Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
File: PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer (raw, json)
Hash identifier: 6eZl/Q2/sMF+kUOc5CdPuUBhKIyGrDJajvVaWQ2aSho=
Subject key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DAEBC385749830F1E13287D6193154
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:36 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8201
AS: 8368
AS: 28707
AS: 29462
AS: 39721
AS: 43324
AS: 48517
AS: 49399
AS: 50675
AS: 50998
AS: 199998
IP: 46.243.24.0/21
IP: 62.213.192.0/18
IP: 78.40.96.0/21
IP: 78.41.64.0/21
IP: 78.110.192.0/20
IP: 82.146.96.0/19
IP: 85.158.208.0/21
IP: 87.237.8.0/21
IP: 88.82.32.0/19
IP: 89.35.16.0/21
IP: 89.250.176.0/20
IP: 91.197.108.0/22
IP: 94.140.160.0/19
IP: 94.158.248.0/22
IP: 95.171.160.0/19
IP: 178.132.8.0/21
IP: 178.248.160.0/21
IP: 185.39.124.0/22
IP: 185.47.0.0/22
IP: 185.48.100.0/22
IP: 185.72.168.0/22
IP: 185.78.180.0/22
IP: 185.81.224.0/22
IP: 185.90.184.0/22
IP: 185.107.208.0/22
IP: 185.154.140.0/22
IP: 185.174.64.0/22
IP: 185.175.180.0/22
IP: 185.214.4.0/22
IP: 185.224.236.0/22
IP: 188.64.72.0/21
IP: 188.118.0.0/18
IP: 193.200.135.0/24
IP: 195.110.54.0/23
IP: 195.144.64.0/19
IP: 195.225.100.0/22
IP: 213.193.200.0/21
IP: 213.193.224.0/21
IP: 213.193.248.0/23
IP: 2001:4158::/29
IP: 2001:4c40::/32
IP: 2a00:c78::/32
IP: 2a00:1ad8::/32
IP: 2a00:1fb8::/32
IP: 2a01:43a0::/32
IP: 2a01:8c20::/32
IP: 2a03:2200::/32
IP: 2a05:3d00::/29
IP: 2a05:6a80::/29
IP: 2a07:8bc0::/29
IP: 2a0b:8b00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:c3:85:74:98:30:f1:e1:32:87:d6:19:31:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:41:83:49:ef:8d:6f:e4:92:93:61:6e:84:c8:
48:a4:dd:21:f2:a6:2f:26:52:9e:ce:8b:c9:83:df:
00:72:54:79:4e:6a:7b:85:e6:9f:b5:c5:b9:27:64:
37:1c:70:12:15:1b:ac:de:cd:4e:fe:3f:72:e3:41:
61:4a:74:f3:70:f8:78:f1:f4:a5:ea:37:33:3c:f7:
4d:73:f5:01:fb:60:50:30:89:2e:b6:59:32:e6:d5:
b8:33:a9:39:69:08:70:41:fb:11:63:d5:8e:77:36:
48:22:36:39:4d:f4:b7:95:b2:df:e5:2f:25:93:0d:
3a:ea:d1:48:f3:34:7c:b8:dc:88:3f:3e:75:fc:b3:
f5:11:47:ea:17:f1:8f:8f:94:24:55:4f:c3:ca:1b:
72:b8:2f:06:c4:8d:74:b8:3d:50:85:99:92:b7:52:
d9:06:c4:bc:18:e8:3f:3a:40:53:34:84:96:29:ef:
06:85:59:e3:f6:42:61:af:7a:0e:4c:15:1d:03:1a:
b2:9a:80:7e:4f:96:46:57:da:91:c5:6e:7d:62:9a:
d2:7b:c2:39:ac:e1:c7:83:41:30:c1:39:20:3c:2f:
3a:d7:88:ca:1e:5a:8e:b5:fb:cd:f3:66:bb:2a:15:
fe:00:d0:cf:02:01:b0:96:88:89:b5:44:a3:37:b5:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
62.213.192.0/18
78.40.96.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/22
95.171.160.0/19
178.132.8.0/21
178.248.160.0/21
185.39.124.0/22
185.47.0.0/22
185.48.100.0/22
185.72.168.0/22
185.78.180.0/22
185.81.224.0/22
185.90.184.0/22
185.107.208.0/22
185.154.140.0/22
185.174.64.0/22
185.175.180.0/22
185.214.4.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
193.200.135.0/24
195.110.54.0/23
195.144.64.0/19
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:c78::/32
2a00:1ad8::/32
2a00:1fb8::/32
2a01:43a0::/32
2a01:8c20::/32
