Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
File: NHtIeEj_9jUz2HwyTsxRwsPqKts.cer (raw, json)
Hash identifier: VeL0LOCEijW6/lWX1VAUl5J3V4LBcpdetrlTff4EKsw=
Subject key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0191B2A6EECDA45016F6582A66FC485C9C5F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 02 Sep 2024 12:12:50 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43333
AS: 55000
IP: 45.128.144.0/22
IP: 45.131.176.0/22
IP: 45.132.236.0/22
IP: 45.136.12.0/22
IP: 45.137.8.0/22
IP: 45.144.136.0/22
IP: 45.153.8.0/22
IP: 45.153.128.0/22
IP: 91.217.139.0/24
IP: 91.217.160.0/24
IP: 91.217.162.0/24
IP: 91.217.167.0/24
IP: 91.238.114.0/24
IP: 91.238.203.0/24
IP: 91.238.207.0/24
IP: 91.238.213.0/24
IP: 193.200.130.0/24
IP: 193.200.134.0/24
IP: 193.200.149.0/24
IP: 193.200.152.0/24
IP: 193.227.103.0/24
IP: 193.227.109.0/24
IP: 193.227.114.0/24
IP: 193.227.121.0/24
IP: 2a12:a380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:a6:ee:cd:a4:50:16:f6:58:2a:66:fc:48:5c:9c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 2 12:12:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:ad:a3:30:00:73:56:cd:7f:39:df:e7:b2:
8f:af:51:c4:52:db:65:7f:f3:bc:d8:1f:0a:67:8a:
b6:d8:8c:9f:af:e0:4d:9d:4f:74:2a:1c:a8:c6:2a:
4b:e8:a9:9a:2f:9c:4d:5d:80:8d:cd:19:59:dd:6f:
22:22:6a:b2:7e:d1:13:b2:ca:c0:1d:16:53:6b:a3:
50:a8:8b:54:83:eb:58:9a:9f:70:b7:43:ea:55:76:
11:9f:80:fa:83:0d:2f:74:50:5a:62:22:0c:85:30:
ed:7a:b2:8c:51:57:fc:77:91:d6:cf:b8:19:fc:c9:
98:89:9c:b2:f9:f0:7c:ea:02:9b:6b:8b:8c:7f:9c:
f7:7f:38:8b:29:89:59:81:c7:8e:03:e9:30:f4:e1:
fb:18:48:5e:2d:84:09:50:a3:16:04:85:5f:dc:1e:
3d:99:da:18:d8:a6:e8:0a:2b:bb:b4:00:f1:bc:30:
4d:4f:03:0d:61:55:98:99:1b:88:15:d3:1f:f4:30:
d7:c0:c8:ca:d1:bd:a7:a5:26:e8:42:ca:aa:a8:b9:
f3:c1:b9:78:ae:16:16:7e:6e:a4:41:c0:82:97:c0:
56:cd:5b:ad:e0:29:ff:3b:73:15:da:81:54:ae:19:
c8:bc:ca:a4:c8:4b:a0:26:f2:f1:6f:d9:0a:2c:75:
1e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.144.0/22
45.131.176.0/22
45.132.236.0/22
45.136.12.0/22
45.137.8.0/22
45.144.136.0/22
45.153.8.0/22
45.153.128.0/22
91.217.139.0/24
91.217.160.0/24
91.217.162.0/24
91.217.167.0/24
91.238.114.0/24
91.238.203.0/24
91.238.207.0/24
91.238.213.0/24
193.200.130.0/24
193.200.134.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
193.227.121.0/24
IPv6:
2a12:a380::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43333
55000
Signature Algorithm: sha256WithRSAEncryption
b1:5c:25:a7:86:31:f1:2d:62:25:d8:40:57:bb:da:5e:10:0f:
4d:bc:19:64:f7:75:ec:98:4c:35:83:9a:e0:d4:0d:29:dd:d2:
78:41:e2:e8:87:40:91:9f:b7:b5:3a:da:3f:25:24:e7:26:0b:
c8:2f:f1:59:00:77:e2:16:91:0b:a7:9f:b1:40:56:39:11:c1:
19:0a:ab:ea:d1:bc:1d:55:8e:6e:a5:c3:1f:33:fb:8e:54:81:
1e:4c:e7:f6:36:1b:f3:e8:5a:96:5f:48:8b:39:ef:b3:b8:06:
12:22:1c:cb:e2:1f:31:57:d0:cf:9e:3d:47:c5:9c:98:f5:a4:
7f:60:fc:23:54:4b:e0:60:f1:e0:d0:41:f2:f9:e1:53:5a:be:
87:27:21:98:33:9e:39:5f:38:c6:ff:af:2c:eb:02:93:f4:80:
6a:02:ff:83:4f:12:78:2e:5d:ca:c7:71:60:08:32:b1:b2:45:
a0:96:e7:a8:31:90:77:43:cc:e2:43:df:37:7e:af:a4:ab:ff:
82:0b:52:9a:16:27:e8:4d:59:80:5a:02:77:db:ff:ad:6a:da:
5b:55:0e:c5:12:90:6e:ff:6e:f1:77:dd:2a:d6:c1:c5:6a:33:
c0:f7:60:c6:00:b8:77:74:8b:c8:2d:40:bd:7a:d3:b3:ae:77:
3c:c0:da:c9
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISAZGypu7NpFAW9lgqZvxIXJxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwOTAyMTIxMjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uatozAAc1bNfznf57KPr1HEUttl
f/O82B8KZ4q22Iyfr+BNnU90KhyoxipL6KmaL5xNXYCNzRlZ3W8iImqyftETssrA
HRZTa6NQqItUg+tYmp9wt0PqVXYRn4D6gw0vdFBaYiIMhTDterKMUVf8d5HWz7gZ
/MmYiZyy+fB86gKba4uMf5z3fziLKYlZgceOA+kw9OH7GEheLYQJUKMWBIVf3B49
mdoY2KboCiu7tADxvDBNTwMNYVWYmRuIFdMf9DDXwMjK0b2npSboQsqqqLnzwbl4
rhYWfm6kQcCCl8BWzVut4Cn/O3MV2oFUrhnIvMqkyEugJvLxb9kKLHUelQIDAQAB
o4IDQzCCAz8wHQYDVR0OBBYEFDR7SHhI//Y1M9h8Mk7MUcLD6irbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3L2JjNzEy
Mi00ZDFiLTQ2YTctYWVjYi0yMzBiM2I3MmExNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvYmM3MTIy
LTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpVejJId3lU
c3hSd3NQcUt0cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG8BggrBgEF
BQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAItgJADBAItg7ADBAIthOwDBAItiAwD
BAItiQgDBAItkIgDBAItmQgDBAItmYADBABb2YsDBABb2aADBABb2aIDBABb2acD
BABb7nIDBABb7ssDBABb7s8DBABb7tUDBADByIIDBADByIYDBADByJUDBADByJgD
BADB42cDBADB420DBADB43IDBADB43kwDQQCAAIwBwMFAyoSo4AwHwYIKwYBBQUH
AQgBAf8EEDAOoAwwCgIDAKlFAgMA1tgwDQYJKoZIhvcNAQELBQADggEBALFcJaeG
MfEtYiXYQFe72l4QD028GWT3deyYTDWDmuDUDSnd0nhB4uiHQJGft7U62j8lJOcm
C8gv8VkAd+IWkQunn7FAVjkRwRkKq+rRvB1Vjm6lwx8z+45UgR5M5/Y2G/PoWpZf
SIs577O4BhIiHMviHzFX0M+ePUfFnJj1pH9g/CNUS+Bg8eDQQfL54VNavocnIZgz
njlfOMb/ryzrApP0gGoC/4NPEnguXcrHcWAIMrGyRaCW56gxkHdDzOJD3zd+r6Sr
/4ILUpoWJ+hNWYBaAnfb/61q2ltVDsUSkG7/bvF33SrWwcVqM8D3YMYAuHd0i8gt
QL1607OudzzA2sk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:42:37 2024 by rpki-client on console-fra.rpki-client.org