Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
File: NJy71cLPQZXMbsfyH2B1gaAiTao.cer (raw, json)
Hash identifier: MzRqQ1hIs483Mrcp0F8MOq/JtkJjgQzlkytcYWtaank=
Subject key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0191506A00C306C1AB096E36EEA3B5C42BDB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 14 Aug 2024 10:23:29 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 34744
AS: 57217
IP: 31.131.8.0/21
IP: 31.132.192.0/21
IP: 31.133.24.0/21
IP: 31.133.192.0/21
IP: 31.135.0.0/21
IP: 37.97.112.0 -- 37.97.123.255
IP: 46.151.32.0/21
IP: 46.173.240.0/20
IP: 46.174.200.0/21
IP: 64.43.64.0/18
IP: 77.36.0.0/17
IP: 77.232.192.0/19
IP: 81.161.0.0/20
IP: 81.161.48.0/21
IP: 85.204.196.0/23
IP: 86.104.132.0/23
IP: 89.34.74.0/23
IP: 89.42.232.0/23
IP: 89.44.100.0/23
IP: 89.45.92.0/23
IP: 89.46.112.0/23
IP: 91.193.28.0/22
IP: 91.200.132.0/22
IP: 91.218.252.0/22
IP: 91.223.117.0/24
IP: 91.223.158.0/24
IP: 91.224.40.0/23
IP: 91.224.212.0/23
IP: 91.225.34.0/23
IP: 91.226.52.0/22
IP: 91.228.119.0/24
IP: 91.229.6.0/24
IP: 91.229.16.0/22
IP: 91.229.30.0/23
IP: 91.229.147.0/24
IP: 91.229.156.0/22
IP: 91.231.223.0 -- 91.231.227.255
IP: 91.232.16.0 -- 91.232.20.255
IP: 91.232.55.0 -- 91.232.57.255
IP: 91.232.226.0/23
IP: 91.232.254.0/24
IP: 91.233.0.0/22
IP: 91.233.200.0/22
IP: 91.234.120.0/22
IP: 91.234.150.0/23
IP: 91.234.156.0/22
IP: 91.234.220.0/22
IP: 91.235.166.0/23
IP: 91.236.76.0/23
IP: 91.236.237.0/24
IP: 91.237.44.0 -- 91.237.49.255
IP: 91.237.91.0 -- 91.237.93.255
IP: 91.237.193.0 -- 91.237.195.255
IP: 91.238.38.0 -- 91.238.43.255
IP: 91.239.0.0/22
IP: 91.239.178.0/23
IP: 91.239.220.0 -- 91.239.226.255
IP: 91.240.154.0/24
IP: 91.240.156.0/22
IP: 91.245.88.0/21
IP: 91.245.176.0/20
IP: 91.246.172.0 -- 91.246.201.255
IP: 91.246.203.0 -- 91.246.207.255
IP: 91.246.216.0/23
IP: 93.120.0.0/17
IP: 94.232.96.0/21
IP: 109.197.232.0/21
IP: 109.207.128.0/20
IP: 171.25.223.0/24
IP: 176.96.48.0/20
IP: 176.96.88.0/21
IP: 176.96.176.0/21
IP: 176.97.144.0/21
IP: 176.98.56.0/21
IP: 176.102.120.0/21
IP: 176.103.120.0/21
IP: 176.103.240.0/21
IP: 176.107.64.0/20
IP: 176.110.106.0/23
IP: 176.110.112.0/22
IP: 176.110.216.0/21
IP: 176.111.0.0/21
IP: 176.111.160.0/22
IP: 176.112.80.0/21
IP: 176.113.176.0/20
IP: 176.115.232.0/21
IP: 176.116.32.0/20
