Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
File: ogiOBtVTz_KT0nf012w6cQvYsvc.cer (raw, json)
Hash identifier: zLIPQ4Wza4rOQ0vvr1lRq+t/jDBvFEy9RUMLEO6yVzY=
Subject key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FB65612E96C3E3C32937CFE2D6C8B0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:08 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 8926
AS: 31580
AS: 41221
IP: 5.56.64.0/18
IP: 37.75.16.0/20
IP: 37.75.64.0/18
IP: 46.55.0.0/17
IP: 85.204.176.0/21
IP: 86.104.196.0/22
IP: 86.105.56.0/21
IP: 86.105.80.0/21
IP: 86.105.172.0/22
IP: 86.105.208.0/22
IP: 86.106.144.0/21
IP: 86.106.208.0 -- 86.106.255.255
IP: 86.107.64.0/22
IP: 86.107.160.0/21
IP: 89.32.56.0/21
IP: 89.32.136.0/21
IP: 89.32.172.0/22
IP: 89.32.252.0/22
IP: 89.34.64.0/21
IP: 89.34.112.0/21
IP: 89.34.192.0/21
IP: 89.34.204.0/22
IP: 89.34.232.0/22
IP: 89.35.8.0/21
IP: 89.35.40.0/21
IP: 89.35.84.0/22
IP: 89.35.200.0/22
IP: 89.36.156.0/22
IP: 89.37.44.0/22
IP: 89.37.104.0/24
IP: 89.38.32.0/22
IP: 89.38.64.0/22
IP: 89.38.76.0/22
IP: 89.39.76.0/22
IP: 89.39.84.0/22
IP: 89.39.96.0/21
IP: 89.39.112.0/21
IP: 89.40.228.0/22
IP: 89.41.64.0/18
IP: 89.42.64.0/22
IP: 89.42.72.0/21
IP: 89.42.104.0/22
IP: 89.42.128.0/22
IP: 89.42.180.0/22
IP: 89.42.224.0/22
IP: 89.43.128.0/22
IP: 89.43.168.0/22
IP: 89.44.152.0/22
IP: 89.45.40.0/22
IP: 89.46.164.0/22
IP: 92.114.128.0 -- 92.115.255.255
IP: 93.113.64.0/21
IP: 93.113.80.0/21
IP: 93.113.92.0/22
IP: 93.113.244.0/22
IP: 93.115.136.0/21
IP: 93.116.0.0/16
IP: 93.117.48.0/20
IP: 93.117.68.0 -- 93.117.79.255
IP: 93.117.128.0/21
IP: 93.117.140.0 -- 93.117.151.255
IP: 93.117.156.0 -- 93.117.171.255
IP: 93.118.176.0/22
IP: 93.118.188.0/22
IP: 93.119.96.0/21
IP: 93.119.108.0/22
IP: 93.119.128.0/21
IP: 93.119.140.0 -- 93.119.151.255
IP: 93.119.160.0/21
IP: 93.119.196.0 -- 93.119.207.255
IP: 93.119.228.0 -- 93.119.239.255
IP: 94.176.64.0/20
IP: 109.185.0.0/16
IP: 178.132.112.0 -- 178.132.191.255
IP: 185.28.104.0/22
IP: 188.208.96.0/22
IP: 188.208.104.0/22
IP: 188.208.112.0/22
IP: 188.208.120.0/21
IP: 188.208.192.0/22
IP: 188.208.204.0/22
IP: 188.209.216.0/21
IP: 188.210.240.0 -- 188.210.251.255
