Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NoBlGroGa0CEp-0g1_UgGyKWwZc.cer
File: NoBlGroGa0CEp-0g1_UgGyKWwZc.cer (raw, json)
Hash identifier: aU+dIQwnVpaiLtDFsnIvdLp9wTsn2i1EsYK3XB91qdU=
Subject key identifier: 36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420680291C7BDDFA4B38356E71BA4FC68
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:47:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35725
IP: 89.33.32.0/21
IP: 89.33.48.0/21
IP: 89.33.152.0/21
IP: 89.33.168.0/21
IP: 89.34.80.0/21
IP: 89.35.184.0/21
IP: 89.35.240.0/21
IP: 89.36.240.0/21
IP: 89.37.48.0/21
IP: 89.37.160.0/21
IP: 89.38.0.0/21
IP: 89.41.144.0/21
IP: 89.42.240.0/21
IP: 89.43.248.0/21
IP: 89.45.72.0/21
IP: 89.45.144.0/21
IP: 178.138.0.0/16
IP: 193.104.247.0/24
IP: 2a02:4800::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:02:91:c7:bd:df:a4:b3:83:56:e7:1b:a4:fc:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3680651aba066b4084a7ed20d7f5201b2296c197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a8:cd:a4:b6:f0:8a:94:c5:69:52:5d:4e:14:
94:fc:20:de:0e:b0:28:74:ac:15:ab:16:9a:dd:3c:
24:c2:66:3b:07:ce:7c:13:71:a6:8d:71:ef:c1:e5:
34:eb:e5:f6:66:9f:d7:08:b6:b5:42:a2:c3:21:a6:
c7:32:28:5c:79:30:a5:96:98:79:79:a0:95:67:18:
ae:14:41:79:e5:11:80:87:18:c9:f2:eb:88:9c:19:
cf:7b:10:4f:ad:2b:49:9c:a8:5e:f1:85:82:b0:3f:
d9:5b:16:54:42:c8:95:e3:b4:bc:0e:2f:cc:4f:81:
c2:6e:22:92:fc:77:ca:47:17:0e:e8:c9:76:6a:0b:
c2:f6:c7:51:81:70:62:63:71:bc:c0:d3:13:9d:fe:
c6:22:92:76:56:49:78:40:a3:68:6b:ae:da:a9:82:
d6:33:a4:38:38:42:4d:4f:73:ec:35:a9:84:8b:76:
00:7e:ec:89:05:ec:b4:b9:cc:6d:31:c9:3b:ac:ff:
b8:e6:35:27:fa:89:9c:a5:ef:0e:60:61:49:0c:ae:
f7:65:ee:60:8c:17:78:35:d8:bc:79:fc:f9:d1:68:
c2:64:27:0e:ef:a8:99:b3:7a:98:5c:44:a3:1a:10:
7c:71:ff:6c:30:64:a8:9c:a5:4f:4b:64:3b:be:f2:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:80:65:1A:BA:06:6B:40:84:A7:ED:20:D7:F5:20:1B:22:96:C1:97
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/d10b94-4105-45e2-a707-5224cf13f586/1/NoBlGroGa0CEp-0g1_UgGyKWwZc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.32.0/21
89.33.48.0/21
89.33.152.0/21
89.33.168.0/21
89.34.80.0/21
89.35.184.0/21
89.35.240.0/21
89.36.240.0/21
89.37.48.0/21
89.37.160.0/21
89.38.0.0/21
89.41.144.0/21
89.42.240.0/21
89.43.248.0/21
89.45.72.0/21
89.45.144.0/21
178.138.0.0/16
193.104.247.0/24
IPv6:
2a02:4800::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35725
Signature Algorithm: sha256WithRSAEncryption
