Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
File: d4LgCn_HYX2UJguB_SKjo_PcaG0.cer (raw, json)
Hash identifier: BngIuTiznofg/xSr9+PpBiFb1Z9y1OQlo7tBn+ARuEY=
Subject key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7275340DC039597B6DDD47E042F238E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:32 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 13082
AS: 21299
AS: 35566
AS: 42770
AS: 206026
IP: 5.34.0.0/17
IP: 5.101.52.0 -- 5.101.59.255
IP: 5.188.240.0/20
IP: 31.132.80.0/20
IP: 37.9.16.0/20
IP: 37.99.0.0/17
IP: 46.34.192.0/19
IP: 46.42.192.0/18
IP: 46.227.184.0/21
IP: 67.209.128.0/19
IP: 77.74.64.0/21
IP: 77.94.3.0 -- 77.94.31.255
IP: 80.241.32.0/20
IP: 85.29.128.0/18
IP: 86.107.128.0/20
IP: 87.239.160.0/21
IP: 87.243.8.0 -- 87.243.63.255
IP: 87.247.0.0/18
IP: 89.33.112.0/22
IP: 89.33.208.0/20
IP: 89.35.252.0/22
IP: 89.36.164.0/22
IP: 89.36.200.0/22
IP: 89.37.24.0/22
IP: 89.37.220.0/22
IP: 89.40.48.0/20
IP: 89.40.192.0/22
IP: 89.42.60.0/22
IP: 89.42.204.0/22
IP: 89.43.20.0/22
IP: 89.43.164.0/22
IP: 89.44.12.0/22
IP: 91.201.216.0/22
IP: 91.215.96.0/22
IP: 91.240.8.0/22
IP: 91.244.96.0/20
IP: 91.245.196.0/22
IP: 92.49.192.0/18
IP: 92.55.160.0/19
IP: 95.82.64.0/18
IP: 103.241.108.0/22
IP: 109.166.56.0 -- 109.166.87.255
IP: 109.201.32.0/19
IP: 109.206.0.0/19
IP: 146.0.60.0/22
IP: 146.0.192.0/20
IP: 162.255.196.0/22
IP: 173.244.144.0/20
IP: 176.100.48.0/21
IP: 176.118.56.0/21
IP: 176.124.80.0/20
IP: 176.222.128.0/18
IP: 176.223.72.0/21
IP: 176.223.100.0/22
IP: 176.223.184.0/22
IP: 185.8.232.0/22
IP: 185.14.100.0/22
IP: 185.34.66.0/24
IP: 185.80.80.0/22
IP: 185.97.56.0/22
IP: 185.116.140.0/22
IP: 188.246.236.0 -- 188.246.255.255
IP: 188.247.176.0 -- 188.247.223.255
IP: 192.159.38.0/23
IP: 192.162.156.0/22
IP: 192.175.14.0/23
IP: 194.0.124.0/22
IP: 194.105.104.0/21
IP: 194.187.136.0/22
IP: 198.45.116.0/22
IP: 198.89.88.0/21
IP: 207.174.216.0/22
IP: 212.76.0.0/19
IP: 213.5.184.0/21
IP: 213.109.208.0/20
IP: 2a01:4b40::/32
IP: 2a01:b0c0::/32
IP: 2a0d:b200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:53:40:dc:03:95:97:b6:dd:d4:7e:04:2f:23:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0d:f3:b1:c0:ec:5b:ef:b4:73:e9:a5:03:5c:
f7:b3:b1:94:52:4b:98:93:72:81:19:f3:73:07:24:
1d:1b:44:36:81:8e:4c:fb:b7:bc:d3:24:84:14:9d:
a8:55:43:70:35:87:29:85:ce:a4:52:12:02:3f:c9:
b1:dd:c1:60:5e:ff:74:f6:da:cb:28:f8:60:d9:3c:
ef:9b:2f:8a:5f:51:c8:2d:8b:3c:fb:7a:69:0a:26:
f7:6c:5f:13:fa:23:00:39:a1:12:d3:c2:f9:70:c4:
b4:fe:24:c1:23:9f:d7:b7:1e:58:55:78:c8:6c:b5:
a4:60:bb:6c:8f:bc:34:b5:7d:fa:3d:19:3f:ea:7e:
d2:70:e6:77:66:da:fd:62:0f:dc:ff:6f:99:5a:3c:
e0:37:c7:93:ac:31:e4:dc:4b:3c:0f:14:b8:ed:49:
ef:59:5d:ce:5b:3b:af:6a:82:58:63:cd:f3:f9:85:
6c:33:e9:80:32:e8:0a:1e:0f:e0:7a:7e:0c:0c:66:
75:0b:d0:c8:57:c2:ee:16:6b:93:7b:8c:2d:ad:0a:
3e:1b:02:63:d2:ea:de:ae:ce:14:c2:a8:dd:b7:90:
f5:43:b0:94:b5:21:4d:7d:06:25:96:d4:4f:c2:3c:
f3:20:bf:69:be:38:bf:b3:20:8a:ea:cb:6c:b2:4d:
7d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.0.0/17
5.101.52.0-5.101.59.255
5.188.240.0/20
31.132.80.0/20
37.9.16.0/20
37.99.0.0/17
46.34.192.0/19
46.42.192.0/18
46.227.184.0/21
67.209.128.0/19
77.74.64.0/21
77.94.3.0-77.94.31.255
80.241.32.0/20
85.29.128.0/18
86.107.128.0/20
87.239.160.0/21
87.243.8.0-87.243.63.255
87.247.0.0/18
89.33.112.0/22
89.33.208.0/20
89.35.252.0/22
89.36.164.0/22
89.36.200.0/22
89.37.24.0/22
89.37.220.0/22
89.40.48.0/20
89.40.192.0/22
89.42.60.0/22
89.42.204.0/22
89.43.20.0/22
89.43.164.0/22
89.44.12.0/22
91.201.216.0/22
91.215.96.0/22
91.240.8.0/22
91.244.96.0/20
91.245.196.0/22
92.49.192.0/18
92.55.160.0/19
95.82.64.0/18
103.241.108.0/22
109.166.56.0-109.166.87.255
109.201.32.0/19
109.206.0.0/19
146.0.60.0/22
146.0.192.0/20
162.255.196.0/22
173.244.144.0/20
176.100.48.0/21
176.118.56.0/21
176.124.80.0/20
176.222.128.0/18
176.223.72.0/21
176.223.100.0/22
176.223.184.0/22
185.8.232.0/22
185.14.100.0/22
185.34.66.0/24
185.80.80.0/22
185.97.56.0/22
185.116.140.0/22
188.246.236.0-188.246.255.255
188.247.176.0-188.247.223.255
192.159.38.0/23
192.162.156.0/22
192.175.14.0/23
194.0.124.0/22
194.105.104.0/21
194.187.136.0/22
198.45.116.0/22
198.89.88.0/21
207.174.216.0/22
212.76.0.0/19
213.5.184.0/21
213.109.208.0/20
IPv6:
2a01:4b40::/32
2a01:b0c0::/32
2a0d:b200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13082
21299
35566
42770
206026
Signature Algorithm: sha256WithRSAEncryption
15:cd:ef:29:6a:19:54:b0:b7:c7:ba:3f:b0:b3:bb:d7:93:d1:
98:5c:11:8b:a2:b7:ab:35:44:da:55:46:08:6f:ac:cb:76:16:
08:16:19:78:9f:32:19:ab:e4:4f:cf:8f:80:9e:fd:22:db:70:
4d:af:2c:38:16:82:2f:1b:80:da:66:7b:1f:59:39:7d:82:f2:
d6:1b:60:8a:04:ff:43:14:60:b9:bf:aa:8c:73:01:86:66:bd:
f0:61:24:ac:93:d2:40:2b:cc:51:69:d4:91:31:33:36:b3:d7:
b8:a8:eb:d2:04:37:0d:7f:08:5d:3a:ac:06:d6:84:95:0a:a0:
1c:0c:44:0e:c8:98:e2:27:56:8a:9d:33:0f:a2:ca:10:e8:6f:
b2:8b:98:07:35:1b:25:6e:bf:c0:83:8c:b4:62:55:9c:5a:92:
e5:73:e0:dc:79:b6:a7:aa:5e:7a:6d:2f:42:b6:18:d9:92:3c:
f7:4b:27:90:14:63:32:6f:7c:6f:44:3c:21:50:41:24:47:fa:
0e:3a:89:f4:35:36:51:6a:b2:9d:92:19:b6:9f:e9:08:9b:38:
d3:09:63:7a:7d:00:08:ee:db:43:06:47:01:5b:1b:49:0f:d0:
4a:aa:f6:5e:65:c4:b1:2a:ac:d5:63:8f:33:2e:f6:6f:2e:f5:
f3:9d:3a:7d
-----BEGIN CERTIFICATE-----
MIIHuDCCBqCgAwIBAgISAYzHJ1NA3AOVl7bd1H4ELyOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgyZTAwYTdmYzc2MTdkOTQyNjBiODFmZDIyYTNhM2YzZGM2ODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ3zscDsW++0c+mlA1z3s7GUUkuY
k3KBGfNzByQdG0Q2gY5M+7e80ySEFJ2oVUNwNYcphc6kUhICP8mx3cFgXv909trL
KPhg2Tzvmy+KX1HILYs8+3ppCib3bF8T+iMAOaES08L5cMS0/iTBI5/Xtx5YVXjI
bLWkYLtsj7w0tX36PRk/6n7ScOZ3Ztr9Yg/c/2+ZWjzgN8eTrDHk3Es8DxS47Unv
WV3OWzuvaoJYY83z+YVsM+mAMugKHg/gen4MDGZ1C9DIV8LuFmuTe4wtrQo+GwJj
0urers4Uwqjdt5D1Q7CUtSFNfQYlltRPwjzzIL9pvji/syCK6stssk19PwIDAQAB
o4IExDCCBMAwHQYDVR0OBBYEFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1L2FkZTYw
YS1mZDhjLTQyMmUtYmNhOC05YTAyODRiM2FkYzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvYWRlNjBh
LWZkOGMtNDIyZS1iY2E4LTlhMDI4NGIzYWRjMS8xL2Q0TGdDbl9IWVgyVUpndUJf
U0tqb19QY2FHMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICLwYIKwYB
BQUHAQcBAf8EggIeMIICGjCCAfkEAgABMIIB8QMEBwUiADAMAwQCBWU0AwQCBWU4
AwQEBbzwAwQEH4RQAwQEJQkQAwQHJWMAAwQFLiLAAwQGLirAAwQDLuO4AwQFQ9GA
AwQDTUpAMAwDBABNXgMDBAVNXgADBARQ8SADBAZVHYADBARWa4ADBANX76AwDAME
A1fzCAMEBlfzAAMEBlf3AAMEAlkhcAMEBFkh0AMEAlkj/AMEAlkkpAMEAlkkyAME
AlklGAMEAlkl3AMEBFkoMAMEAlkowAMEAlkqPAMEAlkqzAMEAlkrFAMEAlkrpAME
AlksDAMEAlvJ2AMEAlvXYAMEAlvwCAMEBFv0YAMEAlv1xAMEBlwxwAMEBVw3oAME
Bl9SQAMEAmfxbDAMAwQDbaY4AwQDbaZQAwQFbckgAwQFbc4AAwQCkgA8AwQEkgDA
AwQCov/EAwQErfSQAwQDsGQwAwQDsHY4AwQEsHxQAwQGsN6AAwQDsN9IAwQCsN9k
AwQCsN+4AwQCuQjoAwQCuQ5kAwQAuSJCAwQCuVBQAwQCuWE4AwQCuXSMMAsDBAK8
9uwDAwC89jAMAwQEvPewAwQFvPfAAwQBwJ8mAwQCwKKcAwQBwK8OAwQCwgB8AwQD
wmloAwQCwruIAwQCxi10AwQDxllYAwQCz67YAwQF1EwAAwQD1QW4AwQE1W3QMBsE
AgACMBUDBQAqAUtAAwUAKgGwwAMFAyoNsgAwLAYIKwYBBQUHAQgBAf8EHTAboBkw
FwICMxoCAlMzAgMAiu4CAwCnEgIDAyTKMA0GCSqGSIb3DQEBCwUAA4IBAQAVze8p
ahlUsLfHuj+ws7vXk9GYXBGLorerNUTaVUYIb6zLdhYIFhl4nzIZq+RPz4+Anv0i
23BNryw4FoIvG4DaZnsfWTl9gvLWG2CKBP9DFGC5v6qMcwGGZr3wYSSsk9JAK8xR
adSRMTM2s9e4qOvSBDcNfwhdOqwG1oSVCqAcDEQOyJjiJ1aKnTMPosoQ6G+yi5gH
NRslbr/Ag4y0YlWcWpLlc+Dcebanql56bS9CthjZkjz3SyeQFGMyb3xvRDwhUEEk
R/oOOon0NTZRarKdkhm2n+kImzjTCWN6fQAI7ttDBkcBWxtJD9BKqvZeZcSxKqzV
Y48zLvZvLvXznTp9
-----END CERTIFICATE-----
Generated at Fri May 3 07:58:00 2024 by rpki-client on console-fra.rpki-client.org