Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
File: G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer (raw, json)
Hash identifier: rCi2S64RT3S7fGrPnLWtdcCcnP9GUL4f2S8c24Q2C/Q=
Subject key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0192F664DBFCF5F951BF43AB6345AE5F2F98
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 04 Nov 2024 08:57:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 2.59.8.0/23
IP: 2.59.14.0/24
IP: 5.42.198.0/24
IP: 31.14.219.0/24
IP: 31.14.236.0/23
IP: 31.210.18.0/24
IP: 43.240.140.0/22
IP: 45.94.244.0/22
IP: 45.95.48.0/22
IP: 45.116.168.0/22
IP: 45.138.232.0/22
IP: 45.142.92.0 -- 45.142.99.255
IP: 45.149.148.0/22
IP: 58.97.128.0/21
IP: 58.97.232.0 -- 58.97.255.255
IP: 62.3.29.0/24
IP: 62.68.91.0/24
IP: 62.106.92.0/24
IP: 62.112.12.0/23
IP: 77.81.104.0/21
IP: 77.95.116.0/22
IP: 78.24.206.0/24
IP: 78.138.1.0 -- 78.138.2.255
IP: 78.138.16.0/24
IP: 78.138.25.0/24
IP: 78.138.30.0/24
IP: 78.138.40.0/24
IP: 78.138.47.0 -- 78.138.48.255
IP: 78.138.50.0/24
IP: 80.240.103.0/24
IP: 80.240.111.0/24
IP: 82.97.196.0/23
IP: 82.97.199.0 -- 82.97.200.255
IP: 83.229.76.0/22
IP: 83.229.104.0/22
IP: 84.39.224.0/21
IP: 86.106.120.0/24
IP: 89.19.40.0/22
IP: 89.32.129.0/24
IP: 89.32.184.0/24
IP: 89.32.203.0/24
IP: 89.34.7.0/24
IP: 89.34.78.0/23
IP: 89.37.28.0/24
IP: 89.37.216.0/23
IP: 89.38.106.0/23
IP: 89.38.132.0/23
IP: 89.39.150.0/24
IP: 89.40.108.0/23
IP: 89.41.62.0/24
IP: 89.42.48.0/23
IP: 89.43.51.0/24
IP: 89.43.68.0/23
IP: 89.44.115.0/24
IP: 89.44.213.0/24
IP: 89.44.245.0/24
IP: 89.46.152.0/21
IP: 89.47.63.0/24
IP: 89.249.51.0/24
IP: 89.249.56.0/22
IP: 91.132.184.0/22
IP: 91.197.252.0/22
IP: 91.238.148.0/23
IP: 91.245.235.0/24
IP: 92.43.84.0/22
IP: 93.113.124.0/23
IP: 93.114.0.0/20
IP: 93.115.12.0/23
IP: 93.180.192.0/20
IP: 93.180.224.0/20
IP: 94.176.112.0/20
IP: 94.176.163.0/24
IP: 94.176.216.0/22
IP: 94.177.52.0 -- 94.177.57.255
IP: 95.215.36.0/22
IP: 103.204.124.0/22
IP: 103.204.212.0/22
IP: 119.13.192.0/19
IP: 121.91.80.0/21
IP: 138.124.144.0/22
IP: 150.129.92.0/22
IP: 176.118.195.0/24
IP: 176.119.8.0/21
IP: 185.38.102.0/24
IP: 185.77.250.0/23
IP: 185.90.243.0/24
IP: 185.125.192.0/22
IP: 185.131.220.0/23
IP: 185.221.221.0/24
IP: 185.223.56.0/24
IP: 185.223.58.0/23
IP: 185.225.104.0/22
IP: 185.229.250.0/24
IP: 185.240.252.0/24
IP: 185.240.254.0/23
IP: 185.243.108.0/22
IP: 188.95.152.0/21
IP: 188.119.116.0/22
IP: 188.210.94.0/23
IP: 188.211.250.0/23
IP: 188.212.120.0/24
