Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
File: ogiOBtVTz_KT0nf012w6cQvYsvc.cer (raw, json)
Hash identifier: sak/bvsX2PoZ1B0RmpP4/IF91c9tYa+8jXhgi/fSGfk=
Subject key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56E331643EF566DB425F9514903BEF9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8926
AS: 31580
AS: 41221
IP: 5.56.64.0/18
IP: 37.75.16.0/20
IP: 37.75.64.0/18
IP: 46.55.0.0/17
IP: 85.204.176.0/21
IP: 86.104.196.0/22
IP: 86.105.56.0/21
IP: 86.105.80.0/21
IP: 86.105.172.0/22
IP: 86.105.208.0/22
IP: 86.106.144.0/21
IP: 86.106.208.0 -- 86.106.255.255
IP: 86.107.64.0/22
IP: 86.107.160.0/21
IP: 89.32.56.0/21
IP: 89.32.136.0/21
IP: 89.32.172.0/22
IP: 89.32.252.0/22
IP: 89.34.64.0/21
IP: 89.34.112.0/21
IP: 89.34.192.0/21
IP: 89.34.204.0/22
IP: 89.34.232.0/22
IP: 89.35.8.0/21
IP: 89.35.40.0/21
IP: 89.35.84.0/22
IP: 89.35.200.0/22
IP: 89.36.156.0/22
IP: 89.37.44.0/22
IP: 89.37.104.0/24
IP: 89.38.32.0/22
IP: 89.38.64.0/22
IP: 89.38.76.0/22
IP: 89.39.76.0/22
IP: 89.39.84.0/22
IP: 89.39.96.0/21
IP: 89.39.112.0/21
IP: 89.40.228.0/22
IP: 89.41.64.0/18
IP: 89.42.64.0/22
IP: 89.42.72.0/21
IP: 89.42.104.0/22
IP: 89.42.128.0/22
IP: 89.42.180.0/22
IP: 89.42.224.0/22
IP: 89.43.128.0/22
IP: 89.43.168.0/22
IP: 89.44.152.0/22
IP: 89.45.40.0/22
IP: 89.46.164.0/22
IP: 92.114.128.0 -- 92.115.255.255
IP: 93.113.64.0/21
IP: 93.113.80.0/21
IP: 93.113.92.0/22
IP: 93.113.244.0/22
IP: 93.115.136.0/21
IP: 93.116.0.0/16
IP: 93.117.48.0/20
IP: 93.117.68.0 -- 93.117.79.255
IP: 93.117.128.0/21
IP: 93.117.140.0 -- 93.117.151.255
IP: 93.117.156.0 -- 93.117.171.255
IP: 93.118.176.0/22
IP: 93.118.188.0/22
IP: 93.119.96.0/21
IP: 93.119.108.0/22
IP: 93.119.128.0/21
IP: 93.119.140.0 -- 93.119.151.255
IP: 93.119.160.0/21
IP: 93.119.196.0 -- 93.119.207.255
IP: 93.119.228.0 -- 93.119.239.255
IP: 94.176.64.0/20
IP: 109.185.0.0/16
IP: 178.132.112.0 -- 178.132.191.255
IP: 185.28.104.0/22
IP: 188.208.96.0/22
IP: 188.208.104.0/22
IP: 188.208.112.0/22
IP: 188.208.120.0/21
IP: 188.208.192.0/22
IP: 188.208.204.0/22
IP: 188.209.216.0/21
IP: 188.210.240.0 -- 188.210.251.255
IP: 188.212.0.0/22
IP: 188.212.8.0/21
IP: 188.212.24.0/21
