Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer
File: L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer (raw, json)
Hash identifier: zKDy9IVxAAiUdy6tWtGQREGre4Yb1YV0sWiUWQwbgNo=
Subject key identifier: 2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B19BF33F6069C6648C68ADD0781A56
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/L4Z1RXWU1-dAqu7y59fv0CI5xhc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:47:55 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 47583
AS: 204915
IP: 2.57.88.0/22
IP: 31.170.160.0/21
IP: 31.220.16.0/21
IP: 31.220.48.0/20
IP: 31.220.104.0/21
IP: 45.13.132.0/22
IP: 45.13.252.0/22
IP: 45.87.80.0/22
IP: 45.93.136.0/22
IP: 93.188.160.0/21
IP: 141.136.33.0 -- 141.136.36.255
IP: 141.136.39.0/24
IP: 141.136.41.0 -- 141.136.47.255
IP: 153.92.0.0/20
IP: 153.92.208.0/20
IP: 156.67.64.0/20
IP: 156.67.208.0/20
IP: 185.28.20.0/22
IP: 185.77.96.0/23
IP: 194.11.154.0/23
IP: 194.11.214.0/23
IP: 195.110.58.0/23
IP: 212.1.208.0/21
IP: 2a02:4780::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9b:f3:3f:60:69:c6:64:8c:68:ad:d0:78:1a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f8675457594d7e740aaeef2e7d7efd02239c617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:e2:25:c2:7e:da:65:05:d9:26:7c:dc:bc:
a0:50:28:44:ef:3d:56:3d:20:58:f3:e6:d2:ab:70:
ec:f2:99:2f:4b:2a:a1:45:5a:26:c3:bc:d7:c3:b2:
9b:e7:2b:15:73:91:e2:e7:93:9b:aa:61:46:d9:7f:
b5:25:7d:d0:c4:54:77:ba:8e:90:ea:a1:98:87:b3:
b8:55:3d:2d:57:cc:5e:ea:85:72:fe:6d:15:dd:49:
40:30:fa:77:dc:6d:f0:14:b5:fa:f9:32:e7:d2:07:
ea:29:8e:6f:56:9d:4f:c9:e5:bc:fb:9f:93:19:02:
27:b5:a5:f9:db:28:e5:9e:36:ad:d5:41:04:6c:22:
c4:d5:6a:ef:39:a2:74:33:79:bc:a6:25:6d:62:7c:
a8:e5:4c:fd:2f:cb:54:b4:31:9d:80:23:e5:fd:92:
22:19:68:e7:13:7a:4e:a1:e9:46:a1:32:95:b7:1c:
3b:81:28:d4:b7:3f:97:cb:00:25:94:14:31:5c:84:
9c:58:b8:5b:9c:98:5b:8e:62:2d:8e:68:ef:4b:8e:
66:cf:95:21:60:32:94:b3:35:d1:92:7f:f4:34:dd:
de:63:46:54:9c:3e:be:c0:19:34:98:19:94:e8:b3:
59:36:ad:ba:fc:50:a0:cc:7f:6d:47:b5:d7:ed:26:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/L4Z1RXWU1-dAqu7y59fv0CI5xhc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.88.0/22
31.170.160.0/21
31.220.16.0/21
31.220.48.0/20
31.220.104.0/21
45.13.132.0/22
45.13.252.0/22
45.87.80.0/22
45.93.136.0/22
93.188.160.0/21
141.136.33.0-141.136.36.255
141.136.39.0/24
141.136.41.0-141.136.47.255
153.92.0.0/20
153.92.208.0/20
156.67.64.0/20
156.67.208.0/20
185.28.20.0/22
185.77.96.0/23
194.11.154.0/23
194.11.214.0/23
195.110.58.0/23
212.1.208.0/21
IPv6:
2a02:4780::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47583
