Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
File: KIVYUqS80b8eyBPzwTsPHzcvOXE.cer (raw, json)
Hash identifier: yg2xv5fLHz70zqtgAts+Vna2i+8W2UNvfhh6RYSEb3s=
Subject key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DAD037044DA32C949FDEEBE70B8B569A0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 15 Feb 2024 13:45:00 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200532
AS: 202958
AS: 205231
AS: 207333
IP: 31.14.27.0/24
IP: 37.140.243.0/24
IP: 46.226.123.0/24
IP: 77.246.247.0/24
IP: 86.107.44.0/23
IP: 86.107.198.0/23
IP: 89.33.41.0/24
IP: 89.35.124.0/23
IP: 89.46.33.0 -- 89.46.34.255
IP: 91.243.71.0/24
IP: 92.114.7.0/24
IP: 93.115.14.0/24
IP: 185.98.4.0/22
IP: 185.100.64.0/22
IP: 185.111.104.0/22
IP: 185.113.132.0/22
IP: 185.116.192.0/22
IP: 185.121.80.0/22
IP: 185.125.88.0/22
IP: 185.129.48.0/22
IP: 188.241.216.0/23
IP: 188.244.115.0/24
IP: 193.201.11.0/24
IP: 194.4.56.0/22
IP: 194.146.40.0/22
IP: 213.109.146.0/24
IP: 2a06:940::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:03:70:44:da:32:c9:49:fd:ee:be:70:b8:b5:69:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 15 13:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:07:fb:88:04:5a:d3:e1:f1:d9:43:13:d3:
23:77:41:33:d1:4d:ba:ed:fb:ef:15:1a:10:e3:7f:
c7:63:84:d4:d0:7c:5f:43:47:1d:9a:65:6b:fc:65:
67:30:ff:26:65:0a:1f:24:17:c4:56:20:5c:e0:ff:
cc:8d:3f:0c:d0:bb:9a:e1:27:27:cf:32:ea:7e:e2:
16:a3:38:e1:d8:a2:fa:1d:3e:ac:b5:53:d3:d6:32:
5b:60:0f:86:a7:54:4d:03:1c:75:29:a8:20:5c:2a:
84:bf:dc:9e:16:04:63:c8:26:2d:41:89:4f:f3:46:
62:06:a5:71:dc:10:4a:a0:12:7d:88:d9:1e:79:74:
87:cf:29:0f:40:c0:7c:2d:76:94:25:8d:67:24:2d:
6a:3b:fa:28:2f:30:c3:71:23:b3:ef:ef:a8:3c:63:
c1:0b:61:26:9c:45:a8:bc:77:08:65:5c:52:a0:58:
cf:ef:5c:6b:18:63:17:8f:d6:58:1e:40:71:70:01:
c1:81:dd:0f:fc:db:56:c8:c9:fb:43:66:89:7e:de:
4e:88:d7:c8:e1:62:2a:f2:c1:4b:1d:12:42:59:0a:
b1:23:a3:66:9a:c4:0e:51:3e:77:84:06:2f:ca:00:
55:07:72:2d:97:af:84:69:86:67:b4:09:54:46:02:
4f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.35.124.0/23
89.46.33.0-89.46.34.255
91.243.71.0/24
92.114.7.0/24
93.115.14.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
188.244.115.0/24
193.201.11.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:940::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200532
202958
205231
207333
Signature Algorithm: sha256WithRSAEncryption
00:bc:d0:0c:71:9e:fe:f0:bd:28:9c:3f:d4:c0:01:c9:89:67:
c7:7e:9a:a7:3e:be:e7:f9:83:b7:55:0b:59:83:cd:86:a6:1c:
57:05:45:45:12:66:67:9c:fd:3f:e0:84:0d:6a:db:90:cf:3f:
98:aa:f6:50:0c:be:da:2d:33:b6:b7:88:fb:3a:ba:be:46:e1:
9d:73:c8:00:2a:f3:91:89:73:f0:47:69:17:da:6a:0d:9e:fd:
04:8b:66:82:b9:88:7f:bd:71:00:86:b3:25:e0:fd:83:de:8e:
e1:c3:bd:97:c1:97:d8:bd:e2:89:2a:d1:d8:82:ea:93:d3:91:
40:cc:ce:4f:83:6c:73:35:ac:75:27:9c:8a:bb:a2:48:06:3e:
38:1d:5d:0e:17:af:e3:75:4b:33:69:e2:6a:90:c4:4c:d0:19:
ba:9d:c0:67:46:9e:e6:10:99:ff:8e:49:44:19:3c:74:fa:e2:
aa:a5:75:ea:c2:23:00:2d:f3:51:7d:f0:db:93:92:a8:8c:c6:
b5:8c:bc:aa:a0:8b:bd:30:5c:6e:6a:5b:42:61:11:fe:3e:ca:
86:b7:24:1b:d4:6a:a3:38:eb:46:e8:46:77:1c:37:b6:30:16:
ba:c6:87:8a:bb:8a:17:98:63:f8:c1:dd:a4:19:0c:08:3a:18:
63:37:62:98
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAY2tA3BE2jLJSf3uvnC4tWmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjE1MTM0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NAH+4gEWtPh8dlDE9Mjd0Ez0U26
7fvvFRoQ43/HY4TU0HxfQ0cdmmVr/GVnMP8mZQofJBfEViBc4P/MjT8M0Lua4Scn
zzLqfuIWozjh2KL6HT6stVPT1jJbYA+Gp1RNAxx1KaggXCqEv9yeFgRjyCYtQYlP
80ZiBqVx3BBKoBJ9iNkeeXSHzykPQMB8LXaUJY1nJC1qO/ooLzDDcSOz7++oPGPB
C2EmnEWovHcIZVxSoFjP71xrGGMXj9ZYHkBxcAHBgd0P/NtWyMn7Q2aJft5OiNfI
4WIq8sFLHRJCWQqxI6NmmsQOUT53hAYvygBVB3Itl6+EaYZntAlURgJPgQIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFCiFWFKkvNG/HsgT88E7Dx83LzlxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwLzBlMzZm
Yy1iYTBiLTRjZTYtYWY2YS03MDQ0NjNlYmFkMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvMGUzNmZj
LWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4ZXlCUHp3
VHNQSHpjdk9YRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHQBggrBgEF
BQcBBwEB/wSBwDCBvTCBqwQCAAEwgaQDBAAfDhsDBAAljPMDBAAu4nsDBABN9vcD
BAFWaywDBAFWa8YDBABZISkDBAFZI3wwDAMEAFkuIQMEAFkuIgMEAFvzRwMEAFxy
BwMEAF1zDgMEArliBAMEArlkQAMEArlvaAMEArlxhAMEArl0wAMEArl5UAMEArl9
WAMEArmBMAMEAbzx2AMEALz0cwMEAMHJCwMEAsIEOAMEAsKSKAMEANVtkjANBAIA
AjAHAwUDKgYJQDApBggrBgEFBQcBCAEB/wQaMBigFjAUAgMDD1QCAwMYzgIDAyGv
AgMDKeUwDQYJKoZIhvcNAQELBQADggEBAAC80Axxnv7wvSicP9TAAcmJZ8d+mqc+
vuf5g7dVC1mDzYamHFcFRUUSZmec/T/ghA1q25DPP5iq9lAMvtotM7a3iPs6ur5G
4Z1zyAAq85GJc/BHaRfaag2e/QSLZoK5iH+9cQCGsyXg/YPejuHDvZfBl9i94okq
0diC6pPTkUDMzk+DbHM1rHUnnIq7okgGPjgdXQ4Xr+N1SzNp4mqQxEzQGbqdwGdG
nuYQmf+OSUQZPHT64qqlderCIwAt81F98NuTkqiMxrWMvKqgi70wXG5qW0JhEf4+
yoa3JBvUaqM460boRnccN7YwFrrGh4q7iheYY/jB3aQZDAg6GGM3Ypg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:49:24 2024 by rpki-client on console-fra.rpki-client.org