Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
File: TQreVMJ-b83aziYsT995DzIP7Zw.cer (raw, json)
Hash identifier: +AQcngD12HHNN14DB/cYzz2+Iix+Oe2AyhK/r41mSbY=
Subject key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196C4E7B73AD38483F85F50F63EE66278EA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 12 May 2025 14:30:42 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 42400
AS: 49788
AS: 57997
AS: 60130
AS: 60717
AS: 61227
AS: 207031
IP: 45.153.104.0/22
IP: 79.141.96.0/20
IP: 91.90.104.0/21
IP: 91.189.120.0/21
IP: 91.193.0.0/22
IP: 91.209.212.0/24
IP: 91.218.184.0/22
IP: 91.220.165.0/24
IP: 91.221.130.0/23
IP: 91.223.100.0/24
IP: 91.225.60.0/22
IP: 93.184.112.0/21
IP: 151.252.8.0/21
IP: 176.110.116.0/23
IP: 176.111.206.0/23
IP: 185.7.192.0/22
IP: 185.55.104.0/22
IP: 185.56.184.0/22
IP: 185.80.180.0/22
IP: 185.168.72.0/22
IP: 193.202.115.0/24
IP: 2001:67c:230::/48
IP: 2001:67c:1070::/47
IP: 2001:67c:206c::/48
IP: 2a02:5560::/32
IP: 2a02:d140::/29
IP: 2a04:d340::/29
IP: 2a0b:f200::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:e7:b7:3a:d3:84:83:f8:5f:50:f6:3e:e6:62:78:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 12 14:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:48:da:2a:22:a5:e4:11:bd:ef:c2:36:f1:
2d:98:cb:71:4b:b4:94:af:2e:8d:42:66:2a:ce:0c:
ab:19:97:0d:ea:0d:b3:0b:d9:63:28:44:33:a4:eb:
c4:35:eb:9e:d8:af:ca:55:f0:b6:76:e0:ac:d3:de:
1c:55:fc:ca:5c:d4:4b:10:31:31:b2:9a:bf:14:54:
63:79:34:93:11:98:13:b3:77:db:a0:cf:03:eb:93:
2b:fa:8e:97:08:92:7d:60:8a:aa:43:13:da:e0:ff:
1e:dd:b2:c3:8f:de:e4:47:55:59:cf:76:89:6b:b7:
e4:fd:86:d0:3b:24:14:32:3d:6f:a3:56:10:77:5a:
a6:53:cc:a6:ca:33:3e:8b:f3:8d:e4:1b:93:32:ea:
7a:b5:50:3b:30:1a:97:73:12:12:26:89:19:8c:41:
ab:ea:d1:e9:56:f5:1b:80:d8:18:9a:b8:ad:3c:10:
d8:59:b5:85:f8:b7:e0:4f:b7:7b:a1:be:19:a4:01:
d3:e5:be:fb:ef:b5:c8:74:2c:0b:bb:7b:ca:86:6d:
56:a6:4f:a2:fd:0f:8c:fc:04:d8:a1:97:e9:58:52:
f8:a3:2d:68:c3:e8:be:00:d9:29:c5:7a:db:34:04:
01:fc:2e:5c:d9:15:63:1c:86:13:87:1f:99:fd:8e:
a4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.220.165.0/24
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.110.116.0/23
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.56.184.0/22
185.80.180.0/22
185.168.72.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:1070::/47
2001:67c:206c::/48
2a02:5560::/32
2a02:d140::/29
2a04:d340::/29
2a0b:f200::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42400
49788
57997
60130
60717
61227
207031
Signature Algorithm: sha256WithRSAEncryption
55:3d:f4:48:77:42:01:e9:75:a0:e7:7c:0f:cd:f2:6e:69:f9:
43:25:b4:f9:fd:b3:a6:a9:9f:21:b5:92:bb:91:79:51:25:2c:
71:ab:2c:45:00:91:04:e9:b0:35:ae:87:f9:e7:99:7f:61:aa:
da:40:69:d3:29:d2:31:4c:5a:a8:dd:ec:d3:b2:5f:ba:e4:68:
db:e1:7d:6a:3e:3f:67:f4:8d:1d:75:38:f0:7c:32:4b:87:da:
80:c5:ed:af:ec:4d:74:9b:cc:d8:6f:1a:97:47:74:d9:68:0d:
b8:5a:1b:90:0f:d2:d6:66:a5:b5:08:f8:e3:d6:81:42:40:ac:
a6:a7:1a:18:ae:e6:9f:23:17:ae:da:32:d4:34:aa:34:26:4d:
01:37:aa:40:4f:8a:f4:17:dd:d6:6f:93:3e:db:a4:53:b2:96:
33:18:d5:2c:b1:e6:a5:39:dc:cf:43:fc:1a:d4:9d:b4:9e:8e:
20:84:1e:33:d4:b7:e7:f0:af:2b:9e:4b:99:9f:e2:8f:ec:f4:
84:fc:96:22:88:2e:c3:f3:3e:b6:6b:55:3e:62:98:5d:c2:dc:
36:a0:eb:ab:c8:c3:ae:29:a8:d2:42:05:69:44:b5:da:81:10:
3e:7b:29:ac:31:dc:3c:c0:b6:32:c5:84:08:43:e2:30:ec:c4:
9b:c6:99:09
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAZbE57c604SD+F9Q9j7mYnjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTEyMTQzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhZGU1NGMyN2U2ZmNkZGFjZTI2MmM0ZmRmNzkwZjMyMGZlZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+lI2ioipeQRve/CNvEtmMtxS7SU
ry6NQmYqzgyrGZcN6g2zC9ljKEQzpOvENeue2K/KVfC2duCs094cVfzKXNRLEDEx
spq/FFRjeTSTEZgTs3fboM8D65Mr+o6XCJJ9YIqqQxPa4P8e3bLDj97kR1VZz3aJ
a7fk/YbQOyQUMj1vo1YQd1qmU8ymyjM+i/ON5BuTMup6tVA7MBqXcxISJokZjEGr
6tHpVvUbgNgYmritPBDYWbWF+LfgT7d7ob4ZpAHT5b7777XIdCwLu3vKhm1Wpk+i
/Q+M/ATYoZfpWFL4oy1ow+i+ANkpxXrbNAQB/C5c2RVjHIYThx+Z/Y6kSwIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFE0K3lTCfm/N2s4mLE/feQ8yD+2cMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RkLzhlZmQ4
Yi1lNTE2LTRjNDktOTJjYi04OTI5NmNjYjM1ZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQvOGVmZDhi
LWU1MTYtNGM0OS05MmNiLTg5Mjk2Y2NiMzVmNS8xL1RRcmVWTUotYjgzYXppWXNU
OTk1RHpJUDdady5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHZBggrBgEF
BQcBBwEB/wSByTCBxjCBhAQCAAEwfgMEAi2ZaAMEBE+NYAMEA1taaAMEA1u9eAME
AlvBAAMEAFvR1AMEAlvauAMEAFvcpQMEAVvdggMEAFvfZAMEAlvhPAMEA124cAME
A5f8CAMEAbBudAMEAbBvzgMEArkHwAMEArk3aAMEArk4uAMEArlQtAMEArmoSAME
AMHKczA9BAIAAjA3AwcAIAEGfAIwAwcBIAEGfBBwAwcAIAEGfCBsAwUAKgJVYAMF
AyoC0UADBQMqBNNAAwUAKgvyADA4BggrBgEFBQcBCAEB/wQpMCegJTAjAgMApaAC
AwDCfAIDAOKNAgMA6uICAwDtLQIDAO8rAgMDKLcwDQYJKoZIhvcNAQELBQADggEB
AFU99Eh3QgHpdaDnfA/N8m5p+UMltPn9s6apnyG1kruReVElLHGrLEUAkQTpsDWu
h/nnmX9hqtpAadMp0jFMWqjd7NOyX7rkaNvhfWo+P2f0jR11OPB8MkuH2oDF7a/s
TXSbzNhvGpdHdNloDbhaG5AP0tZmpbUI+OPWgUJArKanGhiu5p8jF67aMtQ0qjQm
TQE3qkBPivQX3dZvkz7bpFOyljMY1Syx5qU53M9D/BrUnbSejiCEHjPUt+fwryue
S5mf4o/s9IT8liKILsPzPrZrVT5imF3C3Dag66vIw64pqNJCBWlEtdqBED57Kawx
3DzAtjLFhAhD4jDsxJvGmQk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 00:52:30 2025 by rpki-client