Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
File: fiCwNOLEl7GIRIje8QaXJwR2UCk.cer (raw, json)
Hash identifier: IcUtmj6ehXAiHz/oS5bbUV2AGkO6g3mpr/tqHLKxxkI=
Subject key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D6270C542B3F8397D485244842DEC7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:13 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 5571
AS: 6727
AS: 8844
AS: 12554
AS: 12606
AS: 12852
AS: 15482
AS: 15565
AS: 20500
AS: 35694
AS: 50173
IP: 5.83.96.0/21
IP: 37.1.152.0/21
IP: 46.34.0.0/19
IP: 78.154.96.0/19
IP: 79.121.128.0/17
IP: 80.68.208.0/20
IP: 80.82.128.0/20
IP: 82.108.0.0/14
IP: 82.138.192.0/18
IP: 82.151.224.0/19
IP: 83.148.128.0/18
IP: 85.189.0.0/16
IP: 86.53.0.0/16
IP: 87.82.0.0 -- 87.87.255.255
IP: 91.143.176.0/20
IP: 91.195.166.0/23
IP: 92.54.128.0/18
IP: 92.244.160.0/19
IP: 93.152.0.0/17
IP: 93.157.216.0/21
IP: 94.185.128.0/17
IP: 95.152.192.0/18
IP: 95.177.0.0/17
IP: 109.71.168.0/21
IP: 109.174.128.0/17
IP: 109.204.0.0/17
IP: 141.0.32.0/19
IP: 149.126.104.0/21
IP: 185.3.72.0/22
IP: 185.4.164.0/22
IP: 185.25.220.0/22
IP: 193.33.72.0/23
IP: 193.238.164.0/22
IP: 194.6.96.0/19
IP: 194.42.224.0/19
IP: 194.145.222.0/23
IP: 194.154.96.0/19
IP: 194.242.128.0/19
IP: 195.40.0.0/16
IP: 195.72.160.0/19
IP: 195.128.190.0/23
IP: 195.172.0.0/16
IP: 212.2.0.0/19
IP: 212.74.0.0/19
IP: 212.134.0.0/15
IP: 212.212.0.0/16
IP: 213.160.96.0/19
IP: 213.177.224.0/19
IP: 213.235.0.0/18
IP: 217.79.96.0/19
IP: 217.145.112.0/20
IP: 217.204.0.0/14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:27:0c:54:2b:3f:83:97:d4:85:24:48:42:de:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e20b034e2c497b1884488def106972704765029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:50:69:17:16:fb:76:20:ec:e3:59:bb:ea:2c:
1f:fa:b2:83:3c:d3:1a:af:4f:41:59:41:b4:b7:a9:
dd:c7:d3:68:79:d0:43:5c:b5:14:97:e8:ba:00:7e:
05:96:6e:eb:ab:30:98:3d:18:6e:55:0c:8f:98:a5:
5f:a8:19:2f:4b:18:cf:89:71:04:b5:92:54:60:9a:
ed:88:59:c7:b8:8f:20:18:b0:d8:28:8e:2f:21:a6:
2a:03:14:6f:b3:c0:eb:0b:55:4f:ae:8d:77:bc:9c:
f9:73:fb:a0:dd:3b:78:ce:bc:b1:59:dc:28:43:1a:
3b:e5:b9:31:a7:bb:9b:a0:fa:89:87:92:c3:a4:a2:
d2:64:26:1c:0a:a3:3e:85:68:d9:c0:29:e9:c4:30:
76:56:3c:23:e3:37:16:46:4e:50:ca:ab:fc:a5:49:
34:87:22:31:cc:89:83:1c:d6:f9:fb:94:b7:05:ca:
15:39:01:74:e7:40:b1:89:57:f8:fe:d9:27:f5:bd:
1c:dc:cf:61:90:5d:c0:8d:b2:c4:96:b8:dc:98:18:
44:85:b4:5a:c3:ce:a0:c7:74:60:02:f2:7b:9f:34:
e5:99:88:34:75:6e:9b:ef:c0:23:29:7b:99:1c:90:
e9:2d:4c:ec:e6:c8:e9:66:45:e1:09:53:7b:38:35:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.96.0/21
37.1.152.0/21
46.34.0.0/19
78.154.96.0/19
79.121.128.0/17
80.68.208.0/20
80.82.128.0/20
82.108.0.0/14
82.138.192.0/18
82.151.224.0/19
83.148.128.0/18
85.189.0.0/16
86.53.0.0/16
87.82.0.0-87.87.255.255
91.143.176.0/20
91.195.166.0/23
92.54.128.0/18
92.244.160.0/19
93.152.0.0/17
93.157.216.0/21
94.185.128.0/17
95.152.192.0/18
95.177.0.0/17
109.71.168.0/21
109.174.128.0/17
109.204.0.0/17
141.0.32.0/19
149.126.104.0/21
185.3.72.0/22
185.4.164.0/22
185.25.220.0/22
193.33.72.0/23
193.238.164.0/22
194.6.96.0/19
194.42.224.0/19
194.145.222.0/23
194.154.96.0/19