IP: 188.212.0.0/22
IP: 188.212.8.0/21
IP: 188.212.24.0/21
IP: 188.212.40.0/21
IP: 188.213.36.0/22
IP: 188.213.52.0/22
IP: 188.213.220.0/22
IP: 188.213.236.0/22
IP: 188.213.244.0/22
IP: 188.214.60.0/22
IP: 188.214.136.0/22
IP: 188.214.144.0/22
IP: 188.214.200.0/21
IP: 188.214.228.0/22
IP: 188.215.236.0/22
IP: 188.215.252.0/22
IP: 188.237.0.0/16
IP: 193.17.78.0/24
IP: 212.0.192.0/19
IP: 2001:7f8:6a::/48
IP: 2a02:a30::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:65:61:2e:96:c3:e3:c3:29:37:cf:e2:d6:c8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:95:58:74:f8:53:7d:5a:e7:e5:e9:13:60:
74:de:53:92:c2:b6:f1:f4:0b:5b:e3:1e:6c:f5:72:
40:64:20:9a:15:bf:d1:d9:5f:39:18:1f:01:1c:65:
30:91:7d:d0:c2:40:39:78:2e:06:c8:09:bb:a0:b1:
4f:19:35:fd:3e:36:3e:3a:72:e7:f9:4b:44:92:5d:
61:f1:ec:40:6f:82:56:0d:9d:17:ee:7b:06:6c:a1:
6b:f2:7b:34:99:95:2c:df:90:6a:cf:0d:ce:ec:fc:
88:a8:05:e2:1b:20:f1:93:05:4d:f6:8f:89:a8:e8:
18:4b:30:ad:2e:76:1a:98:78:f8:dc:df:84:7a:86:
0a:40:14:ab:94:80:69:f6:f3:30:c1:81:09:37:65:
a3:ec:55:52:5a:1e:dc:48:93:85:ad:d7:05:5b:4e:
28:e5:b7:e5:ec:a5:60:e2:92:4a:7c:80:cb:07:cd:
a1:1e:46:cb:fd:4c:fa:b9:2b:d0:3d:f6:64:5f:2b:
15:79:f4:9b:bb:6f:f5:84:60:1e:11:92:f3:83:0f:
f7:b0:c1:10:ac:87:0f:58:4a:a8:9e:d0:c4:3d:0c:
6c:68:db:13:d2:69:33:c7:10:24:54:30:71:3e:43:
c6:86:df:4f:69:9e:92:da:ec:f1:ab:8d:fc:a3:0f:
9a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.64.0/18
37.75.16.0/20
37.75.64.0/18
46.55.0.0/17
85.204.176.0/21
86.104.196.0/22
86.105.56.0/21
86.105.80.0/21
86.105.172.0/22
86.105.208.0/22
86.106.144.0/21
86.106.208.0-86.106.255.255
86.107.64.0/22
86.107.160.0/21
89.32.56.0/21
89.32.136.0/21
89.32.172.0/22
89.32.252.0/22
89.34.64.0/21
89.34.112.0/21
89.34.192.0/21
89.34.204.0/22
89.34.232.0/22
89.35.8.0/21
89.35.40.0/21
89.35.84.0/22
89.35.200.0/22
89.36.156.0/22
89.37.44.0/22
89.37.104.0/24
89.38.32.0/22
89.38.64.0/22
89.38.76.0/22
89.39.76.0/22
89.39.84.0/22
89.39.96.0/21
89.39.112.0/21
89.40.228.0/22
89.41.64.0/18
89.42.64.0/22
89.42.72.0/21
89.42.104.0/22
89.42.128.0/22
89.42.180.0/22
89.42.224.0/22
89.43.128.0/22
89.43.168.0/22
89.44.152.0/22
89.45.40.0/22
89.46.164.0/22
92.114.128.0-92.115.255.255
