Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
File: JwKaNvwMyi4KjQRfAi38gxpRcwg.cer (raw, json)
Hash identifier: mM1XugrrQHLukPpOyMpCwd3R58MXue3Cc6qKIdQPleM=
Subject key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC424AE3301CD4C3095C9A0EE2419DF55
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:29:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35432
IP: 46.251.96.0/19
IP: 64.59.208.0/20
IP: 65.18.208.0/20
IP: 66.205.64.0/19
IP: 69.6.0.0/19
IP: 69.94.112.0/20
IP: 77.83.248.0/22
IP: 80.244.16.0/20
IP: 85.132.224.0/19
IP: 91.184.192.0/19
IP: 109.110.224.0/19
IP: 139.138.192.0/19
IP: 164.215.0.0/19
IP: 185.7.156.0/22
IP: 185.42.32.0/22
IP: 185.162.16.0/22
IP: 194.64.144.0/22
IP: 194.233.16.0/22
IP: 194.233.24.0/22
IP: 194.233.60.0/22
IP: 195.179.96.0/20
IP: 212.50.96.0/19
IP: 213.133.80.0/20
IP: 213.140.192.0/19
IP: 216.241.128.0/19
IP: 2a01:5120::/32
IP: 2a02:540::/32
IP: 2a07:cac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ae:33:01:cd:4c:30:95:c9:a0:ee:24:19:df:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:c2:7f:65:3a:10:8b:5a:3e:7e:6a:8c:ba:
43:4a:e2:f2:9e:9b:08:9b:9f:27:2f:92:52:d7:db:
ea:f2:eb:dd:6d:94:3e:67:37:e8:15:9f:c3:52:44:
1f:b5:1a:2b:7e:4d:5d:f9:ff:00:93:fd:8e:b2:52:
08:e0:f8:e3:28:7e:0b:85:c4:77:a7:a0:b1:9a:de:
e1:d0:b9:73:6a:97:0d:57:f4:56:1e:4e:8d:11:0c:
d1:10:16:df:f0:90:a8:b8:e8:43:86:ee:a7:a8:49:
73:1c:55:96:59:ea:68:ed:d3:c6:36:f3:8a:4e:88:
66:03:f0:47:f0:ca:61:fa:59:87:43:87:2b:07:f4:
32:47:b3:48:69:e5:6f:70:09:2f:6a:af:be:d2:cc:
34:d8:37:d8:80:80:23:f1:ce:a8:4c:f4:5b:37:4f:
92:fb:38:d8:a7:95:ef:81:38:34:d2:b4:46:aa:13:
9a:4f:f8:32:e3:00:7f:22:63:eb:2c:67:e0:ff:e5:
e6:c7:1d:44:cf:0c:dc:63:d3:11:46:0d:29:0d:35:
e2:39:c1:4b:71:6e:fe:fe:07:c2:c6:0f:97:e2:2b:
29:a0:ca:d1:56:9f:72:a4:ba:df:d2:1a:88:1f:ce:
6b:d2:b1:f5:17:99:7c:03:ae:75:38:97:87:63:8b:
d7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a01:5120::/32
2a02:540::/32
2a07:cac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35432
Signature Algorithm: sha256WithRSAEncryption
3f:7b:81:9a:c0:49:fc:13:fc:02:35:86:01:d4:13:b5:64:a4:
c4:91:45:8e:1d:7a:ff:aa:70:b5:ae:92:c5:fc:2d:d1:a0:56:
ca:88:16:3f:eb:06:36:d1:a4:2c:d8:4d:6d:1e:b2:f9:09:0d:
04:db:3d:65:68:3d:cd:7a:fa:cb:4e:db:14:f4:65:71:8d:c2:
bd:31:f4:f2:fd:67:ee:94:43:d1:f3:76:5e:68:61:27:43:fd:
