Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
File: gKn_9jo0d5V_91zNwAPatoz50VU.cer (raw, json)
Hash identifier: 7RAOiHLwjptWf3xmqyUtEDcGDOL+bwlPEoUKh/zm+Bg=
Subject key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019632F3F79DA6AFC2A92FBAFDEDF573C60D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 14 Apr 2025 06:19:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 16276
AS: 35540
IP: 5.39.0.0/17
IP: 5.135.0.0/16
IP: 5.196.0.0/16
IP: 37.59.0.0/16
IP: 37.187.0.0/16
IP: 46.105.0.0/16
IP: 51.38.0.0/16
IP: 51.68.0.0/16
IP: 51.75.0.0/16
IP: 51.77.0.0/16
IP: 51.83.0.0/16
IP: 51.89.0.0/16
IP: 51.91.0.0/16
IP: 51.178.0.0/16
IP: 51.195.0.0/16
IP: 51.210.0.0/16
IP: 51.254.0.0/15
IP: 54.36.0.0 -- 54.38.255.255
IP: 57.128.0.0/14
IP: 79.137.0.0/17
IP: 87.98.128.0/17
IP: 91.121.0.0/16
IP: 91.134.0.0/16
IP: 92.222.0.0/16
IP: 94.23.0.0/16
IP: 109.190.0.0/16
IP: 135.125.0.0/16
IP: 137.74.0.0/16
IP: 141.94.0.0/15
IP: 141.227.128.0/17
IP: 145.239.0.0/16
IP: 146.59.0.0/16
IP: 147.135.128.0/17
IP: 149.202.0.0/16
IP: 151.80.0.0/16
IP: 151.127.0.0/16
IP: 152.228.128.0/17
IP: 159.173.0.0/16
IP: 162.19.0.0/16
IP: 164.132.0.0/16
IP: 176.31.0.0/16
IP: 178.32.0.0/15
IP: 185.15.68.0/22
IP: 188.165.0.0/16
IP: 193.70.0.0/17
IP: 198.244.128.0/17
IP: 213.32.0.0/17
IP: 213.186.32.0/19
IP: 213.251.128.0/18
IP: 217.182.0.0/16
IP: 2001:41d0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:32:f3:f7:9d:a6:af:c2:a9:2f:ba:fd:ed:f5:73:c6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 14 06:19:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:e7:cf:59:50:e7:42:a4:db:00:96:4f:3f:
9b:7a:a0:46:27:59:eb:35:5d:9f:f5:25:fc:43:1e:
6d:51:2c:8d:a5:ae:0c:2e:04:cf:17:8c:43:a6:20:
51:5a:87:99:58:b5:77:25:01:e0:28:3a:ea:f2:82:
5c:c9:8e:94:db:ca:24:82:c2:54:f0:3e:83:1d:b5:
2e:85:fd:4e:4d:63:77:4f:31:a7:a8:f0:15:bb:e2:
8d:23:a5:cc:13:2e:84:b3:2a:66:d6:c2:90:0b:cc:
91:f1:6a:3f:19:fb:32:95:03:93:eb:a8:8c:ab:00:
fc:67:c8:89:ad:46:13:cd:33:ab:37:32:91:62:2f:
78:b0:d1:dc:34:d8:d5:07:f0:03:c5:0d:57:25:f1:
c6:86:43:88:ee:32:68:8f:8f:49:f8:d0:df:6a:84:
bd:31:e5:11:c2:16:f9:29:78:68:70:2e:8c:02:18:
5d:68:44:92:ac:fb:ca:cc:c2:eb:df:09:da:ef:da:
bf:c6:f8:1b:16:bf:65:4c:ef:92:cd:c0:c9:df:c2:
74:a2:1f:a1:88:11:15:a9:00:d1:2e:f4:f7:1d:ef:
0a:71:64:c1:f7:37:80:6c:e1:34:ac:6a:bb:55:58:
62:65:2a:14:e1:4b:03:52:10:e6:72:7c:ad:1b:ef:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0/14
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
109.190.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/17
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
151.127.0.0/16
152.228.128.0/17
159.173.0.0/16
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
185.15.68.0/22
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16276
35540
Signature Algorithm: sha256WithRSAEncryption
