Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
File: JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer (raw, json)
Hash identifier: M0EMWKHIyBXP3tPXMN+wU/cSRom1WaopadHNz7zKFik=
Subject key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E38AE9EF5CD3E90111AA440342ED1A724
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 13 Mar 2024 16:39:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 3303
AS: 6837
AS: 8300
AS: 21273
AS: 202088
AS: 205762
IP: 46.245.144.0/21
IP: 78.110.128.0/20
IP: 91.216.229.0/24
IP: 138.187.0.0 -- 138.188.255.255
IP: 138.190.0.0/16
IP: 163.168.0.0/16
IP: 164.128.0.0/16
IP: 171.25.0.0/17
IP: 185.39.92.0/22
IP: 185.84.76.0/22
IP: 185.106.64.0/22
IP: 188.92.48.0/21
IP: 193.5.0.0/24
IP: 193.5.3.0 -- 193.5.7.255
IP: 193.5.12.0/22
IP: 193.5.20.0/23
IP: 193.5.23.0/24
IP: 193.5.29.0 -- 193.5.30.255
IP: 193.5.32.0 -- 193.5.38.255
IP: 193.5.40.0/24
IP: 193.5.52.0/24
IP: 193.5.59.0/24
IP: 193.5.61.0/24
IP: 193.5.63.0/24
IP: 193.5.70.0 -- 193.5.75.255
IP: 193.5.112.0/22
IP: 193.5.122.0/24
IP: 193.5.156.0 -- 193.5.167.255
IP: 193.5.179.0/24
IP: 193.5.224.0/20
IP: 193.5.252.0/24
IP: 193.47.226.0 -- 193.47.233.255
IP: 193.134.36.0 -- 193.134.43.255
IP: 193.134.88.0/22
IP: 193.134.95.0/24
IP: 193.134.248.0/23
IP: 193.134.255.0 -- 193.135.1.255
IP: 193.135.3.0/24
IP: 193.135.14.0/24
IP: 193.135.16.0/22
IP: 193.135.22.0/23
IP: 193.135.26.0/23
IP: 193.135.100.0/24
IP: 193.135.110.0/23
IP: 193.135.128.0 -- 193.135.133.255
IP: 193.135.136.0/24
IP: 193.135.139.0 -- 193.135.145.255
IP: 193.135.148.0/23
IP: 193.135.154.0/23
IP: 193.135.158.0 -- 193.135.161.255
IP: 193.135.173.0/24
IP: 193.135.214.0/23
IP: 193.135.218.0/24
IP: 193.135.224.0/20
IP: 193.135.248.0/22
IP: 193.135.255.0/24
IP: 193.222.64.0/19
IP: 193.223.1.0 -- 193.223.63.255
IP: 193.223.112.0 -- 193.223.175.255
IP: 193.246.0.0/22
IP: 193.246.6.0 -- 193.246.11.255
IP: 193.246.16.0/21
IP: 193.246.32.0 -- 193.246.50.255
IP: 193.246.56.0 -- 193.246.61.255
IP: 193.246.98.0 -- 193.246.100.255
IP: 193.246.104.0/23
IP: 193.246.112.0/21
IP: 193.246.127.0/24
IP: 193.246.172.0/23
IP: 193.246.202.0 -- 193.246.205.255
IP: 193.246.208.0/20
IP: 193.246.242.0 -- 193.246.244.255
IP: 193.246.246.0/24
IP: 193.246.248.0/22
IP: 193.247.36.0 -- 193.247.47.255
IP: 193.247.64.0/23
IP: 193.247.68.0/22
IP: 193.247.80.0/24
IP: 193.247.86.0/24
IP: 193.247.90.0 -- 193.247.92.255
IP: 193.247.104.0 -- 193.247.106.255
IP: 193.247.145.0/24
IP: 193.247.151.0/24
IP: 193.247.160.0/23
