Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
File: L4FK3B1SCeCY8HitvIVrrYO3ScI.cer (raw, json)
Hash identifier: l2zNqglQuTgjPocRvpG0PhXcndQVFLXj6aK5y9Un4pA=
Subject key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA294A5DFFAAFF1E499EF999B65A7355
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:32:32 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 16322
AS: 60976
AS: 61061
IP: 31.214.132.0/23
IP: 31.214.146.0/23
IP: 31.214.154.0/24
IP: 31.214.168.0/21
IP: 31.214.200.0/23
IP: 31.214.228.0/22
IP: 31.214.248.0/21
IP: 37.10.64.0/22
IP: 37.10.109.0/24
IP: 37.10.117.0/24
IP: 37.228.131.0/24
IP: 37.228.133.0/24
IP: 37.228.135.0 -- 37.228.139.255
IP: 46.41.192.0/18
IP: 46.251.224.0/24
IP: 46.251.226.0/24
IP: 46.251.237.0/24
IP: 82.99.192.0/18
IP: 91.98.0.0/16
IP: 95.156.222.0/23
IP: 95.156.233.0 -- 95.156.237.255
IP: 95.156.248.0/23
IP: 95.156.252.0/22
IP: 109.230.192.0/23
IP: 109.230.200.0/24
IP: 109.230.204.0/22
IP: 109.230.221.0/24
IP: 109.230.223.0/24
IP: 109.230.242.0/24
IP: 109.230.246.0/23
IP: 109.230.251.0/24
IP: 134.255.196.0/23
IP: 134.255.200.0/21
IP: 134.255.245.0 -- 134.255.246.255
IP: 134.255.249.0/24
IP: 185.10.71.0/24
IP: 185.13.228.0/22
IP: 2a00:1a88::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:4a:5d:ff:aa:ff:1e:49:9e:f9:99:b6:5a:73:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d1:10:f5:a6:76:1c:24:47:4d:20:48:94:73:
41:ca:a8:ff:c1:7d:86:0c:63:ea:f8:ec:8c:25:8b:
8e:a0:3d:53:a5:51:90:98:db:81:0c:c7:a9:af:d2:
c5:6c:b1:a6:fc:5f:1a:25:ac:0f:94:fb:d5:cc:eb:
0b:72:c7:81:ad:77:7d:99:9a:1b:bc:9a:78:8d:93:
71:7a:2f:78:79:37:ac:98:17:2d:c2:9a:41:07:0c:
71:1b:cd:0f:7c:5b:1d:f9:9e:a2:ba:e4:31:fa:18:
ce:e0:8a:3b:7a:e7:a1:a2:81:50:f5:a9:0a:2f:c8:
47:15:80:dd:8f:8d:b8:48:a9:39:53:06:86:de:27:
32:6a:29:33:66:2a:c1:d7:11:a6:fb:6c:0a:e4:da:
82:a2:16:08:89:90:d7:a8:dd:cc:98:11:c3:66:a1:
dd:f1:a0:7d:c1:ba:d4:12:ea:de:29:1f:60:0e:9e:
61:01:95:51:89:35:79:20:34:1d:76:eb:e3:33:96:
a4:d8:d4:f5:6a:68:b8:e9:d0:1e:b5:28:6a:3f:c8:
6d:e1:d8:75:2a:ce:cd:20:0c:2e:2f:c7:61:86:23:
8f:5d:77:ec:07:ef:2e:c3:ec:68:68:e1:c1:16:ea:
ea:f2:bc:d7:b1:42:7a:9d:fe:7b:56:4c:6e:68:87:
1d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
91.98.0.0/16
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
95.156.252.0/22
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
IPv6:
2a00:1a88::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16322
60976
61061
Signature Algorithm: sha256WithRSAEncryption
8a:42:3e:cc:ff:ae:49:0c:bb:63:67:44:42:f1:c9:77:bd:bc:
8d:45:7a:ad:86:f9:07:87:86:d8:1b:d6:a0:86:03:e9:ee:64:
