Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
File: mUt9MMHE9iQxgtPs09BTn0L6rP0.cer (raw, json)
Hash identifier: bEkPHPo/RVCjK3/lTCLLIBhnMM4DTsvi7K/lmmngMBk=
Subject key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DEF0274D00D15ED5DB5B50C9129E26
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 13230
AS: 15599
AS: 15756
AS: 25227
AS: 43675
AS: 44053
AS: 44811
AS: 56384
AS: 57620
AS: 197673
IP: 5.61.8.0 -- 5.61.12.255
IP: 31.13.16.0/21
IP: 46.28.88.0/21
IP: 46.34.152.0/21
IP: 46.183.161.0 -- 46.183.162.255
IP: 46.183.164.0/24
IP: 62.32.82.0/24
IP: 62.32.95.0/24
IP: 62.213.64.0/24
IP: 62.213.69.0 -- 62.213.71.255
IP: 62.213.82.0 -- 62.213.85.255
IP: 62.213.88.0/22
IP: 62.213.93.0/24
IP: 62.213.96.0/22
IP: 62.213.101.0/24
IP: 62.213.104.0/23
IP: 62.213.107.0/24
IP: 62.213.109.0 -- 62.213.110.255
IP: 62.213.115.0/24
IP: 62.213.117.0 -- 62.213.121.255
IP: 62.213.123.0 -- 62.213.124.255
IP: 62.213.127.0/24
IP: 79.98.208.0/21
IP: 80.250.81.0 -- 80.250.82.255
IP: 80.250.84.0 -- 80.250.86.255
IP: 81.95.130.0 -- 81.95.140.255
IP: 81.95.142.0/23
IP: 85.236.0.0/19
IP: 91.197.192.0/22
IP: 91.203.8.0/22
IP: 91.223.254.0/24
IP: 92.60.80.0/20
IP: 92.242.52.0/22
IP: 93.191.61.0 -- 93.191.62.255
IP: 94.125.187.0/24
IP: 94.125.190.0/24
IP: 94.127.176.0/21
IP: 94.230.0.0/20
IP: 95.181.132.0/22
IP: 141.136.112.0/21
IP: 185.10.63.0/24
IP: 185.26.206.0/23
IP: 185.55.172.0/22
IP: 185.59.140.0/22
IP: 185.76.108.0/22
IP: 185.132.196.0/22
IP: 188.92.240.0/22
IP: 193.254.248.0/23
IP: 194.58.79.0/24
IP: 194.135.100.0/24
IP: 194.135.103.0/24
IP: 194.135.135.0/24
IP: 195.135.204.0/22
IP: 195.234.52.0/24
IP: 195.234.130.0/24
IP: 195.234.140.0/24
IP: 195.234.143.0/24
IP: 212.24.34.0/24
IP: 212.24.42.0/24
IP: 212.24.45.0 -- 212.24.46.255
IP: 212.24.49.0/24
IP: 212.24.51.0 -- 212.24.54.255
IP: 212.24.59.0/24
IP: 212.158.173.0/24
IP: 213.134.192.0/19
IP: 217.22.160.0/23
IP: 217.22.163.0 -- 217.22.164.255
IP: 217.22.167.0/24
IP: 217.23.130.0/23
IP: 217.23.142.0/24
IP: 217.23.146.0/24
IP: 217.23.151.0/24
IP: 2001:67c:79c::/48
IP: 2a00:9800::/32
IP: 2a00:9802:: -- 2a00:9807:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2a02:6d00::/32
IP: 2a02:e880::/29
IP: 2a0f:bec0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f0:27:4d:00:d1:5e:d5:db:5b:50:c9:12:9e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:f7:ee:50:c2:6c:81:0f:df:ef:66:49:7a:
ce:9c:c1:85:f6:ca:73:b3:eb:e5:87:4c:c0:5b:51:
1b:ab:b7:19:77:41:d4:89:d9:90:bc:f0:28:e4:07:
7c:51:5c:bd:68:79:42:dd:99:03:d7:65:90:f0:0e:
24:a7:b4:c6:4b:2f:ff:21:a2:b7:de:2e:85:78:87:
6f:22:a1:5d:45:ea:91:e9:fe:84:a8:b5:d2:80:07:
95:d5:df:15:c8:a9:38:71:65:d8:85:04:bd:ad:b7:
d0:a8:4a:f5:4d:cf:23:8e:cb:4e:fe:bc:c9:e9:ba:
89:31:0d:87:9d:87:29:39:19:7a:3e:f4:f9:f0:c9:
b4:fa:eb:06:48:a2:29:dd:08:b7:a5:4f:69:ff:ce:
46:45:a9:8b:a3:6e:9b:2c:46:be:5f:b0:c2:5f:ef:
c9:a4:8d:bd:0b:e4:39:75:4a:27:f5:c5:6d:f4:14:
9e:68:a3:2d:80:d0:02:0a:22:df:e9:54:16:ad:0c:
04:12:e1:fc:b1:1f:34:57:bf:af:3c:e3:91:34:53:
12:c5:69:32:1e:e4:dd:4a:1c:de:fb:90:85:4a:9e:
82:37:ff:96:25:57:e9:63:44:bf:2a:be:ff:d8:4d:
a4:68:12:b8:11:16:48:d6:68:0f:78:ff:97:c0:37:
44:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.8.0-5.61.12.255
31.13.16.0/21
46.28.88.0/21
46.34.152.0/21
46.183.161.0-46.183.162.255
46.183.164.0/24
62.32.82.0/24
62.32.95.0/24
62.213.64.0/24
62.213.69.0-62.213.71.255
62.213.82.0-62.213.85.255
62.213.88.0/22
62.213.93.0/24
62.213.96.0/22
62.213.101.0/24
62.213.104.0/23
62.213.107.0/24
62.213.109.0-62.213.110.255
62.213.115.0/24
62.213.117.0-62.213.121.255
62.213.123.0-62.213.124.255
62.213.127.0/24
79.98.208.0/21
80.250.81.0-80.250.82.255
80.250.84.0-80.250.86.255
81.95.130.0-81.95.140.255
81.95.142.0/23
85.236.0.0/19
91.197.192.0/22
91.203.8.0/22
91.223.254.0/24
92.60.80.0/20
92.242.52.0/22
93.191.61.0-93.191.62.255
94.125.187.0/24
94.125.190.0/24
94.127.176.0/21
94.230.0.0/20
95.181.132.0/22
141.136.112.0/21
185.10.63.0/24
185.26.206.0/23
185.55.172.0/22
185.59.140.0/22
185.76.108.0/22
185.132.196.0/22
188.92.240.0/22
193.254.248.0/23
194.58.79.0/24
194.135.100.0/24
194.135.103.0/24
194.135.135.0/24
195.135.204.0/22
195.234.52.0/24
195.234.130.0/24
195.234.140.0/24
195.234.143.0/24
212.24.34.0/24
212.24.42.0/24
212.24.45.0-212.24.46.255
212.24.49.0/24
212.24.51.0-212.24.54.255
212.24.59.0/24
212.158.173.0/24
213.134.192.0/19
217.22.160.0/23
217.22.163.0-217.22.164.255
217.22.167.0/24
217.23.130.0/23
217.23.142.0/24
217.23.146.0/24
217.23.151.0/24
IPv6:
2001:67c:79c::/48
2a00:9800::/32
2a00:9802::-2a00:9807:ffff:ffff:ffff:ffff:ffff:ffff
2a02:6d00::/32
2a02:e880::/29
2a0f:bec0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13230
15599
15756
25227
43675
44053
44811
56384
57620
197673
Signature Algorithm: sha256WithRSAEncryption
38:7d:38:db:eb:2b:4b:29:9b:12:15:b6:dd:c5:d0:5f:dd:fe:
c7:52:94:3a:f0:ce:de:f5:2a:56:7a:82:f2:60:09:74:28:22:
a3:d8:2b:e6:11:f5:01:81:59:cc:8b:b7:3f:25:c2:3d:ba:d9:
95:3d:d5:3b:4c:18:0a:9e:30:b3:ff:89:0b:37:38:18:93:b0:
f7:7f:6b:d0:7e:05:38:20:b8:c8:09:ec:98:46:51:a1:c7:74:
9a:fb:8d:6f:f4:e6:ac:9f:49:3f:9f:9a:2b:6f:96:20:1d:9a:
77:52:ab:46:dd:22:66:e9:f7:4d:60:33:72:ca:ff:bf:77:a4:
20:bb:d1:1c:ec:d0:59:bf:4f:d7:ca:81:23:6d:37:ce:d3:f8:
b2:ae:9e:f4:ef:8c:9e:a5:01:ad:69:8b:44:6d:51:b3:39:95:
0a:e2:00:ac:5e:43:24:15:d2:d4:a9:df:b4:96:d5:ab:d5:94:
bc:eb:68:c3:e7:a9:c1:c5:e8:67:7d:a0:d6:29:04:41:05:fb:
38:5c:1a:03:1a:d7:67:e4:56:57:64:07:57:2c:ce:4b:b6:ff:
e7:d8:dd:b2:b9:43:5e:6d:20:11:36:3d:15:da:e2:5e:26:69:
3c:62:95:13:21:ac:0b:d9:b9:25:b1:e0:ec:8f:1f:73:17:bd:
0e:72:d9:cc
-----BEGIN CERTIFICATE-----
MIIIHjCCBwagAwIBAgISAYzI3vAnTQDRXtXbW1DJEp4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRiN2QzMGMxYzRmNjI0MzE4MmQzZWNkM2QwNTM5ZjQyZmFhY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S337lDCbIEP3+9mSXrOnMGF9spz
s+vlh0zAW1Ebq7cZd0HUidmQvPAo5Ad8UVy9aHlC3ZkD12WQ8A4kp7TGSy//IaK3
3i6FeIdvIqFdReqR6f6EqLXSgAeV1d8VyKk4cWXYhQS9rbfQqEr1Tc8jjstO/rzJ
6bqJMQ2HnYcpORl6PvT58Mm0+usGSKIp3Qi3pU9p/85GRamLo26bLEa+X7DCX+/J
pI29C+Q5dUon9cVt9BSeaKMtgNACCiLf6VQWrQwEEuH8sR80V7+vPOORNFMSxWky
HuTdShze+5CFSp6CN/+WJVfpY0S/Kr7/2E2kaBK4ERZI1mgPeP+XwDdE7wIDAQAB
o4IFKjCCBSYwHQYDVR0OBBYEFJlLfTDBxPYkMYLT7NPQU59C+qz9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzRhYjgx
ZS00NWI4LTQxYTUtYWE1ZS01NjQ2ZWVkZDk5YmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNGFiODFl
LTQ1YjgtNDFhNS1hYTVlLTU2NDZlZWRkOTliZi8xL21VdDlNTUhFOWlReGd0UHMw
OUJUbjBMNnJQMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICfgYIKwYB
BQUHAQcBAf8EggJtMIICaTCCAigEAgABMIICIDAMAwQDBT0IAwQABT0MAwQDHw0Q
AwQDLhxYAwQDLiKYMAwDBAAut6EDBAAut6IDBAAut6QDBAA+IFIDBAA+IF8DBAA+
1UAwDAMEAD7VRQMEAz7VQDAMAwQBPtVSAwQBPtVUAwQCPtVYAwQAPtVdAwQCPtVg
AwQAPtVlAwQBPtVoAwQAPtVrMAwDBAA+1W0DBAA+1W4DBAA+1XMwDAMEAD7VdQME
AT7VeDAMAwQAPtV7AwQAPtV8AwQAPtV/AwQDT2LQMAwDBABQ+lEDBABQ+lIwDAME
AlD6VAMEAFD6VjAMAwQBUV+CAwQAUV+MAwQBUV+OAwQFVewAAwQCW8XAAwQCW8sI
AwQAW9/+AwQEXDxQAwQCXPI0MAwDBABdvz0DBABdvz4DBABefbsDBABefb4DBANe
f7ADBARe5gADBAJftYQDBAONiHADBAC5Cj8DBAG5Gs4DBAK5N6wDBAK5O4wDBAK5
TGwDBAK5hMQDBAK8XPADBAHB/vgDBADCOk8DBADCh2QDBADCh2cDBADCh4cDBALD
h8wDBADD6jQDBADD6oIDBADD6owDBADD6o8DBADUGCIDBADUGCowDAMEANQYLQME
ANQYLgMEANQYMTAMAwQA1BgzAwQA1Bg2AwQA1Bg7AwQA1J6tAwQF1YbAAwQB2Rag
MAwDBADZFqMDBADZFqQDBADZFqcDBAHZF4IDBADZF44DBADZF5IDBADZF5cwOwQC
AAIwNQMHACABBnwHnAMFACoAmAAwDgMFASoAmAIDBQMqAJgAAwUAKgJtAAMFAyoC
6IADBQAqD77AMEMGCCsGAQUFBwEIAQH/BDQwMqAwMC4CAjOuAgI87wICPYwCAmKL
AgMAqpsCAwCsFQIDAK8LAgMA3EACAwDhFAIDAwQpMA0GCSqGSIb3DQEBCwUAA4IB
AQA4fTjb6ytLKZsSFbbdxdBf3f7HUpQ68M7e9SpWeoLyYAl0KCKj2CvmEfUBgVnM
i7c/JcI9utmVPdU7TBgKnjCz/4kLNzgYk7D3f2vQfgU4ILjICeyYRlGhx3Sa+41v
9Oasn0k/n5orb5YgHZp3UqtG3SJm6fdNYDNyyv+/d6Qgu9Ec7NBZv0/XyoEjbTfO
0/iyrp7074yepQGtaYtEbVGzOZUK4gCsXkMkFdLUqd+0ltWr1ZS862jD56nBxehn
faDWKQRBBfs4XBoDGtdn5FZXZAdXLM5Ltv/n2N2yuUNebSARNj0V2uJeJmk8YpUT
IawL2bklseDsjx9zF70OctnM
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:45:38 2024 by rpki-client on console-fra.rpki-client.org