Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer
File: R0qIvG6eELuvFQ8Bm7-KYVorA8I.cer (raw, json)
Hash identifier: c5lyApinma2yQH+fmoebAwLpChGi38RK7RMx4u9SSJ4=
Subject key identifier: 47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC348A6128E5E72CA6742189DE6B9675C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/R0qIvG6eELuvFQ8Bm7-KYVorA8I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:27 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 6908
AS: 20547
AS: 20629
AS: 24673
AS: 25588
AS: 28673
AS: 31220
AS: 42129
AS: 44305
AS: 58124
AS: 60228
AS: 60477
IP: 5.102.184.0/21
IP: 31.210.240.0/21
IP: 46.252.64.0/20
IP: 62.149.32.0/19
IP: 77.75.232.0/21
IP: 78.41.152.0/21
IP: 80.79.128.0/20
IP: 82.147.0.0/19
IP: 85.92.192.0/19
IP: 91.135.224.0/20
IP: 91.151.208.0/20
IP: 91.199.24.0/24
IP: 94.247.96.0/21
IP: 95.131.216.0/21
IP: 109.71.120.0/21
IP: 109.239.80.0/20
IP: 158.58.160.0/21
IP: 185.13.204.0/22
IP: 185.28.112.0/22
IP: 185.64.160.0/22
IP: 185.109.92.0/22
IP: 185.119.68.0/22
IP: 185.120.152.0/22
IP: 185.121.248.0/22
IP: 185.122.232.0/22
IP: 185.157.224.0/22
IP: 195.3.184.0/22
IP: 195.72.128.0/22
IP: 195.225.216.0/22
IP: 195.230.122.0/24
IP: 213.133.128.0/19
IP: 217.10.128.0/19
IP: 217.20.16.0/20
IP: 217.61.176.0/20
IP: 217.169.32.0/19
IP: 2001:67c:42c::/48
IP: 2001:1b90::/32
IP: 2001:41e8::/32
IP: 2a00:9de0::/32
IP: 2a01:450::/32
IP: 2a02:298::/32
IP: 2a02:2458::/32
IP: 2a03:14e0::/32
IP: 2a03:6a00::/29
IP: 2a03:a0c0::/32
IP: 2a06:4f80::/29
IP: 2a06:9e80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a6:12:8e:5e:72:ca:67:42:18:9d:e6:b9:67:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=474a88bc6e9e10bbaf150f019bbf8a615a2b03c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:24:54:c6:5d:2e:06:1c:75:4b:1b:d7:af:31:
34:08:4e:ca:9a:61:eb:19:46:1f:66:16:5b:53:7d:
f3:6e:3f:78:c2:33:39:55:d6:a3:f1:07:c2:5c:2d:
da:f5:48:4f:8f:67:6b:25:f8:39:15:20:26:5e:17:
c3:41:e5:04:75:3a:7a:73:22:f8:43:60:0b:6e:d4:
07:3b:fb:f7:9a:fc:47:ba:54:36:c8:e3:f2:69:54:
8f:83:0b:9a:c3:73:85:dc:d6:85:ab:81:ac:cc:75:
f8:b7:4a:85:40:c6:67:98:1f:8c:56:0a:f6:04:13:
52:14:fe:49:e8:71:eb:82:6e:43:e4:5b:8f:2c:e8:
e6:57:9c:48:c1:46:91:e7:55:92:24:be:6e:59:1d:
09:8f:e6:fa:57:76:09:3f:c7:f3:12:46:99:cb:68:
e9:df:98:1c:0a:f0:d9:1c:ff:a1:13:e9:c7:90:0c:
3d:4e:34:1c:66:f5:7d:fb:ec:79:db:9f:d2:1e:8f:
69:05:6e:eb:eb:cb:66:db:33:d8:3e:65:44:7a:5b:
ed:85:e7:77:1c:c8:03:b8:47:d3:e3:a9:32:41:70:
73:2b:22:d2:81:08:34:68:cb:2e:b5:4c:7a:49:73:
ee:6d:d4:44:a5:a5:3c:a0:42:73:e9:b9:5d:52:91:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4A:88:BC:6E:9E:10:BB:AF:15:0F:01:9B:BF:8A:61:5A:2B:03:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bad1c1-365d-41de-ad7c-ce8fc93adb21/1/R0qIvG6eELuvFQ8Bm7-KYVorA8I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.184.0/21
31.210.240.0/21
46.252.64.0/20
62.149.32.0/19
77.75.232.0/21
78.41.152.0/21
80.79.128.0/20
82.147.0.0/19
85.92.192.0/19
91.135.224.0/20
91.151.208.0/20
91.199.24.0/24
94.247.96.0/21
95.131.216.0/21
109.71.120.0/21
109.239.80.0/20
158.58.160.0/21
185.13.204.0/22
185.28.112.0/22
185.64.160.0/22
185.109.92.0/22
185.119.68.0/22
185.120.152.0/22
185.121.248.0/22
185.122.232.0/22
185.157.224.0/22
195.3.184.0/22
195.72.128.0/22
