Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
File: CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer (raw, json)
Hash identifier: YwPPjnyuIdah2/fKsrj7D3PjBbeM3Zz0CEwpT1YkwI8=
Subject key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B25E68CBCDAB16EACA9160D39D851
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44285
AS: 48715
AS: 60248
IP: 5.1.43.0/24
IP: 37.32.32.0/21
IP: 37.75.243.0 -- 37.75.247.255
IP: 45.9.252.0/22
IP: 45.87.4.0/22
IP: 45.140.224.0/21
IP: 45.156.180.0/22
IP: 45.156.192.0/22
IP: 45.156.200.0/22
IP: 46.28.72.0/21
IP: 78.110.120.0/22
IP: 80.71.149.0/24
IP: 80.249.112.0 -- 80.249.114.255
IP: 84.47.224.0/21
IP: 85.198.24.0/22
IP: 85.198.48.0/20
IP: 86.57.0.0/17
IP: 88.135.36.0/22
IP: 91.236.168.0/23
IP: 91.247.171.0/24
IP: 130.193.77.0/24
IP: 152.89.44.0/22
IP: 185.18.212.0/22
IP: 185.36.228.0/24
IP: 185.51.200.0/22
IP: 185.58.240.0/22
IP: 185.112.148.0/22
IP: 185.121.128.0/22
IP: 185.128.136.0/22
IP: 185.141.104.0/22
IP: 185.141.132.0/22
IP: 185.170.8.0/24
IP: 185.173.129.0 -- 185.173.130.255
IP: 185.182.248.0/22
IP: 185.206.231.0/24
IP: 185.213.195.0/24
IP: 185.233.131.0/24
IP: 185.234.14.0/24
IP: 185.235.245.0/24
IP: 185.252.200.0/24
IP: 188.209.152.0/23
IP: 194.56.148.0/24
IP: 195.110.38.0/23
IP: 195.211.44.0/22
IP: 213.109.199.0/24
IP: 217.172.120.0/21
IP: 2a02:828::/29
IP: 2a09:b6c0::/29
IP: 2a0a:5e80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:25:e6:8c:bc:da:b1:6e:ac:a9:16:0d:39:d8:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:79:8e:35:9b:d5:1c:fb:8b:43:f4:35:ef:97:
97:a1:3e:b7:6e:5a:f9:a1:6b:ae:c4:84:2a:c9:74:
6e:64:85:38:cf:3d:53:40:c7:91:9a:86:b0:df:cb:
fa:1a:c9:27:c0:6f:ba:eb:bf:04:71:a4:5c:e0:b2:
cf:eb:15:f4:aa:61:73:67:06:13:c7:9e:bf:d4:a8:
b1:5b:86:95:db:48:79:0b:d3:96:fa:44:c8:92:2a:
1c:2c:6f:f0:a6:a6:23:4e:17:79:c5:09:02:a0:cb:
3a:b7:47:92:b6:18:f5:21:89:db:b2:48:b3:cc:88:
63:20:9f:b0:21:67:8a:13:c6:55:9b:20:66:42:36:
64:8a:3f:17:ab:28:aa:21:83:e1:2b:d8:81:96:1f:
22:16:48:b5:92:34:e0:63:70:2a:4c:86:5c:65:78:
6a:62:79:e8:41:eb:56:c4:65:2a:26:76:82:e4:f7:
31:e3:0e:72:dd:13:59:a1:d2:1c:1b:a6:fa:18:1e:
fe:dc:71:5f:f2:b4:ab:62:4f:cb:41:95:ce:f0:6f:
1a:14:e1:87:99:2d:90:29:be:b2:b8:ae:a3:ed:21:
84:93:ad:03:a2:32:a2:bf:01:e8:65:90:5f:bf:d1:
56:65:74:9e:47:2f:8a:a1:85:14:e9:c5:1d:0e:41:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/22
45.140.224.0/21
45.156.180.0/22
45.156.192.0/22
45.156.200.0/22
46.28.72.0/21
78.110.120.0/22
80.71.149.0/24
80.249.112.0-80.249.114.255
84.47.224.0/21
85.198.24.0/22
85.198.48.0/20
86.57.0.0/17
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.148.0/22
185.121.128.0/22
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.182.248.0/22
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
194.56.148.0/24
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
217.172.120.0/21
IPv6:
2a02:828::/29
2a09:b6c0::/29
