Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
File: DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer (raw, json)
Hash identifier: Q9q5bOe47weUD2acqt1faNxwDAMPTMLcYIvtIjyeI7U=
Subject key identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC349040966794A931896A57A5A102F5F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:51 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8680
IP: 37.72.152.0/21
IP: 46.102.107.0/24
IP: 62.68.160.0/19
IP: 77.81.75.0/24
IP: 78.111.192.0/20
IP: 84.247.1.0/24
IP: 85.204.71.0/24
IP: 85.204.135.0/24
IP: 85.204.144.0/24
IP: 85.204.192.0/24
IP: 86.104.12.0/24
IP: 86.104.64.0/24
IP: 86.105.10.0/23
IP: 88.81.128.0/19
IP: 89.32.207.0/24
IP: 89.33.15.0/24
IP: 89.35.82.0/23
IP: 89.37.59.0/24
IP: 89.40.64.0/24
IP: 89.42.115.0/24
IP: 89.42.174.0/23
IP: 89.42.179.0/24
IP: 89.43.49.0/24
IP: 89.43.172.0/23
IP: 89.44.107.0/24
IP: 89.47.248.0/24
IP: 89.47.253.0/24
IP: 91.190.160.0/21
IP: 92.114.55.0/24
IP: 93.114.188.0/23
IP: 93.187.144.0/21
IP: 185.3.100.0/22
IP: 188.214.59.0/24
IP: 188.241.17.0/24
IP: 212.30.0.0/19
IP: 217.19.128.0/20
IP: 2a02:7380::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:04:09:66:79:4a:93:18:96:a5:7a:5a:10:2f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:29:ef:a7:33:ce:fa:14:19:6d:93:ad:17:28:
ec:26:d7:8b:b3:7d:97:eb:2a:a5:c6:e7:b8:10:72:
fa:05:49:5e:1f:4e:39:fc:57:ff:97:05:27:92:32:
8c:5f:0a:32:4f:02:12:4b:5b:ed:b5:a1:83:18:76:
d6:2f:70:5a:ec:5f:db:72:17:f2:66:2f:81:cc:4e:
94:cd:13:05:f0:cc:8d:fe:ce:f0:02:e2:a7:2b:41:
43:a1:34:bc:65:7e:2a:61:a7:88:18:01:56:a6:b4:
66:d8:e7:fa:08:41:14:da:ed:fa:89:3b:30:a3:38:
ab:ee:3b:78:9e:66:cf:32:f4:26:d7:12:df:39:18:
ff:69:af:64:dc:34:d3:d7:f4:3e:77:0e:ac:7c:7f:
4f:19:f6:1d:e8:df:26:a7:2c:75:a9:49:06:f4:37:
2c:b3:63:d2:38:cb:29:2b:dc:0e:13:66:c0:98:6b:
8e:fe:7f:d4:f9:48:46:18:1a:71:2c:13:aa:77:55:
fd:6d:91:ed:e6:fd:a9:73:6c:ae:02:36:22:7d:71:
53:ae:1b:8f:e9:c1:a9:16:e3:4e:f3:9b:fd:98:07:
30:ed:69:02:05:cf:b7:24:94:77:48:63:fe:8f:e0:
6c:fe:8e:61:2e:90:f3:5d:c0:98:81:5e:10:58:7f:
82:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.152.0/21
46.102.107.0/24
62.68.160.0/19
77.81.75.0/24
78.111.192.0/20
84.247.1.0/24
85.204.71.0/24
85.204.135.0/24
85.204.144.0/24
85.204.192.0/24
86.104.12.0/24
86.104.64.0/24
86.105.10.0/23
88.81.128.0/19
89.32.207.0/24
89.33.15.0/24
89.35.82.0/23
89.37.59.0/24
89.40.64.0/24
89.42.115.0/24
89.42.174.0/23
89.42.179.0/24
89.43.49.0/24
89.43.172.0/23
89.44.107.0/24
89.47.248.0/24
89.47.253.0/24
91.190.160.0/21
92.114.55.0/24
93.114.188.0/23
93.187.144.0/21
185.3.100.0/22
188.214.59.0/24
188.241.17.0/24
212.30.0.0/19
217.19.128.0/20
IPv6:
2a02:7380::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8680
