Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
File: _97EpGpubk-aktC6Lgs6tWWL4b0.cer (raw, json)
Hash identifier: P5qkZq1FPfZIkzVfwVun8TYRwQ2cNoZqaBRR8buSIqg=
Subject key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01931B154240F33AF68CBF45AE47A7430F3E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 11 Nov 2024 11:56:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 24669
AS: 34202
AS: 35545
AS: 42902
AS: 43878
AS: 62240
AS: 202791 -- 202792
AS: 206136
AS: 206144
AS: 206822
AS: 206848
AS: 206986
AS: 207019
AS: 207158
IP: 2.56.188.0/22
IP: 5.180.208.0/22
IP: 5.253.112.0/22
IP: 45.86.208.0/22
IP: 45.140.42.0/23
IP: 45.144.112.0/22
IP: 45.149.172.0/22
IP: 45.150.172.0/24
IP: 45.250.24.0/22
IP: 62.106.78.0/24
IP: 62.182.96.0/22
IP: 64.238.203.0 -- 64.238.204.255
IP: 77.247.124.0/22
IP: 83.229.17.0/24
IP: 83.229.26.0/24
IP: 91.199.118.0/24
IP: 91.238.82.0/24
IP: 91.239.130.0/24
IP: 91.239.157.0/24
IP: 91.246.58.0/24
IP: 92.119.16.0/22
IP: 94.154.156.0/22
IP: 103.214.44.0/22
IP: 103.219.20.0/22
IP: 130.185.164.0/23
IP: 144.48.60.0/22
IP: 152.89.204.0/22
IP: 162.120.68.0/22
IP: 178.238.8.0/22
IP: 185.42.220.0/22
IP: 185.141.56.0/22
IP: 185.145.200.0/22
IP: 185.164.136.0/22
IP: 185.169.232.0/22
IP: 185.174.108.0/22
IP: 185.175.136.0/22
IP: 185.178.230.0/24
IP: 185.193.156.0/22
IP: 185.195.56.0/22
IP: 185.195.104.0/22
IP: 185.198.188.0/22
IP: 185.232.46.0/24
IP: 185.238.28.0/24
IP: 185.245.80.0/22
IP: 188.95.65.0/24
IP: 193.84.51.0/24
IP: 193.107.20.0/24
IP: 193.163.194.0/24
IP: 193.228.193.0/24
IP: 193.228.196.0/24
IP: 193.228.199.0/24
IP: 193.228.206.0/24
IP: 193.239.236.0/23
IP: 194.0.213.0/24
IP: 194.33.44.0/22
IP: 194.35.232.0/22
IP: 194.49.52.0/23
IP: 194.49.66.0/23
IP: 200.162.144.0/20
IP: 202.49.186.0/24
IP: 203.24.124.0/24
IP: 209.46.102.0/23
IP: 212.23.215.0/24
IP: 213.255.226.0/24
IP: 213.255.246.0/24
IP: 216.183.125.0/24
IP: 216.245.140.0/24
IP: 217.114.38.0/24
IP: 2001:67c:241c::/48
IP: 2001:67c:2450::/48
IP: 2a04:6400::/29
IP: 2a04:92c0::/29
IP: 2a06:bdc0::/29
IP: 2a07:41c0::/29
IP: 2a0a:39c0::/29
IP: 2a0a:54c0::/29
IP: 2a0a:5940::/29
IP: 2a0a:7100::/29
IP: 2a0a:8dc0::/29
IP: 2a0b:1c00::/29
IP: 2a0b:9b00::/29
IP: 2a0b:f300::/29
IP: 2a0d:5080::/29
IP: 2a0f:93c0::/29
IP: 2a0f:9440::/29
IP: 2a14:100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:15:42:40:f3:3a:f6:8c:bf:45:ae:47:a7:43:0f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 11 11:56:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:84:6c:d4:d0:19:0a:08:09:82:54:3a:3f:
70:2a:92:a6:65:3c:41:3d:4e:ec:95:c8:a5:f2:e7:
50:78:b9:cf:f3:93:11:2b:8f:97:0e:b2:1b:af:05:
6d:b4:3d:78:1c:1f:9c:89:74:4a:fa:fc:03:a9:3d:
37:2e:2f:2a:24:c4:c6:93:7b:bd:84:dc:0c:f9:d6:
54:72:3a:ff:1a:e4:8d:81:ae:a6:d0:55:c8:15:8c:
dc:66:34:c3:73:b0:eb:d3:1c:b9:8d:2b:40:85:25:
4a:67:14:81:97:78:f5:1a:0a:f9:b1:4a:85:39:73:
05:de:b7:f1:3f:9e:6c:e8:dc:0e:e1:bb:81:9c:fd:
c7:6c:93:d0:4c:1d:f4:12:7f:65:bf:74:63:fd:e7:
d9:29:87:4e:55:08:f6:0a:c0:e8:b7:26:e9:83:ea:
a7:64:3d:80:9c:2b:14:94:e7:b9:7e:ae:c7:30:1d:
e9:f1:78:b7:fb:f0:55:69:dc:68:32:bb:1c:72:88:
ec:a0:7e:59:90:c9:38:ea:d1:a9:3e:26:93:be:e7:
e2:d0:b1:77:ac:7f:9e:53:16:64:54:b9:8f:d4:5a:
a4:0c:55:c2:7d:a8:f2:26:b8:e4:6f:6a:99:34:79:
ad:ba:0c:53:e0:dd:52:4a:37:3a:dc:b5:9b:dc:6c:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.188.0/22
5.180.208.0/22
5.253.112.0/22
45.86.208.0/22
45.140.42.0/23
45.144.112.0/22
45.149.172.0/22
45.150.172.0/24
45.250.24.0/22
62.106.78.0/24
62.182.96.0/22
64.238.203.0-64.238.204.255
77.247.124.0/22
83.229.17.0/24
83.229.26.0/24
91.199.118.0/24
91.238.82.0/24
91.239.130.0/24
91.239.157.0/24
91.246.58.0/24
92.119.16.0/22
94.154.156.0/22
103.214.44.0/22
103.219.20.0/22
130.185.164.0/23
144.48.60.0/22
152.89.204.0/22
162.120.68.0/22
178.238.8.0/22
185.42.220.0/22
185.141.56.0/22
185.145.200.0/22
185.164.136.0/22
185.169.232.0/22
185.174.108.0/22
185.175.136.0/22
185.178.230.0/24
185.193.156.0/22
185.195.56.0/22
185.195.104.0/22
185.198.188.0/22
185.232.46.0/24
185.238.28.0/24
185.245.80.0/22
188.95.65.0/24
193.84.51.0/24
193.107.20.0/24
193.163.194.0/24
193.228.193.0/24
193.228.196.0/24
193.228.199.0/24
193.228.206.0/24
193.239.236.0/23
194.0.213.0/24
194.33.44.0/22
194.35.232.0/22
194.49.52.0/23
194.49.66.0/23
200.162.144.0/20
202.49.186.0/24
203.24.124.0/24
209.46.102.0/23
212.23.215.0/24
213.255.226.0/24
213.255.246.0/24
216.183.125.0/24
216.245.140.0/24
217.114.38.0/24
IPv6:
2001:67c:241c::/48
2001:67c:2450::/48
2a04:6400::/29
2a04:92c0::/29
2a06:bdc0::/29
2a07:41c0::/29
2a0a:39c0::/29
2a0a:54c0::/29
2a0a:5940::/29
2a0a:7100::/29
2a0a:8dc0::/29
2a0b:1c00::/29
2a0b:9b00::/29
2a0b:f300::/29
2a0d:5080::/29
2a0f:93c0::/29
2a0f:9440::/29
2a14:100::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24669
34202
35545
42902
43878
62240
202791-202792
206136
206144
206822
206848
206986
207019
207158
Signature Algorithm: sha256WithRSAEncryption
17:e9:c3:cb:47:8b:38:ba:33:8d:ec:54:fc:c2:b4:73:ce:24:
85:59:42:3e:a2:34:02:66:d5:06:7d:a9:1d:eb:96:34:f8:b3:
34:23:e3:3e:95:db:0f:25:a8:70:21:00:82:aa:16:e9:a7:02:
5c:ed:1c:8e:48:42:9b:a5:ad:37:20:68:38:12:0a:d8:ef:e2:
e6:16:9b:1d:5a:75:e6:d5:2a:69:a6:09:b8:4e:cb:da:d1:a3:
b2:f1:1e:9a:c9:2c:08:c7:e9:7e:4d:11:57:9b:7e:93:75:c9:
fb:06:9e:cd:86:2e:36:ae:30:bd:2c:53:46:57:70:af:1b:38:
5f:60:ff:9e:81:76:bc:53:4b:e2:ac:31:a8:be:2d:d9:a7:19:
d4:3f:d7:46:a4:cf:2b:c2:d4:80:3a:ae:f6:eb:f0:06:50:89:
7b:5c:c1:0e:ba:87:ee:1b:3c:6f:50:a7:73:35:6a:5f:e4:f8:
92:4a:b9:5b:12:2b:f6:93:39:1c:19:08:c4:78:de:6b:5f:d7:
f4:ce:2f:c4:1a:cb:db:16:6d:c6:5e:6e:33:c9:c5:40:be:44:
71:46:0a:23:0b:8c:86:54:c3:c4:b5:53:ed:af:7d:fd:b2:1a:
6d:d2:53:61:42:b7:2b:8b:00:78:ae:ba:8d:b5:7a:89:8e:ce:
50:ee:56:11
-----BEGIN CERTIFICATE-----
MIIICzCCBvOgAwIBAgISAZMbFUJA8zr2jL9FrkenQw8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTExMTE1NjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOiEbNTQGQoICYJUOj9wKpKmZTxB
PU7slcil8udQeLnP85MRK4+XDrIbrwVttD14HB+ciXRK+vwDqT03Li8qJMTGk3u9
hNwM+dZUcjr/GuSNga6m0FXIFYzcZjTDc7Dr0xy5jStAhSVKZxSBl3j1Ggr5sUqF
OXMF3rfxP55s6NwO4buBnP3HbJPQTB30En9lv3Rj/efZKYdOVQj2CsDotybpg+qn
ZD2AnCsUlOe5fq7HMB3p8Xi3+/BVadxoMrsccojsoH5ZkMk46tGpPiaTvufi0LF3
rH+eUxZkVLmP1FqkDFXCfajyJrjkb2qZNHmtugxT4N1SSjc63LWb3GzyfQIDAQAB
o4IFFzCCBRMwHQYDVR0OBBYEFP/exKRqbm5PmpLQui4LOrVli+G9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzExZTVi
My00M2FhLTQyNzktOTQ0MS03ZThjNmQ0ZDliZWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvMTFlNWIz
LTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1YmstYWt0QzZM
Z3M2dFdXTDRiMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICTQYIKwYB
BQUHAQcBAf8EggI8MIICODCCAagEAgABMIIBoAMEAgI4vAMEAgW00AMEAgX9cAME
Ai1W0AMEAS2MKgMEAi2QcAMEAi2VrAMEAC2WrAMEAi36GAMEAD5qTgMEAj62YDAM
AwQAQO7LAwQAQO7MAwQCTfd8AwQAU+URAwQAU+UaAwQAW8d2AwQAW+5SAwQAW++C
AwQAW++dAwQAW/Y6AwQCXHcQAwQCXpqcAwQCZ9YsAwQCZ9sUAwQBgrmkAwQCkDA8
AwQCmFnMAwQConhEAwQCsu4IAwQCuSrcAwQCuY04AwQCuZHIAwQCuaSIAwQCuano
AwQCua5sAwQCua+IAwQAubLmAwQCucGcAwQCucM4AwQCucNoAwQCuca8AwQAuegu
AwQAue4cAwQCufVQAwQAvF9BAwQAwVQzAwQAwWsUAwQAwaPCAwQAweTBAwQAweTE
AwQAweTHAwQAweTOAwQBwe/sAwQAwgDVAwQCwiEsAwQCwiPoAwQBwjE0AwQBwjFC
AwQEyKKQAwQAyjG6AwQAyxh8AwQB0S5mAwQA1BfXAwQA1f/iAwQA1f/2AwQA2Ld9
AwQA2PWMAwQA2XImMIGJBAIAAjCBggMHACABBnwkHAMHACABBnwkUAMFAyoEZAAD
BQMqBJLAAwUDKga9wAMFAyoHQcADBQMqCjnAAwUDKgpUwAMFAyoKWUADBQMqCnEA
AwUDKgqNwAMFAyoLHAADBQMqC5sAAwUDKgvzAAMFAyoNUIADBQMqD5PAAwUDKg+U
QAMFAyoUAQAwYQYIKwYBBQUHAQgBAf8EUjBQoE4wTAICYF0CAwCFmgIDAIrZAgMA
p5YCAwCrZgIDAPMgMAoCAwMYJwIDAxgoAgMDJTgCAwMlQAIDAyfmAgMDKAACAwMo
igIDAyirAgMDKTYwDQYJKoZIhvcNAQELBQADggEBABfpw8tHizi6M43sVPzCtHPO
JIVZQj6iNAJm1QZ9qR3rljT4szQj4z6V2w8lqHAhAIKqFumnAlztHI5IQpulrTcg
aDgSCtjv4uYWmx1adebVKmmmCbhOy9rRo7LxHprJLAjH6X5NEVebfpN1yfsGns2G
LjauML0sU0ZXcK8bOF9g/56BdrxTS+KsMai+LdmnGdQ/10akzyvC1IA6rvbr8AZQ
iXtcwQ66h+4bPG9Qp3M1al/k+JJKuVsSK/aTORwZCMR43mtf1/TOL8Qay9sWbcZe
bjPJxUC+RHFGCiMLjIZUw8S1U+2vff2yGm3SU2FCtyuLAHiuuo21eomOzlDuVhE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:31 2024 by rpki-client on console-fra.rpki-client.org