IP: 193.247.166.0 -- 193.247.179.255
IP: 193.247.186.0/24
IP: 193.247.193.0/24
IP: 193.247.201.0/24
IP: 193.247.204.0/24
IP: 193.247.212.0/24
IP: 193.247.217.0 -- 193.247.235.255
IP: 193.247.244.0/22
IP: 193.247.250.0/24
IP: 193.247.255.0/24
IP: 194.6.160.0/19
IP: 194.11.96.0/20
IP: 194.11.144.0/21
IP: 194.40.249.0/24
IP: 194.60.217.0/24
IP: 194.69.2.0 -- 194.69.5.255
IP: 194.88.192.0/23
IP: 194.147.231.0/24
IP: 194.209.0.0/16
IP: 195.35.121.0/24
IP: 195.65.0.0/16
IP: 195.144.32.0/19
IP: 195.176.128.0/19
IP: 195.176.192.0/19
IP: 212.117.96.0/19
IP: 212.243.0.0/16
IP: 217.192.0.0/15
IP: 2001:918::/29
IP: 2a01:8b00::/32
IP: 2a02:a90::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:ae:9e:f5:cd:3e:90:11:1a:a4:40:34:2e:d1:a7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 13 16:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2663f3db152e055ac145bdbb429e018654204c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:db:c4:8d:2b:bd:3e:13:df:55:7f:71:7e:ca:
5f:95:38:c2:7d:d6:c8:d7:8c:2f:cf:1a:49:8f:d5:
c2:ec:62:97:23:a4:8d:cb:f1:cc:cb:70:71:08:dd:
11:45:0e:41:e6:3d:3c:37:ef:aa:68:af:20:d6:90:
3b:a5:c8:91:66:30:d8:90:89:fb:b2:d7:e3:43:14:
a8:19:58:b3:1b:06:ba:e0:97:04:78:d1:b9:e6:a7:
f1:3c:45:60:22:82:1d:36:ad:5a:e0:0e:4e:18:7d:
3b:fe:a2:87:b8:ac:68:2e:ac:ed:ea:00:ee:a9:9f:
cd:23:b4:b8:fd:b2:7c:c5:6e:15:10:ed:25:e0:fe:
32:2b:a6:a8:9c:a7:29:e7:a6:3d:e5:29:75:9d:1c:
ec:1b:4f:b0:1e:75:60:5e:eb:a9:b5:7b:63:b9:3c:
4c:8f:64:ba:80:78:eb:8f:92:15:af:c1:bb:17:47:
c4:85:fb:66:2b:cf:fb:74:89:ee:d9:4f:e3:40:10:
d6:37:c0:ce:a4:f7:9b:19:76:43:9e:04:9f:dd:bd:
8b:84:c3:aa:10:e9:9f:25:fb:b1:22:61:8b:f0:a5:
b6:42:de:df:3d:ed:c6:af:24:f7:b1:56:d3:34:0b:
22:ec:e3:66:2d:ad:4b:00:fa:f6:c8:f7:49:8f:91:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.144.0/21
78.110.128.0/20
91.216.229.0/24
138.187.0.0-138.188.255.255
138.190.0.0/16
163.168.0.0/16
164.128.0.0/16
171.25.0.0/17
185.39.92.0/22
185.84.76.0/22
185.106.64.0/22
188.92.48.0/21
193.5.0.0/24
193.5.3.0-193.5.7.255
193.5.12.0/22
193.5.20.0/23
193.5.23.0/24
193.5.29.0-193.5.30.255
193.5.32.0-193.5.38.255
193.5.40.0/24
193.5.52.0/24
193.5.59.0/24
193.5.61.0/24
193.5.63.0/24
193.5.70.0-193.5.75.255
193.5.112.0/22
193.5.122.0/24
193.5.156.0-193.5.167.255
193.5.179.0/24
193.5.224.0/20
193.5.252.0/24
193.47.226.0-193.47.233.255
193.134.36.0-193.134.43.255
193.134.88.0/22
193.134.95.0/24
193.134.248.0/23
193.134.255.0-193.135.1.255
193.135.3.0/24
193.135.14.0/24
193.135.16.0/22
193.135.22.0/23
193.135.26.0/23
193.135.100.0/24
