Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
File: d4LgCn_HYX2UJguB_SKjo_PcaG0.cer (raw, json)
Hash identifier: 5C+rVutkVmyet624UX/1uBMW5zgZt0Gk4oo2JUCLq+g=
Subject key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427B3CFC934BB204E371C1FED1284CA70
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 15:48:03 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 13082
AS: 21299
AS: 35566
AS: 42770
AS: 206026
IP: 5.34.0.0/17
IP: 5.101.52.0 -- 5.101.59.255
IP: 5.188.240.0/20
IP: 31.132.80.0/20
IP: 37.9.16.0/20
IP: 37.99.0.0/17
IP: 46.34.192.0/19
IP: 46.42.192.0/18
IP: 46.227.184.0/21
IP: 67.209.128.0/19
IP: 77.74.64.0/21
IP: 77.94.3.0 -- 77.94.31.255
IP: 80.241.32.0/20
IP: 85.29.128.0/18
IP: 86.107.128.0/20
IP: 87.239.160.0/21
IP: 87.243.8.0 -- 87.243.63.255
IP: 87.247.0.0/18
IP: 89.33.112.0/22
IP: 89.33.208.0/20
IP: 89.35.252.0/22
IP: 89.36.164.0/22
IP: 89.36.200.0/22
IP: 89.37.24.0/22
IP: 89.37.220.0/22
IP: 89.40.48.0/20
IP: 89.40.192.0/22
IP: 89.42.60.0/22
IP: 89.42.204.0/22
IP: 89.43.20.0/22
IP: 89.43.164.0/22
IP: 89.44.12.0/22
IP: 91.201.216.0/22
IP: 91.215.96.0/22
IP: 91.240.8.0/22
IP: 91.244.96.0/20
IP: 91.245.196.0/22
IP: 92.49.192.0/18
IP: 92.55.160.0/19
IP: 95.82.64.0/18
IP: 103.241.108.0/22
IP: 109.166.56.0 -- 109.166.87.255
IP: 109.201.32.0/19
IP: 109.206.0.0/19
IP: 146.0.60.0/22
IP: 146.0.192.0/20
IP: 162.255.196.0/22
IP: 173.244.144.0/20
IP: 176.100.48.0/21
IP: 176.118.56.0/21
IP: 176.124.80.0/20
IP: 176.222.128.0/18
IP: 176.223.72.0/21
IP: 176.223.100.0/22
IP: 176.223.184.0/22
IP: 185.8.232.0/22
IP: 185.14.100.0/22
IP: 185.34.66.0/24
IP: 185.80.80.0/22
IP: 185.97.56.0/22
IP: 185.116.140.0/22
IP: 188.246.236.0 -- 188.246.255.255
IP: 188.247.176.0 -- 188.247.223.255
IP: 192.159.38.0/23
IP: 192.162.156.0/22
IP: 192.175.14.0/23
IP: 194.0.124.0/22
IP: 194.105.104.0/21
IP: 194.187.136.0/22
IP: 198.45.116.0/22
IP: 198.89.88.0/21
IP: 207.174.216.0/22
IP: 212.76.0.0/19
IP: 213.5.184.0/21
IP: 213.109.208.0/20
IP: 2a01:4b40::/32
IP: 2a01:b0c0::/32
IP: 2a0d:b200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:cf:c9:34:bb:20:4e:37:1c:1f:ed:12:84:ca:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 15:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0d:f3:b1:c0:ec:5b:ef:b4:73:e9:a5:03:5c:
f7:b3:b1:94:52:4b:98:93:72:81:19:f3:73:07:24:
1d:1b:44:36:81:8e:4c:fb:b7:bc:d3:24:84:14:9d:
a8:55:43:70:35:87:29:85:ce:a4:52:12:02:3f:c9:
b1:dd:c1:60:5e:ff:74:f6:da:cb:28:f8:60:d9:3c:
ef:9b:2f:8a:5f:51:c8:2d:8b:3c:fb:7a:69:0a:26:
f7:6c:5f:13:fa:23:00:39:a1:12:d3:c2:f9:70:c4:
b4:fe:24:c1:23:9f:d7:b7:1e:58:55:78:c8:6c:b5:
a4:60:bb:6c:8f:bc:34:b5:7d:fa:3d:19:3f:ea:7e:
d2:70:e6:77:66:da:fd:62:0f:dc:ff:6f:99:5a:3c:
e0:37:c7:93:ac:31:e4:dc:4b:3c:0f:14:b8:ed:49:
ef:59:5d:ce:5b:3b:af:6a:82:58:63:cd:f3:f9:85:
6c:33:e9:80:32:e8:0a:1e:0f:e0:7a:7e:0c:0c:66:
75:0b:d0:c8:57:c2:ee:16:6b:93:7b:8c:2d:ad:0a:
3e:1b:02:63:d2:ea:de:ae:ce:14:c2:a8:dd:b7:90:
f5:43:b0:94:b5:21:4d:7d:06:25:96:d4:4f:c2:3c:
f3:20:bf:69:be:38:bf:b3:20:8a:ea:cb:6c:b2:4d:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.0.0/17
5.101.52.0-5.101.59.255
5.188.240.0/20
31.132.80.0/20
37.9.16.0/20
37.99.0.0/17
46.34.192.0/19
46.42.192.0/18
46.227.184.0/21
67.209.128.0/19
77.74.64.0/21
77.94.3.0-77.94.31.255
80.241.32.0/20
85.29.128.0/18
86.107.128.0/20
87.239.160.0/21
87.243.8.0-87.243.63.255
87.247.0.0/18
89.33.112.0/22
89.33.208.0/20
89.35.252.0/22
89.36.164.0/22
89.36.200.0/22
89.37.24.0/22
89.37.220.0/22
89.40.48.0/20
89.40.192.0/22
89.42.60.0/22
89.42.204.0/22
89.43.20.0/22
89.43.164.0/22
89.44.12.0/22
91.201.216.0/22
91.215.96.0/22
91.240.8.0/22
91.244.96.0/20
91.245.196.0/22
92.49.192.0/18
92.55.160.0/19
95.82.64.0/18
103.241.108.0/22
109.166.56.0-109.166.87.255
109.201.32.0/19
109.206.0.0/19
146.0.60.0/22
146.0.192.0/20
162.255.196.0/22
173.244.144.0/20
176.100.48.0/21
176.118.56.0/21
176.124.80.0/20
176.222.128.0/18
176.223.72.0/21
176.223.100.0/22
176.223.184.0/22
185.8.232.0/22
185.14.100.0/22
185.34.66.0/24
185.80.80.0/22
185.97.56.0/22
185.116.140.0/22
188.246.236.0-188.246.255.255
188.247.176.0-188.247.223.255
192.159.38.0/23
192.162.156.0/22
192.175.14.0/23
194.0.124.0/22
194.105.104.0/21
194.187.136.0/22
198.45.116.0/22
198.89.88.0/21
207.174.216.0/22
212.76.0.0/19
213.5.184.0/21
213.109.208.0/20
IPv6:
2a01:4b40::/32
2a01:b0c0::/32
2a0d:b200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13082
21299
35566
42770
206026
Signature Algorithm: sha256WithRSAEncryption
42:86:35:4f:0b:f1:d6:da:b0:9c:fc:8a:dd:b6:7e:f4:7a:91:
94:ce:96:c8:73:ea:ff:76:1d:45:31:da:be:2b:09:e3:b4:f3:
30:dd:57:dc:90:7f:53:45:60:77:be:bc:38:f0:9d:d2:10:04:
44:97:af:e7:c7:73:95:92:f2:89:00:85:6d:a4:99:01:4e:71:
55:a2:1f:17:b8:81:d2:61:b4:d1:71:b0:fe:8d:87:61:2d:e5:
80:8e:76:5d:b2:6e:46:3f:d1:08:fc:ca:c0:3e:8f:38:39:23:
3b:06:1c:d7:26:99:96:69:e4:a8:10:01:3b:17:d2:07:96:57:
77:55:56:15:8a:88:1b:1a:89:84:19:7f:9d:ce:8d:1f:07:9c:
1f:3c:6c:c8:00:a9:78:6b:f9:0c:d4:85:61:c4:bc:03:6d:34:
d5:d4:f1:61:4f:35:db:f6:8e:0a:24:b3:75:a9:89:48:ee:7e:
85:82:65:eb:3b:2a:07:62:b5:22:19:0c:ae:24:7d:af:b9:55:
8b:a9:cd:ed:ac:41:a7:a1:c8:c6:dc:3d:16:f4:20:9d:29:19:
fd:d3:4b:82:fa:1f:be:0e:b2:19:4d:d7:fd:01:f4:2d:7b:88:
38:47:c5:30:6f:dc:48:0e:ae:1e:45:c6:1f:5a:ea:ce:e0:99:
a0:21:01:5a
-----BEGIN CERTIFICATE-----
MIIHuDCCBqCgAwIBAgISAZQns8/JNLsgTjccH+0ShMpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgyZTAwYTdmYzc2MTdkOTQyNjBiODFmZDIyYTNhM2YzZGM2ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ3zscDsW++0c+mlA1z3s7GUUkuY
k3KBGfNzByQdG0Q2gY5M+7e80ySEFJ2oVUNwNYcphc6kUhICP8mx3cFgXv909trL
KPhg2Tzvmy+KX1HILYs8+3ppCib3bF8T+iMAOaES08L5cMS0/iTBI5/Xtx5YVXjI
bLWkYLtsj7w0tX36PRk/6n7ScOZ3Ztr9Yg/c/2+ZWjzgN8eTrDHk3Es8DxS47Unv
WV3OWzuvaoJYY83z+YVsM+mAMugKHg/gen4MDGZ1C9DIV8LuFmuTe4wtrQo+GwJj
0urers4Uwqjdt5D1Q7CUtSFNfQYlltRPwjzzIL9pvji/syCK6stssk19PwIDAQAB
o4IExDCCBMAwHQYDVR0OBBYEFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1L2FkZTYw
YS1mZDhjLTQyMmUtYmNhOC05YTAyODRiM2FkYzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvYWRlNjBh
LWZkOGMtNDIyZS1iY2E4LTlhMDI4NGIzYWRjMS8xL2Q0TGdDbl9IWVgyVUpndUJf
U0tqb19QY2FHMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICLwYIKwYB
BQUHAQcBAf8EggIeMIICGjCCAfkEAgABMIIB8QMEBwUiADAMAwQCBWU0AwQCBWU4
AwQEBbzwAwQEH4RQAwQEJQkQAwQHJWMAAwQFLiLAAwQGLirAAwQDLuO4AwQFQ9GA
AwQDTUpAMAwDBABNXgMDBAVNXgADBARQ8SADBAZVHYADBARWa4ADBANX76AwDAME
A1fzCAMEBlfzAAMEBlf3AAMEAlkhcAMEBFkh0AMEAlkj/AMEAlkkpAMEAlkkyAME
AlklGAMEAlkl3AMEBFkoMAMEAlkowAMEAlkqPAMEAlkqzAMEAlkrFAMEAlkrpAME
AlksDAMEAlvJ2AMEAlvXYAMEAlvwCAMEBFv0YAMEAlv1xAMEBlwxwAMEBVw3oAME
Bl9SQAMEAmfxbDAMAwQDbaY4AwQDbaZQAwQFbckgAwQFbc4AAwQCkgA8AwQEkgDA
AwQCov/EAwQErfSQAwQDsGQwAwQDsHY4AwQEsHxQAwQGsN6AAwQDsN9IAwQCsN9k
AwQCsN+4AwQCuQjoAwQCuQ5kAwQAuSJCAwQCuVBQAwQCuWE4AwQCuXSMMAsDBAK8
9uwDAwC89jAMAwQEvPewAwQFvPfAAwQBwJ8mAwQCwKKcAwQBwK8OAwQCwgB8AwQD
wmloAwQCwruIAwQCxi10AwQDxllYAwQCz67YAwQF1EwAAwQD1QW4AwQE1W3QMBsE
AgACMBUDBQAqAUtAAwUAKgGwwAMFAyoNsgAwLAYIKwYBBQUHAQgBAf8EHTAboBkw
FwICMxoCAlMzAgMAiu4CAwCnEgIDAyTKMA0GCSqGSIb3DQEBCwUAA4IBAQBChjVP
C/HW2rCc/Irdtn70epGUzpbIc+r/dh1FMdq+KwnjtPMw3VfckH9TRWB3vrw48J3S
EAREl6/nx3OVkvKJAIVtpJkBTnFVoh8XuIHSYbTRcbD+jYdhLeWAjnZdsm5GP9EI
/MrAPo84OSM7BhzXJpmWaeSoEAE7F9IHlld3VVYViogbGomEGX+dzo0fB5wfPGzI
AKl4a/kM1IVhxLwDbTTV1PFhTzXb9o4KJLN1qYlI7n6FgmXrOyoHYrUiGQyuJH2v
uVWLqc3trEGnocjG3D0W9CCdKRn900uC+h++DrIZTdf9AfQte4g4R8Uwb9xIDq4e
RcYfWurO4JmgIQFa
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:36 2025 by rpki-client