IP: 176.116.224.0/20
IP: 176.118.88.0/21
IP: 176.118.200.0/21
IP: 176.121.32.0/20
IP: 176.121.96.0/20
IP: 176.124.172.0 -- 176.124.183.255
IP: 178.159.144.0/20
IP: 178.212.184.0/21
IP: 178.213.176.0/21
IP: 185.9.236.0 -- 185.9.243.255
IP: 185.55.4.0/22
IP: 185.55.140.0/22
IP: 185.104.196.0/22
IP: 188.191.248.0/21
IP: 188.213.233.0/24
IP: 192.162.184.0/22
IP: 193.0.190.0/24
IP: 193.36.192.0/19
IP: 193.221.82.0/23
IP: 194.33.64.0/22
IP: 194.33.100.0/22
IP: 195.80.142.0/23
IP: 2a01:7d8::/32
IP: 2a05:84c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:6a:00:c3:06:c1:ab:09:6e:36:ee:a3:b5:c4:2b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 14 10:23:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:01:76:b4:fe:93:58:b2:b7:ea:a8:f9:d4:
a3:3a:d7:fc:73:6d:19:76:dd:75:7c:eb:7d:ce:ab:
67:18:7b:95:46:c0:72:ca:b9:60:46:97:cf:c6:54:
e5:e4:6f:1b:27:4f:28:2b:7e:47:bc:78:b1:4b:92:
c6:e5:e8:04:c5:a2:ee:dc:81:3e:f9:81:4b:57:f5:
25:c8:2d:09:2d:1c:60:a7:4f:55:45:c7:91:27:8f:
56:2e:45:a1:1f:97:1d:de:1a:de:8d:21:46:c3:49:
a4:c2:f3:88:74:fe:06:68:ec:96:47:01:53:bc:ac:
de:9b:bc:4f:34:23:00:78:33:d6:64:c4:82:d3:c2:
0a:59:76:c5:60:72:d7:29:61:33:8f:d9:7c:1a:e6:
55:d5:96:e3:1f:d3:77:de:0c:d2:86:94:b8:83:15:
5a:d3:25:5b:30:2f:d6:e6:8c:a6:f0:38:25:ac:3f:
6f:81:4c:99:1d:74:74:69:94:89:39:3d:a0:32:ce:
5b:d4:6d:6c:15:ee:7b:89:4a:a1:38:70:b3:e0:a6:
63:96:b5:06:66:f1:b3:47:eb:56:c9:02:63:a5:2c:
f3:3a:5c:93:f0:c5:af:d3:55:d7:da:39:b8:0c:70:
4a:76:6a:d9:2a:e3:19:2f:67:8d:d1:9a:ea:35:6f:
26:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/21
31.132.192.0/21
31.133.24.0/21
31.133.192.0/21
31.135.0.0/21
37.97.112.0-37.97.123.255
46.151.32.0/21
46.173.240.0/20
46.174.200.0/21
64.43.64.0/18
77.36.0.0/17
77.232.192.0/19
81.161.0.0/20
81.161.48.0/21
85.204.196.0/23
86.104.132.0/23
89.34.74.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
89.46.112.0/23
91.193.28.0/22
91.200.132.0/22
91.218.252.0/22
91.223.117.0/24
91.223.158.0/24
91.224.40.0/23
91.224.212.0/23
91.225.34.0/23
91.226.52.0/22
91.228.119.0/24
91.229.6.0/24
91.229.16.0/22
91.229.30.0/23
91.229.147.0/24
91.229.156.0/22
91.231.223.0-91.231.227.255
91.232.16.0-91.232.20.255
91.232.55.0-91.232.57.255
91.232.226.0/23
91.232.254.0/24
91.233.0.0/22
91.233.200.0/22
91.234.120.0/22
91.234.150.0/23
91.234.156.0/22