IP: 188.214.89.0/24
IP: 188.214.93.0/24
IP: 188.241.59.0/24
IP: 188.241.146.0/24
IP: 193.169.8.0/23
IP: 193.192.52.0/23
IP: 193.203.36.0/24
IP: 193.203.39.0/24
IP: 193.239.172.0/23
IP: 193.239.246.0/23
IP: 194.24.234.0/23
IP: 194.88.134.0/23
IP: 194.135.26.0/23
IP: 194.135.132.0/23
IP: 194.145.118.0/24
IP: 194.246.106.0/23
IP: 195.2.196.0/23
IP: 195.13.48.0/23
IP: 195.34.80.0/23
IP: 195.93.140.0/23
IP: 195.128.188.0/23
IP: 195.133.208.0/23
IP: 195.135.192.0/23
IP: 195.189.132.0/23
IP: 195.189.250.0/23
IP: 195.210.44.0/23
IP: 195.254.140.0/23
IP: 202.181.20.0/22
IP: 203.109.52.0/22
IP: 203.109.60.0/22
IP: 203.166.144.0 -- 203.166.157.255
IP: 209.20.160.0/19
IP: 213.159.10.0 -- 213.159.13.255
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:64:db:fc:f5:f9:51:bf:43:ab:63:45:ae:5f:2f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 4 08:57:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:9e:89:e0:ed:49:ef:6f:5d:1e:1e:28:cf:
e1:2b:d0:77:48:7f:c5:96:be:66:1e:c8:2b:44:71:
97:97:73:90:ad:ca:4b:3a:14:d7:1c:8e:e0:f9:0f:
3b:6f:40:8b:83:37:96:32:6b:86:05:ce:c5:fa:a5:
b2:5a:c1:fb:2d:c5:91:f1:2f:3b:87:69:d7:d4:2f:
4e:fe:91:06:ec:32:9a:4b:42:05:bf:24:6b:eb:6e:
37:29:e1:5f:0a:d7:7a:8f:72:77:24:96:18:2e:68:
9f:7c:84:e5:37:74:68:6d:b0:1d:3f:3a:a2:8e:c4:
1e:63:25:52:85:41:80:69:0a:8b:d5:56:f6:f5:d3:
ed:63:2a:16:8b:e2:3a:36:3b:d9:7c:9b:3e:75:63:
f7:6b:4f:27:10:24:3a:d7:aa:07:e0:b9:71:74:6d:
69:57:ec:8f:4a:73:5c:89:96:a8:c2:5e:7c:82:cc:
58:78:0f:b0:d0:49:de:46:1b:ec:34:13:5e:20:cd:
8d:a3:35:61:51:53:e5:05:9d:96:14:51:5d:6f:e4:
ed:3a:9f:7b:76:22:f5:a6:0f:6d:59:2c:ac:d9:c6:
37:1a:cb:58:a4:7e:77:fa:ba:d7:27:62:0a:a2:e1:
36:a5:08:2f:5e:f4:ba:20:0c:81:b1:18:8e:3c:38:
00:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.8.0/23
2.59.14.0/24
5.42.198.0/24
31.14.219.0/24
31.14.236.0/23
31.210.18.0/24
43.240.140.0/22
45.94.244.0/22
45.95.48.0/22
45.116.168.0/22
45.138.232.0/22
45.142.92.0-45.142.99.255
45.149.148.0/22
58.97.128.0/21
58.97.232.0-58.97.255.255
62.3.29.0/24
62.68.91.0/24
62.106.92.0/24
62.112.12.0/23
77.81.104.0/21
77.95.116.0/22
78.24.206.0/24
78.138.1.0-78.138.2.255
78.138.16.0/24
78.138.25.0/24
78.138.30.0/24
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
80.240.103.0/24
80.240.111.0/24
82.97.196.0/23
82.97.199.0-82.97.200.255
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
86.106.120.0/24
89.19.40.0/22
89.32.129.0/24
89.32.184.0/24
89.32.203.0/24
89.34.7.0/24
89.34.78.0/23
89.37.28.0/24
89.37.216.0/23