195.225.216.0/22
195.230.122.0/24
213.133.128.0/19
217.10.128.0/19
217.20.16.0/20
217.61.176.0/20
217.169.32.0/19
IPv6:
2001:67c:42c::/48
2001:1b90::/32
2001:41e8::/32
2a00:9de0::/32
2a01:450::/32
2a02:298::/32
2a02:2458::/32
2a03:14e0::/32
2a03:6a00::/29
2a03:a0c0::/32
2a06:4f80::/29
2a06:9e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
6908
20547
20629
24673
25588
28673
31220
42129
44305
58124
60228
60477
Signature Algorithm: sha256WithRSAEncryption
b0:40:b0:c7:a4:35:f8:08:2b:6d:7a:c7:3c:ec:bc:7d:df:a5:
29:6f:13:3f:39:2a:13:22:32:b5:80:e5:7a:40:bf:9c:fb:45:
c4:d1:44:a5:7d:04:2f:6d:8c:c6:20:a9:d7:77:ae:4e:56:10:
7b:4f:2e:f8:db:72:4a:b7:c1:61:4c:cc:5f:4c:55:cb:60:c6:
29:91:84:aa:10:92:74:32:8d:d4:56:36:69:46:62:df:2f:3d:
42:88:09:c8:b9:b6:5b:dc:0e:eb:92:cf:6c:5f:2a:e6:61:72:
1f:a0:6e:96:a9:5d:b3:b1:24:68:12:f7:3c:e4:fe:1b:0b:fd:
a8:57:a2:c0:7b:c6:b7:7d:8b:f7:08:f2:cd:c9:66:7c:d3:45:
0e:9a:81:9b:18:d5:54:0a:5d:ed:29:4f:66:62:2c:97:a3:c0:
b0:45:ac:c1:63:28:b3:66:86:31:97:a3:8a:89:5a:8b:7e:9e:
c5:30:74:e1:dd:19:a3:db:ae:b5:48:90:48:cd:75:50:c8:21:
01:14:d6:26:30:3a:1a:aa:67:f4:f1:f7:2e:89:93:96:5d:86:
48:a3:13:da:83:cb:8a:f7:61:87:08:64:58:39:00:7d:ee:ba:
9e:f6:2d:8f:8d:ed:aa:6a:be:8c:f9:ca:26:41:46:fe:32:40:
92:94:3c:ee
-----BEGIN CERTIFICATE-----
MIIG9jCCBd6gAwIBAgISAYzDSKYSjl5yymdCGJ3muWdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzRhODhiYzZlOWUxMGJiYWYxNTBmMDE5YmJmOGE2MTVhMmIwM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyRUxl0uBhx1SxvXrzE0CE7KmmHr
GUYfZhZbU33zbj94wjM5Vdaj8QfCXC3a9UhPj2drJfg5FSAmXhfDQeUEdTp6cyL4
Q2ALbtQHO/v3mvxHulQ2yOPyaVSPgwuaw3OF3NaFq4GszHX4t0qFQMZnmB+MVgr2
BBNSFP5J6HHrgm5D5FuPLOjmV5xIwUaR51WSJL5uWR0Jj+b6V3YJP8fzEkaZy2jp
35gcCvDZHP+hE+nHkAw9TjQcZvV9++x525/SHo9pBW7r68tm2zPYPmVEelvthed3
HMgDuEfT46kyQXBzKyLSgQg0aMsutUx6SXPubdREpaU8oEJz6bldUpFQGwIDAQAB
o4IEAjCCA/4wHQYDVR0OBBYEFEdKiLxunhC7rxUPAZu/imFaKwPCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY3L2JhZDFj
MS0zNjVkLTQxZGUtYWQ3Yy1jZThmYzkzYWRiMjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcvYmFkMWMx
LTM2NWQtNDFkZS1hZDdjLWNlOGZjOTNhZGIyMS8xL1IwcUl2RzZlRUx1dkZROEJt
Ny1LWVZvckE4SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBTwYIKwYB
BQUHAQcBAf8EggE+MIIBOjCB2QQCAAEwgdIDBAMFZrgDBAMf0vADBAQu/EADBAU+
lSADBANNS+gDBANOKZgDBARQT4ADBAVSkwADBAVVXMADBARbh+ADBARbl9ADBABb
xxgDBANe92ADBANfg9gDBANtR3gDBARt71ADBAOeOqADBAK5DcwDBAK5HHADBAK5
QKADBAK5bVwDBAK5d0QDBAK5eJgDBAK5efgDBAK5eugDBAK5neADBALDA7gDBALD
SIADBALD4dgDBADD5noDBAXVhYADBAXZCoADBATZFBADBATZPbADBAXZqSAwXAQC
AAIwVgMHACABBnwELAMFACABG5ADBQAgAUHoAwUAKgCd4AMFACoBBFADBQAqAgKY
AwUAKgIkWAMFACoDFOADBQMqA2oAAwUAKgOgwAMFAyoGT4ADBQMqBp6AMEoGCCsG
AQUFBwEIAQH/BDswOaA3MDUCAhr8AgJQQwICUJUCAmBhAgJj9AICcAECAnn0AgMA
pJECAwCtEQIDAOMMAgMA60QCAwDsPTANBgkqhkiG9w0BAQsFAAOCAQEAsECwx6Q1
+AgrbXrHPOy8fd+lKW8TPzkqEyIytYDlekC/nPtFxNFEpX0EL22MxiCp13euTlYQ
e08u+NtySrfBYUzMX0xVy2DGKZGEqhCSdDKN1FY2aUZi3y89QogJyLm2W9wO65LP
bF8q5mFyH6Bulqlds7EkaBL3POT+Gwv9qFeiwHvGt32L9wjyzclmfNNFDpqBmxjV
VApd7SlPZmIsl6PAsEWswWMos2aGMZejiolai36exTB04d0Zo9uutUiQSM11UMgh
ARTWJjA6Gqpn9PH3LomTll2GSKMT2oPLivdhhwhkWDkAfe66nvYtj43tqmq+jPnK
JkFG/jJAkpQ87g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:50:05 2024 by rpki-client on console-ams.rpki-client.org