Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
File: fD5YWlm1I7uG1mCnFo4cHroJTaA.cer (raw, json)
Hash identifier: 8mUk8MFS9/qRAdxcKkvqUy0VJngzlEw66G+7bteBdPQ=
Subject key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801B8B4E462F3C5FE44A9767197C0F3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:05 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 210756
IP: 5.8.42.0/23
IP: 5.8.69.0/24
IP: 5.101.68.0 -- 5.101.70.255
IP: 5.101.218.0/24
IP: 5.188.2.0/23
IP: 5.188.7.0/24
IP: 5.188.35.0/24
IP: 5.188.37.0 -- 5.188.39.255
IP: 5.188.121.0/24
IP: 5.188.149.0 -- 5.188.150.255
IP: 5.188.170.0/23
IP: 5.188.176.0/22
IP: 5.188.212.0/24
IP: 5.188.224.0/24
IP: 5.188.229.0/24
IP: 5.189.201.0/24
IP: 5.189.205.0/24
IP: 5.189.223.0/24
IP: 31.184.200.0 -- 31.184.205.255
IP: 37.9.36.0/22
IP: 37.9.52.0/22
IP: 45.147.162.0/23
IP: 79.133.127.0/24
IP: 82.97.207.0/24
IP: 83.229.14.0/24
IP: 83.229.25.0/24
IP: 91.243.80.0/24
IP: 91.243.82.0 -- 91.243.84.255
IP: 91.243.86.0/24
IP: 92.38.128.0/22
IP: 92.38.136.0/22
IP: 92.38.152.0/23
IP: 92.38.156.0/24
IP: 92.38.188.0/22
IP: 92.223.4.0 -- 92.223.6.255
IP: 92.223.8.0/23
IP: 92.223.14.0/24
IP: 92.223.32.0 -- 92.223.36.255
IP: 92.223.38.0/24
IP: 92.223.41.0/24
IP: 92.223.43.0/24
IP: 92.223.49.0/24
IP: 92.223.60.0/24
IP: 92.223.64.0/23
IP: 92.223.67.0/24
IP: 92.223.72.0/24
IP: 92.223.80.0/24
IP: 92.223.87.0/24
IP: 92.223.91.0/24
IP: 92.223.103.0/24
IP: 92.223.106.0/24
IP: 92.223.108.0/22
IP: 92.223.114.0/23
IP: 92.223.122.0/23
IP: 95.85.88.0/24
IP: 95.181.176.0/21
IP: 146.185.196.0/22
IP: 146.185.215.0/24
IP: 146.185.218.0/24
IP: 185.14.46.0/24
IP: 185.101.137.0/24
IP: 193.17.93.0/24
IP: 2a11:27c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b8:b4:e4:62:f3:c5:fe:44:a9:76:71:97:c0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:45:d3:1b:03:f7:2c:b3:7b:b1:30:b9:c5:42:
d6:be:cb:a3:ee:fe:43:b9:2f:34:c4:e4:ff:4f:4d:
db:7b:07:ca:47:aa:67:a4:ae:45:08:d2:25:01:a1:
5a:9f:78:e8:08:4c:45:64:f2:5d:6b:d2:0d:20:86:
2c:07:1f:50:fe:b9:c9:50:15:b6:64:ec:02:51:17:
76:ae:18:e5:55:43:92:76:ea:fc:6f:02:b7:1f:8a:
4f:52:00:e9:bd:65:74:1c:78:11:27:0b:e1:9f:f8:
54:e9:45:16:31:b3:4e:c2:b4:a9:4d:97:84:8b:dc:
d0:b9:24:e8:c4:89:9d:9e:47:9c:b1:13:99:1f:97:
