Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
File: BVFgW2dezk4PznF1rjGpP6gnK6Y.cer (raw, json)
Hash identifier: LRKopeg16BLOOJPCFrSTbd7kjDzlyYMc6pkBtdfzfBs=
Subject key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E52378104E61BE6C28995F79925DCAE59
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 18 Mar 2024 15:39:13 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 42303
IP: 5.35.184.0/21
IP: 45.84.240.0/22
IP: 46.182.200.0/21
IP: 62.56.208.0/21
IP: 77.72.96.0/21
IP: 85.208.44.0/22
IP: 94.127.32.0/21
IP: 151.236.200.0/21
IP: 185.55.8.0/22
IP: 185.104.12.0/22
IP: 185.153.212.0/22
IP: 185.226.56.0/22
IP: 193.149.178.0/23
IP: 194.179.136.0/22
IP: 213.170.145.0/24
IP: 2a02:470::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:37:81:04:e6:1b:e6:c2:89:95:f7:99:25:dc:ae:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 18 15:39:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:56:21:71:15:33:06:70:eb:f3:3c:e4:23:e4:
d0:4f:ba:f2:d1:a1:a0:d9:c8:00:94:6a:f9:93:bb:
85:64:c0:c1:df:33:5d:3a:ec:46:4a:c2:84:3e:c0:
85:ed:7e:98:5b:96:52:a1:fe:ba:62:a7:b4:ba:eb:
e3:7a:ba:eb:9a:31:dc:e5:5c:b3:23:62:c4:86:3b:
a3:82:3c:96:17:0e:26:ae:13:62:70:49:ae:67:ac:
17:86:7f:5a:d4:cc:5b:80:8e:ba:7a:23:f4:0a:a2:
c6:e0:da:31:65:18:ae:38:02:84:ad:f6:61:37:e0:
c8:f8:76:66:1d:d3:fe:ec:e9:3c:8c:82:11:8f:99:
24:4d:d4:1d:45:66:8d:9d:39:15:60:a4:9b:91:bb:
f5:d8:42:8a:c3:1b:b5:4b:c1:7d:66:89:33:d4:c7:
7d:9c:c9:bf:b8:cb:87:6b:3d:a8:ab:e1:ea:7d:a8:
91:0e:75:26:0d:61:e1:2c:b5:7a:9f:76:cd:38:9a:
a0:b8:7f:c4:66:bf:65:f0:9f:a5:20:3a:d8:12:e1:
57:5c:a9:ac:bb:31:8a:81:4d:86:a1:9a:37:b8:2f:
42:65:a2:2a:15:17:c8:2a:2c:12:9b:8c:80:a0:65:
4a:3d:e2:e8:0f:3a:65:3a:43:58:ad:a4:f7:19:83:
14:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.184.0/21
45.84.240.0/22
46.182.200.0/21
62.56.208.0/21
77.72.96.0/21
85.208.44.0/22
94.127.32.0/21
151.236.200.0/21
185.55.8.0/22
185.104.12.0/22
185.153.212.0/22
185.226.56.0/22
193.149.178.0/23
194.179.136.0/22
213.170.145.0/24
IPv6:
2a02:470::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42303
Signature Algorithm: sha256WithRSAEncryption
39:c0:65:61:cc:bf:4c:20:3d:5c:97:1b:56:11:0c:72:b2:95:
ec:f1:61:8f:e9:d6:10:36:c6:3f:f1:98:b3:7a:ee:dc:02:d2:
44:4c:4f:d8:75:1f:1d:d7:39:e5:a8:01:75:0d:fe:95:bf:a0:
41:1f:25:7d:a8:aa:ae:74:7c:b2:b1:9f:93:ba:2a:1c:ee:a7:
b7:ca:e9:4f:7b:a7:4c:89:6a:95:ce:d0:93:d4:dc:f7:ab:cf:
4b:4f:71:8a:41:68:b0:3f:1c:26:45:34:eb:3a:c9:2e:af:e2:
22:3d:7b:ec:3a:ae:a8:37:b3:06:1c:e0:69:13:b2:f1:3d:4e:
ae:60:fe:71:09:ac:d5:b3:36:9a:2c:e6:5e:9a:4c:89:1e:dd:
35:7a:85:92:ba:23:69:42:8a:50:86:62:ec:0a:a0:c3:13:66:
05:26:8e:5c:0d:9f:6e:13:e5:fa:7f:c2:15:d3:fb:dd:9f:dd:
2c:8e:c8:4d:d3:64:e9:2f:82:30:80:e6:2a:84:11:09:61:14:
59:4b:eb:af:f4:7d:f1:e4:2f:bf:94:2d:90:d7:01:3c:fd:69:
d7:e0:66:86:29:36:48:fe:ad:cc:25:b1:a6:5e:18:0d:33:e0:
d9:c6:e2:6d:0d:3e:61:fc:38:cc:ef:2c:e7:43:b4:5b:a3:05:
76:12:96:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAY5SN4EE5hvmwomV95kl3K5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzE4MTUzOTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUxNjA1YjY3NWVjZTRlMGZjZTcxNzVhZTMxYTkzZmE4MjcyYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlYhcRUzBnDr8zzkI+TQT7ry0aGg
2cgAlGr5k7uFZMDB3zNdOuxGSsKEPsCF7X6YW5ZSof66Yqe0uuvjerrrmjHc5Vyz
I2LEhjujgjyWFw4mrhNicEmuZ6wXhn9a1MxbgI66eiP0CqLG4NoxZRiuOAKErfZh
N+DI+HZmHdP+7Ok8jIIRj5kkTdQdRWaNnTkVYKSbkbv12EKKwxu1S8F9Zokz1Md9
nMm/uMuHaz2oq+HqfaiRDnUmDWHhLLV6n3bNOJqguH/EZr9l8J+lIDrYEuFXXKms
uzGKgU2GoZo3uC9CZaIqFRfIKiwSm4yAoGVKPeLoDzplOkNYraT3GYMUEwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFAVRYFtnXs5OD85xda4xqT+oJyumMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzI4ZWE0
NS03ZDMwLTQ2ZGYtOGYyYS0wNzc5ZjQ4ZWNlYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMjhlYTQ1
LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2VhMC8xL0JWRmdXMmRlems0UHpuRjFy
akdwUDZnbks2WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGCBggrBgEF
BQcBBwEB/wRzMHEwYAQCAAEwWgMEAwUjuAMEAi1U8AMEAy62yAMEAz440AMEA01I
YAMEAlXQLAMEA15/IAMEA5fsyAMEArk3CAMEArloDAMEArmZ1AMEArniOAMEAcGV
sgMEAsKziAMEANWqkTANBAIAAjAHAwUDKgIEcDAaBggrBgEFBQcBCAEB/wQLMAmg
BzAFAgMApT8wDQYJKoZIhvcNAQELBQADggEBADnAZWHMv0wgPVyXG1YRDHKylezx
YY/p1hA2xj/xmLN67twC0kRMT9h1Hx3XOeWoAXUN/pW/oEEfJX2oqq50fLKxn5O6
Khzup7fK6U97p0yJapXO0JPU3Perz0tPcYpBaLA/HCZFNOs6yS6v4iI9e+w6rqg3
swYc4GkTsvE9Tq5g/nEJrNWzNpos5l6aTIke3TV6hZK6I2lCilCGYuwKoMMTZgUm
jlwNn24T5fp/whXT+92f3SyOyE3TZOkvgjCA5iqEEQlhFFlL66/0ffHkL7+ULZDX
ATz9adfgZoYpNkj+rcwlsaZeGA0z4NnG4m0NPmH8OMzvLOdDtFujBXYSlok=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:19:57 2024 by rpki-client on console-fra.rpki-client.org