0a:3c:ed:8b:f9:ba:5e:13:84:31:e0:72:1a:17:93:a4:f0:78:
a2:57:36:91:fc:98:16:39:c8:a5:77:76:31:3f:1e:a3:3e:22:
7c:99:bd:a8:ae:0f:e0:84:95:8f:17:19:92:a9:4b:8d:56:f4:
3f:46:1e:4f:b7:a2:b2:26:86:9e:26:68:2f:58:7a:f7:fc:85:
ad:f9:5b:7d:77:a4:8b:fb:51:0a:38:d4:83:e6:4c:51:c4:aa:
84:89:e0:ac:94:e8:77:d6:47:19:b6:3c:f8:31:5a:3b:75:ea:
69:8f:14:37:16:84:0e:a8:f1:10:8b:f6:cb:7f:71:3f:8d:0d:
70:68:82:a9:96:42:53:b0:4c:ee:15:98:f3:98:ec:8e:5b:75:
af:ee:58:df:ea:a7:0f:09:99:72:ac:24:02:9c:4d:e8:f7:3d:
e5:b2:69:88:ff:a7:42:9f:06:6f:26:f1:63:99:b5:8e:f7:a7:
5e:fe:4a:ec:b2:92:9d:53:aa:59:82:dd:6e:d7:78:9a:4b:91:
a1:83:8d:6e:d0:08:01:e5:50:28:a9:30:1e:37:b5:5c:aa:ab:
1a:af:4a:b7
-----BEGIN CERTIFICATE-----
MIIGozCCBYugAwIBAgISAYzKKUpd/6r/Hkme+Zm2WnNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjgxNGFkYzFkNTIwOWUwOThmMDc4YWRiYzg1NmJhZDgzYjc0OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9EQ9aZ2HCRHTSBIlHNByqj/wX2G
DGPq+OyMJYuOoD1TpVGQmNuBDMepr9LFbLGm/F8aJawPlPvVzOsLcseBrXd9mZob
vJp4jZNxei94eTesmBctwppBBwxxG80PfFsd+Z6iuuQx+hjO4Io7euehooFQ9akK
L8hHFYDdj424SKk5UwaG3icyaikzZirB1xGm+2wK5NqCohYIiZDXqN3MmBHDZqHd
8aB9wbrUEureKR9gDp5hAZVRiTV5IDQdduvjM5ak2NT1ami46dAetShqP8ht4dh1
Ks7NIAwuL8dhhiOPXXfsB+8uw+xoaOHBFurq8rzXsUJ6nf57VkxuaIcdcwIDAQAB
o4IDrzCCA6swHQYDVR0OBBYEFC+BStwdUgngmPB4rbyFa62Dt0nCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAyLzEzZTEy
YS0yYmFjLTQ3NTItOTk3ZC1kZjg2YjZkZDk5N2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIvMTNlMTJh
LTJiYWMtNDc1Mi05OTdkLWRmODZiNmRkOTk3Yy8xL0w0RkszQjFTQ2VDWThIaXR2
SVZycllPM1NjSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBIwYIKwYB
BQUHAQcBAf8EggESMIIBDjCB/AQCAAEwgfUDBAEf1oQDBAEf1pIDBAAf1poDBAMf
1qgDBAEf1sgDBAIf1uQDBAMf1vgDBAIlCkADBAAlCm0DBAAlCnUDBAAl5IMDBAAl
5IUwDAMEACXkhwMEAiXkiAMEBi4pwAMEAC774AMEAC774gMEAC777QMEBlJjwAMD
AFtiAwQBX5zeMAwDBABfnOkDBAFfnOwDBAFfnPgDBAJfnPwDBAFt5sADBABt5sgD
BAJt5swDBABt5t0DBABt5t8DBABt5vIDBAFt5vYDBABt5vsDBAGG/8QDBAOG/8gw
DAMEAIb/9QMEAIb/9gMEAIb/+QMEALkKRwMEArkN5DANBAIAAjAHAwUAKgAaiDAj
BggrBgEFBQcBCAEB/wQUMBKgEDAOAgI/wgIDAO4wAgMA7oUwDQYJKoZIhvcNAQEL
BQADggEBAIpCPsz/rkkMu2NnRELxyXe9vI1Feq2G+QeHhtgb1qCGA+nuZAo87Yv5
ul4ThDHgchoXk6TweKJXNpH8mBY5yKV3djE/HqM+InyZvaiuD+CElY8XGZKpS41W
9D9GHk+3orImhp4maC9Yevf8ha35W313pIv7UQo41IPmTFHEqoSJ4KyU6HfWRxm2
PPgxWjt16mmPFDcWhA6o8RCL9st/cT+NDXBogqmWQlOwTO4VmPOY7I5bda/uWN/q
pw8JmXKsJAKcTej3PeWyaYj/p0KfBm8m8WOZtY73p17+Suyykp1TqlmC3W7XeJpL
kaGDjW7QCAHlUCipMB43tVyqqxqvSrc=
-----END CERTIFICATE-----
Generated at Fri May 3 10:09:18 2024 by rpki-client on console-fra.rpki-client.org