2a03:2200::/32
2a05:3d00::/29
2a05:6a80::/29
2a07:8bc0::/29
2a0b:8b00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8201
8368
28707
29462
39721
43324
48517
49399
50675
50998
199998
Signature Algorithm: sha256WithRSAEncryption
14:f1:6f:bd:9b:61:ff:df:97:27:9d:28:74:12:eb:ef:99:d1:
e0:5f:4c:6f:55:fa:4d:6d:28:b2:b8:79:94:fc:07:34:2d:03:
02:63:c3:99:11:c7:69:bf:c9:35:1b:b9:e4:52:fe:00:32:1c:
58:41:ce:45:06:92:f6:b4:03:87:ba:e5:43:88:50:5c:e2:07:
4e:fe:f8:98:b1:bd:39:8d:70:4a:52:71:d2:5e:c6:0a:00:c1:
dc:07:58:2f:4d:db:1e:95:77:16:7b:d3:2d:81:f0:7b:71:2e:
25:f3:0c:09:ea:de:0d:f5:10:03:ba:f3:ea:f3:80:a2:6a:89:
31:13:bb:96:d8:fb:b9:bf:40:69:b9:6b:7c:69:0a:96:b0:55:
71:9c:98:13:76:d3:bf:41:d1:67:c9:56:30:99:74:c3:57:8c:
91:6e:b2:f6:c0:da:2f:b2:a6:42:a1:fb:44:c8:e4:c7:40:91:
a3:02:50:b9:3e:18:6c:79:e8:49:a3:47:3b:e1:ff:ca:3d:0b:
8d:c3:40:d3:50:1c:0d:3b:80:14:a8:40:43:aa:73:23:6d:06:
a3:c5:de:15:44:8b:72:cc:a2:7a:40:f9:5a:13:87:fe:16:05:
44:9b:36:ac:af:3c:19:66:41:0b:d6:f8:e7:34:87:c3:8d:87:
4d:98:06:a3
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgISAYzC2uvDhXSYMPHhMofWGTFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNTUzZTA1ZjAzMTliZjQ1MmZhMjA2YzE0Y2NkYTg3MzA0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0GDSe+Nb+SSk2FuhMhIpN0h8qYv
JlKezovJg98AclR5Tmp7heaftcW5J2Q3HHASFRus3s1O/j9y40FhSnTzcPh48fSl
6jczPPdNc/UB+2BQMIkutlky5tW4M6k5aQhwQfsRY9WOdzZIIjY5TfS3lbLf5S8l
kw066tFI8zR8uNyIPz51/LP1EUfqF/GPj5QkVU/DyhtyuC8GxI10uD1QhZmSt1LZ
BsS8GOg/OkBTNISWKe8GhVnj9kJhr3oOTBUdAxqymoB+T5ZGV9qRxW59YprSe8I5
rOHHg0EwwTkgPC8614jKHlqOtfvN82a7KhX+ANDPAgGwloiJtUSjN7UMSQIDAQAB
o4IEFjCCBBIwHQYDVR0OBBYEFD2KVT4F8DGb9FL6IGwUzNqHMEZUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzUyY2U1
NC1lNDljLTQxMWMtODUyNy0wZmI0ODIzZjViODcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvNTJjZTU0
LWU0OWMtNDExYy04NTI3LTBmYjQ4MjNmNWI4Ny8xL1BZcFZQZ1h3TVp2MFV2b2di
QlRNMm9jd1JsUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBZQYIKwYB
BQUHAQcBAf8EggFUMIIBUDCB8QQCAAEwgeoDBAMu8xgDBAY+1cADBANOKGADBANO
KUADBARObsADBAVSkmADBANVntADBANX7QgDBAVYUiADBANZIxADBARZ+rADBAJb
xWwDBAVejKADBAJenvgDBAVfq6ADBAOyhAgDBAOy+KADBAK5J3wDBAK5LwADBAK5
MGQDBAK5SKgDBAK5TrQDBAK5UeADBAK5WrgDBAK5a9ADBAK5mowDBAK5rkADBAK5
r7QDBAK51gQDBAK54OwDBAO8QEgDBAa8dgADBADByIcDBAHDbjYDBAXDkEADBALD
4WQDBAPVwcgDBAPVweADBAHVwfgwWgQCAAIwVAMFAyABQVgDBQAgAUxAAwUAKgAM
eAMFACoAGtgDBQAqAB+4AwUAKgFDoAMFACoBjCADBQAqAyIAAwUDKgU9AAMFAyoF
aoADBQMqB4vAAwUDKguLADBIBggrBgEFBQcBCAEB/wQ5MDegNTAzAgIgCQICILAC
AnAjAgJzFgIDAJspAgMAqTwCAwC9hQIDAMD3AgMAxfMCAwDHNgIDAw0+MA0GCSqG
SIb3DQEBCwUAA4IBAQAU8W+9m2H/35cnnSh0EuvvmdHgX0xvVfpNbSiyuHmU/Ac0
LQMCY8OZEcdpv8k1G7nkUv4AMhxYQc5FBpL2tAOHuuVDiFBc4gdO/viYsb05jXBK
UnHSXsYKAMHcB1gvTdselXcWe9MtgfB7cS4l8wwJ6t4N9RADuvPq84CiaokxE7uW
2Pu5v0BpuWt8aQqWsFVxnJgTdtO/QdFnyVYwmXTDV4yRbrL2wNovsqZCoftEyOTH
QJGjAlC5PhhseehJo0c74f/KPQuNw0DTUBwNO4AUqEBDqnMjbQajxd4VRItyzKJ6
QPlaE4f+FgVEmzasrzwZZkEL1vjnNIfDjYdNmAaj
-----END CERTIFICATE-----
Generated at Fri May 3 10:13:06 2024 by rpki-client on console-fra.rpki-client.org