cc:f7:96:4f:95:6c:97:b7:7e:d9:9e:a6:8e:9c:9b:
8f:df:b4:ad:6b:53:57:ff:6f:97:98:5d:19:3f:f7:
88:d0:d4:41:8a:84:1e:a6:2e:3e:c4:8e:a6:88:7a:
0a:ee:75:4a:0b:6b:3d:48:0b:68:1a:08:b9:c9:ff:
b3:0c:64:7f:30:48:3d:76:f5:1a:06:d5:58:df:d0:
34:ed:bf:ea:3a:c1:84:25:78:2c:11:55:3d:69:eb:
c4:a8:ac:ce:cd:10:9e:90:47:80:7a:65:41:dd:48:
e2:bb:a8:9d:d7:02:d6:47:63:87:e7:b4:ae:fd:86:
be:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.42.0/23
5.8.69.0/24
5.101.68.0-5.101.70.255
5.101.218.0/24
5.188.2.0/23
5.188.7.0/24
5.188.35.0/24
5.188.37.0-5.188.39.255
5.188.121.0/24
5.188.149.0-5.188.150.255
5.188.170.0/23
5.188.176.0/22
5.188.212.0/24
5.188.224.0/24
5.188.229.0/24
5.189.201.0/24
5.189.205.0/24
5.189.223.0/24
31.184.200.0-31.184.205.255
37.9.36.0/22
37.9.52.0/22
45.147.162.0/23
79.133.127.0/24
82.97.207.0/24
83.229.14.0/24
83.229.25.0/24
91.243.80.0/24
91.243.82.0-91.243.84.255
91.243.86.0/24
92.38.128.0/22
92.38.136.0/22
92.38.152.0/23
92.38.156.0/24
92.38.188.0/22
92.223.4.0-92.223.6.255
92.223.8.0/23
92.223.14.0/24
92.223.32.0-92.223.36.255
92.223.38.0/24
92.223.41.0/24
92.223.43.0/24
92.223.49.0/24
92.223.60.0/24
92.223.64.0/23
92.223.67.0/24
92.223.72.0/24
92.223.80.0/24
92.223.87.0/24
92.223.91.0/24
92.223.103.0/24
92.223.106.0/24
92.223.108.0/22
92.223.114.0/23
92.223.122.0/23
95.85.88.0/24
95.181.176.0/21
146.185.196.0/22
146.185.215.0/24
146.185.218.0/24
185.14.46.0/24
185.101.137.0/24
193.17.93.0/24
IPv6:
2a11:27c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210756
Signature Algorithm: sha256WithRSAEncryption
1a:ed:95:28:3a:5f:f5:e2:f5:ca:16:cf:30:3e:be:dc:cb:a9:
0c:30:12:b4:3e:45:15:f9:4a:7f:b9:9a:4e:67:c0:bb:77:1a:
cc:1f:f4:6a:b5:56:32:ac:27:ba:56:50:4e:b7:15:5c:02:7f:
a9:07:53:80:4a:a3:8a:5e:c8:2e:a0:7a:06:da:8a:1c:32:e6:
19:a1:c6:84:9d:04:a1:13:ba:f1:ee:e5:7a:46:dc:75:b4:83:
58:a0:58:a5:90:fd:98:2f:03:1a:08:31:09:a3:04:1f:a9:c6:
00:e3:4f:d1:31:8d:3d:72:a3:31:d3:27:ee:4d:fa:5c:bc:d4:
c2:bc:95:57:0f:62:67:5a:e5:bf:aa:2b:e8:bf:95:75:14:f0:
60:58:f6:29:4d:29:81:38:e8:d4:96:61:b4:57:33:66:ad:09:
9f:5f:e3:97:50:ae:0a:05:e4:14:91:cb:49:eb:84:7d:dd:6c:
85:e4:fd:71:de:51:1e:f8:4d:7e:75:ef:2e:7b:28:c4:21:8d:
46:ca:1b:27:a8:a4:a0:d5:c3:8f:e1:56:de:db:a8:c6:1b:ca:
