Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
File: pOcgX11BJXpruV-QDuwKESPnUWQ.cer (raw, json)
Hash identifier: X+m0PHrC2R8kaX+sdOJlTG3GI706jwyEfSIscTLttWs=
Subject key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC649BE96342C7EB9888C975634D50081
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:29:30 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 42418
AS: 43220
AS: 48854
AS: 196976
AS: 197123
AS: 202816
AS: 204652
AS: 207199
IP: 46.36.204.0 -- 46.36.215.255
IP: 77.243.128.0/20
IP: 80.70.0.0/21
IP: 81.95.240.0/20
IP: 89.188.72.0/21
IP: 91.133.32.0/19
IP: 91.197.248.0/22
IP: 91.217.201.0/24
IP: 93.191.152.0/21
IP: 94.143.8.0/21
IP: 94.231.96.0/20
IP: 109.71.56.0/21
IP: 178.251.0.0/21
IP: 185.20.204.0/22
IP: 185.21.40.0/22
IP: 185.25.140.0/22
IP: 185.134.28.0/22
IP: 185.154.240.0/22
IP: 185.221.36.0/22
IP: 185.223.24.0/22
IP: 185.235.52.0/22
IP: 193.239.96.0/22
IP: 194.150.112.0/22
IP: 195.69.128.0/22
IP: 195.178.14.0/23
IP: 195.191.142.0/23
IP: 212.97.132.0/22
IP: 212.97.140.0/22
IP: 212.237.248.0/23
IP: 217.61.236.0/22
IP: 2a00:1568::/32
IP: 2a02:22c8::/32
IP: 2a02:2338::/29
IP: 2a03:2740::/32
IP: 2a04:3100::/29
IP: 2a06:eac0::/29
IP: 2a0c:4600::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:be:96:34:2c:7e:b9:88:8c:97:56:34:d5:00:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:8f:b1:7f:7c:45:f9:52:53:d0:6a:e8:6c:
a8:d1:44:8e:e5:59:ae:19:9a:f7:23:0e:d6:c0:25:
9f:18:0a:3d:23:6d:64:a5:1f:74:44:a1:24:84:1f:
cd:55:6b:2f:a6:9a:56:d7:90:22:ad:35:65:59:39:
f6:cd:d4:c2:3e:46:c8:b7:67:8d:4a:64:07:af:a2:
14:99:ce:6b:f2:30:e2:2e:39:73:e9:2e:e1:3f:98:
90:53:1f:68:c5:00:66:20:05:ea:1a:0b:b2:5d:6f:
bd:ee:71:44:f3:8e:01:50:4c:43:ce:a9:ad:6e:e5:
43:7b:91:d1:f8:bd:17:4f:84:da:b9:ea:c5:26:e1:
c6:40:09:fe:bc:b4:b9:18:19:b7:eb:68:3d:8e:24:
05:62:86:c6:dd:5d:00:23:f0:9d:5a:7f:05:8f:60:
51:43:5e:59:a5:61:e5:1b:a7:20:09:1c:9e:21:59:
52:6a:8e:b8:f5:b1:9c:f9:20:c6:fc:43:2d:9b:2e:
0e:6e:cc:29:1b:3d:b5:62:c3:19:b3:46:cb:8b:42:
f9:a5:0d:74:08:fd:bd:51:8e:50:72:89:9f:fe:6f:
91:e8:d3:fc:4f:48:64:07:96:27:e2:d0:bd:32:ba:
1d:74:8a:82:9b:cf:b5:b6:d2:19:aa:ef:6e:2f:65:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
80.70.0.0/21
81.95.240.0/20
89.188.72.0/21
91.133.32.0/19
91.197.248.0/22
91.217.201.0/24
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
109.71.56.0/21
178.251.0.0/21
185.20.204.0/22
185.21.40.0/22
185.25.140.0/22
185.134.28.0/22
185.154.240.0/22
185.221.36.0/22
185.223.24.0/22
185.235.52.0/22
193.239.96.0/22
194.150.112.0/22
195.69.128.0/22
195.178.14.0/23
195.191.142.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a00:1568::/32
2a02:22c8::/32
2a02:2338::/29
2a03:2740::/32
2a04:3100::/29
2a06:eac0::/29
2a0c:4600::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42418
43220