89.38.106.0/23
89.38.132.0/23
89.39.150.0/24
89.40.108.0/23
89.41.62.0/24
89.42.48.0/23
89.43.51.0/24
89.43.68.0/23
89.44.115.0/24
89.44.213.0/24
89.44.245.0/24
89.46.152.0/21
89.47.63.0/24
89.249.51.0/24
89.249.56.0/22
91.132.184.0/22
91.197.252.0/22
91.238.148.0/23
91.245.235.0/24
92.43.84.0/22
93.113.124.0/23
93.114.0.0/20
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
94.176.163.0/24
94.176.216.0/22
94.177.52.0-94.177.57.255
95.215.36.0/22
103.204.124.0/22
103.204.212.0/22
119.13.192.0/19
121.91.80.0/21
138.124.144.0/22
150.129.92.0/22
176.118.195.0/24
176.119.8.0/21
185.38.102.0/24
185.77.250.0/23
185.90.243.0/24
185.125.192.0/22
185.131.220.0/23
185.221.221.0/24
185.223.56.0/24
185.223.58.0/23
185.225.104.0/22
185.229.250.0/24
185.240.252.0/24
185.240.254.0/23
185.243.108.0/22
188.95.152.0/21
188.119.116.0/22
188.210.94.0/23
188.211.250.0/23
188.212.120.0/24
188.214.89.0/24
188.214.93.0/24
188.241.59.0/24
188.241.146.0/24
193.169.8.0/23
193.192.52.0/23
193.203.36.0/24
193.203.39.0/24
193.239.172.0/23
193.239.246.0/23
194.24.234.0/23
194.88.134.0/23
194.135.26.0/23
194.135.132.0/23
194.145.118.0/24
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.133.208.0/23
195.135.192.0/23
195.189.132.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
202.181.20.0/22
203.109.52.0/22
203.109.60.0/22
203.166.144.0-203.166.157.255
209.20.160.0/19
213.159.10.0-213.159.13.255
Signature Algorithm: sha256WithRSAEncryption
8f:e7:01:bb:13:18:84:4b:e0:2a:d5:b1:83:66:80:42:94:eb:
41:14:ae:a3:0e:f9:28:7a:81:fd:6a:ab:8e:ac:fc:76:26:56:
f7:3b:9b:cc:d8:9f:0f:62:4f:07:da:37:24:76:28:c6:fc:7b:
a1:3c:62:24:7c:9c:ee:11:61:5a:9d:71:1a:3b:96:8e:4e:aa:
71:f9:fe:13:f9:de:56:20:53:19:ed:e1:ae:71:fb:2f:f5:d5:
d3:c1:3a:c0:1a:cd:44:cd:0e:17:f7:2c:2d:7d:d8:ad:42:4d:
ff:e4:e9:6a:b5:74:cc:2c:9d:16:5b:25:a3:19:d3:f3:65:2f:
4f:0e:ef:26:80:c7:93:c2:f1:70:a3:95:d0:56:c1:30:e7:f0:
0a:b6:ac:e0:d3:79:24:4c:c0:74:15:7d:4c:4b:d5:32:cd:69:
a4:40:7f:08:3d:da:4b:95:eb:4c:96:cf:f3:14:35:3e:86:a0:
ef:c0:ae:78:69:36:b7:a8:6b:c2:f2:4c:7d:d5:5a:d9:06:c4:
13:ef:94:0d:72:f3:91:bc:fb:cc:57:14:13:e6:9a:a6:18:64:
fa:55:e6:cc:00:1c:b6:5c:4b:90:27:d2:3b:23:55:2d:3a:32:
e0:c0:82:98:a0:08:e4:72:6d:ea:3e:b3:65:11:4a:67:8e:27:
1e:84:cf:24
-----BEGIN CERTIFICATE-----
MIII3zCCB8egAwIBAgISAZL2ZNv89flRv0OrY0WuXy+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTA0MDg1NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE1MWEwYmMwZjBhZmViYmY2ZDVkOTI3ZmUxZjk4MTZmNTIzNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9qeieDtSe9vXR4eKM/hK9B3SH/F
