Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
File: hwxYmk8iqcov-ZtMSPi99JKHFyU.cer (raw, json)
Hash identifier: r9md5IPNyPDWJmfSAuGFmtRTRXjT7MiUBP1IMaM5iWI=
Subject key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DC16956221D640E7834E5007DA27AF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:44 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 1901
AS: 5423 -- 5424
AS: 8333
AS: 8447
AS: 8562
AS: 12382
AS: 12547
AS: 12656
AS: 12793
AS: 15824
AS: 16305
AS: 21285
AS: 25382
AS: 28834
AS: 41351
IP: 37.44.220.0/22
IP: 46.74.0.0/15
IP: 46.206.0.0/15
IP: 62.46.0.0/15
IP: 62.116.32.0/19
IP: 80.75.32.0/19
IP: 80.89.96.0/20
IP: 80.120.0.0/14
IP: 80.240.224.0/20
IP: 81.5.192.0/18
IP: 84.20.160.0/19
IP: 85.90.128.0/19
IP: 88.116.0.0/15
IP: 89.144.192.0/18
IP: 90.152.128.0/17
IP: 91.112.0.0/14
IP: 92.248.0.0/17
IP: 93.82.0.0/15
IP: 93.111.0.0/16
IP: 176.66.0.0/16
IP: 178.188.0.0/14
IP: 185.157.248.0/22
IP: 188.20.0.0/14
IP: 188.45.0.0/16
IP: 192.164.0.0 -- 192.164.37.255
IP: 192.164.39.0 -- 192.164.71.255
IP: 192.164.80.0 -- 192.164.159.255
IP: 192.164.208.0 -- 192.164.255.255
IP: 193.80.0.0/15
IP: 193.83.0.0/16
IP: 193.104.65.0/24
IP: 193.154.0.0/16
IP: 193.187.212.0 -- 193.187.243.255
IP: 194.48.124.0 -- 194.48.139.255
IP: 194.96.0.0/16
IP: 194.118.0.0/16
IP: 194.152.96.0/19
IP: 194.152.160.0/19
IP: 194.166.0.0/16
IP: 195.3.64.0/18
IP: 195.64.0.0/19
IP: 195.80.234.0/24
IP: 195.82.224.0/19
IP: 195.170.64.0/19
IP: 195.200.197.0/24
IP: 195.230.32.0/19
IP: 195.250.32.0/24
IP: 212.16.32.0/19
IP: 212.60.160.0/19
IP: 212.88.0.0/19
IP: 212.88.160.0/19
IP: 212.124.128.0/19
IP: 212.183.0.0/17
IP: 212.197.128.0/18
IP: 213.33.0.0/17
IP: 213.147.160.0/19
IP: 213.157.128.0/19
IP: 213.225.0.0/18
IP: 213.240.64.0/18
IP: 217.76.160.0/20
IP: 217.149.160.0/20
IP: 2001:850::/29
IP: 2001:870::/29
IP: 2001:890::/29
IP: 2001:4bb8::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:16:95:62:21:d6:40:e7:83:4e:50:07:da:27:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a5:d5:ae:ea:55:1c:6c:36:45:af:42:dc:2c:
f4:01:2f:c4:87:80:40:2e:c5:d1:36:c4:a9:bd:63:
0d:d8:22:17:ca:af:8f:1b:48:47:db:8f:c6:e4:b9:
c8:6e:94:8f:d6:a6:51:df:a0:66:23:e7:25:a4:4b:
f0:86:3c:da:ed:e2:61:66:ee:7c:c8:6b:9d:1a:22:
7e:40:a2:a7:41:aa:bb:c6:45:52:49:76:5d:1d:b0:
7c:a4:88:bf:0a:7e:b6:b9:70:3a:6a:dc:d9:af:df:
a5:ce:1b:d5:61:97:0c:1f:e0:45:9f:fe:2a:08:7f:
69:f6:f3:90:c9:5b:49:6f:ef:41:9e:fc:38:82:81:
35:75:39:62:b0:bc:a0:07:4d:13:29:5a:1d:0b:d4:
81:18:10:64:b0:97:94:4b:c6:d2:e3:76:fe:71:03:
d8:68:ac:f6:6c:4e:c3:04:42:4b:4a:63:34:b3:24:
a3:7d:89:59:c0:34:eb:03:9a:9b:00:1d:48:6c:c9:
01:8a:83:1a:37:16:ba:4e:a0:65:91:88:82:44:48:
c3:96:f9:71:e6:52:fd:22:dd:68:92:1c:46:8d:95:
6e:3e:0f:a8:28:13:ed:83:bf:c8:a9:c9:d0:ee:b3:
db:0f:34:5a:0e:b5:4c:ff:3c:c6:2b:7c:c0:d7:31:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.220.0/22
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
90.152.128.0/17
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/16
178.188.0.0/14
185.157.248.0/22
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.37.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.104.65.0/24
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.80.234.0/24
195.82.224.0/19
195.170.64.0/19
195.200.197.0/24
195.230.32.0/19
