Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LubVYKCKAT8_4OZtra9v0Cvq9D8.cer
File: LubVYKCKAT8_4OZtra9v0Cvq9D8.cer (raw, json)
Hash identifier: kkjc1XQqOnH6aciUGiqUAkisVec7PL3weicjo+sMLKo=
Subject key identifier: 2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BCE4BC6B411D15502108E5C848C12F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:34:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 56448
AS: 199610
IP: 5.62.64.0/21
IP: 5.62.96.0/19
IP: 5.83.160.0/20
IP: 5.101.160.0/21
IP: 31.214.128.0/24
IP: 31.214.130.0/23
IP: 31.214.134.0 -- 31.214.136.255
IP: 31.214.142.0/23
IP: 31.214.148.0/24
IP: 31.214.158.0 -- 31.214.167.255
IP: 31.214.192.0/21
IP: 31.214.202.0 -- 31.214.211.255
IP: 31.214.216.0 -- 31.214.221.255
IP: 31.214.224.0/22
IP: 31.214.232.0/21
IP: 37.10.96.0 -- 37.10.107.255
IP: 37.10.115.0/24
IP: 37.10.118.0 -- 37.10.127.255
IP: 45.140.128.0/22
IP: 45.159.4.0/22
IP: 46.251.228.0 -- 46.251.236.255
IP: 46.251.238.0/24
IP: 46.251.240.0 -- 46.251.248.255
IP: 85.190.128.0 -- 85.190.175.255
IP: 95.156.193.0 -- 95.156.194.255
IP: 95.156.198.0/24
IP: 95.156.209.0 -- 95.156.211.255
IP: 95.156.213.0/24
IP: 95.156.220.0/23
IP: 95.156.224.0/24
IP: 95.156.238.0/23
IP: 95.156.250.0/24
IP: 109.230.197.0/24
IP: 109.230.208.0/24
IP: 109.230.211.0/24
IP: 109.230.214.0/24
IP: 109.230.240.0/23
IP: 109.230.243.0/24
IP: 109.230.248.0/23
IP: 128.0.112.0/22
IP: 134.255.198.0/24
IP: 134.255.208.0/23
IP: 134.255.212.0 -- 134.255.214.255
IP: 134.255.240.0/24
IP: 134.255.251.0/24
IP: 185.9.104.0/22
IP: 194.169.211.0/24
IP: 195.82.158.0/23
IP: 217.114.192.0/21
IP: 2a03:4d40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e4:bc:6b:41:1d:15:50:21:08:e5:c8:48:c1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ee6d560a08a013f3fe0e66dadaf6fd02beaf43f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:fd:9f:c7:ef:4d:b0:12:e6:2e:63:82:af:
bc:6b:bd:a6:d7:b2:31:19:4c:b1:d8:61:fe:89:e8:
bf:53:10:f0:b4:b1:bc:b9:db:79:ad:6f:04:81:70:
04:48:95:e5:a1:41:2a:70:39:81:c7:31:73:05:87:
2a:78:2e:b5:00:02:64:15:ea:70:79:d7:fa:91:ac:
99:72:66:6a:68:47:26:3c:3d:79:cf:27:26:8e:64:
a3:ab:76:36:f9:4f:ee:69:e5:02:4d:d2:f6:e7:72:
09:b8:22:ce:96:be:df:d9:de:fc:ec:dd:90:9a:66:
af:fa:a3:b7:21:69:0d:3f:d0:75:80:00:f8:ac:51:
90:5f:30:63:da:95:00:1c:88:b6:72:98:70:7c:3e:
50:89:e7:a7:23:8d:76:ca:1a:61:3f:6d:f9:06:c4:
06:12:5b:51:c8:b0:a6:33:aa:98:7d:53:62:3d:56:
9e:09:f3:70:54:b7:c7:22:bc:54:3f:67:1b:13:b2:
69:5f:e7:ac:13:18:d7:6b:65:4a:6f:14:88:02:31:
38:01:9d:b4:0d:2a:b9:75:da:e3:4b:c2:76:8e:5b:
ff:81:bc:8c:63:9d:c5:79:3c:d9:ed:ee:40:5c:95:
f4:c1:91:c3:42:ac:6c:cc:b9:71:8c:42:a7:13:e5:
04:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E6:D5:60:A0:8A:01:3F:3F:E0:E6:6D:AD:AF:6F:D0:2B:EA:F4:3F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c00a5b-6a59-41dd-b13b-73495fc08fc4/1/LubVYKCKAT8_4OZtra9v0Cvq9D8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.64.0/21
5.62.96.0/19
5.83.160.0/20
5.101.160.0/21
31.214.128.0/24
31.214.130.0/23
31.214.134.0-31.214.136.255
31.214.142.0/23
31.214.148.0/24
31.214.158.0-31.214.167.255
31.214.192.0/21
31.214.202.0-31.214.211.255
31.214.216.0-31.214.221.255
31.214.224.0/22
31.214.232.0/21
37.10.96.0-37.10.107.255
37.10.115.0/24
37.10.118.0-37.10.127.255
45.140.128.0/22
45.159.4.0/22
46.251.228.0-46.251.236.255
46.251.238.0/24
46.251.240.0-46.251.248.255
85.190.128.0-85.190.175.255
95.156.193.0-95.156.194.255
95.156.198.0/24
95.156.209.0-95.156.211.255
95.156.213.0/24
95.156.220.0/23
95.156.224.0/24
95.156.238.0/23
95.156.250.0/24
109.230.197.0/24
109.230.208.0/24
109.230.211.0/24
109.230.214.0/24
109.230.240.0/23
109.230.243.0/24
109.230.248.0/23
128.0.112.0/22
134.255.198.0/24
134.255.208.0/23
134.255.212.0-134.255.214.255
134.255.240.0/24
134.255.251.0/24
185.9.104.0/22
194.169.211.0/24
195.82.158.0/23
217.114.192.0/21
IPv6:
2a03:4d40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56448
199610
Signature Algorithm: sha256WithRSAEncryption
36:0b:85:9b:bb:56:e5:0e:41:75:3c:16:b8:2d:fb:37:c6:3b:
1f:39:e4:fa:b0:a4:13:46:14:65:b2:d7:1b:68:91:ee:89:69:
ed:ff:82:9d:dc:57:17:e5:a9:a5:c1:a0:09:b4:33:3e:34:eb:
41:e5:0f:25:22:4d:e5:fa:08:1a:a8:cb:5c:30:b8:94:b0:08:
7c:2e:60:58:ed:38:c1:ee:83:b4:bd:34:6f:b1:11:02:d6:dc:
30:86:dd:a2:28:a8:6f:bb:7c:46:6a:83:f6:17:8e:46:84:04:
a9:8f:7f:1a:6f:34:b0:e3:b9:98:ad:aa:ca:b4:66:90:b4:1a:
58:b7:e0:a9:40:04:8d:11:4c:a8:80:5a:d9:e2:1c:90:db:11:
73:80:41:fb:dc:56:6c:b3:80:5b:46:21:83:2f:f1:8b:df:57:
a2:ea:39:00:ea:33:45:29:2c:ea:ea:e6:d8:27:cc:71:21:74:
3b:67:87:94:72:15:e7:dc:7a:04:c8:ae:71:14:03:79:0d:e2:
0d:36:70:e1:74:d5:4c:a4:4d:da:92:7f:cf:1a:ad:fd:6d:c3:
d8:a9:06:b6:f4:87:c1:a7:1f:88:0a:67:7c:65:90:1b:b3:99:
02:42:58:bf:29:40:2a:95:7c:19:2f:15:18:d6:8e:b5:6f:3e:
c7:13:0a:fe
-----BEGIN CERTIFICATE-----
MIIHMjCCBhqgAwIBAgISAYzJvOS8a0EdFVAhCOXISMEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU2ZDU2MGEwOGEwMTNmM2ZlMGU2NmRhZGFmNmZkMDJiZWFmNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKD9n8fvTbAS5i5jgq+8a72m17Ix
GUyx2GH+iei/UxDwtLG8udt5rW8EgXAESJXloUEqcDmBxzFzBYcqeC61AAJkFepw
edf6kayZcmZqaEcmPD15zycmjmSjq3Y2+U/uaeUCTdL253IJuCLOlr7f2d787N2Q
mmav+qO3IWkNP9B1gAD4rFGQXzBj2pUAHIi2cphwfD5QieenI412yhphP235BsQG
EltRyLCmM6qYfVNiPVaeCfNwVLfHIrxUP2cbE7JpX+esExjXa2VKbxSIAjE4AZ20
DSq5ddrjS8J2jlv/gbyMY53FeTzZ7e5AXJX0wZHDQqxszLlxjEKnE+UERwIDAQAB
o4IEPjCCBDowHQYDVR0OBBYEFC7m1WCgigE/P+Dmba2vb9Ar6vQ/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0L2MwMGE1
Yi02YTU5LTQxZGQtYjEzYi03MzQ5NWZjMDhmYzQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvYzAwYTVi
LTZhNTktNDFkZC1iMTNiLTczNDk1ZmMwOGZjNC8xL0x1YlZZS0NLQVQ4XzRPWnRy
YTl2MEN2cTlEOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBtgYIKwYB
BQUHAQcBAf8EggGlMIIBoTCCAY4EAgABMIIBhgMEAwU+QAMEBQU+YAMEBAVToAME
AwVloAMEAB/WgAMEAR/WgjAMAwQBH9aGAwQAH9aIAwQBH9aOAwQAH9aUMAwDBAEf
1p4DBAMf1qADBAMf1sAwDAMEAR/WygMEAh/W0DAMAwQDH9bYAwQBH9bcAwQCH9bg
AwQDH9boMAwDBAUlCmADBAIlCmgDBAAlCnMwDAMEASUKdgMEByUKAAMEAi2MgAME
Ai2fBDAMAwQCLvvkAwQALvvsAwQALvvuMAwDBAQu+/ADBAAu+/gwDAMEB1W+gAME
BFW+oDAMAwQAX5zBAwQAX5zCAwQAX5zGMAwDBABfnNEDBAJfnNADBABfnNUDBAFf
nNwDBABfnOADBAFfnO4DBABfnPoDBABt5sUDBABt5tADBABt5tMDBABt5tYDBAFt
5vADBABt5vMDBAFt5vgDBAKAAHADBACG/8YDBAGG/9AwDAMEAob/1AMEAIb/1gME
AIb/8AMEAIb/+wMEArkJaAMEAMKp0wMEAcNSngMEA9lywDANBAIAAjAHAwUDKgNN
QDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMA3IACAwMLujANBgkqhkiG9w0BAQsF
AAOCAQEANguFm7tW5Q5BdTwWuC37N8Y7Hznk+rCkE0YUZbLXG2iR7olp7f+CndxX
F+WppcGgCbQzPjTrQeUPJSJN5foIGqjLXDC4lLAIfC5gWO04we6DtL00b7ERAtbc
MIbdoiiob7t8RmqD9heORoQEqY9/Gm80sOO5mK2qyrRmkLQaWLfgqUAEjRFMqIBa
2eIckNsRc4BB+9xWbLOAW0Yhgy/xi99Xouo5AOozRSks6urm2CfMcSF0O2eHlHIV
59x6BMiucRQDeQ3iDTZw4XTVTKRN2pJ/zxqt/W3D2KkGtvSHwacfiApnfGWQG7OZ
AkJYvylAKpV8GS8VGNaOtW8+xxMK/g==
-----END CERTIFICATE-----
Generated at Fri May 3 10:09:58 2024 by rpki-client on console-fra.rpki-client.org