IP: 188.212.40.0/21
IP: 188.213.36.0/22
IP: 188.213.52.0/22
IP: 188.213.220.0/22
IP: 188.213.236.0/22
IP: 188.213.244.0/22
IP: 188.214.60.0/22
IP: 188.214.136.0/22
IP: 188.214.144.0/22
IP: 188.214.200.0/21
IP: 188.214.228.0/22
IP: 188.215.236.0/22
IP: 188.215.252.0/22
IP: 188.237.0.0/16
IP: 193.17.78.0/24
IP: 212.0.192.0/19
IP: 2001:7f8:6a::/48
IP: 2a02:a30::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:33:16:43:ef:56:6d:b4:25:f9:51:49:03:be:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c4:95:58:74:f8:53:7d:5a:e7:e5:e9:13:60:
74:de:53:92:c2:b6:f1:f4:0b:5b:e3:1e:6c:f5:72:
40:64:20:9a:15:bf:d1:d9:5f:39:18:1f:01:1c:65:
30:91:7d:d0:c2:40:39:78:2e:06:c8:09:bb:a0:b1:
4f:19:35:fd:3e:36:3e:3a:72:e7:f9:4b:44:92:5d:
61:f1:ec:40:6f:82:56:0d:9d:17:ee:7b:06:6c:a1:
6b:f2:7b:34:99:95:2c:df:90:6a:cf:0d:ce:ec:fc:
88:a8:05:e2:1b:20:f1:93:05:4d:f6:8f:89:a8:e8:
18:4b:30:ad:2e:76:1a:98:78:f8:dc:df:84:7a:86:
0a:40:14:ab:94:80:69:f6:f3:30:c1:81:09:37:65:
a3:ec:55:52:5a:1e:dc:48:93:85:ad:d7:05:5b:4e:
28:e5:b7:e5:ec:a5:60:e2:92:4a:7c:80:cb:07:cd:
a1:1e:46:cb:fd:4c:fa:b9:2b:d0:3d:f6:64:5f:2b:
15:79:f4:9b:bb:6f:f5:84:60:1e:11:92:f3:83:0f:
f7:b0:c1:10:ac:87:0f:58:4a:a8:9e:d0:c4:3d:0c:
6c:68:db:13:d2:69:33:c7:10:24:54:30:71:3e:43:
c6:86:df:4f:69:9e:92:da:ec:f1:ab:8d:fc:a3:0f:
9a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.64.0/18
37.75.16.0/20
37.75.64.0/18
46.55.0.0/17
85.204.176.0/21
86.104.196.0/22
86.105.56.0/21
86.105.80.0/21
86.105.172.0/22
86.105.208.0/22
86.106.144.0/21
86.106.208.0-86.106.255.255
86.107.64.0/22
86.107.160.0/21
89.32.56.0/21
89.32.136.0/21
89.32.172.0/22
89.32.252.0/22
89.34.64.0/21
89.34.112.0/21
89.34.192.0/21
89.34.204.0/22
89.34.232.0/22
89.35.8.0/21
89.35.40.0/21
89.35.84.0/22
89.35.200.0/22
89.36.156.0/22
89.37.44.0/22
89.37.104.0/24
89.38.32.0/22
89.38.64.0/22
89.38.76.0/22
89.39.76.0/22
89.39.84.0/22
89.39.96.0/21
89.39.112.0/21
89.40.228.0/22
89.41.64.0/18
89.42.64.0/22
89.42.72.0/21
89.42.104.0/22
89.42.128.0/22
89.42.180.0/22
89.42.224.0/22
89.43.128.0/22
89.43.168.0/22
89.44.152.0/22
89.45.40.0/22
89.46.164.0/22
92.114.128.0-92.115.255.255
93.113.64.0/21
93.113.80.0/21
