Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
File: EsKoNUaJrsKnT8oUlEknYhuifJQ.cer (raw, json)
Hash identifier: WqWxv2SBY2Wfb4UodF+PrPBUegNTKYlC4xIHkeAXuRg=
Subject key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E46EE329EC77F66B54E0A99F4DE399AAA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Sat 16 Mar 2024 11:03:19 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204644
IP: 2.58.72.0/22
IP: 5.133.116.0/22
IP: 5.181.64.0/22
IP: 31.169.120.0/22
IP: 45.10.152.0/22
IP: 45.13.232.0/22
IP: 45.67.224.0/22
IP: 45.80.184.0/22
IP: 45.84.136.0/22
IP: 45.92.8.0/22
IP: 45.94.208.0/22
IP: 45.130.104.0/22
IP: 45.134.116.0/22
IP: 45.137.140.0/22
IP: 45.141.20.0/22
IP: 45.151.120.0/22
IP: 45.155.40.0/22
IP: 62.3.8.0/24
IP: 62.204.45.0/24
IP: 80.245.108.0/22
IP: 83.97.112.0/22
IP: 85.255.80.0/22
IP: 91.132.0.0/22
IP: 91.196.220.0/22
IP: 91.199.122.0/24
IP: 91.242.248.0/24
IP: 92.118.60.0/22
IP: 130.185.116.0/22
IP: 146.19.6.0/24
IP: 152.89.120.0/22
IP: 160.238.36.0/22
IP: 176.97.206.0/24
IP: 176.116.22.0/24
IP: 176.227.240.0/22
IP: 185.196.0.0/22
IP: 185.244.120.0/22
IP: 185.249.224.0/22
IP: 185.252.232.0/22
IP: 192.145.116.0/22
IP: 193.31.120.0/22
IP: 193.32.172.0/22
IP: 193.36.236.0/22
IP: 193.58.188.0/22
IP: 193.160.244.0/22
IP: 194.26.219.0/24
IP: 194.34.192.0/22
IP: 194.35.120.0/22
IP: 194.60.86.0/23
IP: 194.60.200.0/23
IP: 194.110.92.0/22
IP: 194.113.64.0/22
IP: 194.156.224.0/22
IP: 195.158.204.0/22
IP: 212.23.213.0/24
IP: 213.109.200.0/24
IP: 2a0d:2d80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:46:ee:32:9e:c7:7f:66:b5:4e:0a:99:f4:de:39:9a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 16 11:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12c2a8354689aec2a74fca14944927621ba27c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:a0:e6:c5:74:66:3b:20:98:31:e5:bb:ea:
5d:63:2f:b5:f1:59:44:75:b8:bd:76:c9:9a:69:cb:
73:fb:43:22:80:da:e1:69:ce:92:1c:ba:cb:73:86:
65:38:31:5e:43:d7:c5:41:2f:56:5d:24:3b:06:95:
61:93:97:14:24:f7:e6:e4:48:45:07:1e:a6:41:bf:
8f:29:e0:24:44:b9:3c:5e:33:93:59:5f:ec:58:a5:
da:8c:d4:70:43:37:bf:b3:73:6a:eb:e9:d9:6c:65:
ee:26:b4:50:c3:51:43:43:16:27:cb:cd:fe:ab:b3:
dc:5f:1a:91:97:63:30:2d:92:00:f0:06:f4:8f:91:
87:e9:9d:45:e8:f1:ec:7b:a9:2c:5d:27:26:d5:b3:
2c:c8:c5:14:c7:d4:ae:52:4c:09:30:85:bd:2e:b0:
9a:8e:3f:bd:40:1a:c3:2f:e3:bd:1d:53:6f:e0:cc:
33:ce:ad:c0:55:6e:20:d1:5d:c4:ad:36:de:d7:ca:
03:2d:43:b5:cc:61:2e:52:78:07:95:f1:9e:a8:29:
b7:f3:3e:0f:32:6f:36:c2:84:56:28:71:25:59:3a:
13:52:5c:13:00:40:33:a5:27:8c:b9:92:98:0a:6e:
b7:97:9c:8f:89:b3:e6:58:bb:d2:b5:f7:98:4f:43:
70:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.72.0/22
5.133.116.0/22
5.181.64.0/22
31.169.120.0/22
45.10.152.0/22
45.13.232.0/22
45.67.224.0/22
45.80.184.0/22
45.84.136.0/22
45.92.8.0/22
45.94.208.0/22
45.130.104.0/22
45.134.116.0/22
45.137.140.0/22
45.141.20.0/22
45.151.120.0/22
45.155.40.0/22
62.3.8.0/24
62.204.45.0/24
80.245.108.0/22
83.97.112.0/22
85.255.80.0/22
91.132.0.0/22
91.196.220.0/22
91.199.122.0/24
91.242.248.0/24
92.118.60.0/22
130.185.116.0/22
146.19.6.0/24
152.89.120.0/22
160.238.36.0/22
176.97.206.0/24
176.116.22.0/24
176.227.240.0/22
185.196.0.0/22
185.244.120.0/22
185.249.224.0/22
185.252.232.0/22
192.145.116.0/22
