Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
File: cG06u7R4t07yre-bt8QzbjQRHVE.cer (raw, json)
Hash identifier: VLxcdCScp1XlZZ2hyOQjexzGCY4j2f+SPMhDI9vIV3E=
Subject key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D5EF0D774B7015A42CA40A5D7FABE910A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 31 Jan 2024 09:54:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 45.92.78.0/24
IP: 45.157.139.0/24
IP: 46.175.129.0/24
IP: 62.106.81.0/24
IP: 77.75.229.0/24
IP: 79.110.224.0/24
IP: 91.246.36.0/24
IP: 109.205.187.0/24
IP: 109.234.76.0/24
IP: 146.19.29.0/24
IP: 146.19.149.0/24
IP: 176.116.10.0/24
IP: 178.211.136.0/24
IP: 185.230.246.0/24
IP: 185.252.212.0/24
IP: 188.244.125.0/24
IP: 193.243.186.0/24
IP: 194.26.119.0/24
IP: 194.150.79.0/24
IP: 212.18.119.0/24
IP: 213.173.38.0/24
IP: 217.119.132.0/24
IP: 2a11:cc0::/29
IP: 2a11:1900::/29
IP: 2a11:23c0::/29
IP: 2a11:3ac0::/29
IP: 2a11:4f40::/29
IP: 2a11:79c0::/29
IP: 2a11:8dc0::/29
IP: 2a11:9500::/29
IP: 2a11:9b80::/29
IP: 2a11:a200::/29
IP: 2a11:b7c0::/29
IP: 2a11:b800::/29
IP: 2a11:c400::/29
IP: 2a11:e500::/29
IP: 2a11:f5c0::/29
IP: 2a12:2a00::/29
IP: 2a12:3100::/29
IP: 2a12:5180::/29
IP: 2a12:7a00::/29
IP: 2a12:9a80::/29
IP: 2a12:cb00::/29
IP: 2a12:da80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:f0:d7:74:b7:01:5a:42:ca:40:a5:d7:fa:be:91:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 31 09:54:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c7:c1:e0:77:35:84:e0:37:45:1e:bf:c9:74:
11:6d:1d:07:35:8e:97:38:0c:34:c8:75:f0:6f:14:
56:84:7f:e5:0e:a5:50:58:1e:ca:6b:dc:c2:65:be:
2b:b4:34:32:6c:59:91:0c:df:22:f7:bf:e1:d9:37:
d9:c7:69:ae:df:24:37:4a:d7:ea:0a:84:7e:96:dd:
eb:5b:51:30:c4:6f:df:a9:22:05:5a:71:99:ad:6b:
ff:9d:d9:96:75:72:76:05:6c:df:e2:3a:34:81:83:
fa:81:29:3b:4e:2a:5d:16:b5:0c:e8:82:fd:5d:2c:
e6:db:d6:bd:b8:b4:82:8e:3b:87:3e:c8:81:0f:cd:
5c:d2:a1:a4:40:2c:ee:ce:ba:17:82:e4:a4:b0:ac:
39:16:56:41:e6:12:cb:3b:03:93:71:01:9d:6c:8d:
d6:f6:02:8a:79:e5:0a:14:68:b0:c1:d8:94:ce:da:
d7:99:8f:07:66:42:df:53:e7:1f:50:02:1c:22:1d:
9c:2a:8c:8c:f3:39:1c:39:70:c7:6b:2e:70:cb:f7:
83:7f:06:96:3e:9d:ff:f3:d1:69:3d:9c:03:d9:2a:
95:ec:6a:70:d5:be:32:9a:04:46:d7:bd:bd:bf:12:
a9:d2:c7:25:d8:83:41:d7:70:70:e4:29:a2:21:91:
80:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.78.0/24
45.157.139.0/24
46.175.129.0/24
62.106.81.0/24
77.75.229.0/24
79.110.224.0/24
91.246.36.0/24
109.205.187.0/24
109.234.76.0/24
146.19.29.0/24
146.19.149.0/24
176.116.10.0/24
178.211.136.0/24
185.230.246.0/24
185.252.212.0/24
188.244.125.0/24
193.243.186.0/24
194.26.119.0/24
194.150.79.0/24
212.18.119.0/24
213.173.38.0/24
217.119.132.0/24
IPv6:
2a11:cc0::/29
2a11:1900::/29
2a11:23c0::/29
2a11:3ac0::/29
2a11:4f40::/29
2a11:79c0::/29
2a11:8dc0::/29
2a11:9500::/29
2a11:9b80::/29
2a11:a200::/29
2a11:b7c0::/29
2a11:b800::/29
2a11:c400::/29
2a11:e500::/29
2a11:f5c0::/29
