Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
File: _97EpGpubk-aktC6Lgs6tWWL4b0.cer (raw, json)
Hash identifier: zrw6ETTxWrdqJj1n4Z3qWm+8atzQlvtLc2vsI0HZaC8=
Subject key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D9DF07D6C4D262CEC634862AC58B79F51
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 12 Feb 2024 15:30:00 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 24669
AS: 34202
AS: 35545
AS: 42902
AS: 43878
AS: 62240
AS: 202791 -- 202792
AS: 206136
AS: 206144
AS: 206822
AS: 206848
AS: 206986
AS: 207019
AS: 207158
IP: 2.56.188.0/22
IP: 5.180.208.0/22
IP: 5.253.112.0/22
IP: 45.86.208.0/22
IP: 45.140.42.0/23
IP: 45.144.112.0/22
IP: 45.149.172.0/22
IP: 45.250.24.0/22
IP: 62.106.78.0/24
IP: 62.182.96.0/22
IP: 64.238.203.0 -- 64.238.204.255
IP: 77.247.124.0/22
IP: 83.229.17.0/24
IP: 83.229.26.0/24
IP: 91.199.118.0/24
IP: 91.238.82.0/24
IP: 91.239.130.0/24
IP: 91.239.157.0/24
IP: 91.246.58.0/24
IP: 92.119.16.0/22
IP: 94.154.156.0/22
IP: 103.214.44.0/22
IP: 103.219.20.0/22
IP: 144.48.60.0/22
IP: 152.89.204.0/22
IP: 162.120.68.0/22
IP: 178.238.8.0/22
IP: 185.42.220.0/22
IP: 185.141.56.0/22
IP: 185.145.200.0/22
IP: 185.164.136.0/22
IP: 185.169.232.0/22
IP: 185.174.108.0/22
IP: 185.175.136.0/22
IP: 185.178.230.0/24
IP: 185.193.156.0/22
IP: 185.195.56.0/22
IP: 185.195.104.0/22
IP: 185.198.188.0/22
IP: 185.232.46.0/24
IP: 185.238.28.0/24
IP: 185.245.80.0/22
IP: 188.95.65.0/24
IP: 193.84.51.0/24
IP: 193.107.20.0/24
IP: 193.163.194.0/24
IP: 193.228.193.0/24
IP: 193.228.196.0/24
IP: 193.228.199.0/24
IP: 193.228.206.0/24
IP: 194.33.44.0/22
IP: 194.35.232.0/22
IP: 194.49.52.0/23
IP: 194.49.66.0/23
IP: 200.162.144.0/20
IP: 202.49.186.0/24
IP: 203.24.124.0/24
IP: 209.46.102.0/23
IP: 212.23.215.0/24
IP: 213.255.226.0/24
IP: 213.255.246.0/24
IP: 216.183.125.0/24
IP: 216.245.140.0/24
IP: 217.114.38.0/24
IP: 2001:67c:241c::/48
IP: 2001:67c:2450::/48
IP: 2a04:6400::/29
IP: 2a04:92c0::/29
IP: 2a06:bdc0::/29
IP: 2a07:41c0::/29
IP: 2a0a:39c0::/29
IP: 2a0a:54c0::/29
IP: 2a0a:5940::/29
IP: 2a0a:7100::/29
IP: 2a0a:8dc0::/29
IP: 2a0b:1c00::/29
IP: 2a0b:9b00::/29
IP: 2a0b:f300::/29
IP: 2a0d:5080::/29
IP: 2a0f:93c0::/29
IP: 2a0f:9440::/29
IP: 2a14:100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:f0:7d:6c:4d:26:2c:ec:63:48:62:ac:58:b7:9f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 12 15:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:84:6c:d4:d0:19:0a:08:09:82:54:3a:3f:
70:2a:92:a6:65:3c:41:3d:4e:ec:95:c8:a5:f2:e7:
50:78:b9:cf:f3:93:11:2b:8f:97:0e:b2:1b:af:05:
6d:b4:3d:78:1c:1f:9c:89:74:4a:fa:fc:03:a9:3d:
37:2e:2f:2a:24:c4:c6:93:7b:bd:84:dc:0c:f9:d6:
54:72:3a:ff:1a:e4:8d:81:ae:a6:d0:55:c8:15:8c:
dc:66:34:c3:73:b0:eb:d3:1c:b9:8d:2b:40:85:25:
4a:67:14:81:97:78:f5:1a:0a:f9:b1:4a:85:39:73:
05:de:b7:f1:3f:9e:6c:e8:dc:0e:e1:bb:81:9c:fd:
c7:6c:93:d0:4c:1d:f4:12:7f:65:bf:74:63:fd:e7:
d9:29:87:4e:55:08:f6:0a:c0:e8:b7:26:e9:83:ea:
a7:64:3d:80:9c:2b:14:94:e7:b9:7e:ae:c7:30:1d:
e9:f1:78:b7:fb:f0:55:69:dc:68:32:bb:1c:72:88:
ec:a0:7e:59:90:c9:38:ea:d1:a9:3e:26:93:be:e7:
e2:d0:b1:77:ac:7f:9e:53:16:64:54:b9:8f:d4:5a:
a4:0c:55:c2:7d:a8:f2:26:b8:e4:6f:6a:99:34:79:
ad:ba:0c:53:e0:dd:52:4a:37:3a:dc:b5:9b:dc:6c:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.188.0/22
5.180.208.0/22
5.253.112.0/22
45.86.208.0/22
45.140.42.0/23
45.144.112.0/22
45.149.172.0/22
45.250.24.0/22
62.106.78.0/24
62.182.96.0/22
64.238.203.0-64.238.204.255
77.247.124.0/22
83.229.17.0/24
83.229.26.0/24
91.199.118.0/24
91.238.82.0/24
91.239.130.0/24
91.239.157.0/24
91.246.58.0/24
92.119.16.0/22
94.154.156.0/22
103.214.44.0/22
103.219.20.0/22
144.48.60.0/22
152.89.204.0/22
162.120.68.0/22
178.238.8.0/22
185.42.220.0/22
185.141.56.0/22
185.145.200.0/22
185.164.136.0/22
185.169.232.0/22
185.174.108.0/22
185.175.136.0/22
185.178.230.0/24
185.193.156.0/22
185.195.56.0/22
185.195.104.0/22
185.198.188.0/22
185.232.46.0/24
185.238.28.0/24
185.245.80.0/22
188.95.65.0/24
193.84.51.0/24
193.107.20.0/24
193.163.194.0/24
193.228.193.0/24
193.228.196.0/24
193.228.199.0/24
193.228.206.0/24
194.33.44.0/22
194.35.232.0/22
194.49.52.0/23
194.49.66.0/23
200.162.144.0/20
202.49.186.0/24
203.24.124.0/24
209.46.102.0/23
212.23.215.0/24
213.255.226.0/24
213.255.246.0/24
216.183.125.0/24
216.245.140.0/24
217.114.38.0/24
IPv6:
2001:67c:241c::/48
2001:67c:2450::/48
2a04:6400::/29
2a04:92c0::/29
2a06:bdc0::/29
2a07:41c0::/29
2a0a:39c0::/29
2a0a:54c0::/29
2a0a:5940::/29
2a0a:7100::/29
2a0a:8dc0::/29
2a0b:1c00::/29
2a0b:9b00::/29
2a0b:f300::/29
2a0d:5080::/29
2a0f:93c0::/29
2a0f:9440::/29
2a14:100::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24669
34202
35545
42902
43878
62240
202791-202792
206136
206144
206822
206848
206986
207019
207158
Signature Algorithm: sha256WithRSAEncryption
35:2a:75:ac:48:08:f2:22:1f:fc:32:ee:58:7e:89:82:10:c2:
67:3b:97:b4:ca:f0:74:cb:bd:e3:19:33:5f:9e:3b:00:69:d5:
f1:38:84:df:02:3f:39:ac:54:c2:c9:c5:35:d9:1a:7a:2e:71:
25:7d:4a:16:45:42:73:94:1e:f0:9c:a0:3d:da:09:23:e6:e6:
57:d5:a9:62:34:59:5c:32:a8:09:b4:77:71:70:e8:56:d1:eb:
ba:b0:ed:f1:ab:0a:05:5b:c1:e6:d5:0a:cf:23:ab:2c:ec:46:
f2:c4:d8:41:83:ea:25:4b:6b:0f:59:2e:b2:22:76:89:03:6f:
59:2a:32:be:76:00:f1:75:cf:74:ae:fb:dd:c0:48:21:1a:3e:
39:2b:c0:06:e3:3e:97:71:20:89:dc:f0:92:ea:62:95:cc:fb:
38:86:96:2a:30:4c:6a:51:89:7b:ce:e1:02:84:f8:69:50:59:
95:ea:1b:f5:a3:31:0b:f2:f9:35:bd:f3:1d:f8:d0:bf:76:50:
6e:89:bd:cc:d2:ce:5f:2a:e9:39:d5:06:ae:7c:9e:ad:cf:3f:
3c:bb:c0:ac:bb:9c:f5:b7:10:16:b2:4d:b6:3d:01:76:4c:93:
0e:60:b0:99:aa:4c:29:a5:1f:d6:dd:c6:7b:dc:d6:c2:0c:c0:
4f:d5:6c:5e
-----BEGIN CERTIFICATE-----
MIIH8zCCBtugAwIBAgISAY2d8H1sTSYs7GNIYqxYt59RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjEyMTUzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOiEbNTQGQoICYJUOj9wKpKmZTxB
PU7slcil8udQeLnP85MRK4+XDrIbrwVttD14HB+ciXRK+vwDqT03Li8qJMTGk3u9
hNwM+dZUcjr/GuSNga6m0FXIFYzcZjTDc7Dr0xy5jStAhSVKZxSBl3j1Ggr5sUqF
OXMF3rfxP55s6NwO4buBnP3HbJPQTB30En9lv3Rj/efZKYdOVQj2CsDotybpg+qn
ZD2AnCsUlOe5fq7HMB3p8Xi3+/BVadxoMrsccojsoH5ZkMk46tGpPiaTvufi0LF3
rH+eUxZkVLmP1FqkDFXCfajyJrjkb2qZNHmtugxT4N1SSjc63LWb3GzyfQIDAQAB
o4IE/zCCBPswHQYDVR0OBBYEFP/exKRqbm5PmpLQui4LOrVli+G9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzExZTVi
My00M2FhLTQyNzktOTQ0MS03ZThjNmQ0ZDliZWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvMTFlNWIz
LTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1YmstYWt0QzZM
Z3M2dFdXTDRiMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICNQYIKwYB
BQUHAQcBAf8EggIkMIICIDCCAZAEAgABMIIBiAMEAgI4vAMEAgW00AMEAgX9cAME
Ai1W0AMEAS2MKgMEAi2QcAMEAi2VrAMEAi36GAMEAD5qTgMEAj62YDAMAwQAQO7L
AwQAQO7MAwQCTfd8AwQAU+URAwQAU+UaAwQAW8d2AwQAW+5SAwQAW++CAwQAW++d
AwQAW/Y6AwQCXHcQAwQCXpqcAwQCZ9YsAwQCZ9sUAwQCkDA8AwQCmFnMAwQConhE
AwQCsu4IAwQCuSrcAwQCuY04AwQCuZHIAwQCuaSIAwQCuanoAwQCua5sAwQCua+I
AwQAubLmAwQCucGcAwQCucM4AwQCucNoAwQCuca8AwQAueguAwQAue4cAwQCufVQ
AwQAvF9BAwQAwVQzAwQAwWsUAwQAwaPCAwQAweTBAwQAweTEAwQAweTHAwQAweTO
AwQCwiEsAwQCwiPoAwQBwjE0AwQBwjFCAwQEyKKQAwQAyjG6AwQAyxh8AwQB0S5m
AwQA1BfXAwQA1f/iAwQA1f/2AwQA2Ld9AwQA2PWMAwQA2XImMIGJBAIAAjCBggMH
ACABBnwkHAMHACABBnwkUAMFAyoEZAADBQMqBJLAAwUDKga9wAMFAyoHQcADBQMq
CjnAAwUDKgpUwAMFAyoKWUADBQMqCnEAAwUDKgqNwAMFAyoLHAADBQMqC5sAAwUD
KgvzAAMFAyoNUIADBQMqD5PAAwUDKg+UQAMFAyoUAQAwYQYIKwYBBQUHAQgBAf8E
UjBQoE4wTAICYF0CAwCFmgIDAIrZAgMAp5YCAwCrZgIDAPMgMAoCAwMYJwIDAxgo
AgMDJTgCAwMlQAIDAyfmAgMDKAACAwMoigIDAyirAgMDKTYwDQYJKoZIhvcNAQEL
BQADggEBADUqdaxICPIiH/wy7lh+iYIQwmc7l7TK8HTLveMZM1+eOwBp1fE4hN8C
PzmsVMLJxTXZGnoucSV9ShZFQnOUHvCcoD3aCSPm5lfVqWI0WVwyqAm0d3Fw6FbR
67qw7fGrCgVbwebVCs8jqyzsRvLE2EGD6iVLaw9ZLrIidokDb1kqMr52APF1z3Su
+93ASCEaPjkrwAbjPpdxIInc8JLqYpXM+ziGliowTGpRiXvO4QKE+GlQWZXqG/Wj
MQvy+TW98x340L92UG6JvczSzl8q6TnVBq58nq3PPzy7wKy7nPW3EBayTbY9AXZM
kw5gsJmqTCmlH9bdxnvc1sIMwE/VbF4=
-----END CERTIFICATE-----
Generated at Fri May 3 10:23:02 2024 by rpki-client on console-fra.rpki-client.org