193.31.120.0/22
193.32.172.0/22
193.36.236.0/22
193.58.188.0/22
193.160.244.0/22
194.26.219.0/24
194.34.192.0/22
194.35.120.0/22
194.60.86.0/23
194.60.200.0/23
194.110.92.0/22
194.113.64.0/22
194.156.224.0/22
195.158.204.0/22
212.23.213.0/24
213.109.200.0/24
IPv6:
2a0d:2d80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204644
Signature Algorithm: sha256WithRSAEncryption
0a:5c:5f:c7:de:d2:b3:74:75:31:fb:48:83:d1:cd:41:c9:85:
86:b4:e5:9a:08:0d:38:c9:ce:45:f8:71:15:cb:37:60:0d:b5:
46:eb:76:bb:d0:6e:2c:51:6b:3d:ca:4b:be:61:10:6a:8b:f1:
31:be:79:08:11:b2:71:d9:93:fe:54:99:4a:6e:28:63:ed:f2:
61:32:f1:44:0d:a5:68:b3:28:dd:b2:c4:c6:57:2b:88:37:ff:
29:a6:44:82:9e:94:a9:76:53:ad:73:53:55:73:59:39:09:49:
7b:8c:c1:9e:4e:d9:8e:df:7a:fa:cb:e6:fe:8e:36:21:8d:7c:
6e:c7:c9:0c:c3:a3:66:ca:22:b5:6f:66:0a:2c:8e:3e:46:5e:
45:64:db:31:d4:46:d1:d7:25:37:5d:6d:c0:88:79:07:20:20:
8b:81:7f:e6:e8:0c:b5:31:28:07:17:44:47:08:fa:e2:60:ac:
59:8c:45:7f:5e:aa:23:ee:06:a9:68:de:de:72:43:8f:3e:24:
8d:9b:ab:91:26:3c:33:35:86:20:95:07:3a:cf:cf:48:f7:e0:
4d:a5:6c:6c:2a:50:2f:e0:9f:21:2e:8a:2e:57:36:7e:87:5f:
bf:14:ef:e6:1d:a2:de:96:ce:25:5d:56:13:6c:7a:ce:01:86:
7c:39:a0:9e
-----BEGIN CERTIFICATE-----
MIIHDTCCBfWgAwIBAgISAY5G7jKex39mtU4KmfTeOZqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzE2MTEwMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmMyYTgzNTQ2ODlhZWMyYTc0ZmNhMTQ5NDQ5Mjc2MjFiYTI3Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBag5sV0ZjsgmDHlu+pdYy+18VlE
dbi9dsmaactz+0MigNrhac6SHLrLc4ZlODFeQ9fFQS9WXSQ7BpVhk5cUJPfm5EhF
Bx6mQb+PKeAkRLk8XjOTWV/sWKXajNRwQze/s3Nq6+nZbGXuJrRQw1FDQxYny83+
q7PcXxqRl2MwLZIA8Ab0j5GH6Z1F6PHse6ksXScm1bMsyMUUx9SuUkwJMIW9LrCa
jj+9QBrDL+O9HVNv4Mwzzq3AVW4g0V3ErTbe18oDLUO1zGEuUngHlfGeqCm38z4P
Mm82woRWKHElWToTUlwTAEAzpSeMuZKYCm63l5yPibPmWLvStfeYT0NwuwIDAQAB
o4IEGTCCBBUwHQYDVR0OBBYEFBLCqDVGia7Cp0/KFJRJJ2IbonyUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZlMzcw
OGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBiOTlhZi83LzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUz
NzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMTJDMkE4MzU0Njg5
QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjCCAXoGCCsGAQUFBwEHAQH/BIIBaTCCAWUwggFS
BAIAATCCAUoDBAICOkgDBAIFhXQDBAIFtUADBAIfqXgDBAItCpgDBAItDegDBAIt
Q+ADBAItULgDBAItVIgDBAItXAgDBAItXtADBAItgmgDBAIthnQDBAItiYwDBAIt
jRQDBAItl3gDBAItmygDBAA+AwgDBAA+zC0DBAJQ9WwDBAJTYXADBAJV/1ADBAJb
hAADBAJbxNwDBABbx3oDBABb8vgDBAJcdjwDBAKCuXQDBACSEwYDBAKYWXgDBAKg
7iQDBACwYc4DBACwdBYDBAKw4/ADBAK5xAADBAK59HgDBAK5+eADBAK5/OgDBALA
kXQDBALBH3gDBALBIKwDBALBJOwDBALBOrwDBALBoPQDBADCGtsDBALCIsADBALC
I3gDBAHCPFYDBAHCPMgDBALCblwDBALCcUADBALCnOADBALDnswDBADUF9UDBADV
bcgwDQQCAAIwBwMFAyoNLYAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAx9kMA0G
CSqGSIb3DQEBCwUAA4IBAQAKXF/H3tKzdHUx+0iD0c1ByYWGtOWaCA04yc5F+HEV
yzdgDbVG63a70G4sUWs9yku+YRBqi/ExvnkIEbJx2ZP+VJlKbihj7fJhMvFEDaVo
syjdssTGVyuIN/8ppkSCnpSpdlOtc1NVc1k5CUl7jMGeTtmO33r6y+b+jjYhjXxu
x8kMw6NmyiK1b2YKLI4+Rl5FZNsx1EbR1yU3XW3AiHkHICCLgX/m6Ay1MSgHF0RH
CPriYKxZjEV/Xqoj7gapaN7eckOPPiSNm6uRJjwzNYYglQc6z89I9+BNpWxsKlAv
4J8hLoouVzZ+h1+/FO/mHaLels4lXVYTbHrOAYZ8OaCe
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:34:30 2024 by rpki-client on console-fra.rpki-client.org