Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
File: ncKK6ZN_9-SexPEjTlPYud1pRUE.cer (raw, json)
Hash identifier: mcD/IkDm6wj7bHXHQQZ0OJtSpbk3/QdxAXpmb7avHS8=
Subject key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D5EB9EA03E8AA4B484C8BB1004C0E890B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 31 Jan 2024 08:54:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.172.176.0/24
IP: 46.226.124.0/24
IP: 62.68.69.0/24
IP: 62.204.59.0/24
IP: 80.71.151.0/24
IP: 89.107.8.0/24
IP: 91.221.80.0/24
IP: 91.247.191.0/24
IP: 109.234.75.0/24
IP: 146.19.121.0/24
IP: 146.19.227.0/24
IP: 185.83.230.0/24
IP: 185.138.166.0/24
IP: 185.149.151.0/24
IP: 185.151.144.0/24
IP: 185.235.224.0/24
IP: 185.249.55.0/24
IP: 188.244.127.0/24
IP: 193.3.171.0/24
IP: 193.163.23.0/24
IP: 193.201.13.0/24
IP: 194.62.107.0/24
IP: 195.64.108.0/24
IP: 195.225.97.0/24
IP: 217.119.131.0/24
IP: 2a05:b1c0::/29
IP: 2a09:3940::/29
IP: 2a10:3c00::/29
IP: 2a11:240::/29
IP: 2a11:2000::/29
IP: 2a11:22c0::/29
IP: 2a11:3cc0::/29
IP: 2a11:4500::/29
IP: 2a11:4fc0::/29
IP: 2a11:5680::/29
IP: 2a11:5e00::/29
IP: 2a11:7940::/29
IP: 2a11:99c0::/29
IP: 2a11:9a80::/29
IP: 2a11:a400::/29
IP: 2a11:a700::/29
IP: 2a11:d3c0::/29
IP: 2a11:f3c0::/29
IP: 2a11:f600::/29
IP: 2a12:880::/29
IP: 2a12:5f80::/29
IP: 2a12:9b80::/29
IP: 2a12:bd00::/29
IP: 2a12:dc80::/29
IP: 2a12:ee00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:b9:ea:03:e8:aa:4b:48:4c:8b:b1:00:4c:0e:89:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 31 08:54:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:17:7e:ef:80:d6:86:95:71:e3:10:24:ea:
a3:fd:0d:6f:64:db:48:33:3b:12:c9:69:c8:4f:79:
0d:9a:9d:03:89:1d:af:81:50:93:db:4f:55:63:84:
cd:29:da:19:3b:f6:33:f5:46:34:ce:21:8b:13:cd:
e5:60:b3:f2:6f:62:f0:5c:b4:33:d8:c1:b4:d8:f7:
ae:f9:fd:e1:50:71:29:5d:ff:34:7b:59:d9:45:dd:
01:8c:9a:4a:fa:af:52:05:10:6e:a4:c3:a1:34:0f:
42:c3:c4:26:07:ea:d7:51:45:d4:f4:87:9d:0c:9a:
c2:ce:9d:1f:63:54:a8:b9:24:5f:8f:c3:4c:7b:0c:
b5:cb:70:25:11:20:ac:04:2e:14:61:7a:dc:b2:ad:
b4:3c:ae:a4:54:88:a4:75:92:be:f9:34:87:96:34:
e6:32:65:a2:c7:37:1f:b0:6d:ec:a3:6a:1b:df:0b:
33:89:66:00:f3:86:dc:46:49:5b:40:34:14:70:29:
b2:cd:fc:65:99:99:0c:0c:50:32:4e:c7:47:02:55:
12:4d:f7:48:47:f5:4f:e2:43:57:a9:d4:e7:98:04:
1a:fb:d7:0d:bd:13:ea:cf:52:bf:5b:db:6d:4b:87:
85:1e:b4:d0:f7:3f:29:ea:78:4e:6c:46:66:87:e2:
c1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.176.0/24
46.226.124.0/24
62.68.69.0/24
62.204.59.0/24
80.71.151.0/24
89.107.8.0/24
91.221.80.0/24
91.247.191.0/24
109.234.75.0/24
146.19.121.0/24
146.19.227.0/24
185.83.230.0/24
185.138.166.0/24
185.149.151.0/24
185.151.144.0/24
185.235.224.0/24
185.249.55.0/24
188.244.127.0/24
193.3.171.0/24
193.163.23.0/24
193.201.13.0/24
194.62.107.0/24
195.64.108.0/24
195.225.97.0/24
217.119.131.0/24
IPv6:
2a05:b1c0::/29
2a09:3940::/29
2a10:3c00::/29
2a11:240::/29
2a11:2000::/29
2a11:22c0::/29
2a11:3cc0::/29
2a11:4500::/29
2a11:4fc0::/29
2a11:5680::/29
2a11:5e00::/29
2a11:7940::/29
2a11:99c0::/29
