Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
File: FjB9KfVUPyHqMAm5Uj_nG48Taco.cer (raw, json)
Hash identifier: abMqkWFgDFjxp4ColVhg9A3HU44Tnf7cdLJSDwZ0I+w=
Subject key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143AD216BFE1BD5A557DEAC4C5A512C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:47:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 5089
AS: 5462
AS: 13076
AS: 42987
AS: 43629
AS: 50534
AS: 62016
IP: 62.30.0.0/15
IP: 62.252.0.0/14
IP: 77.96.0.0/13
IP: 80.0.0.0/13
IP: 80.192.0.0/14
IP: 80.235.128.0/17
IP: 80.255.192.0/19
IP: 81.96.0.0/12
IP: 82.0.0.0 -- 82.20.255.255
IP: 82.28.0.0/16
IP: 82.30.0.0 -- 82.47.255.255
IP: 84.19.104.0 -- 84.19.127.255
IP: 86.0.0.0/11
IP: 92.232.0.0 -- 92.234.255.255
IP: 92.236.0.0/14
IP: 94.173.0.0 -- 94.175.255.255
IP: 185.228.252.0/22
IP: 193.38.64.0/18
IP: 193.39.32.0 -- 193.39.65.255
IP: 193.193.96.0/19
IP: 194.117.128.0/19
IP: 194.145.148.0/23
IP: 194.168.0.0/16
IP: 195.182.160.0/19
IP: 195.188.0.0/16
IP: 212.24.64.0/19
IP: 212.43.160.0/19
IP: 212.250.0.0/16
IP: 213.48.0.0/16
IP: 213.81.0.0/17
IP: 213.104.0.0/14
IP: 213.147.224.0/19
IP: 213.148.32.0/19
IP: 217.137.0.0/16
IP: 2a02:8800::/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ad:21:6b:fe:1b:d5:a5:57:de:ac:4c:5a:51:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7c:de:15:df:0f:da:bf:75:92:eb:58:79:d8:
d7:57:da:73:8b:ff:e5:4e:52:ce:63:04:49:b1:6e:
42:ef:04:27:23:86:a8:f0:8c:92:b6:ef:ad:3d:67:
13:13:66:a8:5a:7d:3a:15:3a:17:03:c6:88:a7:09:
76:88:4e:19:8b:c1:9f:9d:c4:11:22:7a:ba:00:29:
1f:6d:26:6f:84:72:16:15:68:a4:24:84:5b:04:18:
f7:99:6c:56:bd:eb:a4:e8:3c:05:3a:71:23:a6:b3:
84:01:d7:de:8a:22:2b:71:03:37:d7:df:78:3f:4a:
c3:b0:48:6f:cd:34:f8:41:71:ca:1b:58:87:c7:36:
8f:f9:64:d4:93:1b:1e:b1:bc:1a:31:31:53:40:6d:
0d:5e:61:19:a2:fd:1b:6e:dd:5f:0f:8f:e0:ee:b0:
84:a8:40:35:25:54:74:af:fc:54:5c:4a:3b:5b:8e:
04:76:31:11:6c:41:b3:cd:b0:40:44:40:cb:b7:49:
32:f7:f8:82:35:7a:eb:5e:71:cb:79:c0:11:8f:07:
26:5a:6c:c8:71:dc:b6:40:46:d1:39:56:35:a1:cc:
03:5c:61:0f:04:bb:4a:d2:ee:e7:a4:7e:98:96:4c:
a9:c0:cd:4c:1e:53:d6:83:07:68:a6:c9:24:87:d6:
6f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.30.0.0/15
62.252.0.0/14
77.96.0.0/13
80.0.0.0/13
80.192.0.0/14
80.235.128.0/17
80.255.192.0/19
81.96.0.0/12
82.0.0.0-82.20.255.255
82.28.0.0/16
82.30.0.0-82.47.255.255
84.19.104.0-84.19.127.255
86.0.0.0/11
92.232.0.0-92.234.255.255
92.236.0.0/14
94.173.0.0-94.175.255.255
185.228.252.0/22
193.38.64.0/18
193.39.32.0-193.39.65.255
193.193.96.0/19
194.117.128.0/19
194.145.148.0/23
194.168.0.0/16
195.182.160.0/19
195.188.0.0/16
212.24.64.0/19
212.43.160.0/19
212.250.0.0/16
213.48.0.0/16
213.81.0.0/17
213.104.0.0/14
213.147.224.0/19
213.148.32.0/19
