Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
File: PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer (raw, json)
Hash identifier: GMpmIMwAGdr90dr+UEeUV3M1LJkRD1GCreBa2Rq9vUI=
Subject key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228E317549DBE7E97C0117D82B637D23
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:48:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8201
AS: 8368
AS: 28707
AS: 29462
AS: 39721
AS: 43324
AS: 48517
AS: 49399
AS: 50675
AS: 50998
AS: 199998
IP: 46.243.24.0/21
IP: 62.213.192.0/18
IP: 78.40.96.0/21
IP: 78.41.64.0/21
IP: 78.110.192.0/20
IP: 82.146.96.0/19
IP: 85.158.208.0/21
IP: 87.237.8.0/21
IP: 88.82.32.0/19
IP: 89.35.16.0/21
IP: 89.250.176.0/20
IP: 91.197.108.0/22
IP: 94.140.160.0/19
IP: 94.158.248.0/22
IP: 95.171.160.0/19
IP: 176.97.202.0/24
IP: 178.132.8.0/21
IP: 178.248.160.0/21
IP: 185.39.124.0/22
IP: 185.47.0.0/22
IP: 185.48.100.0/22
IP: 185.72.168.0/22
IP: 185.78.180.0/22
IP: 185.81.69.0/24
IP: 185.81.224.0/22
IP: 185.90.184.0/22
IP: 185.107.208.0/22
IP: 185.154.140.0/22
IP: 185.174.64.0/22
IP: 185.175.180.0/22
IP: 185.214.4.0/22
IP: 185.224.236.0/22
IP: 188.64.72.0/21
IP: 188.118.0.0/18
IP: 193.200.135.0/24
IP: 195.110.54.0/23
IP: 195.144.64.0/19
IP: 195.200.24.0/23
IP: 195.225.100.0/22
IP: 213.193.200.0/21
IP: 213.193.224.0/21
IP: 213.193.248.0/23
IP: 2001:4158::/29
IP: 2001:4c40::/32
IP: 2a00:c78::/32
IP: 2a00:1ad8::/32
IP: 2a00:1fb8::/32
IP: 2a01:43a0::/32
IP: 2a01:8c20::/32
IP: 2a03:2200::/32
IP: 2a05:3d00::/29
IP: 2a05:6a80::/29
IP: 2a07:8bc0::/29
IP: 2a0b:8b00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:31:75:49:db:e7:e9:7c:01:17:d8:2b:63:7d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:41:83:49:ef:8d:6f:e4:92:93:61:6e:84:c8:
48:a4:dd:21:f2:a6:2f:26:52:9e:ce:8b:c9:83:df:
00:72:54:79:4e:6a:7b:85:e6:9f:b5:c5:b9:27:64:
37:1c:70:12:15:1b:ac:de:cd:4e:fe:3f:72:e3:41:
61:4a:74:f3:70:f8:78:f1:f4:a5:ea:37:33:3c:f7:
4d:73:f5:01:fb:60:50:30:89:2e:b6:59:32:e6:d5:
b8:33:a9:39:69:08:70:41:fb:11:63:d5:8e:77:36:
48:22:36:39:4d:f4:b7:95:b2:df:e5:2f:25:93:0d:
3a:ea:d1:48:f3:34:7c:b8:dc:88:3f:3e:75:fc:b3:
f5:11:47:ea:17:f1:8f:8f:94:24:55:4f:c3:ca:1b:
72:b8:2f:06:c4:8d:74:b8:3d:50:85:99:92:b7:52:
d9:06:c4:bc:18:e8:3f:3a:40:53:34:84:96:29:ef:
06:85:59:e3:f6:42:61:af:7a:0e:4c:15:1d:03:1a:
b2:9a:80:7e:4f:96:46:57:da:91:c5:6e:7d:62:9a:
d2:7b:c2:39:ac:e1:c7:83:41:30:c1:39:20:3c:2f:
3a:d7:88:ca:1e:5a:8e:b5:fb:cd:f3:66:bb:2a:15:
fe:00:d0:cf:02:01:b0:96:88:89:b5:44:a3:37:b5:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
62.213.192.0/18
78.40.96.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/22
95.171.160.0/19
176.97.202.0/24
178.132.8.0/21
178.248.160.0/21
185.39.124.0/22
185.47.0.0/22
185.48.100.0/22
185.72.168.0/22
185.78.180.0/22
185.81.69.0/24
185.81.224.0/22
185.90.184.0/22
185.107.208.0/22
185.154.140.0/22
185.174.64.0/22
185.175.180.0/22
185.214.4.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
193.200.135.0/24
195.110.54.0/23
195.144.64.0/19
195.200.24.0/23
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:c78::/32