93.113.64.0/21
93.113.80.0/21
93.113.92.0/22
93.113.244.0/22
93.115.136.0/21
93.116.0.0/16
93.117.48.0/20
93.117.68.0-93.117.79.255
93.117.128.0/21
93.117.140.0-93.117.151.255
93.117.156.0-93.117.171.255
93.118.176.0/22
93.118.188.0/22
93.119.96.0/21
93.119.108.0/22
93.119.128.0/21
93.119.140.0-93.119.151.255
93.119.160.0/21
93.119.196.0-93.119.207.255
93.119.228.0-93.119.239.255
94.176.64.0/20
109.185.0.0/16
178.132.112.0-178.132.191.255
185.28.104.0/22
188.208.96.0/22
188.208.104.0/22
188.208.112.0/22
188.208.120.0/21
188.208.192.0/22
188.208.204.0/22
188.209.216.0/21
188.210.240.0-188.210.251.255
188.212.0.0/22
188.212.8.0/21
188.212.24.0/21
188.212.40.0/21
188.213.36.0/22
188.213.52.0/22
188.213.220.0/22
188.213.236.0/22
188.213.244.0/22
188.214.60.0/22
188.214.136.0/22
188.214.144.0/22
188.214.200.0/21
188.214.228.0/22
188.215.236.0/22
188.215.252.0/22
188.237.0.0/16
193.17.78.0/24
212.0.192.0/19
IPv6:
2001:7f8:6a::/48
2a02:a30::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8926
31580
41221
Signature Algorithm: sha256WithRSAEncryption
03:a6:3a:c8:d6:7f:99:ad:cc:08:b8:f3:68:e8:ce:a7:62:d4:
42:9d:aa:c7:d6:c9:af:73:5a:8f:05:78:57:41:d2:7f:b7:e9:
82:16:38:31:b1:b7:ad:fb:d3:1a:13:9f:55:27:8a:68:78:ae:
c0:2e:08:c1:1d:63:41:d2:d9:4b:cb:34:fb:54:a0:0b:14:e2:
4f:0b:c1:6b:32:d3:12:ec:25:31:6e:d5:32:17:f1:e5:cb:9e:
53:b1:e5:21:f0:f8:24:69:b7:4e:1b:fa:00:40:ad:33:cf:ff:
cc:36:72:b6:c9:c7:e9:81:5d:bd:15:a0:b4:b0:67:06:9e:8e:
ac:0e:39:6b:3c:fc:3b:b4:b2:f7:5c:35:ae:71:c5:0b:b0:c4:
a2:bd:9c:fb:f0:a5:cf:44:84:80:f1:4b:3d:4e:95:dd:c9:8f:
e2:ed:c5:13:86:dc:ed:7f:e5:87:45:d6:5e:23:de:c7:54:1e:
ae:f1:03:90:ee:f9:ce:45:8a:05:f2:bd:dc:cb:21:98:cb:10:
b7:30:8a:ee:c2:39:25:05:38:ee:c0:d5:da:ea:ed:59:84:07:
7a:22:38:ea:04:26:20:d4:35:e4:8d:48:fc:fa:17:62:03:0e:
f8:2e:eb:a9:a7:4d:69:e0:ad:c6:df:63:da:ff:d2:d7:c3:b4:
95:9a:95:07
-----BEGIN CERTIFICATE-----
MIIIZzCCB0+gAwIBAgISAZQi+2VhLpbD48MpN8/i1siwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA4OGUwNmQ1NTNjZmYyOTNkMjc3ZjRkNzZjM2E3MTBiZDhiMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8SVWHT4U31a5+XpE2B03lOSwrbx
9Atb4x5s9XJAZCCaFb/R2V85GB8BHGUwkX3QwkA5eC4GyAm7oLFPGTX9PjY+OnLn
