Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
File: TQreVMJ-b83aziYsT995DzIP7Zw.cer (raw, json)
Hash identifier: UfHfXDSVHWzkn1Kb8jOhdhcPdlGKULw1Jli75xjfp/c=
Subject key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D6497397A10A8FE457D9462564E88C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:21 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 42400
AS: 49788
AS: 57997
AS: 60130
AS: 60717
AS: 61227
AS: 207031
IP: 45.153.104.0/22
IP: 79.141.96.0/20
IP: 91.90.104.0/21
IP: 91.189.120.0/21
IP: 91.193.0.0/22
IP: 91.209.212.0/24
IP: 91.218.184.0/22
IP: 91.221.130.0/23
IP: 91.223.100.0/24
IP: 91.225.60.0/22
IP: 93.184.112.0/21
IP: 151.252.8.0/21
IP: 176.110.116.0/23
IP: 176.111.206.0/23
IP: 185.7.192.0/22
IP: 185.55.104.0/22
IP: 185.56.184.0/22
IP: 185.80.180.0/22
IP: 185.168.72.0/22
IP: 193.202.115.0/24
IP: 2001:67c:230::/48
IP: 2001:67c:1070::/47
IP: 2001:67c:206c::/48
IP: 2a02:5560::/32
IP: 2a02:d140::/29
IP: 2a04:d340::/29
IP: 2a0b:f200::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:49:73:97:a1:0a:8f:e4:57:d9:46:25:64:e8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:48:da:2a:22:a5:e4:11:bd:ef:c2:36:f1:
2d:98:cb:71:4b:b4:94:af:2e:8d:42:66:2a:ce:0c:
ab:19:97:0d:ea:0d:b3:0b:d9:63:28:44:33:a4:eb:
c4:35:eb:9e:d8:af:ca:55:f0:b6:76:e0:ac:d3:de:
1c:55:fc:ca:5c:d4:4b:10:31:31:b2:9a:bf:14:54:
63:79:34:93:11:98:13:b3:77:db:a0:cf:03:eb:93:
2b:fa:8e:97:08:92:7d:60:8a:aa:43:13:da:e0:ff:
1e:dd:b2:c3:8f:de:e4:47:55:59:cf:76:89:6b:b7:
e4:fd:86:d0:3b:24:14:32:3d:6f:a3:56:10:77:5a:
a6:53:cc:a6:ca:33:3e:8b:f3:8d:e4:1b:93:32:ea:
7a:b5:50:3b:30:1a:97:73:12:12:26:89:19:8c:41:
ab:ea:d1:e9:56:f5:1b:80:d8:18:9a:b8:ad:3c:10:
d8:59:b5:85:f8:b7:e0:4f:b7:7b:a1:be:19:a4:01:
d3:e5:be:fb:ef:b5:c8:74:2c:0b:bb:7b:ca:86:6d:
56:a6:4f:a2:fd:0f:8c:fc:04:d8:a1:97:e9:58:52:
f8:a3:2d:68:c3:e8:be:00:d9:29:c5:7a:db:34:04:
01:fc:2e:5c:d9:15:63:1c:86:13:87:1f:99:fd:8e:
a4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.110.116.0/23
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.56.184.0/22
185.80.180.0/22
185.168.72.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:1070::/47
2001:67c:206c::/48
2a02:5560::/32
2a02:d140::/29
2a04:d340::/29
2a0b:f200::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42400
49788
57997
60130
60717
61227
207031
Signature Algorithm: sha256WithRSAEncryption
93:db:02:d9:b0:f7:6f:b6:8b:47:e9:56:7d:ac:42:b8:79:31:
33:b0:f6:24:58:56:9a:cc:f9:cf:4d:3e:ea:43:8d:23:6d:c5:
73:03:ac:5d:37:5b:19:08:d7:5c:01:bd:c0:1d:ce:e4:f0:e0:
f0:ed:ef:b1:ba:6f:c7:64:e5:b9:bb:c6:4f:f8:e6:cc:e9:9e:
a2:97:f4:72:92:d7:85:1f:9a:a2:63:ef:0e:a3:80:a6:a7:83:
a9:cc:0a:55:f6:6d:f5:be:34:3d:ea:ff:0c:7b:47:33:ce:a9:
d1:01:9e:f8:36:ca:77:ad:63:37:1a:a3:99:34:b1:cd:67:a2:
79:03:8a:b2:39:c3:06:d7:dc:76:39:be:f8:bf:6a:00:36:f7:
44:cb:5a:3c:81:91:35:b9:ab:34:f3:f7:b7:ab:51:1a:3a:24:
77:44:c5:39:c8:cf:20:b9:da:02:ee:d9:b5:08:84:55:72:68:
f5:51:98:24:1a:3c:f1:61:79:2a:2e:a4:88:40:51:87:18:79:
b0:fb:2d:4e:3f:cb:ba:72:37:b5:06:c1:71:93:3c:7d:34:c3:
15:32:fb:30:c5:8d:77:4d:fd:fa:4b:be:c6:fe:31:41:a3:3b:
98:d5:b6:22:d5:c6:f4:39:6b:3a:03:9a:57:eb:fb:6d:81:6d:
6b:7c:14:26
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgISAZQg1klzl6EKj+RX2UYlZOiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhZGU1NGMyN2U2ZmNkZGFjZTI2MmM0ZmRmNzkwZjMyMGZlZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+lI2ioipeQRve/CNvEtmMtxS7SU
ry6NQmYqzgyrGZcN6g2zC9ljKEQzpOvENeue2K/KVfC2duCs094cVfzKXNRLEDEx
spq/FFRjeTSTEZgTs3fboM8D65Mr+o6XCJJ9YIqqQxPa4P8e3bLDj97kR1VZz3aJ
a7fk/YbQOyQUMj1vo1YQd1qmU8ymyjM+i/ON5BuTMup6tVA7MBqXcxISJokZjEGr
6tHpVvUbgNgYmritPBDYWbWF+LfgT7d7ob4ZpAHT5b7777XIdCwLu3vKhm1Wpk+i
/Q+M/ATYoZfpWFL4oy1ow+i+ANkpxXrbNAQB/C5c2RVjHIYThx+Z/Y6kSwIDAQAB
o4IDcjCCA24wHQYDVR0OBBYEFE0K3lTCfm/N2s4mLE/feQ8yD+2cMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RkLzhlZmQ4
Yi1lNTE2LTRjNDktOTJjYi04OTI5NmNjYjM1ZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQvOGVmZDhi
LWU1MTYtNGM0OS05MmNiLTg5Mjk2Y2NiMzVmNS8xL1RRcmVWTUotYjgzYXppWXNU
OTk1RHpJUDdady5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHSBggrBgEF
BQcBBwEB/wSBwjCBvzB+BAIAATB4AwQCLZloAwQET41gAwQDW1poAwQDW714AwQC
W8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99kAwQCW+E8AwQDXbhwAwQDl/wIAwQB
sG50AwQBsG/OAwQCuQfAAwQCuTdoAwQCuTi4AwQCuVC0AwQCuahIAwQAwcpzMD0E
AgACMDcDBwAgAQZ8AjADBwEgAQZ8EHADBwAgAQZ8IGwDBQAqAlVgAwUDKgLRQAMF
AyoE00ADBQAqC/IAMDgGCCsGAQUFBwEIAQH/BCkwJ6AlMCMCAwCloAIDAMJ8AgMA
4o0CAwDq4gIDAO0tAgMA7ysCAwMotzANBgkqhkiG9w0BAQsFAAOCAQEAk9sC2bD3
b7aLR+lWfaxCuHkxM7D2JFhWmsz5z00+6kONI23FcwOsXTdbGQjXXAG9wB3O5PDg
8O3vsbpvx2TlubvGT/jmzOmeopf0cpLXhR+aomPvDqOApqeDqcwKVfZt9b40Per/
DHtHM86p0QGe+DbKd61jNxqjmTSxzWeieQOKsjnDBtfcdjm++L9qADb3RMtaPIGR
NbmrNPP3t6tRGjokd0TFOcjPILnaAu7ZtQiEVXJo9VGYJBo88WF5Ki6kiEBRhxh5
sPstTj/LunI3tQbBcZM8fTTDFTL7MMWNd039+ku+xv4xQaM7mNW2ItXG9DlrOgOa
V+v7bYFta3wUJg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:46 2025 by rpki-client