217.137.0.0/16
IPv6:
2a02:8800::/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5089
5462
13076
42987
43629
50534
62016
Signature Algorithm: sha256WithRSAEncryption
8b:f5:90:4a:49:cd:41:d4:a3:0c:cc:3c:f7:27:65:34:81:b8:
2d:a1:eb:29:f0:92:bd:51:ef:ec:37:d6:05:fb:87:73:30:00:
07:42:31:f0:58:c7:34:97:fb:a5:2d:65:d5:44:74:f4:26:e3:
53:5b:3b:8d:29:b5:3f:ea:69:f8:5d:d0:8c:8b:dc:9d:1b:3a:
6c:82:e8:d3:c5:3d:fc:6a:19:4d:f0:13:b5:0f:64:12:1d:96:
ba:75:1c:2c:db:26:25:be:5f:15:79:de:31:45:f6:54:9b:42:
8a:5d:55:33:7f:70:c7:48:ad:59:ea:16:0f:79:83:40:4f:c8:
1c:4d:03:80:fd:e8:35:f4:a2:04:a6:ec:ac:35:fc:f8:33:78:
6f:89:58:6e:53:e9:4a:b1:6b:46:b6:00:65:fa:73:65:74:b0:
fc:2c:41:8f:d4:d5:f4:40:63:e6:35:90:12:04:8a:de:46:bc:
4f:53:c7:d4:29:b6:4d:b3:cf:03:09:1c:85:b8:fe:f7:85:ba:
dc:71:c5:cc:11:49:6c:37:80:5a:e6:37:00:7e:dd:9c:74:0f:
a6:d1:82:0d:fa:43:f2:51:45:4f:bb:a7:b5:bb:21:28:9f:00:
df:36:0d:ca:fb:62:10:25:57:1c:0c:b4:17:0d:3d:e0:d9:ad:
29:7d:cb:2a
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgISAZQhQ60ha/4b1aVX3qxMWlEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33zeFd8P2r91kutYedjXV9pzi//l
TlLOYwRJsW5C7wQnI4ao8IyStu+tPWcTE2aoWn06FToXA8aIpwl2iE4Zi8GfncQR
Inq6ACkfbSZvhHIWFWikJIRbBBj3mWxWveuk6DwFOnEjprOEAdfeiiIrcQM31994
P0rDsEhvzTT4QXHKG1iHxzaP+WTUkxsesbwaMTFTQG0NXmEZov0bbt1fD4/g7rCE
qEA1JVR0r/xUXEo7W44EdjERbEGzzbBAREDLt0ky9/iCNXrrXnHLecARjwcmWmzI
cdy2QEbROVY1ocwDXGEPBLtK0u7npH6YlkypwM1MHlPWgwdopskkh9ZvWQIDAQAB
o4IDrTCCA6kwHQYDVR0OBBYEFBYwfSn1VD8h6jAJuVI/5xuPE2nKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1L2JmNWU3
MC02NjY1LTQ5ZGUtYjljZi00Y2ZlNDBmMDdhNmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvYmY1ZTcw
LTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlIcU1BbTVV
al9uRzQ4VGFjby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBDwYIKwYB
BQUHAQcBAf8Egf8wgfwwgesEAgABMIHkAwMBPh4DAwI+/AMDA01gAwMDUAADAwJQ
wAMEB1DrgAMEBVD/wAMDBFFgMAkDAgFSAwMAUhQDAwBSHDAKAwMBUh4DAwRSIDAM
AwQDVBNoAwQHVBMAAwMFVgAwCgMDA1zoAwMAXOoDAwJc7DAKAwMAXq0DAwReoAME
Arnk/AMEBsEmQDAMAwQFwScgAwQBwSdAAwQFwcFgAwQFwnWAAwQBwpGUAwMAwqgD
BAXDtqADAwDDvAMEBdQYQAMEBdQroAMDANT6AwMA1TADBAfVUQADAwLVaAMEBdWT
4AMEBdWUIAMDANmJMAwEAgACMAYDBAAqAogwNQYIKwYBBQUHAQgBAf8EJjAkoCIw
IAICE+ECAhVWAgIzFAIDAKfrAgMAqm0CAwDFZgIDAPJAMA0GCSqGSIb3DQEBCwUA
A4IBAQCL9ZBKSc1B1KMMzDz3J2U0gbgtoesp8JK9Ue/sN9YF+4dzMAAHQjHwWMc0
l/ulLWXVRHT0JuNTWzuNKbU/6mn4XdCMi9ydGzpsgujTxT38ahlN8BO1D2QSHZa6
dRws2yYlvl8Ved4xRfZUm0KKXVUzf3DHSK1Z6hYPeYNAT8gcTQOA/eg19KIEpuys
Nfz4M3hviVhuU+lKsWtGtgBl+nNldLD8LEGP1NX0QGPmNZASBIreRrxPU8fUKbZN
s88DCRyFuP73hbrcccXMEUlsN4Ba5jcAft2cdA+m0YIN+kPyUUVPu6e1uyEonwDf
Ng3K+2IQJVccDLQXDT3g2a0pfcsq
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:31:28 2025 by rpki-client