193.135.110.0/23
193.135.128.0-193.135.133.255
193.135.136.0/24
193.135.139.0-193.135.145.255
193.135.148.0/23
193.135.154.0/23
193.135.158.0-193.135.161.255
193.135.173.0/24
193.135.214.0/23
193.135.218.0/24
193.135.224.0/20
193.135.248.0/22
193.135.255.0/24
193.222.64.0/19
193.223.1.0-193.223.63.255
193.223.112.0-193.223.175.255
193.246.0.0/22
193.246.6.0-193.246.11.255
193.246.16.0/21
193.246.32.0-193.246.50.255
193.246.56.0-193.246.61.255
193.246.98.0-193.246.100.255
193.246.104.0/23
193.246.112.0/21
193.246.127.0/24
193.246.172.0/23
193.246.202.0-193.246.205.255
193.246.208.0/20
193.246.242.0-193.246.244.255
193.246.246.0/24
193.246.248.0/22
193.247.36.0-193.247.47.255
193.247.64.0/23
193.247.68.0/22
193.247.80.0/24
193.247.86.0/24
193.247.90.0-193.247.92.255
193.247.104.0-193.247.106.255
193.247.145.0/24
193.247.151.0/24
193.247.160.0/23
193.247.166.0-193.247.179.255
193.247.186.0/24
193.247.193.0/24
193.247.201.0/24
193.247.204.0/24
193.247.212.0/24
193.247.217.0-193.247.235.255
193.247.244.0/22
193.247.250.0/24
193.247.255.0/24
194.6.160.0/19
194.11.96.0/20
194.11.144.0/21
194.40.249.0/24
194.60.217.0/24
194.69.2.0-194.69.5.255
194.88.192.0/23
194.147.231.0/24
194.209.0.0/16
195.35.121.0/24
195.65.0.0/16
195.144.32.0/19
195.176.128.0/19
195.176.192.0/19
212.117.96.0/19
212.243.0.0/16
217.192.0.0/15
IPv6:
2001:918::/29
2a01:8b00::/32
2a02:a90::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3303
6837
8300
21273
202088
205762
Signature Algorithm: sha256WithRSAEncryption
57:f4:25:12:55:19:e6:ad:cf:47:1b:0b:8e:1b:36:ad:24:ca:
18:3d:94:4d:e6:d2:38:56:b4:2e:5c:29:93:79:1d:01:71:66:
1e:01:94:13:de:6b:34:58:bc:ef:fc:7a:69:50:7f:55:f8:ec:
f6:31:3a:d7:05:56:3d:8b:de:9e:a0:92:9a:1d:7d:b4:a6:c3:
bb:86:63:20:d0:88:d4:1b:85:34:46:1a:c4:c2:59:7f:3a:d8:
40:e9:84:ab:13:8d:20:25:bd:fa:ff:7b:0c:93:30:1a:d3:28:
fc:6f:e7:cd:db:ea:80:87:0c:ee:17:e9:c6:99:0e:fd:d8:49:
66:40:5f:8c:17:75:40:f7:a6:29:86:8d:d2:71:93:b8:69:a6:
32:7b:37:1e:99:60:01:95:26:66:63:71:34:e3:0f:12:8c:d8:
b8:52:74:6d:04:b7:95:5c:a8:37:49:75:db:77:b6:41:46:ac:
9d:d7:fe:da:e3:34:d3:cd:22:b8:e0:a6:01:2a:ad:a7:e7:f0:
e3:ea:64:92:1f:f1:80:e1:ae:4c:1b:2f:f2:d3:94:fc:8e:3a:
34:23:18:e9:ae:8e:3d:ca:cb:91:6c:84:90:f6:c7:67:53:54:
ff:89:ec:4e:b2:2a:0f:36:93:69:7c:ea:86:a6:08:b9:64:5a:
08:f7:33:55
-----BEGIN CERTIFICATE-----
MIIJKzCCCBOgAwIBAgISAY44rp71zT6QERqkQDQu0ackMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzEzMTYzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9vEjSu9PhPfVX9xfspflTjCfdbI