195.250.32.0/24
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.76.160.0/20
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
1901
5423-5424
8333
8447
8562
12382
12547
12656
12793
15824
16305
21285
25382
28834
41351
Signature Algorithm: sha256WithRSAEncryption
6c:6a:d0:fa:47:4d:f3:29:6b:fa:68:c4:58:60:ce:9d:d2:42:
73:4f:e8:bd:11:54:e7:c4:41:eb:84:d8:30:ee:3c:84:37:ae:
a6:3f:4e:0e:45:34:a2:61:76:5a:17:ac:95:4c:ea:be:2c:99:
f1:c0:db:f8:83:8b:08:74:f7:5c:3a:b5:7d:45:e1:87:f2:01:
32:9e:60:79:ba:b2:34:6a:da:fc:59:50:90:93:32:f8:b8:b0:
b6:10:ec:fe:23:0d:12:b6:9c:6b:3b:5c:18:68:8f:b1:5e:67:
94:be:f5:e5:67:be:1c:4a:40:2f:5c:94:98:dd:3e:4c:f9:4c:
e1:53:79:85:40:46:fb:3a:d5:8e:52:3b:5b:97:6f:03:ad:28:
79:2f:0d:f3:7c:7d:6b:42:36:5c:0b:aa:51:bc:39:c0:af:14:
b0:2d:47:90:4c:9a:83:5f:8a:5e:22:45:b9:c5:03:02:a0:b8:
81:3b:e0:3f:dd:11:d9:c6:90:60:e7:5e:06:3c:7c:72:ca:6a:
74:cd:5e:37:3c:b4:99:18:94:fd:96:01:5a:20:79:28:ad:fa:
61:d8:8c:3f:87:dd:52:de:3e:0c:99:dd:8a:b1:ec:57:11:30:
bb:5a:5c:f0:55:c6:ca:96:a0:2d:88:a3:91:b0:a6:77:1d:ee:
ef:19:66:bc
-----BEGIN CERTIFICATE-----
MIIHhDCCBmygAwIBAgISAYzF3BaVYiHWQOeDTlAH2ievMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzBjNTg5YTRmMjJhOWNhMmZmOTliNGM0OGY4YmRmNDkyODcxNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aXVrupVHGw2Ra9C3Cz0AS/Eh4BA
LsXRNsSpvWMN2CIXyq+PG0hH24/G5LnIbpSP1qZR36BmI+clpEvwhjza7eJhZu58
yGudGiJ+QKKnQaq7xkVSSXZdHbB8pIi/Cn62uXA6atzZr9+lzhvVYZcMH+BFn/4q
CH9p9vOQyVtJb+9Bnvw4goE1dTlisLygB00TKVodC9SBGBBksJeUS8bS43b+cQPY
aKz2bE7DBEJLSmM0sySjfYlZwDTrA5qbAB1IbMkBioMaNxa6TqBlkYiCREjDlvlx
5lL9It1okhxGjZVuPg+oKBPtg7/IqcnQ7rPbDzRaDrVM/zzGK3zA1zELDwIDAQAB
o4IEkDCCBIwwHQYDVR0OBBYEFIcMWJpPIqnKL/mbTEj4vfSShxclMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2Y1MDVi
NS0wZTQ2LTRiM2YtYmYxYi04NDlkM2E2YjljMmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvZjUwNWI1
LTBlNDYtNGIzZi1iZjFiLTg0OWQzYTZiOWMyZC8xL2h3eFltazhpcWNvdi1adE1T
UGk5OUpLSEZ5VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBzwYIKwYB
BQUHAQcBAf8EggG+MIIBujCCAZIEAgABMIIBigMEAiUs3AMDAS5KAwMBLs4DAwE+
LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQGUQXAAwQFVBSgAwQFVVqA
AwMBWHQDBAZZkMADBAdamIADAwJbcAMEB1z4AAMDAV1SAwMAXW8DAwCwQgMDArK8
AwQCuZ34AwMCvBQDAwC8LTALAwMCwKQDBAHApCQwDAMEAMCkJwMEA8CkQDAMAwQE
wKRQAwQFwKSAMAsDBATApNADAwDApAMDAcFQAwMAwVMDBADBaEEDAwDBmjAMAwQC
wbvUAwQCwbvwMAwDBALCMHwDBALCMIgDAwDCYAMDAMJ2AwQFwphgAwQFwpigAwMA
wqYDBAbDA0ADBAXDQAADBADDUOoDBAXDUuADBAXDqkADBADDyMUDBAXD5iADBADD
+iADBAXUECADBAXUPKADBAXUWAADBAXUWKADBAXUfIADBAfUtwADBAbUxYADBAfV
IQADBAXVk6ADBAXVnYADBAbV4QADBAbV8EADBATZTKADBATZlaAwIgQCAAIwHAMF
AyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwWAYIKwYBBQUHAQgBAf8ESTBHoEUw
QwICB20wCAICFS8CAhUwAgIgjQICIP8CAiFyAgIwXgICMQMCAjFwAgIx+QICPdAC
Aj+xAgJTJQICYyYCAnCiAgMAoYcwDQYJKoZIhvcNAQELBQADggEBAGxq0PpHTfMp
a/poxFhgzp3SQnNP6L0RVOfEQeuE2DDuPIQ3rqY/Tg5FNKJhdloXrJVM6r4smfHA
2/iDiwh091w6tX1F4YfyATKeYHm6sjRq2vxZUJCTMvi4sLYQ7P4jDRK2nGs7XBho
j7FeZ5S+9eVnvhxKQC9clJjdPkz5TOFTeYVARvs61Y5SO1uXbwOtKHkvDfN8fWtC
NlwLqlG8OcCvFLAtR5BMmoNfil4iRbnFAwKguIE74D/dEdnGkGDnXgY8fHLKanTN
Xjc8tJkYlP2WAVogeSit+mHYjD+H3VLePgyZ3Yqx7FcRMLtaXPBVxsqWoC2Io5Gw
pncd7u8ZZrw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:44:17 2024 by rpki-client on console-fra.rpki-client.org