+UtEkl1h8exAb4JWDZ0X7nsGbKFr8ns0mZUs35Bqzw3O7PyIqAXiGyDxkwVN9o+J
qOgYSzCtLnYamHj43N+EeoYKQBSrlIBp9vMwwYEJN2Wj7FVSWh7cSJOFrdcFW04o
5bfl7KVg4pJKfIDLB82hHkbL/Uz6uSvQPfZkXysVefSbu2/1hGAeEZLzgw/3sMEQ
rIcPWEqontDEPQxsaNsT0mkzxxAkVDBxPkPGht9PaZ6S2uzxq438ow+aeQIDAQAB
o4IFczCCBW8wHQYDVR0OBBYEFKIIjgbVU8/yk9J39NdsOnEL2LL3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxL2I0NWQ3
OS1hNGQ3LTQ0NjAtYmZlNy1iYmVhMjkxOGUxMDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvYjQ1ZDc5
LWE0ZDctNDQ2MC1iZmU3LWJiZWEyOTE4ZTEwMi8xL29naU9CdFZUel9LVDBuZjAx
Mnc2Y1F2WXN2Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIC6AYIKwYB
BQUHAQcBAf8EggLXMIIC0zCCArcEAgABMIICrwMEBgU4QAMEBCVLEAMEBiVLQAME
By43AAMEA1XMsAMEAlZoxAMEA1ZpOAMEA1ZpUAMEAlZprAMEAlZp0AMEA1ZqkDAL
AwQEVmrQAwMAVmoDBAJWa0ADBANWa6ADBANZIDgDBANZIIgDBAJZIKwDBAJZIPwD
BANZIkADBANZInADBANZIsADBAJZIswDBAJZIugDBANZIwgDBANZIygDBAJZI1QD
BAJZI8gDBAJZJJwDBAJZJSwDBABZJWgDBAJZJiADBAJZJkADBAJZJkwDBAJZJ0wD
BAJZJ1QDBANZJ2ADBANZJ3ADBAJZKOQDBAZZKUADBAJZKkADBANZKkgDBAJZKmgD
BAJZKoADBAJZKrQDBAJZKuADBAJZK4ADBAJZK6gDBAJZLJgDBAJZLSgDBAJZLqQw
CwMEB1xygAMDAlxwAwQDXXFAAwQDXXFQAwQCXXFcAwQCXXH0AwQDXXOIAwMAXXQD
BARddTAwDAMEAl11RAMEBF11QAMEA111gDAMAwQCXXWMAwQDXXWQMAwDBAJddZwD
BAJddagDBAJddrADBAJddrwDBANdd2ADBAJdd2wDBANdd4AwDAMEAl13jAMEA113
kAMEA113oDAMAwQCXXfEAwQEXXfAMAwDBAJdd+QDBARdd+ADBAResEADAwBtuTAM
AwQEsoRwAwQGsoSAAwQCuRxoAwQCvNBgAwQCvNBoAwQCvNBwAwQDvNB4AwQCvNDA
AwQCvNDMAwQDvNHYMAwDBAS80vADBAK80vgDBAK81AADBAO81AgDBAO81BgDBAO8
1CgDBAK81SQDBAK81TQDBAK81dwDBAK81ewDBAK81fQDBAK81jwDBAK81ogDBAK8
1pADBAO81sgDBAK81uQDBAK81+wDBAK81/wDAwC87QMEAMERTgMEBdQAwDAWBAIA
AjAQAwcAIAEH+ABqAwUDKgIKMDAiBggrBgEFBQcBCAEB/wQTMBGgDzANAgIi3gIC
e1wCAwChBTANBgkqhkiG9w0BAQsFAAOCAQEAA6Y6yNZ/ma3MCLjzaOjOp2LUQp2q
x9bJr3NajwV4V0HSf7fpghY4MbG3rfvTGhOfVSeKaHiuwC4IwR1jQdLZS8s0+1Sg
CxTiTwvBazLTEuwlMW7VMhfx5cueU7HlIfD4JGm3Thv6AECtM8//zDZytsnH6YFd
vRWgtLBnBp6OrA45azz8O7Sy91w1rnHFC7DEor2c+/Clz0SEgPFLPU6V3cmP4u3F
E4bc7X/lh0XWXiPex1QervEDkO75zkWKBfK93MshmMsQtzCK7sI5JQU47sDV2urt
WYQHeiI46gQmINQ15I1I/PoXYgMO+C7rqadNaeCtxt9j2v/S18O0lZqVBw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:18:50 2025 by rpki-client