHEADBAXDHIADBAXDUKADBAXUN+ADBATZkcAwNwQCAAIwMQMFACoA
kGADBQMqAg3YAwUAKgOiAAMFAyoG8AADBQMqC4lAAwUDKgvxAAMFAyoNNwAwMwYI
KwYBBQUHAQgBAf8EJDAioCAwHgICIEECAiBiAgIiSgICMIoCAnu/AgMAqbsCAwDL
qzANBgkqhkiG9w0BAQsFAAOCAQEACUotKN2x7LF1z258ESWkInO2MrPLXKDyMY3Z
RkuGvwnbHMgTMGshmF0/QDI0jl/glVdpqsdq9EHZWbcslW9/KkkIzZsLJtd4EOc+
33XJP/3MQECZTDQIPEA56vd3VSjXXZ52Pz1TjeFJfJtLCuSj+/5u4CVfn86vmc9N
65wLoqPGCiDNSf58tsWPHjmHlTK3aY+ZlEqn4hjUcVw0wGqe8a8g87bkulEjJ9Qu
D9ICwF6i6MF2BSbg8r2K2nH+qY4FWrydTfiUK2GJ6GMMupxlhdpCLSbkOmqWnmtD
Zyvm8ICed/i9vjZvAr+Stnc1y1aDaBk7XBMIsiRh5z2ANTxWwA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:57 2024 by rpki-client on console-fra.rpki-client.org