48854
196976
197123
202816
204652
207199
Signature Algorithm: sha256WithRSAEncryption
57:f8:8a:21:63:0f:30:ec:71:27:a8:a7:78:9b:9a:7c:f4:24:
95:2e:50:32:34:8c:40:90:ed:b4:28:62:df:dd:2b:a7:3c:e6:
82:f6:f0:76:d0:8b:3d:a6:7f:24:5e:55:94:3d:ef:d0:a0:f1:
42:95:8e:c7:ad:36:ec:78:be:3a:c3:67:ef:3f:1a:89:d7:70:
ed:ae:8b:99:9f:12:88:cc:fd:9a:ca:78:00:92:3e:55:ef:21:
79:f7:d1:44:13:fb:e5:f9:89:13:52:32:d0:bc:00:cf:d7:69:
3e:0a:c0:7d:c9:54:10:d1:c8:3d:92:f9:a1:f3:05:2b:44:c1:
37:28:fe:65:e7:80:4a:3e:d1:23:82:f7:23:47:a4:13:6d:43:
8d:d8:e2:de:97:81:28:09:24:96:42:e6:8c:b1:5d:c9:7f:f6:
d5:01:5d:fe:3f:81:fc:74:93:ba:e6:79:b7:7d:0f:32:b2:37:
66:ff:4e:47:57:e0:d6:c0:df:6a:15:4b:3f:83:b5:fb:fb:b8:
8a:88:85:22:f2:73:4b:3c:55:68:aa:4e:f7:d4:7c:fd:6f:ef:
8b:ca:5d:c0:0e:cf:2c:f0:35:b9:91:80:4e:0a:1d:a4:1d:16:
f2:8e:99:52:7c:ef:22:47:2b:db:58:1a:11:70:1a:c6:a7:8b:
ae:75:b8:7a
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgISAYzGSb6WNCx+uYiMl1Y01QCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU3MjA1ZjVkNDEyNTdhNmJiOTVmOTAwZWVjMGExMTIzZTc1MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa+PsX98RflSU9Bq6Gyo0USO5Vmu
GZr3Iw7WwCWfGAo9I21kpR90RKEkhB/NVWsvpppW15AirTVlWTn2zdTCPkbIt2eN
SmQHr6IUmc5r8jDiLjlz6S7hP5iQUx9oxQBmIAXqGguyXW+97nFE844BUExDzqmt
buVDe5HR+L0XT4TauerFJuHGQAn+vLS5GBm362g9jiQFYobG3V0AI/CdWn8Fj2BR
Q15ZpWHlG6cgCRyeIVlSao649bGc+SDG/EMtmy4ObswpGz21YsMZs0bLi0L5pQ10
CP29UY5Qcomf/m+R6NP8T0hkB5Yn4tC9MroddIqCm8+1ttIZqu9uL2WNQwIDAQAB
o4IDuTCCA7UwHQYDVR0OBBYEFKTnIF9dQSV6a7lfkA7sChEj51FkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2Y3NjFi
ZC01YzNhLTRkMmYtOGNkOS0zZTU5Y2U0NDViMWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvZjc2MWJk
LTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8xL3BPY2dYMTFCSlhwcnVWLVFE
dXdLRVNQblVXUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBEwYIKwYB
BQUHAQcBAf8EggECMIH/MIHDBAIAATCBvDAMAwQCLiTMAwQDLiTQAwQETfOAAwQD
UEYAAwQEUV/wAwQDWbxIAwQFW4UgAwQCW8X4AwQAW9nJAwQDXb+YAwQDXo8IAwQE
XudgAwQDbUc4AwQDsvsAAwQCuRTMAwQCuRUoAwQCuRmMAwQCuYYcAwQCuZrwAwQC
ud0kAwQCud8YAwQCues0AwQCwe9gAwQCwpZwAwQCw0WAAwQBw7IOAwQBw7+OAwQC
1GGEAwQC1GGMAwQB1O34AwQC2T3sMDcEAgACMDEDBQAqABVoAwUAKgIiyAMFAyoC
IzgDBQAqAydAAwUDKgQxAAMFAyoG6sADBQMqDEYAMD0GCCsGAQUFBwEIAQH/BC4w
LKAqMCgCAwClsgIDAKjUAgMAvtYCAwMBcAIDAwIDAgMDGEACAwMfbAIDAylfMA0G
CSqGSIb3DQEBCwUAA4IBAQBX+IohYw8w7HEnqKd4m5p89CSVLlAyNIxAkO20KGLf
3SunPOaC9vB20Is9pn8kXlWUPe/QoPFClY7HrTbseL46w2fvPxqJ13DtrouZnxKI
zP2ayngAkj5V7yF599FEE/vl+YkTUjLQvADP12k+CsB9yVQQ0cg9kvmh8wUrRME3
KP5l54BKPtEjgvcjR6QTbUON2OLel4EoCSSWQuaMsV3Jf/bVAV3+P4H8dJO65nm3
fQ8ysjdm/05HV+DWwN9qFUs/g7X7+7iKiIUi8nNLPFVoqk731Hz9b++Lyl3ADs8s
8DW5kYBOCh2kHRbyjplSfO8iRyvbWBoRcBrGp4uudbh6
-----END CERTIFICATE-----
Generated at Fri May 3 10:59:20 2024 by rpki-client on console-fra.rpki-client.org