Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
File: dTm3oSNBeqcZMllGqong8wqwygk.cer (raw, json)
Hash identifier: R/zsdF0PtgwAm/u8kbc1gjVqo0g+N3sA9r6G/uTX2R8=
Subject key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DB10E6FF0EB3E1CA855582259F0F9B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:45 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 3302
AS: 5396
AS: 5602
AS: 12850
AS: 15589
AS: 44787
AS: 50552
AS: 207018
IP: 5.150.128.0/20
IP: 31.10.48.0/21
IP: 37.32.104.0/21
IP: 37.139.88.0/21
IP: 46.228.240.0/20
IP: 52.144.64.0/19
IP: 62.94.0.0/16
IP: 62.173.160.0/19
IP: 62.196.0.0/16
IP: 77.43.0.0/17
IP: 77.93.224.0/19
IP: 77.94.68.0 -- 77.94.95.255
IP: 77.246.0.0/20
IP: 80.74.176.0/20
IP: 80.247.64.0/20
IP: 81.27.176.0/20
IP: 81.92.32.0/20
IP: 82.193.0.0/19
IP: 83.211.0.0/16
IP: 84.253.128.0/18
IP: 87.248.32.0/19
IP: 88.86.160.0/19
IP: 89.186.64.0/19
IP: 91.213.129.0/24
IP: 94.138.32.0/19
IP: 94.141.0.0/19
IP: 109.168.0.0/17
IP: 128.65.112.0/20
IP: 178.239.176.0/20
IP: 185.21.172.0/22
IP: 185.48.32.0/22
IP: 185.53.0.0/22
IP: 185.58.44.0/22
IP: 185.82.0.0/22
IP: 185.168.24.0/22
IP: 193.219.30.0/24
IP: 194.20.0.0 -- 194.21.63.255
IP: 194.153.192.0 -- 194.153.211.255
IP: 194.242.192.0/19
IP: 194.244.0.0/16
IP: 195.43.160.0/19
IP: 195.62.224.0/19
IP: 195.78.192.0/19
IP: 195.110.128.0/19
IP: 195.130.195.0/24
IP: 212.29.128.0/19
IP: 212.90.0.0/19
IP: 212.91.64.0/19
IP: 212.97.32.0/19
IP: 212.110.0.0/19
IP: 213.21.128.0/18
IP: 213.136.128.0/18
IP: 213.149.192.0/19
IP: 213.183.128.0/19
IP: 213.198.128.0/18
IP: 213.203.128.0/18
IP: 217.11.80.0/20
IP: 217.12.176.0/20
IP: 217.15.208.0/20
IP: 217.26.80.0/20
IP: 217.29.160.0/20
IP: 2001:750::/29
IP: 2001:1450::/32
IP: 2001:4d38::/32
IP: 2a02:7d8::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:10:e6:ff:0e:b3:e1:ca:85:55:82:25:9f:0f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:19:4f:21:3e:8d:5e:58:fd:f4:fc:65:81:
e8:6f:9d:92:76:d9:6d:c9:39:82:5f:5c:1c:45:69:
fe:d6:45:45:3d:6e:62:5f:75:d3:01:c6:34:73:18:
04:f0:f4:36:f9:b9:a5:d1:f3:2c:e3:e1:c8:f9:cb:
ba:ec:cf:12:6b:f1:0b:b6:d1:69:1c:83:a6:d9:3c:
d2:53:26:3f:02:69:8b:3e:90:8f:2e:e8:a5:25:af:
60:25:e1:19:ae:70:2f:65:13:ef:a8:f2:05:47:75:
f7:03:25:68:25:de:32:da:b4:eb:48:11:6e:f7:97:
ad:92:7f:f3:e1:7b:59:62:6d:60:52:ce:79:2b:bf:
ed:f2:3d:70:c4:f9:ba:30:42:34:4d:5c:37:99:48:
5f:f1:c8:a1:71:9b:3b:2d:bf:e6:3d:9e:eb:d2:b8:
79:ba:6c:0d:c3:c0:53:44:37:8a:50:8f:15:35:0d:
df:f3:1e:27:f9:2b:85:90:9f:7e:5a:48:0f:05:00:
bf:6d:41:fe:47:7e:f6:18:aa:cf:cc:ac:c4:3e:ad:
97:c9:bf:f0:2c:84:2c:c5:07:27:b2:10:98:f4:e0:
fc:5a:41:5e:18:6e:ec:e8:6e:ee:1d:bb:47:c6:0f:
d1:e3:cc:e0:9f:c4:f3:4c:ed:48:05:01:2f:ff:eb:
48:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.128.0/20
31.10.48.0/21
37.32.104.0/21
37.139.88.0/21
46.228.240.0/20
52.144.64.0/19
62.94.0.0/16
62.173.160.0/19
62.196.0.0/16
77.43.0.0/17
77.93.224.0/19
77.94.68.0-77.94.95.255
77.246.0.0/20
80.74.176.0/20
80.247.64.0/20
81.27.176.0/20
81.92.32.0/20
82.193.0.0/19
83.211.0.0/16
84.253.128.0/18
87.248.32.0/19
88.86.160.0/19
89.186.64.0/19
91.213.129.0/24
94.138.32.0/19
94.141.0.0/19
109.168.0.0/17
128.65.112.0/20
178.239.176.0/20
185.21.172.0/22
185.48.32.0/22
185.53.0.0/22
185.58.44.0/22
185.82.0.0/22
185.168.24.0/22
193.219.30.0/24
194.20.0.0-194.21.63.255
194.153.192.0-194.153.211.255
194.242.192.0/19
194.244.0.0/16
195.43.160.0/19
195.62.224.0/19
195.78.192.0/19
195.110.128.0/19
195.130.195.0/24
212.29.128.0/19
212.90.0.0/19
212.91.64.0/19
212.97.32.0/19
212.110.0.0/19
213.21.128.0/18
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
213.203.128.0/18
217.11.80.0/20
217.12.176.0/20
217.15.208.0/20
217.26.80.0/20
217.29.160.0/20
IPv6:
2001:750::/29
2001:1450::/32
2001:4d38::/32
2a02:7d8::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3302
5396
5602
12850
15589
44787
50552
207018
Signature Algorithm: sha256WithRSAEncryption
7c:66:05:45:52:2d:3f:35:c5:40:b9:04:4e:07:92:f3:98:4e:
4b:ab:f3:83:87:b4:90:ba:e4:34:4a:de:82:a5:98:49:7c:94:
d1:bd:8d:52:e9:19:35:e1:07:6f:a1:1b:dc:d8:b3:cf:ec:63:
d4:b2:70:a9:30:31:a9:c6:e1:c0:56:90:07:d0:39:d2:c2:af:
7b:d0:a7:d7:52:27:3c:16:b3:77:a4:7a:80:e4:95:37:1f:aa:
9c:c7:c5:9c:93:8f:48:05:e3:4e:b2:88:e2:30:be:43:80:17:
a7:bf:ea:54:c7:e2:68:5f:55:0b:a6:92:b2:93:2c:12:0e:70:
56:58:91:ab:e0:16:db:80:95:70:2b:ad:50:67:9d:93:8b:39:
0a:ce:f3:03:bd:8d:b2:3f:fc:80:0e:70:ec:eb:7a:c6:ca:f1:
c6:48:de:94:ae:00:12:c6:ea:4c:dd:df:ef:e7:37:e6:6f:0d:
d9:e4:d7:4c:8b:b1:28:87:2b:97:82:3b:a6:d9:ee:c8:01:c7:
b6:f6:28:7d:6a:1b:d6:ed:68:bc:2c:37:cd:ea:9b:28:b7:f3:
ad:0c:35:5b:08:2d:9f:4c:a9:01:4d:7a:f7:ae:93:f4:1e:42:
da:4c:69:dd:62:3c:ae:46:c7:0f:dc:89:a6:9e:56:05:7d:24:
8a:aa:9b:11
-----BEGIN CERTIFICATE-----
MIIHWzCCBkOgAwIBAgISAYzC2xDm/w6z4cqFVYIlnw+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM5YjdhMTIzNDE3YWE3MTkzMjU5NDZhYTg5ZTBmMzBhYjBjYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19QZTyE+jV5Y/fT8ZYHob52Sdtlt
yTmCX1wcRWn+1kVFPW5iX3XTAcY0cxgE8PQ2+bml0fMs4+HI+cu67M8Sa/ELttFp
HIOm2TzSUyY/AmmLPpCPLuilJa9gJeEZrnAvZRPvqPIFR3X3AyVoJd4y2rTrSBFu
95etkn/z4XtZYm1gUs55K7/t8j1wxPm6MEI0TVw3mUhf8cihcZs7Lb/mPZ7r0rh5
umwNw8BTRDeKUI8VNQ3f8x4n+SuFkJ9+WkgPBQC/bUH+R372GKrPzKzEPq2Xyb/w
LIQsxQcnshCY9OD8WkFeGG7s6G7uHbtHxg/R48zgn8TzTO1IBQEv/+tImwIDAQAB
o4IEZzCCBGMwHQYDVR0OBBYEFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZiLzgwN2Vk
NS01MGIzLTRlNWYtOTM2Ny01YjVlMzNjZTcwYWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIvODA3ZWQ1
LTUwYjMtNGU1Zi05MzY3LTViNWUzM2NlNzBhZC8xL2RUbTNvU05CZXFjWk1sbEdx
b25nOHdxd3lnay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBxgYIKwYB
BQUHAQcBAf8EggG1MIIBsTCCAYkEAgABMIIBgQMEBAWWgAMEAx8KMAMEAyUgaAME
AyWLWAMEBC7k8AMEBTSQQAMDAD5eAwQFPq2gAwMAPsQDBAdNKwADBAVNXeAwDAME
Ak1eRAMEBU1eQAMEBE32AAMEBFBKsAMEBFD3QAMEBFEbsAMEBFFcIAMEBVLBAAMD
AFPTAwQGVP2AAwQFV/ggAwQFWFagAwQFWbpAAwQAW9WBAwQFXoogAwQFXo0AAwQH
bagAAwQEgEFwAwQEsu+wAwQCuRWsAwQCuTAgAwQCuTUAAwQCuTosAwQCuVIAAwQC
uagYAwQAwdseMAsDAwLCFAMEBsIVADAMAwQGwpnAAwQCwpnQAwQFwvLAAwMAwvQD
BAXDK6ADBAXDPuADBAXDTsADBAXDboADBADDgsMDBAXUHYADBAXUWgADBAXUW0AD
BAXUYSADBAXUbgADBAbVFYADBAbViIADBAXVlcADBAXVt4ADBAbVxoADBAbVy4AD
BATZC1ADBATZDLADBATZD9ADBATZGlADBATZHaAwIgQCAAIwHAMFAyABB1ADBQAg
ARRQAwUAIAFNOAMFACoCB9gwOAYIKwYBBQUHAQgBAf8EKTAnoCUwIwICDOYCAhUU
AgIV4gICMjICAjzlAgMArvMCAwDFeAIDAyiqMA0GCSqGSIb3DQEBCwUAA4IBAQB8
ZgVFUi0/NcVAuQROB5LzmE5Lq/ODh7SQuuQ0St6CpZhJfJTRvY1S6Rk14QdvoRvc
2LPP7GPUsnCpMDGpxuHAVpAH0DnSwq970KfXUic8FrN3pHqA5JU3H6qcx8Wck49I
BeNOsojiML5DgBenv+pUx+JoX1ULppKykywSDnBWWJGr4BbbgJVwK61QZ52TizkK
zvMDvY2yP/yADnDs63rGyvHGSN6UrgASxupM3d/v5zfmbw3Z5NdMi7EohyuXgjum
2e7IAce29ih9ahvW7Wi8LDfN6psot/OtDDVbCC2fTKkBTXr3rpP0HkLaTGndYjyu
RscP3ImmnlYFfSSKqpsR
-----END CERTIFICATE-----
Generated at Fri May 3 07:59:29 2024 by rpki-client on console-fra.rpki-client.org