Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
File: CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer (raw, json)
Hash identifier: EqCWGmr4mTZpqKix95942/hkBjDV/E80o1gC7jprR5s=
Subject key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018FA4BBADF70F65DB64DA963536074B7373
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 23 May 2024 09:15:14 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44285
AS: 48715
AS: 60248
IP: 5.1.43.0/24
IP: 37.32.32.0/21
IP: 37.75.243.0 -- 37.75.247.255
IP: 45.9.252.0/22
IP: 45.87.4.0/22
IP: 45.140.224.0/21
IP: 45.156.180.0/22
IP: 45.156.192.0/22
IP: 46.28.72.0/21
IP: 78.110.120.0/22
IP: 80.71.149.0/24
IP: 80.249.112.0 -- 80.249.114.255
IP: 84.47.224.0/21
IP: 85.198.24.0/22
IP: 85.198.48.0/20
IP: 86.57.0.0/17
IP: 88.135.36.0/22
IP: 91.236.168.0/23
IP: 91.247.171.0/24
IP: 130.193.77.0/24
IP: 152.89.44.0/22
IP: 185.18.212.0/22
IP: 185.36.228.0/24
IP: 185.51.200.0/22
IP: 185.58.240.0/22
IP: 185.112.148.0/22
IP: 185.121.128.0/22
IP: 185.128.136.0/22
IP: 185.141.104.0/22
IP: 185.141.132.0/22
IP: 185.170.8.0/24
IP: 185.173.129.0 -- 185.173.130.255
IP: 185.182.248.0/22
IP: 185.206.231.0/24
IP: 185.213.195.0/24
IP: 185.233.131.0/24
IP: 185.234.14.0/24
IP: 185.235.245.0/24
IP: 185.252.200.0/24
IP: 188.209.152.0/23
IP: 194.56.148.0/24
IP: 195.110.38.0/23
IP: 195.211.44.0/22
IP: 213.109.199.0/24
IP: 217.172.120.0/21
IP: 2a02:828::/29
IP: 2a09:b6c0::/29
IP: 2a0a:5e80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:bb:ad:f7:0f:65:db:64:da:96:35:36:07:4b:73:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 23 09:15:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:8e:35:9b:d5:1c:fb:8b:43:f4:35:ef:97:
97:a1:3e:b7:6e:5a:f9:a1:6b:ae:c4:84:2a:c9:74:
6e:64:85:38:cf:3d:53:40:c7:91:9a:86:b0:df:cb:
fa:1a:c9:27:c0:6f:ba:eb:bf:04:71:a4:5c:e0:b2:
cf:eb:15:f4:aa:61:73:67:06:13:c7:9e:bf:d4:a8:
b1:5b:86:95:db:48:79:0b:d3:96:fa:44:c8:92:2a:
1c:2c:6f:f0:a6:a6:23:4e:17:79:c5:09:02:a0:cb:
3a:b7:47:92:b6:18:f5:21:89:db:b2:48:b3:cc:88:
63:20:9f:b0:21:67:8a:13:c6:55:9b:20:66:42:36:
64:8a:3f:17:ab:28:aa:21:83:e1:2b:d8:81:96:1f:
22:16:48:b5:92:34:e0:63:70:2a:4c:86:5c:65:78:
6a:62:79:e8:41:eb:56:c4:65:2a:26:76:82:e4:f7:
31:e3:0e:72:dd:13:59:a1:d2:1c:1b:a6:fa:18:1e:
fe:dc:71:5f:f2:b4:ab:62:4f:cb:41:95:ce:f0:6f:
1a:14:e1:87:99:2d:90:29:be:b2:b8:ae:a3:ed:21:
84:93:ad:03:a2:32:a2:bf:01:e8:65:90:5f:bf:d1:
56:65:74:9e:47:2f:8a:a1:85:14:e9:c5:1d:0e:41:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/22
45.140.224.0/21
45.156.180.0/22
45.156.192.0/22
46.28.72.0/21
78.110.120.0/22
80.71.149.0/24
80.249.112.0-80.249.114.255
84.47.224.0/21
85.198.24.0/22
85.198.48.0/20
86.57.0.0/17
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.148.0/22
185.121.128.0/22
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.182.248.0/22
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
194.56.148.0/24
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
