Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
File: BUjO3xcCntmKEIETxsEJ7KzNguw.cer (raw, json)
Hash identifier: D9JgGfO0UP5t/dpYhIErIKQ3qncgSpzALG+yEuPPxDE=
Subject key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194282804C4EFA7D57E2E59973A6C0D2B50
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:54:58 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8672
AS: 8717
AS: 12716
AS: 13124
AS: 24964
AS: 29580
AS: 35141
AS: 42157
IP: 5.53.128.0/17
IP: 37.63.0.0/17
IP: 37.130.240.0/21
IP: 46.232.152.0/21
IP: 46.238.0.0/18
IP: 62.204.128.0/19
IP: 62.221.128.0/19
IP: 77.70.0.0/17
IP: 77.236.160.0/19
IP: 77.244.192.0/20
IP: 78.83.0.0/16
IP: 78.90.0.0/16
IP: 80.253.48.0/20
IP: 82.103.64.0/18
IP: 82.147.128.0/19
IP: 83.97.24.0/21
IP: 84.242.128.0/18
IP: 84.252.0.0/18
IP: 85.91.128.0/19
IP: 85.118.64.0/19
IP: 85.130.0.0/17
IP: 85.196.128.0/18
IP: 87.97.128.0/17
IP: 87.227.128.0/17
IP: 88.203.128.0/17
IP: 89.186.200.0/21
IP: 89.190.192.0/19
IP: 89.215.0.0/16
IP: 89.253.128.0/18
IP: 92.247.0.0/16
IP: 95.111.0.0/17
IP: 95.140.208.0/20
IP: 130.204.0.0/16
IP: 151.251.0.0/16
IP: 176.12.0.0/18
IP: 176.222.0.0/20
IP: 185.151.156.0/22
IP: 185.224.160.0/22
IP: 193.22.103.0/24
IP: 194.187.132.0/22
IP: 195.24.32.0/19
IP: 195.34.96.0/19
IP: 195.149.248.0/21
IP: 195.177.248.0/23
IP: 212.36.0.0/19
IP: 212.50.0.0/19
IP: 212.91.160.0/19
IP: 212.95.160.0/19
IP: 212.104.96.0/19
IP: 213.169.32.0/19
IP: 213.191.160.0/19
IP: 213.222.32.0/19
IP: 213.226.0.0/18
IP: 213.240.192.0/18
IP: 217.9.224.0/20
IP: 217.10.240.0/20
IP: 217.18.240.0/20
IP: 217.79.32.0/20
IP: 2001:1ac8::/32
IP: 2a00:4800::/29
IP: 2a01:288::/32
IP: 2a02:900::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:04:c4:ef:a7:d5:7e:2e:59:97:3a:6c:0d:2b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:54:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:88:e0:4b:5b:d6:a5:32:fb:0c:c9:3c:f0:45:
82:fc:fc:6f:47:fe:b5:28:8f:2f:a3:a7:15:5f:87:
a5:05:83:d1:6d:e0:7f:5c:b6:51:7d:e7:d4:d2:3d:
08:4a:d2:80:7a:fc:35:65:ad:53:0b:3b:68:f2:d1:
98:84:9d:23:c3:2b:36:9d:4c:0a:e2:9f:8d:a9:7a:
7c:d8:bc:86:0f:77:c1:66:ca:9b:15:43:5c:d8:df:
5c:54:bd:77:3a:f0:77:40:c3:83:f5:1c:60:f1:0e:
b6:bf:1f:fa:b0:e5:47:fd:82:7f:b3:09:c3:f0:58:
e3:2b:f8:9c:34:5c:a4:6e:6c:fd:15:1e:9c:b1:15:
9a:a8:d1:4d:fa:c3:83:bd:ef:18:57:08:9a:80:34:
9b:aa:77:ad:97:7f:b8:52:79:b1:03:a6:f4:93:43:
77:e5:68:ca:03:7a:a8:44:11:29:09:d7:0f:76:11:
43:59:13:45:d2:cf:4d:82:5f:30:8f:9a:d4:1d:10:
dd:9e:9e:ba:82:61:33:bc:42:91:88:bd:17:8f:c2:
65:39:a5:7d:97:4c:51:a1:f9:fd:cf:1f:a1:f2:b5:
4b:75:15:16:e4:92:e1:b2:36:54:df:be:5f:02:7e:
02:ee:a7:a7:12:26:02:89:50:e3:70:58:75:31:b5:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.128.0/17
37.63.0.0/17
37.130.240.0/21
46.232.152.0/21
46.238.0.0/18
62.204.128.0/19
62.221.128.0/19
77.70.0.0/17
77.236.160.0/19
77.244.192.0/20
78.83.0.0/16
78.90.0.0/16
80.253.48.0/20
82.103.64.0/18
82.147.128.0/19
83.97.24.0/21
84.242.128.0/18
84.252.0.0/18
85.91.128.0/19
85.118.64.0/19
85.130.0.0/17
85.196.128.0/18
87.97.128.0/17
87.227.128.0/17
88.203.128.0/17
89.186.200.0/21
89.190.192.0/19
89.215.0.0/16
89.253.128.0/18
92.247.0.0/16
95.111.0.0/17
95.140.208.0/20
130.204.0.0/16
151.251.0.0/16
176.12.0.0/18
176.222.0.0/20
185.151.156.0/22
185.224.160.0/22
193.22.103.0/24