44:11:51:69:8b:8c:6a:6c:c1:f6:7d:7b:1b:e2:92:78:8a:b0:
7f:91:1b:31:19:a0:21:52:cb:2c:59:01:a2:0f:5c:58:7f:21:
39:3c:e2:ce:17:86:c9:6d:33:59:1d:83:ce:93:c9:32:40:56:
4a:ec:cd:df:ed:f7:a6:f1:8d:2a:e2:9b:b4:01:ff:61:ce:c5:
c6:2f:00:4e:7b:bf:aa:75:4e:7e:b8:1d:92:ac:9b:56:0f:16:
76:3a:82:1d:99:3f:39:f5:86:a2:97:34:20:e2:df:a0:e0:49:
4b:f5:6f:3d:e7:af:10:ff:64:ec:0f:fd:2a:c1:c7:08:e1:5d:
65:4a:84:da:af:fd:29:0b:56:ad:a0:62:fd:62:5d:5f:e7:30:
6b:f6:89:20:ce:2f:6a:6f:47:b1:e4:3f:a7:11:a7:3b:d9:a0:
40:0f:ed:7f:e5:4b:0b:09:2d:40:ed:63:eb:78:c0:dd:ed:8a:
3c:05:79:79:66:e2:ce:63:e6:2d:ca:79:b9:e4:7d:79:65:56:
32:a0:f2:7c:13:5e:53:c3:d2:68:76:e3:b6:01:c4:c6:87:b3:
79:d4:4f:2a:b0:ee:10:7d:5c:e4:37:68:d5:5d:f9:6e:29:d9:
17:3f:5a:52:0e:31:d0:56:ea:d7:55:98:87:d5:db:a2:9b:e5:
d5:0a:26:d7
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZQgaAKRx73fpLODVucbpPxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjgwNjUxYWJhMDY2YjQwODRhN2VkMjBkN2Y1MjAxYjIyOTZjMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlajNpLbwipTFaVJdThSU/CDeDrAo
dKwVqxaa3TwkwmY7B858E3GmjXHvweU06+X2Zp/XCLa1QqLDIabHMihceTCllph5
eaCVZxiuFEF55RGAhxjJ8uuInBnPexBPrStJnKhe8YWCsD/ZWxZUQsiV47S8Di/M
T4HCbiKS/HfKRxcO6Ml2agvC9sdRgXBiY3G8wNMTnf7GIpJ2Vkl4QKNoa67aqYLW
M6Q4OEJNT3PsNamEi3YAfuyJBey0ucxtMck7rP+45jUn+omcpe8OYGFJDK73Ze5g
jBd4Ndi8efz50WjCZCcO76iZs3qYXESjGhB8cf9sMGSonKVPS2Q7vvKySwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFDaAZRq6BmtAhKftINf1IBsilsGXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U2L2QxMGI5
NC00MTA1LTQ1ZTItYTcwNy01MjI0Y2YxM2Y1ODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYvZDEwYjk0
LTQxMDUtNDVlMi1hNzA3LTUyMjRjZjEzZjU4Ni8xL05vQmxHcm9HYTBDRXAtMGcx
X1VnR3lLV3daYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGVBggrBgEF
BQcBBwEB/wSBhTCBgjBxBAIAATBrAwQDWSEgAwQDWSEwAwQDWSGYAwQDWSGoAwQD
WSJQAwQDWSO4AwQDWSPwAwQDWSTwAwQDWSUwAwQDWSWgAwQDWSYAAwQDWSmQAwQD
WSrwAwQDWSv4AwQDWS1IAwQDWS2QAwMAsooDBADBaPcwDQQCAAIwBwMFAyoCSAAw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAIuNMA0GCSqGSIb3DQEBCwUAA4IBAQBE
EVFpi4xqbMH2fXsb4pJ4irB/kRsxGaAhUsssWQGiD1xYfyE5POLOF4bJbTNZHYPO
k8kyQFZK7M3f7fem8Y0q4pu0Af9hzsXGLwBOe7+qdU5+uB2SrJtWDxZ2OoIdmT85
9YailzQg4t+g4ElL9W89568Q/2TsD/0qwccI4V1lSoTar/0pC1atoGL9Yl1f5zBr
9okgzi9qb0ex5D+nEac72aBAD+1/5UsLCS1A7WPreMDd7Yo8BXl5ZuLOY+Ytynm5
5H15ZVYyoPJ8E15Tw9JoduO2AcTGh7N51E8qsO4QfVzkN2jVXfluKdkXP1pSDjHQ
VurXVZiH1duim+XVCibX
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:40:55 2025 by rpki-client