Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
File: W1JjSi6wP4VlteM9wrn0kEH3z7A.cer (raw, json)
Hash identifier: 7XJqhw2PNrZVWXB0E7NIUbOHESp6F9GMdoofaJMocKs=
Subject key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2B4CA9F1FC696D0EC486674A52A85C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:34:44 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 41689
AS: 43754
AS: 51433
AS: 203000
AS: 211421
IP: 5.134.192.0/21
IP: 31.7.64.0/20
IP: 31.25.128.0/21
IP: 37.156.8.0/21
IP: 37.156.144.0/22
IP: 46.143.0.0/17
IP: 46.245.64.0/18
IP: 77.238.104.0/21
IP: 77.238.120.0/22
IP: 78.110.112.0/21
IP: 78.110.124.0/22
IP: 79.127.0.0/17
IP: 85.198.8.0 -- 85.198.23.255
IP: 85.198.28.0/22
IP: 89.41.40.0/22
IP: 89.235.96.0/22
IP: 93.115.144.0/21
IP: 93.118.180.0/22
IP: 109.122.224.0/20
IP: 128.65.176.0/20
IP: 176.65.240.0/22
IP: 176.65.252.0/22
IP: 178.22.120.0/21
IP: 178.216.248.0/22
IP: 185.49.84.0/22
IP: 185.79.96.0/22
IP: 185.98.112.0/22
IP: 185.99.212.0/22
IP: 185.109.244.0 -- 185.109.251.255
IP: 185.112.32.0/21
IP: 185.120.220.0/22
IP: 185.120.248.0/22
IP: 185.129.116.0/22
IP: 185.141.168.0/22
IP: 185.141.212.0/22
IP: 185.147.160.0/22
IP: 188.0.240.0/23
IP: 193.151.128.0/19
IP: 212.33.192.0/20
IP: 2a05:1a00::/26
IP: 2a05:4c80::/29
IP: 2a06:5480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4c:a9:f1:fc:69:6d:0e:c4:86:67:4a:52:a8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:20:85:7c:47:b0:ba:5c:de:5d:05:8a:c5:0a:
ca:6f:f3:85:d2:da:b9:d1:31:d4:e3:44:64:e7:2d:
77:17:61:c1:59:49:72:2e:16:79:89:58:8f:9e:73:
13:49:b0:34:53:0c:f4:bc:52:fd:f1:6b:3b:99:f2:
b2:1e:87:95:38:5a:ab:06:8f:a7:37:36:07:d9:2f:
50:3b:e7:a8:4c:7c:ab:26:30:fe:be:98:60:a8:9b:
b2:39:ad:2a:b2:ad:f8:b4:5e:1e:4a:8f:b6:e0:a1:
ea:19:a7:7a:8f:81:66:63:63:29:8a:79:a1:45:e5:
51:e5:a2:50:e0:a9:06:91:b3:a7:c7:9e:98:e8:e7:
da:5b:6f:e4:3f:9f:8f:ab:d2:4a:b1:ba:8b:1c:6c:
61:f4:d9:72:e3:bd:a1:63:07:32:90:08:dd:fc:dd:
27:98:b1:48:1a:ab:8f:79:e1:48:12:e0:69:71:f2:
7a:e1:ab:b0:f9:1f:99:df:5e:19:6c:1f:29:58:e0:
e2:77:60:2e:39:fa:2a:c8:e0:ec:89:80:1b:51:5e:
01:28:7c:4f:6c:b4:c1:79:30:44:0d:c3:6b:79:3c:
be:47:f6:f7:7e:a4:24:69:d8:9e:f5:ea:d4:05:3c:
3c:3d:32:43:27:50:93:52:72:16:57:f0:19:53:c1:
1d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.192.0/21
31.7.64.0/20
31.25.128.0/21
37.156.8.0/21
37.156.144.0/22
46.143.0.0/17
46.245.64.0/18
77.238.104.0/21
77.238.120.0/22
78.110.112.0/21
78.110.124.0/22
79.127.0.0/17
85.198.8.0-85.198.23.255
85.198.28.0/22
89.41.40.0/22
89.235.96.0/22
93.115.144.0/21
93.118.180.0/22
109.122.224.0/20
128.65.176.0/20
176.65.240.0/22
176.65.252.0/22
178.22.120.0/21
178.216.248.0/22
185.49.84.0/22
185.79.96.0/22
185.98.112.0/22
185.99.212.0/22
185.109.244.0-185.109.251.255
185.112.32.0/21
185.120.220.0/22
185.120.248.0/22
185.129.116.0/22
185.141.168.0/22
185.141.212.0/22
185.147.160.0/22
188.0.240.0/23
193.151.128.0/19