194.242.128.0/19
195.40.0.0/16
195.72.160.0/19
195.128.190.0/23
195.172.0.0/16
212.2.0.0/19
212.74.0.0/19
212.134.0.0/15
212.212.0.0/16
213.160.96.0/19
213.177.224.0/19
213.235.0.0/18
217.79.96.0/19
217.145.112.0/20
217.204.0.0/14
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5571
6727
8844
12554
12606
12852
15482
15565
20500
35694
50173
Signature Algorithm: sha256WithRSAEncryption
6f:40:d1:72:69:23:e6:b0:cf:8c:01:ec:a4:21:91:c5:bd:22:
d6:8b:fb:bd:9e:cd:33:12:e3:83:87:b9:03:35:8d:fb:b0:d5:
c9:f2:d8:a5:51:1b:f9:2d:ec:2d:f9:a6:19:65:c9:96:95:af:
3b:f2:49:f0:aa:f7:51:61:e8:bc:af:00:67:02:a2:23:ff:51:
c7:77:d4:63:a3:31:34:5c:4a:31:19:5b:b9:56:de:ea:fa:cc:
d1:ae:83:46:31:54:d2:ea:c1:10:13:c6:e1:63:97:1f:f9:cb:
a2:00:c0:e5:b2:b6:b7:d6:cd:d3:56:1c:8b:a1:c2:3a:19:98:
b9:6a:15:2d:d0:25:0b:a0:68:ce:69:82:f3:98:04:9f:7a:0f:
9e:2b:0a:49:6f:f6:3a:77:b2:11:cc:86:c2:ef:9c:e2:48:2c:
92:ed:6a:6e:c0:3c:c1:de:ca:b8:17:a1:25:f8:93:49:f5:88:
b3:d1:5c:67:71:8e:a6:91:d6:1e:7f:04:16:4c:11:c6:c6:0f:
80:54:fc:a9:08:fb:14:c0:04:34:a1:9b:f2:b9:a6:55:10:c6:
fd:f8:25:a6:e0:50:0a:62:a2:af:d6:a6:09:69:2b:24:4e:e2:
9c:5c:ce:bf:12:e4:0c:e7:9a:a8:80:bb:35:d2:71:dd:0f:38:
da:f7:a1:74
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgISAZQg1icMVCs/g5fUhSRIQt7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIwYjAzNGUyYzQ5N2IxODg0NDg4ZGVmMTA2OTcyNzA0NzY1MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VBpFxb7diDs41m76iwf+rKDPNMa
r09BWUG0t6ndx9NoedBDXLUUl+i6AH4Flm7rqzCYPRhuVQyPmKVfqBkvSxjPiXEE
tZJUYJrtiFnHuI8gGLDYKI4vIaYqAxRvs8DrC1VPro13vJz5c/ug3Tt4zryxWdwo
Qxo75bkxp7uboPqJh5LDpKLSZCYcCqM+hWjZwCnpxDB2Vjwj4zcWRk5Qyqv8pUk0
hyIxzImDHNb5+5S3BcoVOQF050CxiVf4/tkn9b0c3M9hkF3AjbLElrjcmBhEhbRa
w86gx3RgAvJ7nzTlmYg0dW6b78AjKXuZHJDpLUzs5sjpZkXhCVN7ODV4UQIDAQAB
o4IEAzCCA/8wHQYDVR0OBBYEFH4gsDTixJexiESI3vEGlycEdlApMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwLzZiNjYy
ZC0wMmExLTQ2ZTctYjljZC0wMzVkOTc3ZjQyMTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvNmI2NjJk
LTAyYTEtNDZlNy1iOWNkLTAzNWQ5NzdmNDIxNi8xL2ZpQ3dOT0xFbDdHSVJJamU4
UWFYSndSMlVDay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBVwYIKwYB
BQUHAQcBAf8EggFGMIIBQjCCAT4EAgABMIIBNgMEAwVTYAMEAyUBmAMEBS4iAAME
BU6aYAMEB095gAMEBFBE0AMEBFBSgAMDAlJsAwQGUorAAwQFUpfgAwQGU5SAAwMA
Vb0DAwBWNTAKAwMBV1IDAwNXUAMEBFuPsAMEAVvDpgMEBlw2gAMEBVz0oAMEB12Y
AAMEA12d2AMEB165gAMEBl+YwAMEB1+xAAMEA21HqAMEB22ugAMEB23MAAMEBY0A
IAMEA5V+aAMEArkDSAMEArkEpAMEArkZ3AMEAcEhSAMEAsHupAMEBcIGYAMEBcIq
4AMEAcKR3gMEBcKaYAMEBcLygAMDAMMoAwQFw0igAwQBw4C+AwMAw6wDBAXUAgAD
BAXUSgADAwHUhgMDANTUAwQF1aBgAwQF1bHgAwQG1esAAwQF2U9gAwQE2ZFwAwMC
2cwwQwYIKwYBBQUHAQgBAf8ENDAyoDAwLgICFcMCAhpHAgIijAICMQoCAjE+AgIy
NAICPHoCAjzNAgJQFAIDAItuAgMAw/0wDQYJKoZIhvcNAQELBQADggEBAG9A0XJp
I+awz4wB7KQhkcW9ItaL+72ezTMS44OHuQM1jfuw1cny2KVRG/kt7C35phllyZaV
rzvySfCq91Fh6LyvAGcCoiP/Ucd31GOjMTRcSjEZW7lW3ur6zNGug0YxVNLqwRAT
xuFjlx/5y6IAwOWytrfWzdNWHIuhwjoZmLlqFS3QJQugaM5pgvOYBJ96D54rCklv
9jp3shHMhsLvnOJILJLtam7APMHeyrgXoSX4k0n1iLPRXGdxjqaR1h5/BBZMEcbG
D4BU/KkI+xTABDShm/K5plUQxv34JabgUApioq/WpglpKyRO4pxczr8S5AznmqiA
uzXScd0PONr3oXQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:18:20 2025 by rpki-client