Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
File: FjB9KfVUPyHqMAm5Uj_nG48Taco.cer (raw, json)
Hash identifier: buFNvJeky4yJBp2TGcRbEbvGRf5xGI+/06rUNTOvCAM=
Subject key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7933919E613B9B2D238A25AD4A59309
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:29:23 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 5089
AS: 5462
AS: 13076
AS: 42987
AS: 43629
AS: 50534
AS: 62016
IP: 62.30.0.0/15
IP: 62.252.0.0/14
IP: 77.96.0.0/13
IP: 80.0.0.0/13
IP: 80.192.0.0/14
IP: 80.235.128.0/17
IP: 80.255.192.0/19
IP: 81.96.0.0/12
IP: 82.0.0.0 -- 82.47.255.255
IP: 84.19.104.0 -- 84.19.127.255
IP: 86.0.0.0/11
IP: 92.232.0.0 -- 92.234.255.255
IP: 92.236.0.0/14
IP: 94.173.0.0 -- 94.175.255.255
IP: 185.228.252.0/22
IP: 193.38.64.0/18
IP: 193.39.32.0 -- 193.39.65.255
IP: 193.193.96.0/19
IP: 194.117.128.0/19
IP: 194.145.148.0/23
IP: 194.168.0.0/16
IP: 195.182.160.0/19
IP: 195.188.0.0/16
IP: 212.24.64.0/19
IP: 212.43.160.0/19
IP: 212.250.0.0/16
IP: 213.48.0.0/16
IP: 213.81.0.0/17
IP: 213.104.0.0/14
IP: 213.147.224.0/19
IP: 213.148.32.0/19
IP: 217.137.0.0/16
IP: 2a02:8800::/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:39:19:e6:13:b9:b2:d2:38:a2:5a:d4:a5:93:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7c:de:15:df:0f:da:bf:75:92:eb:58:79:d8:
d7:57:da:73:8b:ff:e5:4e:52:ce:63:04:49:b1:6e:
42:ef:04:27:23:86:a8:f0:8c:92:b6:ef:ad:3d:67:
13:13:66:a8:5a:7d:3a:15:3a:17:03:c6:88:a7:09:
76:88:4e:19:8b:c1:9f:9d:c4:11:22:7a:ba:00:29:
1f:6d:26:6f:84:72:16:15:68:a4:24:84:5b:04:18:
f7:99:6c:56:bd:eb:a4:e8:3c:05:3a:71:23:a6:b3:
84:01:d7:de:8a:22:2b:71:03:37:d7:df:78:3f:4a:
c3:b0:48:6f:cd:34:f8:41:71:ca:1b:58:87:c7:36:
8f:f9:64:d4:93:1b:1e:b1:bc:1a:31:31:53:40:6d:
0d:5e:61:19:a2:fd:1b:6e:dd:5f:0f:8f:e0:ee:b0:
84:a8:40:35:25:54:74:af:fc:54:5c:4a:3b:5b:8e:
04:76:31:11:6c:41:b3:cd:b0:40:44:40:cb:b7:49:
32:f7:f8:82:35:7a:eb:5e:71:cb:79:c0:11:8f:07:
26:5a:6c:c8:71:dc:b6:40:46:d1:39:56:35:a1:cc:
03:5c:61:0f:04:bb:4a:d2:ee:e7:a4:7e:98:96:4c:
a9:c0:cd:4c:1e:53:d6:83:07:68:a6:c9:24:87:d6:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.30.0.0/15
62.252.0.0/14
77.96.0.0/13
80.0.0.0/13
80.192.0.0/14
80.235.128.0/17
80.255.192.0/19
81.96.0.0/12
82.0.0.0-82.47.255.255
84.19.104.0-84.19.127.255
86.0.0.0/11
92.232.0.0-92.234.255.255
92.236.0.0/14
94.173.0.0-94.175.255.255
185.228.252.0/22
193.38.64.0/18
193.39.32.0-193.39.65.255
193.193.96.0/19
194.117.128.0/19
194.145.148.0/23
194.168.0.0/16
195.182.160.0/19
195.188.0.0/16
212.24.64.0/19
212.43.160.0/19
212.250.0.0/16
213.48.0.0/16
213.81.0.0/17
213.104.0.0/14
213.147.224.0/19
213.148.32.0/19
217.137.0.0/16
IPv6:
2a02:8800::/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5089
5462
13076
42987
43629
50534
62016
Signature Algorithm: sha256WithRSAEncryption
a1:cb:38:34:a7:bc:49:ea:84:30:6e:11:f0:1a:2b:13:80:9e:
4b:aa:4b:ab:af:5e:45:09:6c:a9:78:ba:82:eb:af:1a:d6:7c:
36:de:a9:8b:4b:58:59:a3:e9:02:14:c0:b2:d3:39:5f:b0:8a:
56:72:70:e2:4f:25:dc:30:9f:44:27:f9:31:72:1b:69:c1:45:
55:77:dd:f1:6e:da:03:6c:46:5b:81:94:83:5f:fe:78:9d:23:
d6:16:e7:f2:fe:a7:fb:b9:55:7f:1d:c1:ea:16:ea:72:1a:31:
ce:a3:f6:01:89:0b:0f:23:d9:e5:40:74:b8:19:f5:3f:d5:81:
a8:7d:9a:df:38:41:d2:a3:6e:c1:c9:10:e8:1b:84:35:61:77:
2c:27:36:70:b9:b1:84:11:c1:4c:29:61:24:92:01:b3:48:70:
55:f6:47:cc:26:a2:61:c2:48:9b:a2:5d:08:e4:a5:8b:62:c9:
c9:65:c2:80:3f:e4:cd:12:87:58:1b:6b:fd:4c:cc:57:ea:0f:
df:71:05:85:6e:c0:1c:3c:a9:3d:be:e3:3d:33:bc:35:97:11:
7a:59:b5:7e:f0:54:b2:56:6e:6b:56:48:3f:26:71:ab:74:b0:
e7:44:de:9c:b1:73:27:0c:12:ad:18:44:05:0b:fe:e1:c9:4e:
3b:06:4a:f4
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgISAYzHkzkZ5hO5stI4olrUpZMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33zeFd8P2r91kutYedjXV9pzi//l
TlLOYwRJsW5C7wQnI4ao8IyStu+tPWcTE2aoWn06FToXA8aIpwl2iE4Zi8GfncQR
Inq6ACkfbSZvhHIWFWikJIRbBBj3mWxWveuk6DwFOnEjprOEAdfeiiIrcQM31994
P0rDsEhvzTT4QXHKG1iHxzaP+WTUkxsesbwaMTFTQG0NXmEZov0bbt1fD4/g7rCE
qEA1JVR0r/xUXEo7W44EdjERbEGzzbBAREDLt0ky9/iCNXrrXnHLecARjwcmWmzI
cdy2QEbROVY1ocwDXGEPBLtK0u7npH6YlkypwM1MHlPWgwdopskkh9ZvWQIDAQAB
o4IDmzCCA5cwHQYDVR0OBBYEFBYwfSn1VD8h6jAJuVI/5xuPE2nKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2JmNWU3
MC02NjY1LTQ5ZGUtYjljZi00Y2ZlNDBmMDdhNmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYmY1ZTcw
LTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlIcU1BbTVV
al9uRzQ4VGFjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH+BggrBgEF
BQcBBwEB/wSB7jCB6zCB2gQCAAEwgdMDAwE+HgMDAj78AwMDTWADAwNQAAMDAlDA
AwQHUOuAAwQFUP/AAwMEUWAwCQMCAVIDAwRSIDAMAwQDVBNoAwQHVBMAAwMFVgAw
CgMDA1zoAwMAXOoDAwJc7DAKAwMAXq0DAwReoAMEArnk/AMEBsEmQDAMAwQFwScg
AwQBwSdAAwQFwcFgAwQFwnWAAwQBwpGUAwMAwqgDBAXDtqADAwDDvAMEBdQYQAME
BdQroAMDANT6AwMA1TADBAfVUQADAwLVaAMEBdWT4AMEBdWUIAMDANmJMAwEAgAC
MAYDBAAqAogwNQYIKwYBBQUHAQgBAf8EJjAkoCIwIAICE+ECAhVWAgIzFAIDAKfr
AgMAqm0CAwDFZgIDAPJAMA0GCSqGSIb3DQEBCwUAA4IBAQChyzg0p7xJ6oQwbhHw
GisTgJ5Lqkurr15FCWypeLqC668a1nw23qmLS1hZo+kCFMCy0zlfsIpWcnDiTyXc
MJ9EJ/kxchtpwUVVd93xbtoDbEZbgZSDX/54nSPWFufy/qf7uVV/HcHqFupyGjHO
o/YBiQsPI9nlQHS4GfU/1YGofZrfOEHSo27ByRDoG4Q1YXcsJzZwubGEEcFMKWEk
kgGzSHBV9kfMJqJhwkibol0I5KWLYsnJZcKAP+TNEodYG2v9TMxX6g/fcQWFbsAc
PKk9vuM9M7w1lxF6WbV+8FSyVm5rVkg/JnGrdLDnRN6csXMnDBKtGEQFC/7hyU47
Bkr0
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:06:04 2024 by rpki-client on console-fra.rpki-client.org