lr5mHsgrRHGXl3OQrcpLOhTXHI7g+Q87b0CLgzeWMmuGBc7F+qWyWsH7LcWR8S87
h2nX1C9O/pEG7DKaS0IFvyRr6243KeFfCtd6j3J3JJYYLmiffITlN3RobbAdPzqi
jsQeYyVShUGAaQqL1Vb29dPtYyoWi+I6NjvZfJs+dWP3a08nECQ616oH4LlxdG1p
V+yPSnNciZaowl58gsxYeA+w0EneRhvsNBNeIM2NozVhUVPlBZ2WFFFdb+TtOp97
diL1pg9tWSys2cY3GstYpH53+rrXJ2IKouE2pQgvXvS6IAyBsRiOPDgArwIDAQAB
o4IF6zCCBecwHQYDVR0OBBYEFBulGgvA8K/rv21dkn/h+YFvUjUtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxLzRmMjEx
ZS03OWQ3LTQ1MDQtOWVhZC04NzFmOWVkNzA4ZTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvNGYyMTFl
LTc5ZDctNDUwNC05ZWFkLTg3MWY5ZWQ3MDhlMC8xL0c2VWFDOER3ci11X2JWMlNm
LUg1Z1c5U05TMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIDhAYIKwYB
BQUHAQcBAf8EggNzMIIDbzCCA2sEAgABMIIDYwMEAQI7CAMEAAI7DgMEAAUqxgME
AB8O2wMEAR8O7AMEAB/SEgMEAivwjAMEAi1e9AMEAi1fMAMEAi10qAMEAi2K6DAM
AwQCLY5cAwQCLY5gAwQCLZWUAwQDOmGAMAsDBAM6YegDAwE6YAMEAD4DHQMEAD5E
WwMEAD5qXAMEAT5wDAMEA01RaAMEAk1fdAMEAE4YzjAMAwQATooBAwQATooCAwQA
TooQAwQATooZAwQATooeAwQAToooMAwDBABOii8DBABOijADBABOijIDBABQ8GcD
BABQ8G8DBAFSYcQwDAMEAFJhxwMEAFJhyAMEAlPlTAMEAlPlaAMEA1Qn4AMEAFZq
eAMEAlkTKAMEAFkggQMEAFkguAMEAFkgywMEAFkiBwMEAVkiTgMEAFklHAMEAVkl
2AMEAVkmagMEAVkmhAMEAFknlgMEAVkobAMEAFkpPgMEAVkqMAMEAFkrMwMEAVkr
RAMEAFkscwMEAFks1QMEAFks9QMEA1kumAMEAFkvPwMEAFn5MwMEAln5OAMEAluE
uAMEAlvF/AMEAVvulAMEAFv16wMEAlwrVAMEAV1xfAMEBF1yAAMEAV1zDAMEBF20
wAMEBF204AMEBF6wcAMEAF6wowMEAl6w2DAMAwQCXrE0AwQBXrE4AwQCX9ckAwQC
Z8x8AwQCZ8zUAwQFdw3AAwQDeVtQAwQCinyQAwQCloFcAwQAsHbDAwQDsHcIAwQA
uSZmAwQBuU36AwQAuVrzAwQCuX3AAwQBuYPcAwQAud3dAwQAud84AwQBud86AwQC
ueFoAwQAueX6AwQAufD8AwQBufD+AwQCufNsAwQDvF+YAwQCvHd0AwQBvNJeAwQB
vNP6AwQAvNR4AwQAvNZZAwQAvNZdAwQAvPE7AwQAvPGSAwQBwakIAwQBwcA0AwQA
wcskAwQAwcsnAwQBwe+sAwQBwe/2AwQBwhjqAwQBwliGAwQBwocaAwQBwoeEAwQA
wpF2AwQBwvZqAwQBwwLEAwQBww0wAwQBwyJQAwQBw12MAwQBw4C8AwQBw4XQAwQB
w4fAAwQBw72EAwQBw736AwQBw9IsAwQBw/6MAwQCyrUUAwQCy200AwQCy208MAwD
BATLppADBAHLppwDBAXRFKAwDAMEAdWfCgMEAdWfDDANBgkqhkiG9w0BAQsFAAOC
AQEAj+cBuxMYhEvgKtWxg2aAQpTrQRSuow75KHqB/Wqrjqz8diZW9zubzNifD2JP
B9o3JHYoxvx7oTxiJHyc7hFhWp1xGjuWjk6qcfn+E/neViBTGe3hrnH7L/XV08E6
wBrNRM0OF/csLX3YrUJN/+TparV0zCydFlsloxnT82UvTw7vJoDHk8LxcKOV0FbB
MOfwCras4NN5JEzAdBV9TEvVMs1ppEB/CD3aS5XrTJbP8xQ1Poag78CueGk2t6hr
wvJMfdVa2QbEE++UDXLzkbz7zFcUE+aaphhk+lXmzAActlxLkCfSOyNVLToy4MCC
mKAI5HJt6j6zZRFKZ44nHoTPJA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:21:07 2024 by rpki-client on console-fra.rpki-client.org