Signature Algorithm: sha256WithRSAEncryption
ab:ea:94:a6:ab:6a:85:36:0d:a7:bc:3a:ba:f2:5d:d3:2d:e9:
ac:34:95:bb:0f:bb:61:75:03:80:dc:2c:ed:3e:df:59:78:d9:
83:45:df:99:e9:63:bf:8d:6c:a5:9b:eb:61:ec:f2:9a:53:10:
d8:c4:17:b6:4e:c5:27:53:37:33:36:3d:3d:03:9c:a2:ec:2c:
e2:00:fc:32:c6:cb:3f:4e:ea:9b:7c:24:ff:65:1c:f7:c6:c5:
76:1f:94:1e:cc:eb:9c:0e:d5:68:57:bc:ab:b8:13:9c:de:ae:
d5:4d:d2:b5:9a:24:f5:df:55:7b:82:40:2b:33:23:0c:ed:25:
79:b4:17:be:6c:18:c9:e4:5b:33:eb:c2:25:17:25:05:38:50:
cd:7c:c3:07:76:4c:28:0f:94:01:fa:e7:f9:1b:c2:86:4e:08:
41:59:ee:29:21:0a:af:cf:fa:cf:70:3a:5e:39:cc:0e:27:aa:
dc:86:5d:ef:f8:8d:00:e2:51:09:18:e5:9a:9e:61:4f:5b:8c:
55:7d:46:e0:d3:e9:9b:a1:42:3c:9d:fa:85:6a:3f:78:16:3b:
3f:da:e0:80:29:49:d0:85:f9:15:1d:a9:5c:df:be:56:4a:4b:
d2:a3:b7:75:9f:7f:27:40:55:f4:07:61:48:c6:f3:9e:4a:de:
d0:56:c9:4c
-----BEGIN CERTIFICATE-----
MIIGejCCBWKgAwIBAgISAYzDSQQJZnlKkxiWpXpaEC9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzI2MjViZGZmYTk0MzdkYzJiOTZkOGFlMDIzMTAwYmM4OGU2ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCnvpzPO+hQZbZOtFyjsJteLs32X
6yqlxue4EHL6BUleH045/Ff/lwUnkjKMXwoyTwISS1vttaGDGHbWL3Ba7F/bchfy
Zi+BzE6UzRMF8MyN/s7wAuKnK0FDoTS8ZX4qYaeIGAFWprRm2Of6CEEU2u36iTsw
ozir7jt4nmbPMvQm1xLfORj/aa9k3DTT1/Q+dw6sfH9PGfYd6N8mpyx1qUkG9Dcs
s2PSOMspK9wOE2bAmGuO/n/U+UhGGBpxLBOqd1X9bZHt5v2pc2yuAjYifXFTrhuP
6cGpFuNO85v9mAcw7WkCBc+3JJR3SGP+j+Bs/o5hLpDzXcCYgV4QWH+CAwIDAQAB
o4IDhjCCA4IwHQYDVR0OBBYEFAwmJb3/qUN9wrltiuAjEAvIjm/jMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYwLzljNzhi
OS1kYTM5LTQ1MGYtYmI5Ni0wNzgwNGFmZjQ5MGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAvOWM3OGI5
LWRhMzktNDUwZi1iYjk2LTA3ODA0YWZmNDkwZi8xL0RDWWx2Zi1wUTMzQ3VXMks0
Q01RQzhpT2ItTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBAYIKwYB
BQUHAQcBAf8EgfQwgfEwgd8EAgABMIHYAwQDJUiYAwQALmZrAwQFPkSgAwQATVFL
AwQETm/AAwQAVPcBAwQAVcxHAwQAVcyHAwQAVcyQAwQAVczAAwQAVmgMAwQAVmhA
AwQBVmkKAwQFWFGAAwQAWSDPAwQAWSEPAwQBWSNSAwQAWSU7AwQAWShAAwQAWSpz
AwQBWSquAwQAWSqzAwQAWSsxAwQBWSusAwQAWSxrAwQAWS/4AwQAWS/9AwQDW76g
AwQAXHI3AwQBXXK8AwQDXbuQAwQCuQNkAwQAvNY7AwQAvPERAwQF1B4AAwQE2ROA
MA0EAgACMAcDBQAqAnOAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAiHoMA0GCSqG
SIb3DQEBCwUAA4IBAQCr6pSmq2qFNg2nvDq68l3TLemsNJW7D7thdQOA3CztPt9Z
eNmDRd+Z6WO/jWylm+th7PKaUxDYxBe2TsUnUzczNj09A5yi7CziAPwyxss/Tuqb
fCT/ZRz3xsV2H5QezOucDtVoV7yruBOc3q7VTdK1miT131V7gkArMyMM7SV5tBe+
bBjJ5Fsz68IlFyUFOFDNfMMHdkwoD5QB+uf5G8KGTghBWe4pIQqvz/rPcDpeOcwO
J6rchl3v+I0A4lEJGOWanmFPW4xVfUbg0+mboUI8nfqFaj94Fjs/2uCAKUnQhfkV
Halc375WSkvSo7d1n38nQFX0B2FIxvOeSt7QVslM
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:05:25 2024 by rpki-client on console-fra.rpki-client.org