93.113.92.0/22
93.113.244.0/22
93.115.136.0/21
93.116.0.0/16
93.117.48.0/20
93.117.68.0-93.117.79.255
93.117.128.0/21
93.117.140.0-93.117.151.255
93.117.156.0-93.117.171.255
93.118.176.0/22
93.118.188.0/22
93.119.96.0/21
93.119.108.0/22
93.119.128.0/21
93.119.140.0-93.119.151.255
93.119.160.0/21
93.119.196.0-93.119.207.255
93.119.228.0-93.119.239.255
94.176.64.0/20
109.185.0.0/16
178.132.112.0-178.132.191.255
185.28.104.0/22
188.208.96.0/22
188.208.104.0/22
188.208.112.0/22
188.208.120.0/21
188.208.192.0/22
188.208.204.0/22
188.209.216.0/21
188.210.240.0-188.210.251.255
188.212.0.0/22
188.212.8.0/21
188.212.24.0/21
188.212.40.0/21
188.213.36.0/22
188.213.52.0/22
188.213.220.0/22
188.213.236.0/22
188.213.244.0/22
188.214.60.0/22
188.214.136.0/22
188.214.144.0/22
188.214.200.0/21
188.214.228.0/22
188.215.236.0/22
188.215.252.0/22
188.237.0.0/16
193.17.78.0/24
212.0.192.0/19
IPv6:
2001:7f8:6a::/48
2a02:a30::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8926
31580
41221
Signature Algorithm: sha256WithRSAEncryption
37:99:b8:6f:28:16:2f:a8:c6:21:4d:fc:a8:51:c0:50:16:2f:
66:55:54:a4:87:d0:c4:f8:cb:f1:8f:be:f2:03:78:8c:4a:d6:
ff:ae:f2:2b:86:52:fc:3b:a8:be:c5:b4:b4:29:d6:f2:ac:52:
dc:d4:14:31:5f:27:19:fa:aa:d1:04:7a:86:04:f4:a4:96:68:
f3:76:eb:80:91:c1:59:12:b9:2b:94:4d:8e:86:12:f3:01:3f:
1f:af:9e:b7:98:cb:c1:8c:78:2a:af:5c:21:ea:71:f9:61:e7:
a8:3e:55:b6:a1:94:8d:e9:90:58:bb:a7:ae:a2:54:64:b1:de:
16:f4:41:14:75:cf:71:cd:95:e3:84:ae:48:d4:4f:3a:3c:ec:
c8:8a:ab:85:50:db:0d:2f:79:b1:bf:a5:e7:f1:19:a8:8f:68:
1e:b6:44:37:a2:a5:58:4e:8e:23:db:45:1e:88:0b:47:74:2b:
11:b1:e3:67:e5:2b:49:3a:58:58:8f:3a:ce:a3:d1:b0:63:bf:
17:14:92:e1:e8:28:66:0c:d6:a3:3c:45:b6:2f:dd:ca:f3:66:
35:08:c6:4d:e4:cd:41:14:3c:c1:83:e3:b0:59:6e:79:b9:ea:
57:d5:3a:b8:0d:ee:7f:aa:38:e9:d3:af:ae:01:a2:56:fe:5a:
c6:d2:ac:36
-----BEGIN CERTIFICATE-----
MIIIZzCCB0+gAwIBAgISAYzFbjMWQ+9WbbQl+VFJA775MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA4OGUwNmQ1NTNjZmYyOTNkMjc3ZjRkNzZjM2E3MTBiZDhiMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8SVWHT4U31a5+XpE2B03lOSwrbx
9Atb4x5s9XJAZCCaFb/R2V85GB8BHGUwkX3QwkA5eC4GyAm7oLFPGTX9PjY+OnLn