2a12:2a00::/29
2a12:3100::/29
2a12:5180::/29
2a12:7a00::/29
2a12:9a80::/29
2a12:cb00::/29
2a12:da80::/29
Signature Algorithm: sha256WithRSAEncryption
19:80:79:bb:39:a0:8a:3c:ae:a7:6e:f1:10:88:58:4c:6d:90:
28:5e:10:ae:11:39:6c:1d:5c:51:e9:07:ef:51:49:36:ec:4f:
d9:24:7e:e8:1f:35:65:d8:fd:f8:c0:9f:48:4d:b7:75:2b:35:
d7:95:77:ba:e8:98:2a:3e:f2:9a:50:9f:5f:e3:a1:d0:35:21:
f4:9a:8d:17:48:ad:35:b9:41:22:9f:4f:41:5d:d6:4c:f3:c7:
ab:95:e4:87:cb:e7:ee:a2:90:68:b5:09:31:16:0e:e1:36:a8:
a8:c4:fb:dc:72:f5:a2:21:58:bb:a3:59:1e:54:4a:75:1c:23:
b7:68:17:47:ba:59:ec:a9:c1:8a:a7:7e:4e:12:3c:84:92:68:
67:91:2a:58:18:d4:6b:60:b7:e5:4f:e8:1e:57:b6:c5:aa:85:
8d:fc:4a:4b:71:50:68:a2:f3:8a:0e:87:48:54:c1:26:83:99:
c4:2e:bd:fc:f9:c3:bb:58:89:81:15:4e:b0:c2:59:16:3f:dc:
52:f3:c3:d6:0e:a7:bd:8b:63:9a:0c:b6:26:7a:fe:80:59:b5:
c6:30:12:92:7f:be:70:2a:70:0e:95:b0:2a:6a:e0:c7:9e:6f:
d9:30:bf:5c:9b:f2:eb:19:8a:48:73:ad:29:6c:fc:73:5c:31:
c4:89:6a:a2
-----BEGIN CERTIFICATE-----
MIIGojCCBYqgAwIBAgISAY1e8Nd0twFaQspApdf6vpEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTMxMDk1NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZkM2FiYmI0NzhiNzRlZjJhZGVmOWJiN2M0MzM2ZTM0MTExZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58fB4Hc1hOA3RR6/yXQRbR0HNY6X
OAw0yHXwbxRWhH/lDqVQWB7Ka9zCZb4rtDQybFmRDN8i97/h2TfZx2mu3yQ3Stfq
CoR+lt3rW1EwxG/fqSIFWnGZrWv/ndmWdXJ2BWzf4jo0gYP6gSk7TipdFrUM6IL9
XSzm29a9uLSCjjuHPsiBD81c0qGkQCzuzroXguSksKw5FlZB5hLLOwOTcQGdbI3W
9gKKeeUKFGiwwdiUztrXmY8HZkLfU+cfUAIcIh2cKoyM8zkcOXDHay5wy/eDfwaW
Pp3/89FpPZwD2SqV7Gpw1b4ymgRG1729vxKp0scl2INB13Bw5CmiIZGA6QIDAQAB
o4IDrjCCA6owHQYDVR0OBBYEFHBtOru0eLdO8q3vm7fEM240ER1RMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3LzBjNmY0
Ny00NzEzLTQ0NzEtYjA4Zi1hNDIxM2M5M2YxZjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvMGM2ZjQ3
LTQ3MTMtNDQ3MS1iMDhmLWE0MjEzYzkzZjFmNy8xL2NHMDZ1N1I0dDA3eXJlLWJ0
OFF6YmpRUkhWRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBRwYIKwYB
BQUHAQcBAf8EggE2MIIBMjCBiwQCAAEwgYQDBAAtXE4DBAAtnYsDBAAur4EDBAA+
alEDBABNS+UDBABPbuADBABb9iQDBABtzbsDBABt6kwDBACSEx0DBACSE5UDBACw
dAoDBACy04gDBAC55vYDBAC5/NQDBAC89H0DBADB87oDBADCGncDBADClk8DBADU
EncDBADVrSYDBADZd4QwgaEEAgACMIGaAwUDKhEMwAMFAyoRGQADBQMqESPAAwUD
KhE6wAMFAyoRT0ADBQMqEXnAAwUDKhGNwAMFAyoRlQADBQMqEZuAAwUDKhGiAAMF
AyoRt8ADBQMqEbgAAwUDKhHEAAMFAyoR5QADBQMqEfXAAwUDKhIqAAMFAyoSMQAD
BQMqElGAAwUDKhJ6AAMFAyoSmoADBQMqEssAAwUDKhLagDANBgkqhkiG9w0BAQsF
AAOCAQEAGYB5uzmgijyup27xEIhYTG2QKF4QrhE5bB1cUekH71FJNuxP2SR+6B81
Zdj9+MCfSE23dSs115V3uuiYKj7ymlCfX+Oh0DUh9JqNF0itNblBIp9PQV3WTPPH
q5Xkh8vn7qKQaLUJMRYO4TaoqMT73HL1oiFYu6NZHlRKdRwjt2gXR7pZ7KnBiqd+
ThI8hJJoZ5EqWBjUa2C35U/oHle2xaqFjfxKS3FQaKLzig6HSFTBJoOZxC69/PnD
u1iJgRVOsMJZFj/cUvPD1g6nvYtjmgy2Jnr+gFm1xjASkn++cCpwDpWwKmrgx55v
2TC/XJvy6xmKSHOtKWz8c1wxxIlqog==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:16 2024 by rpki-client on console-fra.rpki-client.org