Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
File: BUjO3xcCntmKEIETxsEJ7KzNguw.cer (raw, json)
Hash identifier: F7Y/kL1tbsRNRBpfooac2Dwk7QkbjnMD7F1fQsAmixQ=
Subject key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC649CFD9B93AA2709FE69E2D4A4BE9ED
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:29:35 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8672
AS: 8717
AS: 12716
AS: 13124
AS: 24964
AS: 29580
AS: 35141
AS: 42157
IP: 5.53.128.0/17
IP: 37.63.0.0/17
IP: 37.130.240.0/21
IP: 46.232.152.0/21
IP: 46.238.0.0/18
IP: 62.204.128.0/19
IP: 62.221.128.0/19
IP: 77.70.0.0/17
IP: 77.236.160.0/19
IP: 77.244.192.0/20
IP: 78.83.0.0/16
IP: 78.90.0.0/16
IP: 80.253.48.0/20
IP: 82.103.64.0/18
IP: 82.147.128.0/19
IP: 83.97.24.0/21
IP: 84.242.128.0/18
IP: 84.252.0.0/18
IP: 85.91.128.0/19
IP: 85.118.64.0/19
IP: 85.130.0.0/17
IP: 85.196.128.0/18
IP: 87.97.128.0/17
IP: 87.227.128.0/17
IP: 88.203.128.0/17
IP: 89.186.200.0/21
IP: 89.190.192.0/19
IP: 89.215.0.0/16
IP: 89.253.128.0/18
IP: 92.247.0.0/16
IP: 95.111.0.0/17
IP: 95.140.208.0/20
IP: 130.204.0.0/16
IP: 151.251.0.0/16
IP: 176.12.0.0/18
IP: 176.222.0.0/20
IP: 185.151.156.0/22
IP: 185.224.160.0/22
IP: 194.187.132.0/22
IP: 195.24.32.0/19
IP: 195.34.96.0/19
IP: 195.149.248.0/21
IP: 212.36.0.0/19
IP: 212.50.0.0/19
IP: 212.91.160.0/19
IP: 212.95.160.0/19
IP: 212.104.96.0/19
IP: 213.169.32.0/19
IP: 213.191.160.0/19
IP: 213.222.32.0/19
IP: 213.226.0.0/18
IP: 213.240.192.0/18
IP: 217.9.224.0/20
IP: 217.10.240.0/20
IP: 217.18.240.0/20
IP: 217.79.32.0/20
IP: 2001:1ac8::/32
IP: 2a00:4800::/29
IP: 2a01:288::/32
IP: 2a02:900::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:cf:d9:b9:3a:a2:70:9f:e6:9e:2d:4a:4b:e9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:88:e0:4b:5b:d6:a5:32:fb:0c:c9:3c:f0:45:
82:fc:fc:6f:47:fe:b5:28:8f:2f:a3:a7:15:5f:87:
a5:05:83:d1:6d:e0:7f:5c:b6:51:7d:e7:d4:d2:3d:
08:4a:d2:80:7a:fc:35:65:ad:53:0b:3b:68:f2:d1:
98:84:9d:23:c3:2b:36:9d:4c:0a:e2:9f:8d:a9:7a:
7c:d8:bc:86:0f:77:c1:66:ca:9b:15:43:5c:d8:df:
5c:54:bd:77:3a:f0:77:40:c3:83:f5:1c:60:f1:0e:
b6:bf:1f:fa:b0:e5:47:fd:82:7f:b3:09:c3:f0:58:
e3:2b:f8:9c:34:5c:a4:6e:6c:fd:15:1e:9c:b1:15:
9a:a8:d1:4d:fa:c3:83:bd:ef:18:57:08:9a:80:34:
9b:aa:77:ad:97:7f:b8:52:79:b1:03:a6:f4:93:43:
77:e5:68:ca:03:7a:a8:44:11:29:09:d7:0f:76:11:
43:59:13:45:d2:cf:4d:82:5f:30:8f:9a:d4:1d:10:
dd:9e:9e:ba:82:61:33:bc:42:91:88:bd:17:8f:c2:
65:39:a5:7d:97:4c:51:a1:f9:fd:cf:1f:a1:f2:b5:
4b:75:15:16:e4:92:e1:b2:36:54:df:be:5f:02:7e:
02:ee:a7:a7:12:26:02:89:50:e3:70:58:75:31:b5:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.128.0/17
37.63.0.0/17
37.130.240.0/21
46.232.152.0/21
46.238.0.0/18
62.204.128.0/19
62.221.128.0/19
77.70.0.0/17
77.236.160.0/19
77.244.192.0/20
78.83.0.0/16
78.90.0.0/16
80.253.48.0/20
82.103.64.0/18
82.147.128.0/19
83.97.24.0/21
84.242.128.0/18
84.252.0.0/18
85.91.128.0/19
85.118.64.0/19
85.130.0.0/17
85.196.128.0/18
87.97.128.0/17
87.227.128.0/17
88.203.128.0/17
89.186.200.0/21
89.190.192.0/19
89.215.0.0/16
89.253.128.0/18
92.247.0.0/16
95.111.0.0/17
95.140.208.0/20
130.204.0.0/16
151.251.0.0/16
176.12.0.0/18
176.222.0.0/20
185.151.156.0/22
185.224.160.0/22
194.187.132.0/22
195.24.32.0/19