4e:f9:6d:61:99:ae:37:78:d2:e7:7b:96:57:81:c1:0b:60:53:
fa:18:30:0a:05:87:da:2c:16:ee:64:7a:0a:dc:47:5b:89:c0:
12:26:45:17
-----BEGIN CERTIFICATE-----
MIIHUzCCBjugAwIBAgISAYzIAbi05GLzxf5EqXZxl8DzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzNlNTg1YTU5YjUyM2JiODZkNjYwYTcxNjhlMWMxZWJhMDk0ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUXTGwP3LLN7sTC5xULWvsuj7v5D
uS80xOT/T03bewfKR6pnpK5FCNIlAaFan3joCExFZPJda9INIIYsBx9Q/rnJUBW2
ZOwCURd2rhjlVUOSdur8bwK3H4pPUgDpvWV0HHgRJwvhn/hU6UUWMbNOwrSpTZeE
i9zQuSToxImdnkecsROZH5fM95ZPlWyXt37ZnqaOnJuP37Sta1NX/2+XmF0ZP/eI
0NRBioQepi4+xI6miHoK7nVKC2s9SAtoGgi5yf+zDGR/MEg9dvUaBtVY39A07b/q
OsGEJXgsEVU9aevEqKzOzRCekEeAemVB3Ujiu6id1wLWR2OH57Su/Ya+gQIDAQAB
o4IEXzCCBFswHQYDVR0OBBYEFHw+WFpZtSO7htZgpxaOHB66CU2gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlLzI2ZTMy
YS0zNWJhLTQ0M2YtYmMxZS02ZGMxZjU2MDMxZWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvMjZlMzJh
LTM1YmEtNDQzZi1iYzFlLTZkYzFmNTYwMzFlYi8xL2ZENVlXbG0xSTd1RzFtQ25G
bzRjSHJvSlRhQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIB3AYIKwYB
BQUHAQcBAf8EggHLMIIBxzCCAbQEAgABMIIBrAMEAQUIKgMEAAUIRTAMAwQCBWVE
AwQABWVGAwQABWXaAwQBBbwCAwQABbwHAwQABbwjMAwDBAAFvCUDBAMFvCADBAAF
vHkwDAMEAAW8lQMEAAW8lgMEAQW8qgMEAgW8sAMEAAW81AMEAAW84AMEAAW85QME
AAW9yQMEAAW9zQMEAAW93zAMAwQDH7jIAwQBH7jMAwQCJQkkAwQCJQk0AwQBLZOi
AwQAT4V/AwQAUmHPAwQAU+UOAwQAU+UZAwQAW/NQMAwDBAFb81IDBABb81QDBABb
81YDBAJcJoADBAJcJogDBAFcJpgDBABcJpwDBAJcJrwwDAMEAlzfBAMEAFzfBgME
AVzfCAMEAFzfDjAMAwQFXN8gAwQAXN8kAwQAXN8mAwQAXN8pAwQAXN8rAwQAXN8x
AwQAXN88AwQBXN9AAwQAXN9DAwQAXN9IAwQAXN9QAwQAXN9XAwQAXN9bAwQAXN9n
AwQAXN9qAwQCXN9sAwQBXN9yAwQBXN96AwQAX1VYAwQDX7WwAwQCkrnEAwQAkrnX
AwQAkrnaAwQAuQ4uAwQAuWWJAwQAwRFdMA0EAgACMAcDBQAqESfAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM3RDANBgkqhkiG9w0BAQsFAAOCAQEAGu2VKDpf9eL1
yhbPMD6+3MupDDAStD5FFflKf7maTmfAu3cazB/0arVWMqwnulZQTrcVXAJ/qQdT
gEqjil7ILqB6BtqKHDLmGaHGhJ0EoRO68e7lekbcdbSDWKBYpZD9mC8DGggxCaME
H6nGAONP0TGNPXKjMdMn7k36XLzUwryVVw9iZ1rlv6or6L+VdRTwYFj2KU0pgTjo
1JZhtFczZq0Jn1/jl1CuCgXkFJHLSeuEfd1sheT9cd5RHvhNfnXvLnsoxCGNRsob
J6ikoNXDj+FW3tuoxhvKTvltYZmuN3jS53uWV4HBC2BT+hgwCgWH2iwW7mR6CtxH
W4nAEiZFFw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:24 2024 by rpki-client on console-ams.rpki-client.org