Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
File: mUt9MMHE9iQxgtPs09BTn0L6rP0.cer (raw, json)
Hash identifier: 9eZ6R7RUBOT7fm6xlgFdXBK5SNpcuF41MMSQzF/mPqY=
Subject key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221FE8EE93D5A9978AAE25E64932A600
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:24 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 13230
AS: 15599
AS: 15756
AS: 25227
AS: 43675
AS: 44053
AS: 44811
AS: 56384
AS: 57620
AS: 197673
IP: 5.61.8.0 -- 5.61.12.255
IP: 31.13.16.0/21
IP: 46.28.88.0/21
IP: 46.34.152.0/21
IP: 46.183.161.0 -- 46.183.162.255
IP: 46.183.164.0/24
IP: 62.32.82.0/24
IP: 62.32.95.0/24
IP: 62.213.64.0/24
IP: 62.213.69.0 -- 62.213.71.255
IP: 62.213.82.0 -- 62.213.85.255
IP: 62.213.88.0/22
IP: 62.213.93.0/24
IP: 62.213.96.0/22
IP: 62.213.101.0/24
IP: 62.213.104.0/23
IP: 62.213.107.0/24
IP: 62.213.109.0 -- 62.213.110.255
IP: 62.213.115.0/24
IP: 62.213.117.0 -- 62.213.121.255
IP: 62.213.123.0 -- 62.213.124.255
IP: 62.213.127.0/24
IP: 79.98.208.0/21
IP: 80.250.81.0 -- 80.250.82.255
IP: 80.250.84.0 -- 80.250.86.255
IP: 81.95.130.0 -- 81.95.140.255
IP: 81.95.142.0/23
IP: 85.236.0.0/19
IP: 91.197.192.0/22
IP: 91.203.8.0/22
IP: 91.223.254.0/24
IP: 92.60.80.0/20
IP: 92.242.52.0/22
IP: 93.191.61.0 -- 93.191.62.255
IP: 94.125.187.0/24
IP: 94.125.190.0/24
IP: 94.127.176.0/21
IP: 94.230.0.0/20
IP: 95.181.132.0/22
IP: 141.136.112.0/21
IP: 185.10.63.0/24
IP: 185.26.206.0/23
IP: 185.55.172.0/22
IP: 185.59.140.0/22
IP: 185.76.108.0/22
IP: 185.132.196.0/22
IP: 188.92.240.0/22
IP: 193.254.248.0/23
IP: 194.58.79.0/24
IP: 194.135.100.0/24
IP: 194.135.103.0/24
IP: 194.135.135.0/24
IP: 195.135.204.0/22
IP: 195.234.52.0/24
IP: 195.234.130.0/24
IP: 195.234.140.0/24
IP: 195.234.143.0/24
IP: 212.24.34.0/24
IP: 212.24.42.0/24
IP: 212.24.45.0 -- 212.24.46.255
IP: 212.24.49.0/24
IP: 212.24.51.0 -- 212.24.54.255
IP: 212.24.59.0/24
IP: 212.158.173.0/24
IP: 213.134.192.0/19
IP: 217.22.160.0/23
IP: 217.22.163.0 -- 217.22.164.255
IP: 217.22.167.0/24
IP: 217.23.130.0/23
IP: 217.23.142.0/24
IP: 217.23.146.0/24
IP: 217.23.151.0/24
IP: 2001:67c:79c::/48
IP: 2a00:9800::/32
IP: 2a00:9802:: -- 2a00:9807:ffff:ffff:ffff:ffff:ffff:ffff
IP: 2a02:6d00::/32
IP: 2a02:e880::/29
IP: 2a0f:bec0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e8:ee:93:d5:a9:97:8a:ae:25:e6:49:32:a6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:f7:ee:50:c2:6c:81:0f:df:ef:66:49:7a:
ce:9c:c1:85:f6:ca:73:b3:eb:e5:87:4c:c0:5b:51:
1b:ab:b7:19:77:41:d4:89:d9:90:bc:f0:28:e4:07:
7c:51:5c:bd:68:79:42:dd:99:03:d7:65:90:f0:0e:
24:a7:b4:c6:4b:2f:ff:21:a2:b7:de:2e:85:78:87:
6f:22:a1:5d:45:ea:91:e9:fe:84:a8:b5:d2:80:07:
95:d5:df:15:c8:a9:38:71:65:d8:85:04:bd:ad:b7:
d0:a8:4a:f5:4d:cf:23:8e:cb:4e:fe:bc:c9:e9:ba:
89:31:0d:87:9d:87:29:39:19:7a:3e:f4:f9:f0:c9:
b4:fa:eb:06:48:a2:29:dd:08:b7:a5:4f:69:ff:ce:
46:45:a9:8b:a3:6e:9b:2c:46:be:5f:b0:c2:5f:ef:
c9:a4:8d:bd:0b:e4:39:75:4a:27:f5:c5:6d:f4:14:
9e:68:a3:2d:80:d0:02:0a:22:df:e9:54:16:ad:0c:
04:12:e1:fc:b1:1f:34:57:bf:af:3c:e3:91:34:53:
12:c5:69:32:1e:e4:dd:4a:1c:de:fb:90:85:4a:9e:
82:37:ff:96:25:57:e9:63:44:bf:2a:be:ff:d8:4d:
a4:68:12:b8:11:16:48:d6:68:0f:78:ff:97:c0:37:
44:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.8.0-5.61.12.255
31.13.16.0/21
46.28.88.0/21
46.34.152.0/21
46.183.161.0-46.183.162.255
46.183.164.0/24
62.32.82.0/24
62.32.95.0/24
62.213.64.0/24
62.213.69.0-62.213.71.255
62.213.82.0-62.213.85.255
62.213.88.0/22
62.213.93.0/24
62.213.96.0/22
62.213.101.0/24
62.213.104.0/23
62.213.107.0/24
62.213.109.0-62.213.110.255
62.213.115.0/24
62.213.117.0-62.213.121.255
62.213.123.0-62.213.124.255
62.213.127.0/24
79.98.208.0/21
80.250.81.0-80.250.82.255
80.250.84.0-80.250.86.255
81.95.130.0-81.95.140.255
81.95.142.0/23
85.236.0.0/19
91.197.192.0/22
91.203.8.0/22
91.223.254.0/24
92.60.80.0/20
92.242.52.0/22
93.191.61.0-93.191.62.255
94.125.187.0/24
94.125.190.0/24
94.127.176.0/21
94.230.0.0/20
95.181.132.0/22
141.136.112.0/21
185.10.63.0/24
185.26.206.0/23
185.55.172.0/22
185.59.140.0/22
185.76.108.0/22
185.132.196.0/22
188.92.240.0/22
193.254.248.0/23
194.58.79.0/24
194.135.100.0/24
194.135.103.0/24
194.135.135.0/24
195.135.204.0/22
195.234.52.0/24
195.234.130.0/24
195.234.140.0/24
195.234.143.0/24
212.24.34.0/24
212.24.42.0/24
212.24.45.0-212.24.46.255
212.24.49.0/24
212.24.51.0-212.24.54.255
212.24.59.0/24
212.158.173.0/24
213.134.192.0/19
217.22.160.0/23
217.22.163.0-217.22.164.255
217.22.167.0/24
217.23.130.0/23
217.23.142.0/24
217.23.146.0/24
217.23.151.0/24
IPv6:
2001:67c:79c::/48
2a00:9800::/32
2a00:9802::-2a00:9807:ffff:ffff:ffff:ffff:ffff:ffff
2a02:6d00::/32
2a02:e880::/29
2a0f:bec0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
13230
15599
15756
25227
43675
44053
44811
56384
57620
197673
Signature Algorithm: sha256WithRSAEncryption
34:88:87:da:d3:20:0d:13:4c:e8:cd:a3:04:c4:1f:d5:28:60:
d4:b9:90:b1:27:be:6b:91:32:5a:2c:0b:45:72:a7:75:e7:a3:
67:37:b8:d0:11:d7:12:fa:ee:c2:49:ef:9d:d7:a9:bf:bb:02:
ca:b0:6a:0d:bc:e3:d5:4b:25:7e:75:cb:b1:56:d1:e8:d3:3b:
e6:20:8b:20:38:6e:7e:f6:12:22:46:aa:20:0e:22:95:c8:57:
f7:5e:19:82:66:3b:cc:1e:c4:cb:67:84:2c:0f:73:3c:62:a1:
b6:41:37:dd:d8:56:26:a9:66:63:e8:97:4f:cf:2e:b1:2f:e2:
0f:7a:f0:40:ce:ab:ae:94:d5:24:69:c5:39:db:32:df:1a:ac:
29:95:65:fb:4b:db:09:4c:d0:6c:87:8d:31:b8:b5:3e:24:b0:
b7:5f:9a:62:be:e7:a3:e5:53:32:f3:16:d3:60:9f:b1:3b:8e:
36:0d:87:c8:4f:ce:fc:fd:7b:f4:4d:5d:5f:2f:2d:98:38:24:
c6:7c:b7:52:da:65:c4:50:95:09:44:a5:0a:2e:37:42:36:71:
72:4a:65:17:73:8d:8f:4a:51:9d:1f:ee:eb:ed:d9:2f:4c:21:
10:2d:6a:8b:1e:1d:6e:88:98:81:df:7f:1d:35:98:ba:09:14:
5f:f2:84:01
-----BEGIN CERTIFICATE-----
MIIIHjCCBwagAwIBAgISAZQiH+juk9Wpl4quJeZJMqYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRiN2QzMGMxYzRmNjI0MzE4MmQzZWNkM2QwNTM5ZjQyZmFhY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S337lDCbIEP3+9mSXrOnMGF9spz
s+vlh0zAW1Ebq7cZd0HUidmQvPAo5Ad8UVy9aHlC3ZkD12WQ8A4kp7TGSy//IaK3
3i6FeIdvIqFdReqR6f6EqLXSgAeV1d8VyKk4cWXYhQS9rbfQqEr1Tc8jjstO/rzJ
6bqJMQ2HnYcpORl6PvT58Mm0+usGSKIp3Qi3pU9p/85GRamLo26bLEa+X7DCX+/J
pI29C+Q5dUon9cVt9BSeaKMtgNACCiLf6VQWrQwEEuH8sR80V7+vPOORNFMSxWky
HuTdShze+5CFSp6CN/+WJVfpY0S/Kr7/2E2kaBK4ERZI1mgPeP+XwDdE7wIDAQAB
o4IFKjCCBSYwHQYDVR0OBBYEFJlLfTDBxPYkMYLT7NPQU59C+qz9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzRhYjgx
ZS00NWI4LTQxYTUtYWE1ZS01NjQ2ZWVkZDk5YmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNGFiODFl
LTQ1YjgtNDFhNS1hYTVlLTU2NDZlZWRkOTliZi8xL21VdDlNTUhFOWlReGd0UHMw
OUJUbjBMNnJQMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICfgYIKwYB
BQUHAQcBAf8EggJtMIICaTCCAigEAgABMIICIDAMAwQDBT0IAwQABT0MAwQDHw0Q
AwQDLhxYAwQDLiKYMAwDBAAut6EDBAAut6IDBAAut6QDBAA+IFIDBAA+IF8DBAA+
1UAwDAMEAD7VRQMEAz7VQDAMAwQBPtVSAwQBPtVUAwQCPtVYAwQAPtVdAwQCPtVg
AwQAPtVlAwQBPtVoAwQAPtVrMAwDBAA+1W0DBAA+1W4DBAA+1XMwDAMEAD7VdQME
AT7VeDAMAwQAPtV7AwQAPtV8AwQAPtV/AwQDT2LQMAwDBABQ+lEDBABQ+lIwDAME
AlD6VAMEAFD6VjAMAwQBUV+CAwQAUV+MAwQBUV+OAwQFVewAAwQCW8XAAwQCW8sI
AwQAW9/+AwQEXDxQAwQCXPI0MAwDBABdvz0DBABdvz4DBABefbsDBABefb4DBANe
f7ADBARe5gADBAJftYQDBAONiHADBAC5Cj8DBAG5Gs4DBAK5N6wDBAK5O4wDBAK5
TGwDBAK5hMQDBAK8XPADBAHB/vgDBADCOk8DBADCh2QDBADCh2cDBADCh4cDBALD
h8wDBADD6jQDBADD6oIDBADD6owDBADD6o8DBADUGCIDBADUGCowDAMEANQYLQME
ANQYLgMEANQYMTAMAwQA1BgzAwQA1Bg2AwQA1Bg7AwQA1J6tAwQF1YbAAwQB2Rag
MAwDBADZFqMDBADZFqQDBADZFqcDBAHZF4IDBADZF44DBADZF5IDBADZF5cwOwQC
AAIwNQMHACABBnwHnAMFACoAmAAwDgMFASoAmAIDBQMqAJgAAwUAKgJtAAMFAyoC
6IADBQAqD77AMEMGCCsGAQUFBwEIAQH/BDQwMqAwMC4CAjOuAgI87wICPYwCAmKL
AgMAqpsCAwCsFQIDAK8LAgMA3EACAwDhFAIDAwQpMA0GCSqGSIb3DQEBCwUAA4IB
AQA0iIfa0yANE0zozaMExB/VKGDUuZCxJ75rkTJaLAtFcqd156NnN7jQEdcS+u7C
Se+d16m/uwLKsGoNvOPVSyV+dcuxVtHo0zvmIIsgOG5+9hIiRqogDiKVyFf3XhmC
ZjvMHsTLZ4QsD3M8YqG2QTfd2FYmqWZj6JdPzy6xL+IPevBAzquulNUkacU52zLf
GqwplWX7S9sJTNBsh40xuLU+JLC3X5pivuej5VMy8xbTYJ+xO442DYfIT878/Xv0
TV1fLy2YOCTGfLdS2mXEUJUJRKUKLjdCNnFySmUXc42PSlGdH+7r7dkvTCEQLWqL
Hh1uiJiB338dNZi6CRRf8oQB
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:42 2025 by rpki-client