217.172.120.0/21
IPv6:
2a02:828::/29
2a09:b6c0::/29
2a0a:5e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44285
48715
60248
Signature Algorithm: sha256WithRSAEncryption
5e:6e:05:d7:52:98:fe:1c:fd:6f:02:39:84:db:9a:26:c6:15:
5b:6c:53:7a:ce:7f:43:ac:1b:31:bf:25:81:bf:86:bc:63:6b:
b6:98:53:74:a1:34:be:24:a3:36:2f:62:97:3e:11:04:ba:ed:
17:3a:a7:f5:d8:82:57:8a:79:8b:d3:db:38:72:d8:0d:9b:49:
91:3b:c3:85:e1:eb:32:90:cb:ef:04:cb:90:49:42:c2:e6:84:
12:cf:df:ab:9c:b6:c2:a6:26:cf:26:57:73:99:15:52:58:cb:
f3:99:38:f8:51:2a:9e:60:81:7b:53:63:27:4d:2c:45:07:42:
92:10:09:48:7b:ef:6f:61:cb:3e:a0:57:d5:65:1f:cc:db:bf:
da:0f:75:96:b6:9f:79:98:28:02:20:7d:dd:78:34:77:88:2f:
b6:b4:77:5b:de:dd:ab:7e:f8:d5:da:2d:e2:97:0e:9b:da:ac:
86:36:41:03:8e:b9:b0:27:b6:a2:80:63:cc:ce:97:9d:1e:2c:
7f:2c:0f:5a:1d:f3:63:c2:33:a3:7e:f0:ec:b7:56:35:36:63:
8e:aa:1d:53:85:32:80:7f:1d:15:65:b6:23:ab:84:6a:35:8c:
76:2b:84:28:a5:04:36:a9:ee:f6:b3:4f:9e:08:49:76:7a:b7:
a2:67:fe:31
-----BEGIN CERTIFICATE-----
MIIG5TCCBc2gAwIBAgISAY+ku633D2XbZNqWNTYHS3NzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTIzMDkxNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHmONZvVHPuLQ/Q175eXoT63blr5
oWuuxIQqyXRuZIU4zz1TQMeRmoaw38v6GsknwG+6678EcaRc4LLP6xX0qmFzZwYT
x56/1KixW4aV20h5C9OW+kTIkiocLG/wpqYjThd5xQkCoMs6t0eSthj1IYnbskiz
zIhjIJ+wIWeKE8ZVmyBmQjZkij8XqyiqIYPhK9iBlh8iFki1kjTgY3AqTIZcZXhq
YnnoQetWxGUqJnaC5Pcx4w5y3RNZodIcG6b6GB7+3HFf8rSrYk/LQZXO8G8aFOGH
mS2QKb6yuK6j7SGEk60DojKivwHoZZBfv9FWZXSeRy+KoYUU6cUdDkE2hQIDAQAB
o4ID8TCCA+0wHQYDVR0OBBYEFAgbeiLlHPuc+EIF5ESZmK1V2PBlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2M1MTVj
OS1kZjA4LTQyNmMtODBlNi0wMzY3MjY4ZmY4NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvYzUxNWM5
LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6NFFnWGtS
Sm1ZclZYWThHVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBZAYIKwYB
BQUHAQcBAf8EggFTMIIBTzCCAS4EAgABMIIBJgMEAAUBKwMEAyUgIDAMAwQAJUvz
AwQDJUvwAwQCLQn8AwQCLVcEAwQDLYzgAwQCLZy0AwQCLZzAAwQDLhxIAwQCTm54
AwQAUEeVMAwDBARQ+XADBABQ+XIDBANUL+ADBAJVxhgDBARVxjADBAdWOQADBAJY
hyQDBAFb7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5JOQDBAK5M8gDBAK5
OvADBAK5cJQDBAK5eYADBAK5gIgDBAK5jWgDBAK5jYQDBAC5qggwDAMEALmtgQME
ALmtggMEArm2+AMEALnO5wMEALnVwwMEALnpgwMEALnqDgMEALnr9QMEALn8yAME
AbzRmAMEAMI4lAMEAcNuJgMEAsPTLAMEANVtxwMEA9mseDAbBAIAAjAVAwUDKgII
KAMFAyoJtsADBQMqCl6AMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8CAwCs/QIDAL5L
AgMA61gwDQYJKoZIhvcNAQELBQADggEBAF5uBddSmP4c/W8COYTbmibGFVtsU3rO
f0OsGzG/JYG/hrxja7aYU3ShNL4kozYvYpc+EQS67Rc6p/XYgleKeYvT2zhy2A2b
SZE7w4Xh6zKQy+8Ey5BJQsLmhBLP36uctsKmJs8mV3OZFVJYy/OZOPhRKp5ggXtT
YydNLEUHQpIQCUh7729hyz6gV9VlH8zbv9oPdZa2n3mYKAIgfd14NHeIL7a0d1ve
3at++NXaLeKXDpvarIY2QQOOubAntqKAY8zOl50eLH8sD1od82PCM6N+8Oy3VjU2
Y46qHVOFMoB/HRVltiOrhGo1jHYrhCilBDap7vazT54ISXZ6t6Jn/jE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:06:22 2024 by rpki-client on console-ams.rpki-client.org