Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
File: M8NCwGqsw1nTlDn_WN76jqGHV0g.cer (raw, json)
Hash identifier: 6RhuVEe7q4khv7BB1oT4+22XFudBxRm8Ljw1tNvMkZA=
Subject key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC500B5D39A0D59926222463E020C0A3A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:30:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 13165
AS: 34441
AS: 39575
AS: 41826
AS: 42870
AS: 50374
AS: 50443
AS: 50691
AS: 50753
AS: 51209
AS: 51238
AS: 60513
AS: 197693
AS: 198350
AS: 198960
AS: 198973 -- 198974
IP: 45.146.64.0/22
IP: 109.236.240.0/20
IP: 185.216.100.0/22
IP: 193.34.164.0/23
IP: 193.43.182.0/24
IP: 213.128.192.0/19
IP: 217.22.168.0/22
IP: 2a04:4980::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b5:d3:9a:0d:59:92:62:22:46:3e:02:0c:0a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33c342c06aacc359d39439ff58defa8ea1875748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:2b:74:ee:64:a9:40:f4:6b:63:83:06:fb:
3d:36:63:3c:cf:e8:85:96:cb:24:27:3a:e8:06:c7:
47:90:05:93:de:1a:f8:5b:72:c5:58:81:9b:f5:f7:
1a:60:b7:08:6e:cf:49:62:20:2a:0d:99:52:bc:4d:
a8:d3:59:50:6d:3d:56:02:02:9d:29:8b:5e:4f:37:
ca:7c:f0:8c:6e:4e:a8:cc:a1:08:d3:1e:15:19:e6:
ef:f0:4d:76:4b:d0:8f:e8:7c:8b:e1:22:a3:d8:64:
ba:04:aa:44:e0:30:4f:f2:b1:5e:33:01:36:32:0e:
f8:ec:9b:61:11:a3:e0:01:1f:a6:17:f5:9a:3e:60:
5a:85:70:9d:72:be:36:e7:70:20:98:f9:79:97:09:
28:f8:4c:9d:e2:a3:a7:95:9d:18:c0:00:53:e3:36:
d4:5e:8e:d3:3d:73:7a:2b:a2:39:20:6b:ed:08:ea:
ec:71:b2:a3:cd:85:ba:6d:45:74:6f:0a:22:8c:78:
5b:1e:f4:c6:94:0b:8d:3b:ad:af:f4:63:b1:b0:98:
6c:81:65:81:88:30:57:23:9c:78:87:ce:5b:ab:38:
50:6f:db:e9:7a:41:d7:b8:a6:57:c1:6d:6c:4e:bf:
b7:99:bd:c8:7a:3e:90:5a:3c:cf:57:51:19:db:a2:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.64.0/22
109.236.240.0/20
185.216.100.0/22
193.34.164.0/23
193.43.182.0/24
213.128.192.0/19
217.22.168.0/22
IPv6:
2a04:4980::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13165
34441
39575
41826
42870
50374
50443
50691
50753
51209
51238
60513
197693
198350
198960
198973-198974
Signature Algorithm: sha256WithRSAEncryption
0e:52:09:ab:5d:75:d1:e8:4b:1a:7e:e8:61:3b:43:98:2d:90:
ff:71:af:eb:21:6d:ac:da:81:ee:c0:3e:76:77:93:aa:92:59:
9f:3c:e7:53:97:ac:24:b1:14:aa:6d:b0:e0:ac:7b:57:a0:89:
37:6b:db:75:d4:b3:9b:fc:7e:a9:46:ee:ac:29:af:00:bd:95:
38:49:1e:2c:26:07:90:92:3d:99:10:b7:b1:80:88:e0:37:93:
e5:34:a0:80:16:70:39:ab:a3:3b:ca:9f:6f:3d:95:f1:97:3c:
b1:b5:00:a3:c5:f2:4c:f4:57:df:41:89:2d:c3:11:91:e0:79:
42:f1:66:12:c4:78:1b:67:a9:4e:60:ef:fb:f8:c9:57:75:38:
46:e8:51:17:65:23:de:ad:47:9d:c3:d0:cc:9b:84:57:a8:ac:
20:3f:42:4e:85:bc:fd:83:34:38:a1:dc:ea:a9:32:92:31:61:
93:f8:02:6b:04:58:16:2b:8c:93:75:58:c5:23:5d:e9:01:52:
7c:46:d0:ec:63:bb:28:75:dd:ad:ec:1c:e5:0b:b8:43:5d:de:
39:8e:f9:f5:75:4e:bc:26:10:89:b3:bd:70:76:6a:10:e9:cb:
27:55:a1:4e:de:b6:15:48:94:76:7c:c1:45:d6:92:ee:5c:2f:
b9:f2:db:67
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAYzFALXTmg1ZkmIiRj4CDAo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2MzNDJjMDZhYWNjMzU5ZDM5NDM5ZmY1OGRlZmE4ZWExODc1NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04MrdO5kqUD0a2ODBvs9NmM8z+iF
lsskJzroBsdHkAWT3hr4W3LFWIGb9fcaYLcIbs9JYiAqDZlSvE2o01lQbT1WAgKd
KYteTzfKfPCMbk6ozKEI0x4VGebv8E12S9CP6HyL4SKj2GS6BKpE4DBP8rFeMwE2
Mg747JthEaPgAR+mF/WaPmBahXCdcr4253AgmPl5lwko+Eyd4qOnlZ0YwABT4zbU
Xo7TPXN6K6I5IGvtCOrscbKjzYW6bUV0bwoijHhbHvTGlAuNO62v9GOxsJhsgWWB
iDBXI5x4h85bqzhQb9vpekHXuKZXwW1sTr+3mb3Iej6QWjzPV1EZ26IaGwIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFDPDQsBqrMNZ05Q5/1je+o6hh1dIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VlL2M1NWZk
Zi1hNjhhLTRhYTAtYjhjNS03ZjIzMzM2MDQ5OTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUvYzU1ZmRm
LWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8xL004TkN3R3FzdzFuVGxEbl9X
Tjc2anFHSFYwZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQCLZJAAwQEbezwAwQCudhkAwQBwSKkAwQAwSu2
AwQF1YDAAwQC2RaoMA0EAgACMAcDBQMqBEmAMGsGCCsGAQUFBwEIAQH/BFwwWqBY
MFYCAjNtAgMAhokCAwCalwIDAKNiAgMAp3YCAwDExgIDAMULAgMAxgMCAwDGQQID
AMgJAgMAyCYCAwDsYQIDAwQ9AgMDBs4CAwMJMDAKAgMDCT0CAwMJPjANBgkqhkiG
9w0BAQsFAAOCAQEADlIJq1110ehLGn7oYTtDmC2Q/3Gv6yFtrNqB7sA+dneTqpJZ
nzznU5esJLEUqm2w4Kx7V6CJN2vbddSzm/x+qUburCmvAL2VOEkeLCYHkJI9mRC3
sYCI4DeT5TSggBZwOaujO8qfbz2V8Zc8sbUAo8XyTPRX30GJLcMRkeB5QvFmEsR4
G2epTmDv+/jJV3U4RuhRF2Uj3q1HncPQzJuEV6isID9CToW8/YM0OKHc6qkykjFh
k/gCawRYFiuMk3VYxSNd6QFSfEbQ7GO7KHXdrewc5Qu4Q13eOY759XVOvCYQibO9
cHZqEOnLJ1WhTt62FUiUdnzBRdaS7lwvufLbZw==
-----END CERTIFICATE-----
Generated at Fri May 3 02:54:11 2024 by rpki-client on console-fra.rpki-client.org