212.33.192.0/20
IPv6:
2a05:1a00::/26
2a05:4c80::/29
2a06:5480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41689
43754
51433
203000
211421
Signature Algorithm: sha256WithRSAEncryption
69:b6:ee:dd:3f:f1:39:8a:79:e8:3f:6d:4f:76:25:9c:52:af:
71:38:42:ea:0f:0d:28:ef:f3:6c:dd:73:74:d8:70:eb:6e:22:
af:7e:68:11:88:a0:9e:77:f1:1a:6e:ee:a7:8a:08:4c:38:0a:
99:b6:3a:da:a2:0c:3b:5c:27:01:54:54:ff:eb:69:24:f2:f3:
18:94:9e:e7:75:9d:52:ea:cf:98:d0:e9:5b:ba:b0:98:ee:61:
e6:1e:65:40:2a:ba:6c:3e:51:aa:fb:d9:f4:aa:78:78:b2:5c:
e4:1f:8f:07:69:be:cd:8c:71:9b:cb:c8:b5:90:1e:af:f7:f6:
79:eb:4d:90:23:c0:ed:09:68:b5:a7:9e:b4:0f:47:fa:92:63:
c1:13:46:ad:c9:a6:50:05:4f:6b:68:04:ab:28:63:cc:fe:67:
97:09:4a:42:cd:ae:c0:eb:19:f2:97:97:2f:f8:8a:4b:08:b9:
f7:89:0f:d3:82:2b:c5:20:42:b9:f7:07:99:db:d2:5d:d9:b8:
f5:dc:df:1f:a6:b1:9b:43:ec:85:22:64:33:a4:a0:30:04:63:
d1:57:da:29:8e:c9:3c:90:00:f3:12:a4:9f:24:fa:50:11:3e:
26:12:40:c8:14:6b:05:b4:6a:98:61:8a:bf:68:01:0a:08:11:
c6:ca:fd:df
-----BEGIN CERTIFICATE-----
MIIGwjCCBaqgAwIBAgISAYzKK0yp8fxpbQ7EhmdKUqhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUyNjM0YTJlYjAzZjg1NjViNWUzM2RjMmI5ZjQ5MDQxZjdjZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iCFfEewulzeXQWKxQrKb/OF0tq5
0THU40Rk5y13F2HBWUlyLhZ5iViPnnMTSbA0Uwz0vFL98Ws7mfKyHoeVOFqrBo+n
NzYH2S9QO+eoTHyrJjD+vphgqJuyOa0qsq34tF4eSo+24KHqGad6j4FmY2Mpinmh
ReVR5aJQ4KkGkbOnx56Y6OfaW2/kP5+Pq9JKsbqLHGxh9Nly472hYwcykAjd/N0n
mLFIGquPeeFIEuBpcfJ64auw+R+Z314ZbB8pWODid2AuOfoqyODsiYAbUV4BKHxP
bLTBeTBEDcNreTy+R/b3fqQkadie9erUBTw8PTJDJ1CTUnIWV/AZU8EdQQIDAQAB
o4IDzjCCA8owHQYDVR0OBBYEFFtSY0ousD+FZbXjPcK59JBB98+wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzdhNWI0
NC02YjE4LTQyZDMtYThkNS1kYzY1NTRmZDEyMzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvN2E1YjQ0
LTZiMTgtNDJkMy1hOGQ1LWRjNjU1NGZkMTIzNS8xL1cxSmpTaTZ3UDRWbHRlTTl3
cm4wa0VIM3o3QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBNwYIKwYB
BQUHAQcBAf8EggEmMIIBIjCCAQEEAgABMIH6AwQDBYbAAwQEHwdAAwQDHxmAAwQD
JZwIAwQCJZyQAwQHLo8AAwQGLvVAAwQDTe5oAwQCTe54AwQDTm5wAwQCTm58AwQH
T38AMAwDBANVxggDBANVxhADBAJVxhwDBAJZKSgDBAJZ62ADBANdc5ADBAJddrQD
BARteuADBASAQbADBAKwQfADBAKwQfwDBAOyFngDBAKy2PgDBAK5MVQDBAK5T2AD
BAK5YnADBAK5Y9QwDAMEArlt9AMEArlt+AMEA7lwIAMEArl43AMEArl4+AMEArmB
dAMEArmNqAMEArmN1AMEArmToAMEAbwA8AMEBcGXgAMEBNQhwDAbBAIAAjAVAwUG
KgUaAAMFAyoFTIADBQMqBlSAMC4GCCsGAQUFBwEIAQH/BB8wHaAbMBkCAwCi2QID
AKrqAgMAyOkCAwMY+AIDAzndMA0GCSqGSIb3DQEBCwUAA4IBAQBptu7dP/E5inno
P21PdiWcUq9xOELqDw0o7/Ns3XN02HDrbiKvfmgRiKCed/Eabu6nighMOAqZtjra
ogw7XCcBVFT/62kk8vMYlJ7ndZ1S6s+Y0OlburCY7mHmHmVAKrpsPlGq+9n0qnh4
slzkH48Hab7NjHGby8i1kB6v9/Z5602QI8DtCWi1p560D0f6kmPBE0atyaZQBU9r
aASrKGPM/meXCUpCza7A6xnyl5cv+IpLCLn3iQ/TgivFIEK59weZ29Jd2bj13N8f
prGbQ+yFImQzpKAwBGPRV9opjsk8kADzEqSfJPpQET4mEkDIFGsFtGqYYYq/aAEK
CBHGyv3f
-----END CERTIFICATE-----
Generated at Fri May 3 10:19:04 2024 by rpki-client on console-fra.rpki-client.org