2a0a:5e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44285
48715
60248
Signature Algorithm: sha256WithRSAEncryption
9d:ed:25:50:83:b9:4b:f1:3f:6e:77:d6:ab:eb:a8:ed:d6:54:
4e:bd:ae:10:05:95:e1:81:d9:af:23:39:b3:e3:38:48:7c:61:
46:dd:69:51:7c:26:7e:30:b7:4a:0c:7e:95:19:4e:ca:6d:e7:
d9:92:d1:e8:b3:03:32:75:d8:89:4d:b8:d3:fc:74:36:f6:7f:
26:ce:a8:b8:e3:5c:18:8c:86:00:7a:b2:d0:f4:11:b3:e6:e5:
60:12:1e:e6:1e:c7:29:3b:d3:80:9d:5c:62:77:36:9d:b7:90:
50:2b:16:98:51:b7:7d:c8:c5:09:c7:78:fb:56:13:bb:2c:e4:
77:ce:a7:86:73:1e:3d:db:7b:92:71:34:67:dc:b2:f5:34:c8:
fb:4a:f8:18:0f:ba:de:46:de:80:02:11:e8:4b:59:22:ef:77:
3c:9a:75:5b:ed:d4:18:b3:f3:a2:8a:6c:3c:8e:a4:b6:2d:42:
59:1a:66:11:7f:bc:02:af:2b:1d:ff:ce:af:f1:2d:1e:6d:f5:
b2:38:4b:a6:fc:4e:38:38:8f:2e:ae:0f:f8:16:38:71:3b:e6:
3f:27:c2:ba:ba:43:e8:59:c1:74:0f:53:8f:4a:ad:ce:66:c9:
ec:40:25:87:32:29:67:24:b0:0e:d6:fd:df:9c:2f:6f:3a:26:
8f:44:eb:47
-----BEGIN CERTIFICATE-----
MIIG6zCCBdOgAwIBAgISAYzGSyXmjLzasW6sqRYNOdhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFiN2EyMmU1MWNmYjljZjg0MjA1ZTQ0NDk5OThhZDU1ZDhmMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHmONZvVHPuLQ/Q175eXoT63blr5
oWuuxIQqyXRuZIU4zz1TQMeRmoaw38v6GsknwG+6678EcaRc4LLP6xX0qmFzZwYT
x56/1KixW4aV20h5C9OW+kTIkiocLG/wpqYjThd5xQkCoMs6t0eSthj1IYnbskiz
zIhjIJ+wIWeKE8ZVmyBmQjZkij8XqyiqIYPhK9iBlh8iFki1kjTgY3AqTIZcZXhq
YnnoQetWxGUqJnaC5Pcx4w5y3RNZodIcG6b6GB7+3HFf8rSrYk/LQZXO8G8aFOGH
mS2QKb6yuK6j7SGEk60DojKivwHoZZBfv9FWZXSeRy+KoYUU6cUdDkE2hQIDAQAB
o4ID9zCCA/MwHQYDVR0OBBYEFAgbeiLlHPuc+EIF5ESZmK1V2PBlMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2M1MTVj
OS1kZjA4LTQyNmMtODBlNi0wMzY3MjY4ZmY4NzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvYzUxNWM5
LWRmMDgtNDI2Yy04MGU2LTAzNjcyNjhmZjg3MS8xL0NCdDZJdVVjLTV6NFFnWGtS
Sm1ZclZYWThHVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBagYIKwYB
BQUHAQcBAf8EggFZMIIBVTCCATQEAgABMIIBLAMEAAUBKwMEAyUgIDAMAwQAJUvz
AwQDJUvwAwQCLQn8AwQCLVcEAwQDLYzgAwQCLZy0AwQCLZzAAwQCLZzIAwQDLhxI
AwQCTm54AwQAUEeVMAwDBARQ+XADBABQ+XIDBANUL+ADBAJVxhgDBARVxjADBAdW
OQADBAJYhyQDBAFb7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5JOQDBAK5
M8gDBAK5OvADBAK5cJQDBAK5eYADBAK5gIgDBAK5jWgDBAK5jYQDBAC5qggwDAME
ALmtgQMEALmtggMEArm2+AMEALnO5wMEALnVwwMEALnpgwMEALnqDgMEALnr9QME
ALn8yAMEAbzRmAMEAMI4lAMEAcNuJgMEAsPTLAMEANVtxwMEA9mseDAbBAIAAjAV
AwUDKgIIKAMFAyoJtsADBQMqCl6AMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8CAwCs
/QIDAL5LAgMA61gwDQYJKoZIhvcNAQELBQADggEBAJ3tJVCDuUvxP2531qvrqO3W
VE69rhAFleGB2a8jObPjOEh8YUbdaVF8Jn4wt0oMfpUZTspt59mS0eizAzJ12IlN
uNP8dDb2fybOqLjjXBiMhgB6stD0EbPm5WASHuYexyk704CdXGJ3Np23kFArFphR
t33IxQnHePtWE7ss5HfOp4ZzHj3be5JxNGfcsvU0yPtK+BgPut5G3oACEehLWSLv
dzyadVvt1Biz86KKbDyOpLYtQlkaZhF/vAKvKx3/zq/xLR5t9bI4S6b8Tjg4jy6u
D/gWOHE75j8nwrq6Q+hZwXQPU49Krc5myexAJYcyKWcksA7W/d+cL286Jo9E60c=
-----END CERTIFICATE-----
Generated at Thu Apr 25 11:09:25 2024 by rpki-client on console-fra.rpki-client.org