2a11:9a80::/29
2a11:a400::/29
2a11:a700::/29
2a11:d3c0::/29
2a11:f3c0::/29
2a11:f600::/29
2a12:880::/29
2a12:5f80::/29
2a12:9b80::/29
2a12:bd00::/29
2a12:dc80::/29
2a12:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
45:d2:dd:37:24:b3:d6:f7:93:28:7a:b9:58:d0:a2:b8:3e:ce:
21:e9:e4:42:d1:3c:17:f8:91:77:03:82:d8:55:8f:e0:18:85:
cd:9a:f9:e1:27:1b:1f:1d:89:e9:0b:c8:0f:4c:f1:93:39:e4:
04:c4:c9:7f:89:3f:95:22:a0:02:4e:d8:79:9f:80:41:16:c4:
3d:0d:a7:3a:b3:a4:98:e0:9e:00:ed:c7:6e:40:ab:8a:c3:c2:
92:13:3f:03:27:5b:44:f4:d1:b2:f3:91:67:39:2b:bd:07:6e:
ef:a3:b9:67:94:32:8f:bf:48:29:74:13:48:e3:e5:cb:b2:b4:
22:a5:2d:49:7a:e9:f4:ca:82:c2:dd:23:f6:69:ce:10:49:0a:
a4:9b:c1:28:9c:5b:28:4b:de:28:f7:91:68:4d:ba:44:e0:f8:
d6:ee:20:92:fb:75:ae:5f:cb:fa:fb:f9:f4:c7:b7:4c:88:3e:
9b:2f:3f:78:8a:ce:51:c5:2e:d0:5c:ad:d8:e8:e8:cf:52:5b:
4b:54:ca:65:e5:55:29:73:31:04:6d:91:e0:51:11:df:7e:b4:
52:95:1b:c5:45:5c:ef:87:92:e4:be:4c:69:ff:5c:f4:fa:5d:
cb:3e:9c:ed:6f:85:00:c8:92:b7:7d:06:fc:fd:41:39:5c:9b:
5f:63:a0:47
-----BEGIN CERTIFICATE-----
MIIGyTCCBbGgAwIBAgISAY1eueoD6KpLSEyLsQBMDokLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTMxMDg1NDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMyOGFlOTkzN2ZmN2U0OWVjNGYxMjM0ZTUzZDhiOWRkNjk0NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2cXfu+A1oaVceMQJOqj/Q1vZNtI
MzsSyWnIT3kNmp0DiR2vgVCT209VY4TNKdoZO/Yz9UY0ziGLE83lYLPyb2LwXLQz
2MG02Peu+f3hUHEpXf80e1nZRd0BjJpK+q9SBRBupMOhNA9Cw8QmB+rXUUXU9Ied
DJrCzp0fY1SouSRfj8NMewy1y3AlESCsBC4UYXrcsq20PK6kVIikdZK++TSHljTm
MmWixzcfsG3so2ob3wsziWYA84bcRklbQDQUcCmyzfxlmZkMDFAyTsdHAlUSTfdI
R/VP4kNXqdTnmAQa+9cNvRPqz1K/W9ttS4eFHrTQ9z8p6nhObEZmh+LB6wIDAQAB
o4ID1TCCA9EwHQYDVR0OBBYEFJ3CiumTf/fknsTxI05T2LndaUVBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzL2MwMzMw
Yy05ODcyLTRhYzYtYTIyYy0xOTJjYmQwOGRiNTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYzAzMzBj
LTk4NzItNGFjNi1hMjJjLTE5MmNiZDA4ZGI1MS8xL25jS0s2Wk5fOS1TZXhQRWpU
bFBZdWQxcFJVRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBbgYIKwYB
BQUHAQcBAf8EggFdMIIBWTCBnQQCAAEwgZYDBAAFrLADBAAu4nwDBAA+REUDBAA+
zDsDBABQR5cDBABZawgDBABb3VADBABb978DBABt6ksDBACSE3kDBACSE+MDBAC5
U+YDBAC5iqYDBAC5lZcDBAC5l5ADBAC56+ADBAC5+TcDBAC89H8DBADBA6sDBADB
oxcDBADByQ0DBADCPmsDBADDQGwDBADD4WEDBADZd4MwgbYEAgACMIGvAwUDKgWx
wAMFAyoJOUADBQMqEDwAAwUDKhECQAMFAyoRIAADBQMqESLAAwUDKhE8wAMFAyoR
RQADBQMqEU/AAwUDKhFWgAMFAyoRXgADBQMqEXlAAwUDKhGZwAMFAyoRmoADBQMq
EaQAAwUDKhGnAAMFAyoR08ADBQMqEfPAAwUDKhH2AAMFAyoSCIADBQMqEl+AAwUD
KhKbgAMFAyoSvQADBQMqEtyAAwUDKhLuADANBgkqhkiG9w0BAQsFAAOCAQEARdLd
NySz1veTKHq5WNCiuD7OIenkQtE8F/iRdwOC2FWP4BiFzZr54ScbHx2J6QvID0zx
kznkBMTJf4k/lSKgAk7YeZ+AQRbEPQ2nOrOkmOCeAO3HbkCrisPCkhM/AydbRPTR
svORZzkrvQdu76O5Z5Qyj79IKXQTSOPly7K0IqUtSXrp9MqCwt0j9mnOEEkKpJvB
KJxbKEveKPeRaE26ROD41u4gkvt1rl/L+vv59Me3TIg+my8/eIrOUcUu0Fyt2Ojo
z1JbS1TKZeVVKXMxBG2R4FER3360UpUbxUVc74eS5L5Maf9c9Ppdyz6c7W+FAMiS
t30G/P1BOVybX2OgRw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:37:34 2024 by rpki-client on console-ams.rpki-client.org