Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
File: NoBlGroGa0CEp-0g1_UgGyKWwZc.cer (raw, json)
Hash identifier: aQuuFhiqFsXylqSMX7VOJjRam4QWCdOATxFWDz5jo/M=
Subject key identifier: 36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC726E029D6FCDB2BD6FF1FB6DDBF10C4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35725
IP: 89.33.32.0/21
IP: 89.33.48.0/21
IP: 89.33.152.0/21
IP: 89.33.168.0/21
IP: 89.34.80.0/21
IP: 89.35.184.0/21
IP: 89.35.240.0/21
IP: 89.36.240.0/21
IP: 89.37.48.0/21
IP: 89.37.160.0/21
IP: 89.38.0.0/21
IP: 89.41.144.0/21
IP: 89.42.240.0/21
IP: 89.43.248.0/21
IP: 89.45.72.0/21
IP: 89.45.144.0/21
IP: 178.138.0.0/16
IP: 193.104.247.0/24
IP: 2a02:4800::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e0:29:d6:fc:db:2b:d6:ff:1f:b6:dd:bf:10:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3680651aba066b4084a7ed20d7f5201b2296c197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a8:cd:a4:b6:f0:8a:94:c5:69:52:5d:4e:14:
94:fc:20:de:0e:b0:28:74:ac:15:ab:16:9a:dd:3c:
24:c2:66:3b:07:ce:7c:13:71:a6:8d:71:ef:c1:e5:
34:eb:e5:f6:66:9f:d7:08:b6:b5:42:a2:c3:21:a6:
c7:32:28:5c:79:30:a5:96:98:79:79:a0:95:67:18:
ae:14:41:79:e5:11:80:87:18:c9:f2:eb:88:9c:19:
cf:7b:10:4f:ad:2b:49:9c:a8:5e:f1:85:82:b0:3f:
d9:5b:16:54:42:c8:95:e3:b4:bc:0e:2f:cc:4f:81:
c2:6e:22:92:fc:77:ca:47:17:0e:e8:c9:76:6a:0b:
c2:f6:c7:51:81:70:62:63:71:bc:c0:d3:13:9d:fe:
c6:22:92:76:56:49:78:40:a3:68:6b:ae:da:a9:82:
d6:33:a4:38:38:42:4d:4f:73:ec:35:a9:84:8b:76:
00:7e:ec:89:05:ec:b4:b9:cc:6d:31:c9:3b:ac:ff:
b8:e6:35:27:fa:89:9c:a5:ef:0e:60:61:49:0c:ae:
f7:65:ee:60:8c:17:78:35:d8:bc:79:fc:f9:d1:68:
c2:64:27:0e:ef:a8:99:b3:7a:98:5c:44:a3:1a:10:
7c:71:ff:6c:30:64:a8:9c:a5:4f:4b:64:3b:be:f2:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.32.0/21
89.33.48.0/21
89.33.152.0/21
89.33.168.0/21
89.34.80.0/21
89.35.184.0/21
89.35.240.0/21
89.36.240.0/21
89.37.48.0/21
89.37.160.0/21
89.38.0.0/21
89.41.144.0/21
89.42.240.0/21
89.43.248.0/21
89.45.72.0/21
89.45.144.0/21
178.138.0.0/16
193.104.247.0/24
IPv6:
2a02:4800::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35725
Signature Algorithm: sha256WithRSAEncryption
0d:1a:49:ea:bc:03:0b:b3:65:97:05:80:1c:17:45:07:93:f1:
2d:53:6d:90:48:44:54:af:cc:5f:b2:50:54:ab:92:21:e9:d4:
76:60:54:0a:4e:90:0d:85:cc:da:19:4a:39:ab:5b:fd:d8:d5:
21:86:2b:29:d4:69:81:e8:b8:72:c4:a8:ad:a3:01:0a:e3:a2:
b6:59:9c:1d:bb:81:a8:17:ba:5a:22:c2:83:bd:ae:74:ad:b1:
fe:1d:23:a7:b1:07:cf:11:c4:59:b1:0b:31:2e:32:49:60:ba:
24:4a:4f:ea:d8:3b:f6:87:c2:46:8a:d6:40:82:ef:34:43:d5:
72:41:4b:4b:5d:48:e0:62:ee:3c:ef:39:23:5e:17:30:9e:13:
bd:e6:43:47:04:c5:81:6f:9e:a4:e3:cd:10:25:4f:37:3f:4b:
da:4e:28:24:45:b9:11:4e:b6:4f:c6:56:a9:94:2f:52:13:8f:
da:3c:48:bc:19:c2:94:57:98:95:57:e2:ce:37:ae:d1:1a:75:
b6:95:57:51:38:2d:12:2d:d1:04:d4:f2:49:e7:ef:17:60:c9:
bd:3f:47:71:d1:4e:42:8b:85:c3:53:c0:27:23:53:ab:85:48:
b4:8d:d2:d0:c1:38:d6:35:47:2c:11:af:8d:81:37:8d:16:dd:
1c:78:50:f7
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYzHJuAp1vzbK9b/H7bdvxDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjgwNjUxYWJhMDY2YjQwODRhN2VkMjBkN2Y1MjAxYjIyOTZjMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlajNpLbwipTFaVJdThSU/CDeDrAo
dKwVqxaa3TwkwmY7B858E3GmjXHvweU06+X2Zp/XCLa1QqLDIabHMihceTCllph5
eaCVZxiuFEF55RGAhxjJ8uuInBnPexBPrStJnKhe8YWCsD/ZWxZUQsiV47S8Di/M
T4HCbiKS/HfKRxcO6Ml2agvC9sdRgXBiY3G8wNMTnf7GIpJ2Vkl4QKNoa67aqYLW
M6Q4OEJNT3PsNamEi3YAfuyJBey0ucxtMck7rP+45jUn+omcpe8OYGFJDK73Ze5g
jBd4Ndi8efz50WjCZCcO76iZs3qYXESjGhB8cf9sMGSonKVPS2Q7vvKySwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFDaAZRq6BmtAhKftINf1IBsilsGXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U2L2QxMGI5
NC00MTA1LTQ1ZTItYTcwNy01MjI0Y2YxM2Y1ODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYvZDEwYjk0
LTQxMDUtNDVlMi1hNzA3LTUyMjRjZjEzZjU4Ni8xL05vQmxHcm9HYTBDRXAtMGcx
X1VnR3lLV3daYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGVBggrBgEF
BQcBBwEB/wSBhTCBgjBxBAIAATBrAwQDWSEgAwQDWSEwAwQDWSGYAwQDWSGoAwQD
WSJQAwQDWSO4AwQDWSPwAwQDWSTwAwQDWSUwAwQDWSWgAwQDWSYAAwQDWSmQAwQD
WSrwAwQDWSv4AwQDWS1IAwQDWS2QAwMAsooDBADBaPcwDQQCAAIwBwMFAyoCSAAw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAIuNMA0GCSqGSIb3DQEBCwUAA4IBAQAN
GknqvAMLs2WXBYAcF0UHk/EtU22QSERUr8xfslBUq5Ih6dR2YFQKTpANhczaGUo5
q1v92NUhhisp1GmB6LhyxKitowEK46K2WZwdu4GoF7paIsKDva50rbH+HSOnsQfP
EcRZsQsxLjJJYLokSk/q2Dv2h8JGitZAgu80Q9VyQUtLXUjgYu487zkjXhcwnhO9
5kNHBMWBb56k480QJU83P0vaTigkRbkRTrZPxlaplC9SE4/aPEi8GcKUV5iVV+LO
N67RGnW2lVdROC0SLdEE1PJJ5+8XYMm9P0dx0U5Ci4XDU8AnI1OrhUi0jdLQwTjW
NUcsEa+NgTeNFt0ceFD3
-----END CERTIFICATE-----
Generated at Fri May 3 07:31:19 2024 by rpki-client on console-fra.rpki-client.org