2a00:1ad8::/32
2a00:1fb8::/32
2a01:43a0::/32
2a01:8c20::/32
2a03:2200::/32
2a05:3d00::/29
2a05:6a80::/29
2a07:8bc0::/29
2a0b:8b00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8201
8368
28707
29462
39721
43324
48517
49399
50675
50998
199998
Signature Algorithm: sha256WithRSAEncryption
95:ed:bc:98:bb:c2:bf:da:b6:2b:60:ae:a0:4e:cf:04:3d:08:
cb:65:83:6e:24:9d:dc:05:f4:d7:c7:5c:c7:7c:75:72:a4:d4:
07:8b:a8:7d:1c:1b:ba:d2:0b:66:14:d4:3d:f2:95:c5:1c:c9:
36:e8:35:92:de:3a:6e:ad:89:32:b6:bd:0b:5b:cf:3e:df:06:
8a:03:8f:97:1b:dc:1e:e9:ea:a2:08:33:a6:99:7b:d5:e9:39:
6d:68:cd:6a:e9:d6:f9:c8:a7:ec:a7:32:6e:3c:af:d9:28:ff:
86:84:a7:92:52:29:ea:6a:a3:f1:4c:ec:c6:fd:96:8f:e1:11:
01:23:ea:4f:84:b9:88:07:59:f0:e9:93:b9:e5:e3:46:6f:2b:
7e:fd:a9:3b:24:53:20:5e:25:98:95:ae:aa:45:62:11:d3:9f:
c7:35:69:d2:ed:fa:df:a9:e4:80:af:a2:f0:de:5a:30:04:31:
f7:10:d1:28:50:7d:e3:0f:3c:ae:12:63:d8:50:9a:f5:69:0d:
30:bf:33:05:d3:81:26:10:73:9b:17:40:ff:11:de:37:f0:d6:
ef:12:a0:f5:43:3b:da:d5:54:ec:49:e2:46:a7:a6:6b:9a:c4:
ec:10:fa:7b:de:a6:1f:40:51:96:fb:e4:d4:c2:d1:0b:fe:38:
1b:1a:18:51
-----BEGIN CERTIFICATE-----
MIIHHTCCBgWgAwIBAgISAZQijjF1Sdvn6XwBF9grY30jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNTUzZTA1ZjAzMTliZjQ1MmZhMjA2YzE0Y2NkYTg3MzA0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0GDSe+Nb+SSk2FuhMhIpN0h8qYv
JlKezovJg98AclR5Tmp7heaftcW5J2Q3HHASFRus3s1O/j9y40FhSnTzcPh48fSl
6jczPPdNc/UB+2BQMIkutlky5tW4M6k5aQhwQfsRY9WOdzZIIjY5TfS3lbLf5S8l
kw066tFI8zR8uNyIPz51/LP1EUfqF/GPj5QkVU/DyhtyuC8GxI10uD1QhZmSt1LZ
BsS8GOg/OkBTNISWKe8GhVnj9kJhr3oOTBUdAxqymoB+T5ZGV9qRxW59YprSe8I5
rOHHg0EwwTkgPC8614jKHlqOtfvN82a7KhX+ANDPAgGwloiJtUSjN7UMSQIDAQAB
o4IEKTCCBCUwHQYDVR0OBBYEFD2KVT4F8DGb9FL6IGwUzNqHMEZUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzUyY2U1
NC1lNDljLTQxMWMtODUyNy0wZmI0ODIzZjViODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNTJjZTU0
LWU0OWMtNDExYy04NTI3LTBmYjQ4MjNmNWI4Ny8xL1BZcFZQZ1h3TVp2MFV2b2di
QlRNMm9jd1JsUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBeAYIKwYB
BQUHAQcBAf8EggFnMIIBYzCCAQMEAgABMIH8AwQDLvMYAwQGPtXAAwQDTihgAwQD
TilAAwQETm7AAwQFUpJgAwQDVZ7QAwQDV+0IAwQFWFIgAwQDWSMQAwQEWfqwAwQC
W8VsAwQFXoygAwQCXp74AwQFX6ugAwQAsGHKAwQDsoQIAwQDsvigAwQCuSd8AwQC
uS8AAwQCuTBkAwQCuUioAwQCuU60AwQAuVFFAwQCuVHgAwQCuVq4AwQCuWvQAwQC
uZqMAwQCua5AAwQCua+0AwQCudYEAwQCueDsAwQDvEBIAwQGvHYAAwQAwciHAwQB
w242AwQFw5BAAwQBw8gYAwQCw+FkAwQD1cHIAwQD1cHgAwQB1cH4MFoEAgACMFQD
BQMgAUFYAwUAIAFMQAMFACoADHgDBQAqABrYAwUAKgAfuAMFACoBQ6ADBQAqAYwg
AwUAKgMiAAMFAyoFPQADBQMqBWqAAwUDKgeLwAMFAyoLiwAwSAYIKwYBBQUHAQgB
Af8EOTA3oDUwMwICIAkCAiCwAgJwIwICcxYCAwCbKQIDAKk8AgMAvYUCAwDA9wID
AMXzAgMAxzYCAwMNPjANBgkqhkiG9w0BAQsFAAOCAQEAle28mLvCv9q2K2CuoE7P
BD0Iy2WDbiSd3AX018dcx3x1cqTUB4uofRwbutILZhTUPfKVxRzJNug1kt46bq2J
Mra9C1vPPt8GigOPlxvcHunqoggzppl71ek5bWjNaunW+cin7Kcybjyv2Sj/hoSn
klIp6mqj8Uzsxv2Wj+ERASPqT4S5iAdZ8OmTueXjRm8rfv2pOyRTIF4lmJWuqkVi
EdOfxzVp0u3636nkgK+i8N5aMAQx9xDRKFB94w88rhJj2FCa9WkNML8zBdOBJhBz
mxdA/xHeN/DW7xKg9UM72tVU7EniRqema5rE7BD6e96mH0BRlvvk1MLRC/44GxoY
UQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:26:45 2025 by rpki-client