194.187.132.0/22
195.24.32.0/19
195.34.96.0/19
195.149.248.0/21
195.177.248.0/23
212.36.0.0/19
212.50.0.0/19
212.91.160.0/19
212.95.160.0/19
212.104.96.0/19
213.169.32.0/19
213.191.160.0/19
213.222.32.0/19
213.226.0.0/18
213.240.192.0/18
217.9.224.0/20
217.10.240.0/20
217.18.240.0/20
217.79.32.0/20
IPv6:
2001:1ac8::/32
2a00:4800::/29
2a01:288::/32
2a02:900::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8672
8717
12716
13124
24964
29580
35141
42157
Signature Algorithm: sha256WithRSAEncryption
7e:57:02:89:5d:99:5d:64:32:b2:61:f4:d8:c7:18:7e:13:ae:
5c:c4:75:75:af:d9:a3:bf:b0:1c:23:6f:ae:6e:44:67:b9:20:
41:14:20:9a:a1:57:5f:e7:91:d6:a9:b6:94:7a:49:30:9f:c6:
da:de:ca:2d:4f:6c:a2:b1:83:34:46:28:20:35:a0:ac:bb:97:
04:01:54:05:19:d7:d5:86:b5:44:6a:e1:50:a0:48:14:a2:24:
18:4f:87:15:66:0f:25:e2:ca:b5:bc:38:5a:cd:81:88:9c:b3:
89:c5:c0:93:2b:14:8e:fd:03:0e:25:4a:c2:05:75:97:28:45:
db:ce:fe:85:b1:53:a8:89:b4:90:a6:f6:72:02:0c:0e:6e:d7:
85:39:dd:66:7f:35:47:af:fb:2b:d2:02:ca:e3:05:91:a1:dd:
04:b1:4a:4c:da:c7:cf:63:3a:05:0b:2f:fa:19:a3:20:dc:b3:
97:bd:c6:d8:b4:4b:58:ef:ab:fe:71:ed:77:65:15:a8:b0:55:
13:9b:84:32:5e:fe:a9:6f:25:f2:da:5a:91:09:9a:17:85:fa:
4e:57:fa:49:15:b2:a5:b9:0d:ad:3d:7c:2d:e3:24:0a:a1:13:
38:65:1f:21:47:c0:ae:b4:66:50:c5:3a:a3:5e:3f:c6:dc:1d:
84:4c:68:c0
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgISAZQoKATE76fVfi5ZlzpsDStQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1NDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4jgS1vWpTL7DMk88EWC/PxvR/61
KI8vo6cVX4elBYPRbeB/XLZRfefU0j0IStKAevw1Za1TCzto8tGYhJ0jwys2nUwK
4p+NqXp82LyGD3fBZsqbFUNc2N9cVL13OvB3QMOD9Rxg8Q62vx/6sOVH/YJ/swnD
8FjjK/icNFykbmz9FR6csRWaqNFN+sODve8YVwiagDSbqnetl3+4UnmxA6b0k0N3
5WjKA3qoRBEpCdcPdhFDWRNF0s9Ngl8wj5rUHRDdnp66gmEzvEKRiL0Xj8JlOaV9
l0xRofn9zx+h8rVLdRUW5JLhsjZU375fAn4C7qenEiYCiVDjcFh1MbWrXwIDAQAB
o4IEOzCCBDcwHQYDVR0OBBYEFAVIzt8XAp7ZihCBE8bBCeyszYLsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5LzU0MWMw
NS04ZDdkLTQyYjgtYWIwMC03ZmJiYWU2Zjk0MzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkvNTQxYzA1
LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRtS0VJRVR4
c0VKN0t6Tmd1dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBmwYIKwYB
BQUHAQcBAf8EggGKMIIBhjCCAV4EAgABMIIBVgMEBwU1gAMEByU/AAMEAyWC8AME
Ay7omAMEBi7uAAMEBT7MgAMEBT7dgAMEB01GAAMEBU3soAMEBE30wAMDAE5TAwMA
TloDBARQ/TADBAZSZ0ADBAVSk4ADBANTYRgDBAZU8oADBAZU/AADBAVVW4ADBAVV
dkADBAdVggADBAZVxIADBAdXYYADBAdX44ADBAdYy4ADBANZusgDBAVZvsADAwBZ
1wMEBln9gAMDAFz3AwQHX28AAwQEX4zQAwMAgswDAwCX+wMEBrAMAAMEBLDeAAME
ArmXnAMEArngoAMEAMEWZwMEAsK7hAMEBcMYIAMEBcMiYAMEA8OV+AMEAcOx+AME
BdQkAAMEBdQyAAMEBdRboAMEBdRfoAMEBdRoYAMEBdWpIAMEBdW/oAMEBdXeIAME
BtXiAAMEBtXwwAMEBNkJ4AMEBNkK8AMEBNkS8AMEBNlPIDAiBAIAAjAcAwUAIAEa
yAMFAyoASAADBQAqAQKIAwUAKgIJADA3BggrBgEFBQcBCAEB/wQoMCagJDAiAgIh
4AICIg0CAjGsAgIzRAICYYQCAnOMAgMAiUUCAwCkrTANBgkqhkiG9w0BAQsFAAOC
AQEAflcCiV2ZXWQysmH02McYfhOuXMR1da/Zo7+wHCNvrm5EZ7kgQRQgmqFXX+eR
1qm2lHpJMJ/G2t7KLU9sorGDNEYoIDWgrLuXBAFUBRnX1Ya1RGrhUKBIFKIkGE+H
FWYPJeLKtbw4Ws2BiJyzicXAkysUjv0DDiVKwgV1lyhF287+hbFTqIm0kKb2cgIM
Dm7XhTndZn81R6/7K9ICyuMFkaHdBLFKTNrHz2M6BQsv+hmjINyzl73G2LRLWO+r
/nHtd2UVqLBVE5uEMl7+qW8l8tpakQmaF4X6Tlf6SRWypbkNrT18LeMkCqETOGUf
IUfArrRmUMU6o14/xtwdhExowA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:57:02 2025 by rpki-client