91.234.220.0/22
91.235.166.0/23
91.236.76.0/23
91.236.237.0/24
91.237.44.0-91.237.49.255
91.237.91.0-91.237.93.255
91.237.193.0-91.237.195.255
91.238.38.0-91.238.43.255
91.239.0.0/22
91.239.178.0/23
91.239.220.0-91.239.226.255
91.240.154.0/24
91.240.156.0/22
91.245.88.0/21
91.245.176.0/20
91.246.172.0-91.246.201.255
91.246.203.0-91.246.207.255
91.246.216.0/23
93.120.0.0/17
94.232.96.0/21
109.197.232.0/21
109.207.128.0/20
171.25.223.0/24
176.96.48.0/20
176.96.88.0/21
176.96.176.0/21
176.97.144.0/21
176.98.56.0/21
176.102.120.0/21
176.103.120.0/21
176.103.240.0/21
176.107.64.0/20
176.110.106.0/23
176.110.112.0/22
176.110.216.0/21
176.111.0.0/21
176.111.160.0/22
176.112.80.0/21
176.113.176.0/20
176.115.232.0/21
176.116.32.0/20
176.116.224.0/20
176.118.88.0/21
176.118.200.0/21
176.121.32.0/20
176.121.96.0/20
176.124.172.0-176.124.183.255
178.159.144.0/20
178.212.184.0/21
178.213.176.0/21
185.9.236.0-185.9.243.255
185.55.4.0/22
185.55.140.0/22
185.104.196.0/22
188.191.248.0/21
188.213.233.0/24
192.162.184.0/22
193.0.190.0/24
193.36.192.0/19
193.221.82.0/23
194.33.64.0/22
194.33.100.0/22
195.80.142.0/23
IPv6:
2a01:7d8::/32
2a05:84c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34744
57217
Signature Algorithm: sha256WithRSAEncryption
57:5d:bf:5f:1d:8e:a8:9b:6d:37:a4:a4:1e:0b:c6:8b:e4:31:
14:44:51:4b:3a:42:42:54:8d:ed:b8:f8:46:36:48:ad:61:9e:
f0:47:81:95:b8:1f:7e:ca:40:72:a9:f1:8d:fa:29:96:4e:1b:
e7:cd:fb:05:e4:42:83:6c:0c:a5:85:34:13:f2:92:9c:af:00:
ba:de:1a:80:73:98:2a:70:8f:d0:5d:be:8e:ac:44:18:26:57:
25:de:59:56:22:b8:2a:a3:e6:a9:8a:b7:87:05:fe:98:30:9a:
02:92:ee:2a:dc:48:17:f5:47:46:d3:4c:23:25:66:73:6d:5e:
45:7b:98:a7:6c:37:15:b7:6e:eb:3e:a2:8f:57:31:ed:41:d6:
8f:6d:0a:87:3f:ff:e0:57:44:e6:5c:24:96:55:a8:e8:40:7e:
ec:cb:ff:2e:df:40:ac:f6:79:04:e9:31:58:33:48:37:26:42:
61:82:96:17:9c:e0:a9:dc:52:1a:d9:ee:8b:18:61:35:68:cc:
74:f0:c4:6f:f3:09:74:1b:a4:5a:38:2b:55:c7:46:63:36:53:
fb:ef:41:95:8a:29:50:a2:83:95:e9:35:5e:af:d5:7d:0a:60:
6c:0e:7b:56:16:a9:73:d6:dc:83:35:ba:18:d6:d9:6e:42:77:
ef:b9:3e:64
-----BEGIN CERTIFICATE-----
MIIIqTCCB5GgAwIBAgISAZFQagDDBsGrCW427qO1xCvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODE0MTAyMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp60BdrT+k1iyt+qo+dSjOtf8c20Z
