Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
File: TQreVMJ-b83aziYsT995DzIP7Zw.cer (raw, json)
Hash identifier: bK7QJVGT5Ly6WijjmgzanUnLASVSM9ebfLxDkigCZjw=
Subject key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC348BD801DDADB2928E8DB9B4400A02D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 42400
AS: 49788
AS: 57997
AS: 60130
AS: 60717
AS: 61227
IP: 45.153.104.0/22
IP: 79.141.96.0/20
IP: 91.90.104.0/21
IP: 91.189.120.0/21
IP: 91.193.0.0/22
IP: 91.209.212.0/24
IP: 91.218.184.0/22
IP: 91.221.130.0/23
IP: 91.223.100.0/24
IP: 91.225.60.0/22
IP: 93.184.112.0/21
IP: 151.252.8.0/21
IP: 176.110.116.0/23
IP: 176.111.206.0/23
IP: 185.7.192.0/22
IP: 185.55.104.0/22
IP: 185.56.184.0/22
IP: 185.80.180.0/22
IP: 193.202.115.0/24
IP: 2001:67c:230::/48
IP: 2001:67c:1070::/47
IP: 2001:67c:206c::/48
IP: 2a02:5560::/32
IP: 2a02:d140::/29
IP: 2a04:d340::/29
IP: 2a04:dc80::/29
IP: 2a0f:7900::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bd:80:1d:da:db:29:28:e8:db:9b:44:00:a0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e9:48:da:2a:22:a5:e4:11:bd:ef:c2:36:f1:
2d:98:cb:71:4b:b4:94:af:2e:8d:42:66:2a:ce:0c:
ab:19:97:0d:ea:0d:b3:0b:d9:63:28:44:33:a4:eb:
c4:35:eb:9e:d8:af:ca:55:f0:b6:76:e0:ac:d3:de:
1c:55:fc:ca:5c:d4:4b:10:31:31:b2:9a:bf:14:54:
63:79:34:93:11:98:13:b3:77:db:a0:cf:03:eb:93:
2b:fa:8e:97:08:92:7d:60:8a:aa:43:13:da:e0:ff:
1e:dd:b2:c3:8f:de:e4:47:55:59:cf:76:89:6b:b7:
e4:fd:86:d0:3b:24:14:32:3d:6f:a3:56:10:77:5a:
a6:53:cc:a6:ca:33:3e:8b:f3:8d:e4:1b:93:32:ea:
7a:b5:50:3b:30:1a:97:73:12:12:26:89:19:8c:41:
ab:ea:d1:e9:56:f5:1b:80:d8:18:9a:b8:ad:3c:10:
d8:59:b5:85:f8:b7:e0:4f:b7:7b:a1:be:19:a4:01:
d3:e5:be:fb:ef:b5:c8:74:2c:0b:bb:7b:ca:86:6d:
56:a6:4f:a2:fd:0f:8c:fc:04:d8:a1:97:e9:58:52:
f8:a3:2d:68:c3:e8:be:00:d9:29:c5:7a:db:34:04:
01:fc:2e:5c:d9:15:63:1c:86:13:87:1f:99:fd:8e:
a4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
79.141.96.0/20
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
93.184.112.0/21
151.252.8.0/21
176.110.116.0/23
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.56.184.0/22
185.80.180.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:1070::/47
2001:67c:206c::/48
2a02:5560::/32
2a02:d140::/29
2a04:d340::/29
2a04:dc80::/29
2a0f:7900::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42400
49788
57997
60130
60717
61227
Signature Algorithm: sha256WithRSAEncryption
29:48:ca:18:1d:80:dc:75:71:45:f4:17:33:27:96:48:1e:75:
7f:45:4e:58:ee:29:51:3e:8e:b3:d9:55:10:6c:1a:c4:09:21:
d8:e2:6d:16:c1:ed:cc:0d:95:4d:16:83:32:3f:24:73:78:3b:
6a:7d:a8:17:af:0a:a3:75:5c:81:7c:03:d7:9d:cb:ab:9d:6a:
27:0e:05:4e:68:d1:6a:d8:36:21:c0:b3:3d:71:5a:40:e9:4e:
29:57:70:83:6f:20:e4:46:9d:79:18:00:f4:b3:d6:46:a3:42:
f3:e9:e2:f5:bf:8a:c4:7c:35:5c:e5:93:7b:31:3a:df:4e:c9:
53:d1:83:04:2e:92:86:c5:53:19:f6:16:3c:1e:64:66:79:07:
bc:9e:10:aa:0c:61:5f:0b:31:99:43:fb:e3:99:76:b7:10:9c:
9e:3d:13:6f:fd:bb:f6:72:f0:c8:b3:7e:66:3b:5d:48:9b:a4:
47:8c:49:e8:f6:e6:80:15:ca:34:d8:17:14:a4:26:05:26:39:
45:c9:58:64:71:f5:95:25:8b:f6:0f:84:f5:52:05:1c:f7:f2:
40:7b:45:ec:ee:e1:6d:48:a5:1f:95:16:d0:58:5e:63:65:1e:
91:a0:c7:1f:1c:a5:e4:2f:f8:e6:bf:25:d8:79:51:78:e3:3a:
5a:2c:ad:57
-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgISAYzDSL2AHdrbKSjo25tEAKAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhZGU1NGMyN2U2ZmNkZGFjZTI2MmM0ZmRmNzkwZjMyMGZlZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+lI2ioipeQRve/CNvEtmMtxS7SU
ry6NQmYqzgyrGZcN6g2zC9ljKEQzpOvENeue2K/KVfC2duCs094cVfzKXNRLEDEx
spq/FFRjeTSTEZgTs3fboM8D65Mr+o6XCJJ9YIqqQxPa4P8e3bLDj97kR1VZz3aJ
a7fk/YbQOyQUMj1vo1YQd1qmU8ymyjM+i/ON5BuTMup6tVA7MBqXcxISJokZjEGr
6tHpVvUbgNgYmritPBDYWbWF+LfgT7d7ob4ZpAHT5b7777XIdCwLu3vKhm1Wpk+i
/Q+M/ATYoZfpWFL4oy1ow+i+ANkpxXrbNAQB/C5c2RVjHIYThx+Z/Y6kSwIDAQAB
o4IDbjCCA2owHQYDVR0OBBYEFE0K3lTCfm/N2s4mLE/feQ8yD+2cMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RkLzhlZmQ4
Yi1lNTE2LTRjNDktOTJjYi04OTI5NmNjYjM1ZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQvOGVmZDhi
LWU1MTYtNGM0OS05MmNiLTg5Mjk2Y2NiMzVmNS8xL1RRcmVWTUotYjgzYXppWXNU
OTk1RHpJUDdady5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHTBggrBgEF
BQcBBwEB/wSBwzCBwDB4BAIAATByAwQCLZloAwQET41gAwQDW1poAwQDW714AwQC
W8EAAwQAW9HUAwQCW9q4AwQBW92CAwQAW99kAwQCW+E8AwQDXbhwAwQDl/wIAwQB
sG50AwQBsG/OAwQCuQfAAwQCuTdoAwQCuTi4AwQCuVC0AwQAwcpzMEQEAgACMD4D
BwAgAQZ8AjADBwEgAQZ8EHADBwAgAQZ8IGwDBQAqAlVgAwUDKgLRQAMFAyoE00AD
BQMqBNyAAwUDKg95ADAzBggrBgEFBQcBCAEB/wQkMCKgIDAeAgMApaACAwDCfAID
AOKNAgMA6uICAwDtLQIDAO8rMA0GCSqGSIb3DQEBCwUAA4IBAQApSMoYHYDcdXFF
9BczJ5ZIHnV/RU5Y7ilRPo6z2VUQbBrECSHY4m0Wwe3MDZVNFoMyPyRzeDtqfagX
rwqjdVyBfAPXncurnWonDgVOaNFq2DYhwLM9cVpA6U4pV3CDbyDkRp15GAD0s9ZG
o0Lz6eL1v4rEfDVc5ZN7MTrfTslT0YMELpKGxVMZ9hY8HmRmeQe8nhCqDGFfCzGZ
Q/vjmXa3EJyePRNv/bv2cvDIs35mO11Im6RHjEno9uaAFco02BcUpCYFJjlFyVhk
cfWVJYv2D4T1UgUc9/JAe0Xs7uFtSKUflRbQWF5jZR6RoMcfHKXkL/jmvyXYeVF4
4zpaLK1X
-----END CERTIFICATE-----
Generated at Fri May 3 07:01:35 2024 by rpki-client on console-ams.rpki-client.org