Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
File: W1JjSi6wP4VlteM9wrn0kEH3z7A.cer (raw, json)
Hash identifier: gtKIOoegZWQ/Fb4zTc4MkqSB6uTb83MeISLUyEEJDr0=
Subject key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019498BC7BC16F0ECEEC7E53DA6BBCB4CC61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 24 Jan 2025 14:34:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41689
AS: 43754
AS: 51433
AS: 203000
AS: 211421
IP: 5.134.192.0/21
IP: 31.7.64.0/20
IP: 31.25.128.0/21
IP: 37.156.8.0/21
IP: 37.156.144.0/22
IP: 46.143.0.0/17
IP: 46.245.64.0/18
IP: 77.238.104.0/21
IP: 77.238.120.0/22
IP: 78.110.112.0/21
IP: 78.110.124.0/22
IP: 79.127.0.0/17
IP: 85.198.8.0 -- 85.198.23.255
IP: 85.198.28.0/22
IP: 86.57.0.0/17
IP: 89.41.40.0/22
IP: 89.235.96.0/22
IP: 93.115.144.0/21
IP: 93.118.180.0/22
IP: 109.122.224.0/20
IP: 128.65.176.0/20
IP: 176.65.240.0/22
IP: 176.65.252.0/22
IP: 178.22.120.0/21
IP: 178.216.248.0/22
IP: 185.49.84.0/22
IP: 185.79.96.0/22
IP: 185.98.112.0/22
IP: 185.99.212.0/22
IP: 185.109.244.0 -- 185.109.251.255
IP: 185.112.32.0/21
IP: 185.120.220.0/22
IP: 185.120.248.0/22
IP: 185.129.116.0/22
IP: 185.141.168.0/22
IP: 185.141.212.0/22
IP: 185.147.160.0/22
IP: 188.0.240.0/23
IP: 193.151.128.0/19
IP: 212.33.192.0/20
IP: 2a05:1a00::/26
IP: 2a05:4c80::/29
IP: 2a06:5480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:98:bc:7b:c1:6f:0e:ce:ec:7e:53:da:6b:bc:b4:cc:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 24 14:34:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:20:85:7c:47:b0:ba:5c:de:5d:05:8a:c5:0a:
ca:6f:f3:85:d2:da:b9:d1:31:d4:e3:44:64:e7:2d:
77:17:61:c1:59:49:72:2e:16:79:89:58:8f:9e:73:
13:49:b0:34:53:0c:f4:bc:52:fd:f1:6b:3b:99:f2:
b2:1e:87:95:38:5a:ab:06:8f:a7:37:36:07:d9:2f:
50:3b:e7:a8:4c:7c:ab:26:30:fe:be:98:60:a8:9b:
b2:39:ad:2a:b2:ad:f8:b4:5e:1e:4a:8f:b6:e0:a1:
ea:19:a7:7a:8f:81:66:63:63:29:8a:79:a1:45:e5:
51:e5:a2:50:e0:a9:06:91:b3:a7:c7:9e:98:e8:e7:
da:5b:6f:e4:3f:9f:8f:ab:d2:4a:b1:ba:8b:1c:6c:
61:f4:d9:72:e3:bd:a1:63:07:32:90:08:dd:fc:dd:
27:98:b1:48:1a:ab:8f:79:e1:48:12:e0:69:71:f2:
7a:e1:ab:b0:f9:1f:99:df:5e:19:6c:1f:29:58:e0:
e2:77:60:2e:39:fa:2a:c8:e0:ec:89:80:1b:51:5e:
01:28:7c:4f:6c:b4:c1:79:30:44:0d:c3:6b:79:3c:
be:47:f6:f7:7e:a4:24:69:d8:9e:f5:ea:d4:05:3c:
3c:3d:32:43:27:50:93:52:72:16:57:f0:19:53:c1:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
78.110.112.0/21
78.110.124.0/22
79.127.0.0/17
85.198.8.0-85.198.23.255
85.198.28.0/22
86.57.0.0/17
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.79.96.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.129.116.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
188.0.240.0/23
193.151.128.0/19
212.33.192.0/20
IPv6:
2a05:1a00::/26
2a05:4c80::/29