dt11fOt9zqtnGHuVRsByyrlgRpfPxlTl5G8bJ08oK35HvHixS5LG5egExaLu3IE+
+YFLV/UlyC0JLRxgp09VRceRJ49WLkWhH5cd3hrejSFGw0mkwvOIdP4GaOyWRwFT
vKzem7xPNCMAeDPWZMSC08IKWXbFYHLXKWEzj9l8GuZV1ZbjH9N33gzShpS4gxVa
0yVbMC/W5oym8DglrD9vgUyZHXR0aZSJOT2gMs5b1G1sFe57iUqhOHCz4KZjlrUG
ZvGzR+tWyQJjpSzzOlyT8MWv01XX2jm4DHBKdmrZKuMZL2eN0ZrqNW8mNwIDAQAB
o4IFtTCCBbEwHQYDVR0OBBYEFDScu9XCz0GVzG7H8h9gdYGgIk2qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkL2NkZjVm
Ni0yZjE4LTQyYzctOTMwZS1kYzA2ZGQ4MDU5NjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvY2RmNWY2
LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpYTWJzZnlI
MkIxZ2FBaVRhby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIDLQYIKwYB
BQUHAQcBAf8EggMcMIIDGDCCAv4EAgABMIIC9gMEAx+DCAMEAx+EwAMEAx+FGAME
Ax+FwAMEAx+HADAMAwQEJWFwAwQCJWF4AwQDLpcgAwQELq3wAwQDLq7IAwQGQCtA
AwQHTSQAAwQFTejAAwQEUaEAAwQDUaEwAwQBVczEAwQBVmiEAwQBWSJKAwQBWSro
AwQBWSxkAwQBWS1cAwQBWS5wAwQCW8EcAwQCW8iEAwQCW9r8AwQAW991AwQAW9+e
AwQBW+AoAwQBW+DUAwQBW+EiAwQCW+I0AwQAW+R3AwQAW+UGAwQCW+UQAwQBW+Ue
AwQAW+WTAwQCW+WcMAwDBABb598DBAJb5+AwDAMEBFvoEAMEAFvoFDAMAwQAW+g3
AwQBW+g4AwQBW+jiAwQAW+j+AwQCW+kAAwQCW+nIAwQCW+p4AwQBW+qWAwQCW+qc
AwQCW+rcAwQBW+umAwQBW+xMAwQAW+ztMAwDBAJb7SwDBAFb7TAwDAMEAFvtWwME
AVvtXDAMAwQAW+3BAwQCW+3AMAwDBAFb7iYDBAJb7igDBAJb7wADBAFb77IwDAME
Alvv3AMEAFvv4gMEAFvwmgMEAlvwnAMEA1v1WAMEBFv1sDAMAwQCW/asAwQBW/bI
MAwDBABb9ssDBARb9sADBAFb9tgDBAddeAADBANe6GADBANtxegDBARtz4ADBACr
Gd8DBASwYDADBAOwYFgDBAOwYLADBAOwYZADBAOwYjgDBAOwZngDBAOwZ3gDBAOw
Z/ADBASwa0ADBAGwbmoDBAKwbnADBAOwbtgDBAOwbwADBAKwb6ADBAOwcFADBASw
cbADBAOwc+gDBASwdCADBASwdOADBAOwdlgDBAOwdsgDBASweSADBASweWAwDAME
ArB8rAMEA7B8sAMEBLKfkAMEA7LUuAMEA7LVsDAMAwQCuQnsAwQCuQnwAwQCuTcE
AwQCuTeMAwQCuWjEAwQDvL/4AwQAvNXpAwQCwKK4AwQAwQC+AwQFwSTAAwQBwd1S
AwQCwiFAAwQCwiFkAwQBw1COMBQEAgACMA4DBQAqAQfYAwUDKgWEwDAfBggrBgEF
BQcBCAEB/wQQMA6gDDAKAgMAh7gCAwDfgTANBgkqhkiG9w0BAQsFAAOCAQEAV12/
Xx2OqJttN6SkHgvGi+QxFERRSzpCQlSN7bj4RjZIrWGe8EeBlbgffspAcqnxjfop
lk4b5837BeRCg2wMpYU0E/KSnK8Aut4agHOYKnCP0F2+jqxEGCZXJd5ZViK4KqPm
qYq3hwX+mDCaApLuKtxIF/VHRtNMIyVmc21eRXuYp2w3Fbdu6z6ij1cx7UHWj20K
hz//4FdE5lwkllWo6EB+7Mv/Lt9ArPZ5BOkxWDNINyZCYYKWF5zgqdxSGtnuixhh
NWjMdPDEb/MJdBukWjgrVcdGYzZT++9BlYopUKKDlek1Xq/VfQpgbA57Vhapc9bc
gzW6GNbZbkJ377k+ZA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:23:06 2024 by rpki-client on console-ams.rpki-client.org