a0:bd:6f:1a:83:d4:e1:9e:8f:60:11:5b:e7:e5:2a:3f:be:45:
2b:5e:21:a1:d7:cf:d7:97:c2:e5:98:89:19:bf:7a:85:23:57:
de:9f:a3:ce:c8:ce:9a:ae:d8:09:58:d1:84:61:5d:2a:7b:3b:
ec:40:e2:bc:6a:cf:cc:5d:74:fc:17:9d:0e:fb:4a:13:af:a1:
58:ba:b9:88:1b:43:10:bd:8a:fc:53:51:99:ed:9e:14:ea:83:
b3:b1:97:6c:d6:8c:14:cf:ea:ec:9f:45:9d:b8:41:fa:3d:2f:
1b:b2:01:1a:33:c0:2d:86:bd:b2:47:01:63:0c:18:2c:c7:6f:
8f:b0:5c:b6:d6:a7:d4:32:09:25:fd:e9:97:74:d9:12:78:ec:
e0:95:06:a1:3f:08:4c:6d:02:12:c5:f3:f4:18:a4:ea:e9:3f:
72:ae:c6:0e
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAYzEJK4zAc1MMJXJoO4kGd9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzAyOWEzNmZjMGNjYTJlMGE4ZDA0NWYwMjJkZmM4MzFhNTE3MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnebCf2U6EItaPn5qjLpDSuLynpsI
m58nL5JS19vq8uvdbZQ+ZzfoFZ/DUkQftRorfk1d+f8Ak/2OslII4PjjKH4LhcR3
p6Cxmt7h0LlzapcNV/RWHk6NEQzREBbf8JCouOhDhu6nqElzHFWWWepo7dPGNvOK
TohmA/BH8Mph+lmHQ4crB/QyR7NIaeVvcAkvaq++0sw02DfYgIAj8c6oTPRbN0+S
+zjYp5XvgTg00rRGqhOaT/gy4wB/ImPrLGfg/+Xmxx1EzwzcY9MRRg0pDTXiOcFL
cW7+/gfCxg+X4ispoMrRVp9ypLrf0hqIH85r0rH1F5l8A651OJeHY4vXOQIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFCcCmjb8DMouCo0EXwIt/IMaUXMIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAxLzUzYmIy
My1kZmE4LTQ3OTItYjMxNy01MGQwYTUzMjM2NDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEvNTNiYjIz
LWRmYTgtNDc5Mi1iMzE3LTUwZDBhNTMyMzY0MS8xL0p3S2FOdndNeWk0S2pRUmZB
aTM4Z3hwUmN3Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHQBggrBgEF
BQcBBwEB/wSBwDCBvTCBnQQCAAEwgZYDBAUu+2ADBARAO9ADBARBEtADBAVCzUAD
BAVFBgADBARFXnADBAJNU/gDBARQ9BADBAVVhOADBAVbuMADBAVtbuADBAWLisAD
BAWk1wADBAK5B5wDBAK5KiADBAK5ohADBALCQJADBALC6RADBALC6RgDBALC6TwD
BATDs2ADBAXUMmADBATVhVADBAXVjMADBAXY8YAwGwQCAAIwFQMFACoBUSADBQAq
AgVAAwUDKgfKwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAimgwDQYJKoZIhvcN
AQELBQADggEBAD97gZrASfwT/AI1hgHUE7VkpMSRRY4dev+qcLWuksX8LdGgVsqI
Fj/rBjbRpCzYTW0esvkJDQTbPWVoPc16+stO2xT0ZXGNwr0x9PL9Z+6UQ9Hzdl5o
YSdD/aC9bxqD1OGej2ARW+flKj++RSteIaHXz9eXwuWYiRm/eoUjV96fo87Izpqu
2AlY0YRhXSp7O+xA4rxqz8xddPwXnQ77ShOvoVi6uYgbQxC9ivxTUZntnhTqg7Ox
l2zWjBTP6uyfRZ24Qfo9LxuyARozwC2GvbJHAWMMGCzHb4+wXLbWp9QyCSX96Zd0
2RJ47OCVBqE/CExtAhLF8/QYpOrpP3Kuxg4=
-----END CERTIFICATE-----
Generated at Fri May 3 10:08:15 2024 by rpki-client on console-fra.rpki-client.org