2a06:5480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41689
43754
51433
203000
211421
Signature Algorithm: sha256WithRSAEncryption
70:e0:42:42:2c:cc:5c:c3:97:17:41:61:75:8d:76:2a:41:69:
a7:9f:40:30:41:c7:77:92:db:1f:5c:e4:a2:a2:9e:29:89:ed:
78:e0:8b:36:08:38:fb:04:f2:26:2e:66:94:43:a0:0e:64:33:
35:9b:58:71:52:90:f5:3b:1a:13:03:16:1b:5c:51:e4:07:30:
00:c4:1c:5c:9c:fe:30:98:1a:bf:c3:94:e7:18:6c:99:9d:7a:
89:44:db:f3:c9:60:1e:10:97:04:e4:79:c3:7e:fc:f3:c3:73:
04:17:66:8a:24:0d:05:90:3e:eb:b3:36:14:f7:8b:f5:f5:19:
f8:b6:20:85:4c:14:2d:71:37:e3:3a:c0:bb:be:99:1f:67:2d:
8c:ae:82:98:2d:23:b0:4b:4e:48:d2:cb:45:00:eb:75:db:63:
84:26:88:15:38:2b:b0:0f:30:ba:33:22:98:e2:3b:db:96:01:
16:11:4e:35:3f:26:23:0f:d0:6b:58:c5:8f:9f:20:23:23:e8:
6a:f8:9f:cb:7b:c9:c3:a1:c5:f8:28:3c:d9:42:02:fa:ed:67:
4b:9b:73:4e:dd:98:18:ed:3d:dc:19:1c:c1:b1:a8:06:5d:3b:
87:82:f4:ac:77:f4:0d:08:fb:ca:02:17:b3:81:72:09:7e:84:
53:0c:9a:69
-----BEGIN CERTIFICATE-----
MIIGyTCCBbGgAwIBAgISAZSYvHvBbw7O7H5T2mu8tMxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTI0MTQzNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iCFfEewulzeXQWKxQrKb/OF0tq5
0THU40Rk5y13F2HBWUlyLhZ5iViPnnMTSbA0Uwz0vFL98Ws7mfKyHoeVOFqrBo+n
NzYH2S9QO+eoTHyrJjD+vphgqJuyOa0qsq34tF4eSo+24KHqGad6j4FmY2Mpinmh
ReVR5aJQ4KkGkbOnx56Y6OfaW2/kP5+Pq9JKsbqLHGxh9Nly472hYwcykAjd/N0n
mLFIGquPeeFIEuBpcfJ64auw+R+Z314ZbB8pWODid2AuOfoqyODsiYAbUV4BKHxP
bLTBeTBEDcNreTy+R/b3fqQkadie9erUBTw8PTJDJ1CTUnIWV/AZU8EdQQIDAQAB
o4ID1TCCA9EwHQYDVR0OBBYEFFtSY0ousD+FZbXjPcK59JBB98+wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzdhNWI0
NC02YjE4LTQyZDMtYThkNS1kYzY1NTRmZDEyMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvN2E1YjQ0
LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRWbHRlTTl3
cm4wa0VIM3o3QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBPgYIKwYB
BQUHAQcBAf8EggEtMIIBKTCCAQgEAgABMIIBAAMEAwWGwAMEBB8HQAMEAx8ZgAME
AyWcCAMEAiWckAMEBy6PAAMEBi71QAMEA03uaAMEAk3ueAMEA05ucAMEAk5ufAME
B09/ADAMAwQDVcYIAwQDVcYQAwQCVcYcAwQHVjkAAwQCWSkoAwQCWetgAwQDXXOQ
AwQCXXa0AwQEbXrgAwQEgEGwAwQCsEHwAwQCsEH8AwQDshZ4AwQCstj4AwQCuTFU
AwQCuU9gAwQCuWJwAwQCuWPUMAwDBAK5bfQDBAK5bfgDBAO5cCADBAK5eNwDBAK5
ePgDBAK5gXQDBAK5jagDBAK5jdQDBAK5k6ADBAG8APADBAXBl4ADBATUIcAwGwQC
AAIwFQMFBioFGgADBQMqBUyAAwUDKgZUgDAuBggrBgEFBQcBCAEB/wQfMB2gGzAZ
AgMAotkCAwCq6gIDAMjpAgMDGPgCAwM53TANBgkqhkiG9w0BAQsFAAOCAQEAcOBC
QizMXMOXF0FhdY12KkFpp59AMEHHd5LbH1zkoqKeKYnteOCLNgg4+wTyJi5mlEOg
DmQzNZtYcVKQ9TsaEwMWG1xR5AcwAMQcXJz+MJgav8OU5xhsmZ16iUTb88lgHhCX
BOR5w37888NzBBdmiiQNBZA+67M2FPeL9fUZ+LYghUwULXE34zrAu76ZH2ctjK6C
mC0jsEtOSNLLRQDrddtjhCaIFTgrsA8wujMimOI725YBFhFONT8mIw/Qa1jFj58g
IyPoavify3vJw6HF+Cg82UIC+u1nS5tzTt2YGO093BkcwbGoBl07h4L0rHf0DQj7
ygIXs4FyCX6EUwyaaQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:34 2025 by rpki-client