52:83:5a:64:91:45:60:15:ad:b7:96:f8:38:46:06:ac:8c:f9:
19:02:16:7b:9f:a9:39:ce:1d:64:a4:e5:91:a9:da:e1:69:30:
c2:d3:2e:b9:1e:e1:38:27:65:9b:07:12:21:43:d7:78:0a:74:
fd:e7:c6:97:4b:aa:ab:79:df:ce:54:0e:80:d6:ea:dd:d5:01:
94:4c:6f:29:2c:9f:5c:dd:bb:b3:a8:4a:6d:a0:bb:23:d9:82:
36:05:fb:2f:35:37:06:0b:d9:59:77:35:7c:74:4b:6e:66:a9:
b9:fd:b0:33:7b:59:7b:7f:cc:5e:14:69:48:dd:1d:5e:af:f1:
86:3a:9d:67:7b:41:56:1f:01:b9:d1:c4:90:c5:01:3f:1f:bc:
dc:03:a1:de:c4:ed:bf:c7:31:c4:74:2a:41:a0:1e:2f:bd:66:
02:da:98:92:01:3d:fd:38:75:a5:9c:88:db:2c:b1:b4:47:88:
d3:d2:3d:e6:e4:b4:54:27:e5:1b:51:9c:b0:d0:b6:33:6c:e2:
59:5c:88:26:4c:3c:3a:a0:e7:e7:56:72:1a:09:fe:b1:ca:24:
70:13:45:61:f7:5b:0d:00:e2:42:ef:67:b4:89:ad:92:3d:56:
98:d8:17:88:50:66:72:6c:75:16:8d:3d:31:f7:3e:2d:5a:ef:
01:38:80:94
-----BEGIN CERTIFICATE-----
MIIGuDCCBaCgAwIBAgISAZYy8/edpq/CqS+6/e31c8YNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNDE0MDYxOTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE5ZmZmNjNhMzQ3Nzk1N2ZmNzVjY2RjMDAzZGFiNjhjZjlkMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLbnz1lQ50Kk2wCWTz+beqBGJ1nr
NV2f9SX8Qx5tUSyNpa4MLgTPF4xDpiBRWoeZWLV3JQHgKDrq8oJcyY6U28okgsJU
8D6DHbUuhf1OTWN3TzGnqPAVu+KNI6XMEy6Esypm1sKQC8yR8Wo/GfsylQOT66iM
qwD8Z8iJrUYTzTOrNzKRYi94sNHcNNjVB/ADxQ1XJfHGhkOI7jJoj49J+NDfaoS9
MeURwhb5KXhocC6MAhhdaESSrPvKzMLr3wna79q/xvgbFr9lTO+SzcDJ38J0oh+h
iBEVqQDRLvT3He8KcWTB9zeAbOE0rGq7VVhiZSoU4UsDUhDmcnytG+/mUQIDAQAB
o4IDxDCCA8AwHQYDVR0OBBYEFICp//Y6NHeVf/dczcAD2raM+dFVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5L2IwODRi
Zi1hNDU0LTQzY2YtYWM5Mi00N2Q5OGU1ODU0NWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvYjA4NGJm
LWE0NTQtNDNjZi1hYzkyLTQ3ZDk4ZTU4NTQ1YS8xL2dLbl85am8wZDVWXzkxek53
QVBhdG96NTBWVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBPQYIKwYB
BQUHAQcBAf8EggEsMIIBKDCCARUEAgABMIIBDQMEBwUnAAMDAAWHAwMABcQDAwAl
OwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sDAwAzTQMDADNTAwMAM1kDAwAzWwMD
ADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMDADYmAwMCOYADBAdPiQADBAdXYoAD
AwBbeQMDAFuGAwMAXN4DAwBeFwMDAG2+AwMAh30DAwCJSgMDAY1eAwQHjeOAAwMA
ke8DAwCSOwMEB5OHgAMDAJXKAwMAl1ADAwCXfwMEB5jkgAMDAJ+tAwMAohMDAwCk
hAMDALAfAwMBsiADBAK5D0QDAwC8pQMEB8FGAAMEB8b0gAMEB9UgAAMEBdW6IAME
BtX7gAMDANm2MA0EAgACMAcDBQAgAUHQMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkC
Aj+UAgMAitQwDQYJKoZIhvcNAQELBQADggEBAFKDWmSRRWAVrbeW+DhGBqyM+RkC
FnufqTnOHWSk5ZGp2uFpMMLTLrke4TgnZZsHEiFD13gKdP3nxpdLqqt5385UDoDW
6t3VAZRMbyksn1zdu7OoSm2guyPZgjYF+y81NwYL2Vl3NXx0S25mqbn9sDN7WXt/
zF4UaUjdHV6v8YY6nWd7QVYfAbnRxJDFAT8fvNwDod7E7b/HMcR0KkGgHi+9ZgLa
mJIBPf04daWciNsssbRHiNPSPebktFQn5RtRnLDQtjNs4llciCZMPDqg5+dWchoJ
/rHKJHATRWH3Ww0A4kLvZ7SJrZI9VpjYF4hQZnJsdRaNPTH3Pi1a7wE4gJQ=
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:16:50 2025 by rpki-client