14wvzxpJj9XC7GKXI6SNy/HMy3BxCN0RRQ5B5j08N++qaK8g1pA7pciRZjDYkIn7
stfjQxSoGVizGwa64JcEeNG55qfxPEVgIoIdNq1a4A5OGH07/qKHuKxoLqzt6gDu
qZ/NI7S4/bJ8xW4VEO0l4P4yK6aonKcp56Y95Sl1nRzsG0+wHnVgXuuptXtjuTxM
j2S6gHjrj5IVr8G7F0fEhftmK8/7dInu2U/jQBDWN8DOpPebGXZDngSf3b2LhMOq
EOmfJfuxImGL8KW2Qt7fPe3GryT3sVbTNAsi7ONmLa1LAPr2yPdJj5FWtwIDAQAB
o4IGNzCCBjMwHQYDVR0OBBYEFCZj89sVLgVawUW9u0KeAYZUIEyNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI5L2M4YzZm
Ni01OTVjLTQ1YjEtYTc2ZS1iZDE5MjY3NmM5YmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkvYzhjNmY2
LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZyQlJiMjdR
cDRCaGxRZ1RJMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIDnwYIKwYB
BQUHAQcBAf8EggOOMIIDijCCA2kEAgABMIIDYQMEAy71kAMEBE5ugAMEAFvY5TAK
AwMAirsDAwCKvAMDAIq+AwMAo6gDAwCkgAMEB6sZAAMEArknXAMEArlUTAMEArlq
QAMEA7xcMAMEAMEFADAMAwQAwQUDAwQDwQUAAwQCwQUMAwQBwQUUAwQAwQUXMAwD
BADBBR0DBADBBR4wDAMEBcEFIAMEAMEFJgMEAMEFKAMEAMEFNAMEAMEFOwMEAMEF
PQMEAMEFPzAMAwQBwQVGAwQCwQVIAwQCwQVwAwQAwQV6MAwDBALBBZwDBAPBBaAD
BADBBbMDBATBBeADBADBBfwwDAMEAcEv4gMEAcEv6DAMAwQCwYYkAwQCwYYoAwQC
wYZYAwQAwYZfAwQBwYb4MAwDBADBhv8DBAHBhwADBADBhwMDBADBhw4DBALBhxAD
BAHBhxYDBAHBhxoDBADBh2QDBAHBh24wDAMEB8GHgAMEAcGHhAMEAMGHiDAMAwQA
wYeLAwQBwYeQAwQBwYeUAwQBwYeaMAwDBAHBh54DBAHBh6ADBADBh60DBAHBh9YD
BADBh9oDBATBh+ADBALBh/gDBADBh/8DBAXB3kAwDAMEAMHfAQMEBsHfADAMAwQE
wd9wAwQEwd+gAwQCwfYAMAwDBAHB9gYDBALB9ggDBAPB9hAwDAMEBcH2IAMEAMH2
MjAMAwQDwfY4AwQBwfY8MAwDBAHB9mIDBADB9mQDBAHB9mgDBAPB9nADBADB9n8D
BAHB9qwwDAMEAcH2ygMEAcH2zAMEBMH20DAMAwQBwfbyAwQAwfb0AwQAwfb2AwQC
wfb4MAwDBALB9yQDBATB9yADBAHB90ADBALB90QDBADB91ADBADB91YwDAMEAcH3
WgMEAMH3XDAMAwQDwfdoAwQAwfdqAwQAwfeRAwQAwfeXAwQBwfegMAwDBAHB96YD
BALB97ADBADB97oDBADB98EDBADB98kDBADB98wDBADB99QwDAMEAMH32QMEAsH3
6AMEAsH39AMEAMH3+gMEAMH3/wMEBcIGoAMEBMILYAMEA8ILkAMEAMIo+QMEAMI8
2TAMAwQBwkUCAwQBwkUEAwQBwljAAwQAwpPnAwMAwtEDBADDI3kDAwDDQQMEBcOQ
IAMEBcOwgAMEBcOwwAMEBdR1YAMDANTzAwMB2cAwGwQCAAIwFQMFAyABCRgDBQAq
AYsAAwUAKgIKkDAvBggrBgEFBQcBCAEB/wQgMB6gHDAaAgIM5wICGrUCAiBsAgJT
GQIDAxVoAgMDI8IwDQYJKoZIhvcNAQELBQADggEBAFf0JRJVGeatz0cbC44bNq0k
yhg9lE3m0jhWtC5cKZN5HQFxZh4BlBPeazRYvO/8emlQf1X47PYxOtcFVj2L3p6g
kpodfbSmw7uGYyDQiNQbhTRGGsTCWX862EDphKsTjSAlvfr/ewyTMBrTKPxv583b
6oCHDO4X6caZDv3YSWZAX4wXdUD3pimGjdJxk7hppjJ7Nx6ZYAGVJmZjcTTjDxKM
2LhSdG0Et5VcqDdJddt3tkFGrJ3X/trjNNPNIrjgpgEqrafn8OPqZJIf8YDhrkwb
L/LTlPyOOjQjGOmujj3Ky5FshJD2x2dTVP+J7E6yKg82k2l86oamCLlkWgj3M1U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:17:37 2024 by rpki-client on console-fra.rpki-client.org