Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
File: ISvg6nHPQ34I798_55jq-YQTHEY.cer (raw, json)
Hash identifier: Rk8SLGRkEWJmuOghZ8kR25DJNZjVGVpN0+yHABRH+i4=
Subject key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E75FF553B9A94C7BF1F5A4C8AD45CBA61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 25 Mar 2024 14:24:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8937
AS: 9063
IP: 31.220.32.0/22
IP: 37.230.0.0/19
IP: 91.184.160.0/19
IP: 93.186.0.0/20
IP: 109.75.80.0/20
IP: 176.126.64.0/23
IP: 176.126.68.0/23
IP: 176.126.71.0 -- 176.126.73.255
IP: 176.126.75.0 -- 176.126.76.255
IP: 176.126.79.0 -- 176.126.82.255
IP: 185.35.109.0 -- 185.35.111.255
IP: 185.161.200.0/23
IP: 185.166.189.0 -- 185.166.191.255
IP: 185.168.8.0/24
IP: 185.168.11.0/24
IP: 185.186.144.0/23
IP: 185.194.151.0/24
IP: 185.203.123.0/24
IP: 185.222.139.0/24
IP: 185.231.252.0/22
IP: 194.35.184.0/23
IP: 194.35.188.0/23
IP: 212.18.192.0/19
IP: 212.82.48.0/20
IP: 212.88.128.0/19
IP: 217.24.224.0/20
IP: 2a02:5a0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 02:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:ff:55:3b:9a:94:c7:bf:1f:5a:4c:8a:d4:5c:ba:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 25 14:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5d:1f:88:10:5a:95:ab:52:c1:4a:bd:38:ca:
4c:38:40:20:46:6d:8e:0c:63:29:23:dd:eb:65:40:
e0:da:23:a0:52:be:d9:b1:75:a7:50:a8:a3:cf:ce:
3a:d3:82:51:19:0c:e8:e6:5b:db:1e:bb:92:ea:a2:
1e:21:7e:6c:b9:5e:d7:a2:2a:7f:eb:94:ff:56:f7:
59:9b:a1:f3:a3:fc:73:30:d3:eb:ef:da:9b:1d:46:
2d:ec:5c:9e:f2:6c:65:30:29:9c:cf:c0:5d:3f:4c:
8b:71:a4:7c:94:2e:1b:b8:26:46:ed:6e:70:9b:02:
f5:70:5f:79:e9:ee:2b:12:0b:4c:2b:05:08:88:8e:
97:cd:4c:ae:66:54:11:84:7e:3c:95:bf:cf:a7:15:
c7:02:de:be:08:25:18:5d:f8:ab:89:60:2b:82:9e:
73:25:8d:fc:c1:f8:44:59:45:3c:24:13:47:8c:6c:
c9:99:e2:97:dd:74:0c:08:b1:90:1e:51:a4:2a:9b:
65:da:1d:4c:f3:5e:72:2e:05:bf:48:4b:7e:b1:24:
14:6b:8d:b2:50:1b:c2:4f:33:d1:9b:78:25:d7:b9:
00:f7:8b:1c:aa:4e:8d:bc:1b:0a:b9:70:d1:c5:30:
17:e4:dc:6d:d7:53:4d:a7:23:8b:23:f7:c6:c5:f2:
84:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.32.0/22
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.18.192.0/19
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8937
9063
Signature Algorithm: sha256WithRSAEncryption
59:95:5d:6a:ca:4f:c1:68:8a:46:2f:cc:3e:fa:df:b4:e7:f2:
f8:1b:e9:f1:8d:40:3e:ab:a6:90:fb:88:49:30:6e:1f:2e:54:
8f:47:08:4d:c9:2d:1a:fb:c0:e0:36:86:5b:b3:97:2f:d6:52:
3c:77:b6:dd:8f:8f:5d:20:37:c7:e7:53:7d:83:f5:cb:99:4f:
0f:bf:d6:93:21:45:98:70:95:d0:26:1d:4f:f1:f3:ed:01:44:
1e:93:36:f9:7d:ab:55:3a:85:2f:bf:3f:74:52:be:fc:ba:5e:
1a:f1:27:45:5f:c4:4b:39:4b:e5:c0:fc:d3:af:8a:08:70:97:
e4:a3:6c:8e:d3:57:20:73:7f:65:29:bb:d8:fd:ce:36:ba:d1:
23:2f:27:b9:1c:cb:c8:44:0e:48:b0:b0:25:db:e1:45:30:2c:
ec:58:9d:d4:5e:98:2d:c3:06:b2:bc:ed:af:d9:53:b2:bc:10:
a3:35:87:2e:dd:13:b2:06:ce:72:f0:c2:a2:21:56:3b:e5:0c:
6f:48:c3:ad:c0:62:5d:b0:73:72:1f:76:02:66:9a:90:21:3a:
51:07:91:bc:63:7c:e0:b9:97:f1:5b:5f:59:95:3d:94:a8:02:
78:3b:d3:73:6f:92:1f:37:dd:ae:ed:ee:9b:75:d1:16:fb:37:
fa:72:bc:2e
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgISAY51/1U7mpTHvx9aTIrUXLphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzI1MTQyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJiZTBlYTcxY2Y0MzdlMDhlZmRmM2ZlNzk4ZWFmOTg0MTMxYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF0fiBBalatSwUq9OMpMOEAgRm2O
DGMpI93rZUDg2iOgUr7ZsXWnUKijz84604JRGQzo5lvbHruS6qIeIX5suV7Xoip/
65T/VvdZm6Hzo/xzMNPr79qbHUYt7Fye8mxlMCmcz8BdP0yLcaR8lC4buCZG7W5w
mwL1cF956e4rEgtMKwUIiI6XzUyuZlQRhH48lb/PpxXHAt6+CCUYXfiriWArgp5z
JY38wfhEWUU8JBNHjGzJmeKX3XQMCLGQHlGkKptl2h1M815yLgW/SEt+sSQUa42y
UBvCTzPRm3gl17kA94scqk6NvBsKuXDRxTAX5Nxt11NNpyOLI/fGxfKEMQIDAQAB
o4IDdTCCA3EwHQYDVR0OBBYEFCEr4Opxz0N+CO/fP+eY6vmEExxGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzFiYWJm
Yy03OWU2LTQ1ZGYtOGM0MC03MjU2OGYwNmZlMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvMWJhYmZj
LTc5ZTYtNDVkZi04YzQwLTcyNTY4ZjA2ZmUxMC8xL0lTdmc2bkhQUTM0STc5OF81
NWpxLVlRVEhFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHwBggrBgEF
BQcBBwEB/wSB4DCB3TCBywQCAAEwgcQDBAIf3CADBAUl5gADBAVbuKADBARdugAD
BARtS1ADBAGwfkADBAGwfkQwDAMEALB+RwMEAbB+SDAMAwQAsH5LAwQAsH5MMAwD
BACwfk8DBACwflIwDAMEALkjbQMEBLkjYAMEAbmhyDAMAwQAuaa9AwQGuaaAAwQA
uagIAwQAuagLAwQBubqQAwQAucKXAwQAuct7AwQAud6LAwQCuef8AwQBwiO4AwQB
wiO8AwQF1BLAAwQE1FIwAwQF1FiAAwQE2RjgMA0EAgACMAcDBQMqAgWgMB0GCCsG
AQUFBwEIAQH/BA4wDKAKMAgCAiLpAgIjZzANBgkqhkiG9w0BAQsFAAOCAQEAWZVd
aspPwWiKRi/MPvrftOfy+Bvp8Y1APqumkPuISTBuHy5Uj0cITcktGvvA4DaGW7OX
L9ZSPHe23Y+PXSA3x+dTfYP1y5lPD7/WkyFFmHCV0CYdT/Hz7QFEHpM2+X2rVTqF
L78/dFK+/LpeGvEnRV/ESzlL5cD806+KCHCX5KNsjtNXIHN/ZSm72P3ONrrRIy8n
uRzLyEQOSLCwJdvhRTAs7Fid1F6YLcMGsrztr9lTsrwQozWHLt0TsgbOcvDCoiFW
O+UMb0jDrcBiXbBzch92AmaakCE6UQeRvGN84LmX8VtfWZU9lKgCeDvTc2+SHzfd
ru3um3XRFvs3+nK8Lg==
-----END CERTIFICATE-----
Generated at Sat Apr 20 09:59:41 2024 by rpki-client on console-fra.rpki-client.org