204915
Signature Algorithm: sha256WithRSAEncryption
3c:1a:42:a2:37:08:6f:2c:89:94:8d:9b:27:7a:06:5b:86:97:
c3:a6:fe:cd:a0:29:7f:23:75:41:7d:9d:b4:0f:73:48:c7:15:
aa:e3:5c:f0:00:bc:14:9c:61:74:3c:0b:7e:b0:e7:40:6f:40:
14:cf:4e:f6:d3:81:89:5b:f1:0e:29:01:a1:88:bc:23:6b:26:
e2:3c:a5:7e:e5:b7:2a:be:58:04:97:41:46:57:51:30:b7:1b:
0e:12:46:6f:2f:ae:81:32:f0:da:84:b1:58:3c:2e:ef:54:2f:
41:2c:bc:31:dc:17:7f:06:cc:98:dc:ba:36:30:2c:6d:ac:a7:
62:13:68:26:20:0f:20:aa:49:e4:7e:a6:23:cf:f4:4c:dd:9b:
50:97:c7:c5:42:a6:25:03:db:58:98:90:b3:ed:8f:48:a9:99:
31:12:be:23:5c:b6:c7:09:b1:a5:83:bb:01:fb:9c:20:61:6e:
ca:e8:d9:84:da:28:8c:79:fe:4b:01:15:8a:15:1d:59:ea:6e:
a3:27:a7:28:7a:f7:ad:68:fa:0e:5a:c6:ac:ee:6c:28:c4:58:
e7:f4:9e:bb:74:5c:36:46:94:22:63:1d:ef:3e:14:2e:dc:a6:
90:30:86:ef:85:1c:45:1b:d3:ae:8a:44:cd:1d:16:44:20:79:
39:94:81:93
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZQhsZvzP2BpxmSMaK3QeBpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg2NzU0NTc1OTRkN2U3NDBhYWVlZjJlN2Q3ZWZkMDIyMzljNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTTiJcJ+2mUF2SZ83LygUChE7z1W
PSBY8+bSq3Ds8pkvSyqhRVomw7zXw7Kb5ysVc5Hi55ObqmFG2X+1JX3QxFR3uo6Q
6qGYh7O4VT0tV8xe6oVy/m0V3UlAMPp33G3wFLX6+TLn0gfqKY5vVp1PyeW8+5+T
GQIntaX52yjlnjat1UEEbCLE1WrvOaJ0M3m8piVtYnyo5Uz9L8tUtDGdgCPl/ZIi
GWjnE3pOoelGoTKVtxw7gSjUtz+XywAllBQxXIScWLhbnJhbjmItjmjvS45mz5Uh
YDKUszXRkn/0NN3eY0ZUnD6+wBk0mBmU6LNZNq26/FCgzH9tR7XX7SbW3QIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFC+GdUV1lNfnQKru8ufX79AiOcYXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVlLzRjZDRj
YS1jMTk1LTRiYzQtYmI5Zi0xMDMxYWUxZWIwMzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUvNGNkNGNh
LWMxOTUtNGJjNC1iYjlmLTEwMzFhZTFlYjAzMi8xL0w0WjFSWFdVMS1kQXF1N3k1
OWZ2MENJNXhoYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHGBggrBgEF
BQcBBwEB/wSBtjCBszCBoQQCAAEwgZoDBAICOVgDBAMfqqADBAMf3BADBAQf3DAD
BAMf3GgDBAItDYQDBAItDfwDBAItV1ADBAItXYgDBANdvKAwDAMEAI2IIQMEAI2I
JAMEAI2IJzAMAwQAjYgpAwQEjYggAwQEmVwAAwQEmVzQAwQEnENAAwQEnEPQAwQC
uRwUAwQBuU1gAwQBwguaAwQBwgvWAwQBw246AwQD1AHQMA0EAgACMAcDBQAqAkeA
MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwC53wIDAyBzMA0GCSqGSIb3DQEBCwUA
A4IBAQA8GkKiNwhvLImUjZsnegZbhpfDpv7NoCl/I3VBfZ20D3NIxxWq41zwALwU
nGF0PAt+sOdAb0AUz07204GJW/EOKQGhiLwjaybiPKV+5bcqvlgEl0FGV1EwtxsO
EkZvL66BMvDahLFYPC7vVC9BLLwx3Bd/BsyY3Lo2MCxtrKdiE2gmIA8gqknkfqYj
z/RM3ZtQl8fFQqYlA9tYmJCz7Y9IqZkxEr4jXLbHCbGlg7sB+5wgYW7K6NmE2iiM
ef5LARWKFR1Z6m6jJ6coevetaPoOWsas7mwoxFjn9J67dFw2RpQiYx3vPhQu3KaQ
MIbvhRxFG9OuikTNHRZEIHk5lIGT
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:46:46 2025 by rpki-client