+UtEkl1h8exAb4JWDZ0X7nsGbKFr8ns0mZUs35Bqzw3O7PyIqAXiGyDxkwVN9o+J
qOgYSzCtLnYamHj43N+EeoYKQBSrlIBp9vMwwYEJN2Wj7FVSWh7cSJOFrdcFW04o
5bfl7KVg4pJKfIDLB82hHkbL/Uz6uSvQPfZkXysVefSbu2/1hGAeEZLzgw/3sMEQ
rIcPWEqontDEPQxsaNsT0mkzxxAkVDBxPkPGht9PaZ6S2uzxq438ow+aeQIDAQAB
o4IFczCCBW8wHQYDVR0OBBYEFKIIjgbVU8/yk9J39NdsOnEL2LL3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxL2I0NWQ3
OS1hNGQ3LTQ0NjAtYmZlNy1iYmVhMjkxOGUxMDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvYjQ1ZDc5
LWE0ZDctNDQ2MC1iZmU3LWJiZWEyOTE4ZTEwMi8xL29naU9CdFZUel9LVDBuZjAx
Mnc2Y1F2WXN2Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIC6AYIKwYB
BQUHAQcBAf8EggLXMIIC0zCCArcEAgABMIICrwMEBgU4QAMEBCVLEAMEBiVLQAME
By43AAMEA1XMsAMEAlZoxAMEA1ZpOAMEA1ZpUAMEAlZprAMEAlZp0AMEA1ZqkDAL
AwQEVmrQAwMAVmoDBAJWa0ADBANWa6ADBANZIDgDBANZIIgDBAJZIKwDBAJZIPwD
BANZIkADBANZInADBANZIsADBAJZIswDBAJZIugDBANZIwgDBANZIygDBAJZI1QD
BAJZI8gDBAJZJJwDBAJZJSwDBABZJWgDBAJZJiADBAJZJkADBAJZJkwDBAJZJ0wD
BAJZJ1QDBANZJ2ADBANZJ3ADBAJZKOQDBAZZKUADBAJZKkADBANZKkgDBAJZKmgD
BAJZKoADBAJZKrQDBAJZKuADBAJZK4ADBAJZK6gDBAJZLJgDBAJZLSgDBAJZLqQw
CwMEB1xygAMDAlxwAwQDXXFAAwQDXXFQAwQCXXFcAwQCXXH0AwQDXXOIAwMAXXQD
BARddTAwDAMEAl11RAMEBF11QAMEA111gDAMAwQCXXWMAwQDXXWQMAwDBAJddZwD
BAJddagDBAJddrADBAJddrwDBANdd2ADBAJdd2wDBANdd4AwDAMEAl13jAMEA113
kAMEA113oDAMAwQCXXfEAwQEXXfAMAwDBAJdd+QDBARdd+ADBAResEADAwBtuTAM
AwQEsoRwAwQGsoSAAwQCuRxoAwQCvNBgAwQCvNBoAwQCvNBwAwQDvNB4AwQCvNDA
AwQCvNDMAwQDvNHYMAwDBAS80vADBAK80vgDBAK81AADBAO81AgDBAO81BgDBAO8
1CgDBAK81SQDBAK81TQDBAK81dwDBAK81ewDBAK81fQDBAK81jwDBAK81ogDBAK8
1pADBAO81sgDBAK81uQDBAK81+wDBAK81/wDAwC87QMEAMERTgMEBdQAwDAWBAIA
AjAQAwcAIAEH+ABqAwUDKgIKMDAiBggrBgEFBQcBCAEB/wQTMBGgDzANAgIi3gIC
e1wCAwChBTANBgkqhkiG9w0BAQsFAAOCAQEAN5m4bygWL6jGIU38qFHAUBYvZlVU
pIfQxPjL8Y++8gN4jErW/67yK4ZS/DuovsW0tCnW8qxS3NQUMV8nGfqq0QR6hgT0
pJZo83brgJHBWRK5K5RNjoYS8wE/H6+et5jLwYx4Kq9cIepx+WHnqD5VtqGUjemQ
WLunrqJUZLHeFvRBFHXPcc2V44SuSNRPOjzsyIqrhVDbDS95sb+l5/EZqI9oHrZE
N6KlWE6OI9tFHogLR3QrEbHjZ+UrSTpYWI86zqPRsGO/FxSS4egoZgzWozxFti/d
yvNmNQjGTeTNQRQ8wYPjsFluebnqV9U6uA3uf6o46dOvrgGiVv5axtKsNg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:13:56 2024 by rpki-client on console-ams.rpki-client.org