195.34.96.0/19
195.149.248.0/21
212.36.0.0/19
212.50.0.0/19
212.91.160.0/19
212.95.160.0/19
212.104.96.0/19
213.169.32.0/19
213.191.160.0/19
213.222.32.0/19
213.226.0.0/18
213.240.192.0/18
217.9.224.0/20
217.10.240.0/20
217.18.240.0/20
217.79.32.0/20
IPv6:
2001:1ac8::/32
2a00:4800::/29
2a01:288::/32
2a02:900::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8672
8717
12716
13124
24964
29580
35141
42157
Signature Algorithm: sha256WithRSAEncryption
5a:49:85:29:dd:d3:f4:66:f6:be:2b:20:fb:93:31:26:44:42:
91:b2:74:b6:ed:7e:d7:2f:f9:e2:6c:17:6f:56:0d:7f:d7:1c:
2f:0b:d7:6b:d2:23:18:ec:1b:7c:b7:92:1e:b3:65:26:5f:13:
bf:bc:2a:21:33:5a:14:8c:ae:23:0a:35:36:6a:fd:d7:6f:df:
a8:ea:d3:8f:e4:99:f0:3f:8b:31:95:60:ef:3b:92:45:9f:b8:
5d:d0:91:b1:e0:66:0c:03:82:48:4c:3d:78:0f:56:bb:ac:5a:
25:04:86:ff:7c:60:49:f2:4c:23:63:c9:cb:d9:a4:97:92:93:
90:5c:f6:7a:e4:a0:ae:4f:fb:e1:c8:2f:31:b1:2b:13:db:f7:
12:e5:a5:f7:bb:a4:08:42:d0:7d:6a:d7:a5:55:09:76:39:42:
c5:0d:ea:f3:67:a0:12:13:02:e4:3b:0c:8e:c3:b3:41:9a:42:
28:97:bd:06:bc:8a:3e:06:23:25:08:82:82:76:36:2f:fc:ea:
61:ec:9c:fd:bb:fd:26:b3:be:15:f6:4e:18:f5:5a:80:a6:56:
c5:15:54:37:4d:43:fb:f1:11:da:53:d3:e6:04:a5:f6:07:c7:
59:1f:45:db:ea:13:11:06:07:42:15:04:78:8a:2a:bb:ec:43:
1c:04:36:9d
-----BEGIN CERTIFICATE-----
MIIHIzCCBgugAwIBAgISAYzGSc/ZuTqicJ/mni1KS+ntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4jgS1vWpTL7DMk88EWC/PxvR/61
KI8vo6cVX4elBYPRbeB/XLZRfefU0j0IStKAevw1Za1TCzto8tGYhJ0jwys2nUwK
4p+NqXp82LyGD3fBZsqbFUNc2N9cVL13OvB3QMOD9Rxg8Q62vx/6sOVH/YJ/swnD
8FjjK/icNFykbmz9FR6csRWaqNFN+sODve8YVwiagDSbqnetl3+4UnmxA6b0k0N3
5WjKA3qoRBEpCdcPdhFDWRNF0s9Ngl8wj5rUHRDdnp66gmEzvEKRiL0Xj8JlOaV9
l0xRofn9zx+h8rVLdRUW5JLhsjZU375fAn4C7qenEiYCiVDjcFh1MbWrXwIDAQAB
o4IELzCCBCswHQYDVR0OBBYEFAVIzt8XAp7ZihCBE8bBCeyszYLsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5LzU0MWMw
NS04ZDdkLTQyYjgtYWIwMC03ZmJiYWU2Zjk0MzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvNTQxYzA1
LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRtS0VJRVR4
c0VKN0t6Tmd1dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBjwYIKwYB
BQUHAQcBAf8EggF+MIIBejCCAVIEAgABMIIBSgMEBwU1gAMEByU/AAMEAyWC8AME
Ay7omAMEBi7uAAMEBT7MgAMEBT7dgAMEB01GAAMEBU3soAMEBE30wAMDAE5TAwMA
TloDBARQ/TADBAZSZ0ADBAVSk4ADBANTYRgDBAZU8oADBAZU/AADBAVVW4ADBAVV
dkADBAdVggADBAZVxIADBAdXYYADBAdX44ADBAdYy4ADBANZusgDBAVZvsADAwBZ
1wMEBln9gAMDAFz3AwQHX28AAwQEX4zQAwMAgswDAwCX+wMEBrAMAAMEBLDeAAME
ArmXnAMEArngoAMEAsK7hAMEBcMYIAMEBcMiYAMEA8OV+AMEBdQkAAMEBdQyAAME
BdRboAMEBdRfoAMEBdRoYAMEBdWpIAMEBdW/oAMEBdXeIAMEBtXiAAMEBtXwwAME
BNkJ4AMEBNkK8AMEBNkS8AMEBNlPIDAiBAIAAjAcAwUAIAEayAMFAyoASAADBQAq
AQKIAwUAKgIJADA3BggrBgEFBQcBCAEB/wQoMCagJDAiAgIh4AICIg0CAjGsAgIz
RAICYYQCAnOMAgMAiUUCAwCkrTANBgkqhkiG9w0BAQsFAAOCAQEAWkmFKd3T9Gb2
visg+5MxJkRCkbJ0tu1+1y/54mwXb1YNf9ccLwvXa9IjGOwbfLeSHrNlJl8Tv7wq
ITNaFIyuIwo1Nmr912/fqOrTj+SZ8D+LMZVg7zuSRZ+4XdCRseBmDAOCSEw9eA9W
u6xaJQSG/3xgSfJMI2PJy9mkl5KTkFz2euSgrk/74cgvMbErE9v3EuWl97ukCELQ
fWrXpVUJdjlCxQ3q82egEhMC5DsMjsOzQZpCKJe9BryKPgYjJQiCgnY2L/zqYeyc
/bv9JrO+FfZOGPVagKZWxRVUN01D+/ER2lPT5gSl9gfHWR9F2+oTEQYHQhUEeIoq
u+xDHAQ2nQ==
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:52:17 2024 by rpki-client on console-ams.rpki-client.org