Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
File: gho_IfsMKU1tSlKbLx29S9ERm9c.cer (raw, json)
Hash identifier: axRkt20aYLM/ZgeYGIjrptlQhwsq32KFZYoH9JoP180=
Subject key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427B5783D1E37D8020A129C08BD04D4A9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 15:49:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 210347
IP: 5.182.100.0/22
IP: 45.11.236.0/22
IP: 45.14.72.0/22
IP: 45.84.44.0/22
IP: 45.157.72.0/22
IP: 85.8.188.0/22
IP: 85.209.216.0/22
IP: 88.218.100.0/22
IP: 91.201.140.0/22
IP: 92.119.180.0/22
IP: 139.28.136.0/22
IP: 141.98.240.0/22
IP: 193.31.72.0/22
IP: 194.5.0.0/22
IP: 194.38.24.0/22
IP: 194.124.52.0/22
IP: 195.206.108.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:78:3d:1e:37:d8:02:0a:12:9c:08:bd:04:d4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 15:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:a6:b7:b3:d1:1f:ac:ae:4b:04:e0:66:3d:
41:98:0a:8f:69:1d:5c:35:a9:64:2d:64:eb:de:fb:
cd:3b:9d:57:ac:0d:2d:86:61:2c:ed:f9:67:11:90:
0e:d1:7b:02:17:b8:f2:aa:af:8b:37:8b:ff:be:8c:
aa:8c:82:08:27:d2:0a:cb:a4:28:77:3e:a9:9a:bf:
bd:81:72:d8:db:85:25:10:be:78:93:ed:aa:72:8e:
84:bb:b5:53:3e:e4:ba:74:09:a8:cd:8a:c9:a5:02:
40:e7:ad:79:fc:5e:b3:75:33:e2:8c:bb:aa:a2:f8:
0a:3d:d5:b8:f5:95:cf:05:87:42:cf:7c:3d:bc:16:
2a:ea:bd:fd:8d:73:f4:3f:0e:22:b6:8f:e8:d7:2d:
2b:48:c6:d6:de:5d:7f:a9:2d:1c:84:19:90:8a:69:
ee:0f:f5:ce:11:28:4a:52:5a:12:66:e0:0e:de:09:
f7:df:e2:0d:83:74:a5:2c:8c:63:0b:3b:e6:13:9e:
6c:0b:87:fa:1c:7d:25:bc:3f:fd:69:47:5a:26:ce:
ac:a0:84:a3:8b:d5:81:7d:f3:e3:1a:6c:49:0d:0e:
9e:07:0a:ee:8b:96:e4:97:33:07:71:07:df:c5:56:
70:2a:50:d3:c6:fd:72:bf:2a:f2:74:7b:19:8a:4b:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/22
45.11.236.0/22
45.14.72.0/22
45.84.44.0/22
45.157.72.0/22
85.8.188.0/22
85.209.216.0/22
88.218.100.0/22
91.201.140.0/22
92.119.180.0/22
139.28.136.0/22
141.98.240.0/22
193.31.72.0/22
194.5.0.0/22
194.38.24.0/22
194.124.52.0/22
195.206.108.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210347
Signature Algorithm: sha256WithRSAEncryption
23:e7:db:33:ab:4d:66:66:33:17:2b:1a:19:30:ab:72:20:0b:
73:c0:4a:48:fa:fc:86:d9:2e:66:f4:53:6b:fc:d1:07:22:cd:
ab:e6:af:32:7e:26:7d:96:13:03:66:4d:6f:f6:cd:e2:0f:99:
5e:29:1a:e3:db:0b:c8:24:ff:ea:f9:f9:05:2e:6e:c2:1e:f4:
3d:8a:8e:5b:70:0f:78:a4:32:b4:65:39:89:04:85:53:cd:fd:
2f:76:f3:c5:80:76:af:25:da:23:a7:92:89:be:f3:22:3a:01:
cb:09:b5:ef:f3:2e:09:26:d5:b0:b9:9a:b4:ce:86:f6:41:bd:
6d:ce:7b:f7:dc:c4:ee:b5:07:69:83:40:41:74:c6:12:e3:4e:
96:6b:1d:4d:b8:55:65:f2:98:16:2a:70:a8:69:71:c2:8a:bf:
f0:0d:83:a4:02:44:ae:3a:1e:74:5b:41:76:51:a9:6a:98:d4:
a3:57:4d:e0:fd:44:c6:d0:f8:d4:ae:31:e0:4c:7d:1b:5f:44:
f1:3f:fc:f5:96:f1:23:18:76:20:cb:70:ff:6f:8d:c1:d6:70:
78:ad:f7:c9:7f:92:ad:b8:6a:bb:4f:01:d5:82:1f:0b:5b:7a:
6f:6c:18:18:c9:9f:f1:7c:34:f1:79:3c:2f:4d:ed:7b:d1:bf:
60:03:d4:54
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgISAZQntXg9HjfYAgoSnAi9BNSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucumt7PRH6yuSwTgZj1BmAqPaR1c
NalkLWTr3vvNO51XrA0thmEs7flnEZAO0XsCF7jyqq+LN4v/voyqjIIIJ9IKy6Qo
dz6pmr+9gXLY24UlEL54k+2qco6Eu7VTPuS6dAmozYrJpQJA5615/F6zdTPijLuq
ovgKPdW49ZXPBYdCz3w9vBYq6r39jXP0Pw4ito/o1y0rSMbW3l1/qS0chBmQimnu
D/XOEShKUloSZuAO3gn33+INg3SlLIxjCzvmE55sC4f6HH0lvD/9aUdaJs6soISj
i9WBffPjGmxJDQ6eBwrui5bklzMHcQffxVZwKlDTxv1yvyrydHsZiksIRwIDAQAB
o4IDADCCAvwwHQYDVR0OBBYEFIIaPyH7DClNbUpSmy8dvUvREZvXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2VkYzg1
NS1mMmJjLTRlOWMtOGMwYy1iNmYyYWM4NmVmMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZWRjODU1
LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1UxdFNsS2JM
eDI5UzlFUm05Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBsBAIAATBmAwQCBbZkAwQCLQvsAwQCLQ5IAwQCLVQsAwQCLZ1I
AwQCVQi8AwQCVdHYAwQCWNpkAwQCW8mMAwQCXHe0AwQCixyIAwQCjWLwAwQCwR9I
AwQCwgUAAwQCwiYYAwQCwnw0AwQCw85sMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM1qzANBgkqhkiG9w0BAQsFAAOCAQEAI+fbM6tNZmYzFysaGTCrciALc8BKSPr8
htkuZvRTa/zRByLNq+avMn4mfZYTA2ZNb/bN4g+ZXika49sLyCT/6vn5BS5uwh70
PYqOW3APeKQytGU5iQSFU839L3bzxYB2ryXaI6eSib7zIjoBywm17/MuCSbVsLma
tM6G9kG9bc5799zE7rUHaYNAQXTGEuNOlmsdTbhVZfKYFipwqGlxwoq/8A2DpAJE
rjoedFtBdlGpapjUo1dN4P1ExtD41K4x4Ex9G19E8T/89ZbxIxh2IMtw/2+NwdZw
eK33yX+Srbhqu08B1YIfC1t6b2wYGMmf8Xw08Xk8L03te9G/YAPUVA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:01:02 2025 by rpki-client