Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
File: NHtIeEj_9jUz2HwyTsxRwsPqKts.cer (raw, json)
Hash identifier: AKSqOYFDsGQ4qaSPsRZ3Bii5cN/gPL+RN/uJbyqh9l0=
Subject key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B634BBAAE2F0581BE12C2382DC937
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43333
AS: 55000
IP: 45.128.144.0/22
IP: 45.131.176.0/22
IP: 45.132.236.0/22
IP: 45.136.12.0/22
IP: 45.137.8.0/22
IP: 45.144.136.0/22
IP: 45.153.8.0/22
IP: 45.153.124.0 -- 45.153.131.255
IP: 91.217.139.0/24
IP: 91.217.160.0/24
IP: 91.217.162.0/24
IP: 91.217.167.0/24
IP: 91.238.114.0/24
IP: 91.238.203.0/24
IP: 91.238.207.0/24
IP: 91.238.213.0/24
IP: 193.200.130.0/24
IP: 193.200.134.0/24
IP: 193.200.149.0/24
IP: 193.200.152.0/24
IP: 193.227.103.0/24
IP: 193.227.109.0/24
IP: 193.227.114.0/24
IP: 193.227.121.0/24
IP: 2a12:a380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:63:4b:ba:ae:2f:05:81:be:12:c2:38:2d:c9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:ad:a3:30:00:73:56:cd:7f:39:df:e7:b2:
8f:af:51:c4:52:db:65:7f:f3:bc:d8:1f:0a:67:8a:
b6:d8:8c:9f:af:e0:4d:9d:4f:74:2a:1c:a8:c6:2a:
4b:e8:a9:9a:2f:9c:4d:5d:80:8d:cd:19:59:dd:6f:
22:22:6a:b2:7e:d1:13:b2:ca:c0:1d:16:53:6b:a3:
50:a8:8b:54:83:eb:58:9a:9f:70:b7:43:ea:55:76:
11:9f:80:fa:83:0d:2f:74:50:5a:62:22:0c:85:30:
ed:7a:b2:8c:51:57:fc:77:91:d6:cf:b8:19:fc:c9:
98:89:9c:b2:f9:f0:7c:ea:02:9b:6b:8b:8c:7f:9c:
f7:7f:38:8b:29:89:59:81:c7:8e:03:e9:30:f4:e1:
fb:18:48:5e:2d:84:09:50:a3:16:04:85:5f:dc:1e:
3d:99:da:18:d8:a6:e8:0a:2b:bb:b4:00:f1:bc:30:
4d:4f:03:0d:61:55:98:99:1b:88:15:d3:1f:f4:30:
d7:c0:c8:ca:d1:bd:a7:a5:26:e8:42:ca:aa:a8:b9:
f3:c1:b9:78:ae:16:16:7e:6e:a4:41:c0:82:97:c0:
56:cd:5b:ad:e0:29:ff:3b:73:15:da:81:54:ae:19:
c8:bc:ca:a4:c8:4b:a0:26:f2:f1:6f:d9:0a:2c:75:
1e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.144.0/22
45.131.176.0/22
45.132.236.0/22
45.136.12.0/22
45.137.8.0/22
45.144.136.0/22
45.153.8.0/22
45.153.124.0-45.153.131.255
91.217.139.0/24
91.217.160.0/24
91.217.162.0/24
91.217.167.0/24
91.238.114.0/24
91.238.203.0/24
91.238.207.0/24
91.238.213.0/24
193.200.130.0/24
193.200.134.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
193.227.121.0/24
IPv6:
2a12:a380::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43333
55000
Signature Algorithm: sha256WithRSAEncryption
7c:ee:af:e0:8c:ad:bd:10:37:78:57:26:2c:90:43:77:52:c8:
97:aa:fd:a5:e4:19:20:e0:a5:fa:c2:33:65:53:9a:f1:92:ee:
39:f4:76:a4:9b:e0:9f:75:3a:cb:68:0d:95:85:8f:db:32:0d:
b1:56:db:f3:2b:ad:bb:6e:ab:e5:63:90:3a:26:25:a3:da:36:
2b:fd:27:0f:62:ed:f5:5f:56:93:3c:13:2a:a9:72:5b:26:89:
11:6d:01:78:3d:fc:17:b6:0b:db:08:57:5d:f3:6f:00:d1:46:
05:e9:59:13:b8:8b:d8:9c:22:16:20:25:46:56:12:d5:8d:c1:
fc:bd:ad:f0:06:8e:b7:d5:46:7b:82:86:1c:2c:1c:1c:05:64:
35:90:9f:1f:12:56:63:2a:ed:54:51:05:8e:cd:e1:75:c8:3d:
e0:fa:9f:e1:4e:b0:bb:33:91:28:42:7c:f2:94:f9:1c:e1:4b:
cc:dc:07:f2:ad:cf:e7:9b:b4:7a:f6:7a:f4:21:bb:e0:41:73:
6b:1a:4f:70:c7:ff:f0:de:f1:16:ae:95:9c:ca:c5:6e:f6:25:
c8:7b:fc:54:d8:6b:43:b5:72:1b:06:f4:4a:a5:f5:dd:af:da:
3a:8e:f4:1b:61:c3:db:3d:5b:b1:39:c1:e3:24:dc:f5:9b:2e:
a0:53:85:ec
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYzGS2NLuq4vBYG+EsI4Lck3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uatozAAc1bNfznf57KPr1HEUttl
f/O82B8KZ4q22Iyfr+BNnU90KhyoxipL6KmaL5xNXYCNzRlZ3W8iImqyftETssrA
HRZTa6NQqItUg+tYmp9wt0PqVXYRn4D6gw0vdFBaYiIMhTDterKMUVf8d5HWz7gZ
/MmYiZyy+fB86gKba4uMf5z3fziLKYlZgceOA+kw9OH7GEheLYQJUKMWBIVf3B49
mdoY2KboCiu7tADxvDBNTwMNYVWYmRuIFdMf9DDXwMjK0b2npSboQsqqqLnzwbl4
rhYWfm6kQcCCl8BWzVut4Cn/O3MV2oFUrhnIvMqkyEugJvLxb9kKLHUelQIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFDR7SHhI//Y1M9h8Mk7MUcLD6irbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3L2JjNzEy
Mi00ZDFiLTQ2YTctYWVjYi0yMzBiM2I3MmExNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvYmM3MTIy
LTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpVejJId3lU
c3hSd3NQcUt0cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHEBggrBgEF
BQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAItgJADBAItg7ADBAIthOwDBAItiAwD
BAItiQgDBAItkIgDBAItmQgwDAMEAi2ZfAMEAi2ZgAMEAFvZiwMEAFvZoAMEAFvZ
ogMEAFvZpwMEAFvucgMEAFvuywMEAFvuzwMEAFvu1QMEAMHIggMEAMHIhgMEAMHI
lQMEAMHImAMEAMHjZwMEAMHjbQMEAMHjcgMEAMHjeTANBAIAAjAHAwUDKhKjgDAf
BggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAqUUCAwDW2DANBgkqhkiG9w0BAQsFAAOC
AQEAfO6v4IytvRA3eFcmLJBDd1LIl6r9peQZIOCl+sIzZVOa8ZLuOfR2pJvgn3U6
y2gNlYWP2zINsVbb8yutu26r5WOQOiYlo9o2K/0nD2Lt9V9WkzwTKqlyWyaJEW0B
eD38F7YL2whXXfNvANFGBelZE7iL2JwiFiAlRlYS1Y3B/L2t8AaOt9VGe4KGHCwc
HAVkNZCfHxJWYyrtVFEFjs3hdcg94Pqf4U6wuzORKEJ88pT5HOFLzNwH8q3P55u0
evZ69CG74EFzaxpPcMf/8N7xFq6VnMrFbvYlyHv8VNhrQ7VyGwb0SqX13a/aOo70
G2HD2z1bsTnB4yTc9ZsuoFOF7A==
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:26:02 2024 by rpki-client on console-fra.rpki-client.org