Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
File: pOcgX11BJXpruV-QDuwKESPnUWQ.cer (raw, json)
Hash identifier: fvIczGJLOqb+++pbtI5I8ta88eFTYTquOi4X23fQID8=
Subject key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D871EB7138652663814AB374DBD46A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:48:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 42418
AS: 43220
AS: 48854
AS: 196976
AS: 197123
AS: 202816
AS: 204652
AS: 207199
IP: 46.36.204.0 -- 46.36.215.255
IP: 77.243.128.0/20
IP: 80.70.0.0/21
IP: 81.95.240.0/20
IP: 89.188.72.0/21
IP: 91.133.32.0/19
IP: 91.197.248.0/22
IP: 91.217.201.0/24
IP: 93.191.152.0/21
IP: 94.143.8.0/21
IP: 94.231.96.0/20
IP: 109.71.56.0/21
IP: 178.251.0.0/21
IP: 185.20.204.0/22
IP: 185.21.40.0/22
IP: 185.25.140.0/22
IP: 185.134.28.0/22
IP: 185.154.240.0/22
IP: 185.221.36.0/22
IP: 185.223.24.0/22
IP: 185.235.52.0/22
IP: 193.239.96.0/22
IP: 194.150.112.0/22
IP: 195.69.128.0/22
IP: 195.178.14.0/23
IP: 195.191.142.0/23
IP: 212.97.132.0/22
IP: 212.97.140.0/22
IP: 212.237.248.0/23
IP: 217.61.236.0/22
IP: 2a00:1568::/32
IP: 2a02:22c8::/32
IP: 2a02:2338::/29
IP: 2a03:2740::/32
IP: 2a04:3100::/29
IP: 2a06:eac0::/29
IP: 2a0c:4600::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:71:eb:71:38:65:26:63:81:4a:b3:74:db:d4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:8f:b1:7f:7c:45:f9:52:53:d0:6a:e8:6c:
a8:d1:44:8e:e5:59:ae:19:9a:f7:23:0e:d6:c0:25:
9f:18:0a:3d:23:6d:64:a5:1f:74:44:a1:24:84:1f:
cd:55:6b:2f:a6:9a:56:d7:90:22:ad:35:65:59:39:
f6:cd:d4:c2:3e:46:c8:b7:67:8d:4a:64:07:af:a2:
14:99:ce:6b:f2:30:e2:2e:39:73:e9:2e:e1:3f:98:
90:53:1f:68:c5:00:66:20:05:ea:1a:0b:b2:5d:6f:
bd:ee:71:44:f3:8e:01:50:4c:43:ce:a9:ad:6e:e5:
43:7b:91:d1:f8:bd:17:4f:84:da:b9:ea:c5:26:e1:
c6:40:09:fe:bc:b4:b9:18:19:b7:eb:68:3d:8e:24:
05:62:86:c6:dd:5d:00:23:f0:9d:5a:7f:05:8f:60:
51:43:5e:59:a5:61:e5:1b:a7:20:09:1c:9e:21:59:
52:6a:8e:b8:f5:b1:9c:f9:20:c6:fc:43:2d:9b:2e:
0e:6e:cc:29:1b:3d:b5:62:c3:19:b3:46:cb:8b:42:
f9:a5:0d:74:08:fd:bd:51:8e:50:72:89:9f:fe:6f:
91:e8:d3:fc:4f:48:64:07:96:27:e2:d0:bd:32:ba:
1d:74:8a:82:9b:cf:b5:b6:d2:19:aa:ef:6e:2f:65:
8d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
80.70.0.0/21
81.95.240.0/20
89.188.72.0/21
91.133.32.0/19
91.197.248.0/22
91.217.201.0/24
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
109.71.56.0/21
178.251.0.0/21
185.20.204.0/22
185.21.40.0/22
185.25.140.0/22
185.134.28.0/22
185.154.240.0/22
185.221.36.0/22
185.223.24.0/22
185.235.52.0/22
193.239.96.0/22
194.150.112.0/22
195.69.128.0/22
195.178.14.0/23
195.191.142.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a00:1568::/32
2a02:22c8::/32
2a02:2338::/29
2a03:2740::/32
2a04:3100::/29
2a06:eac0::/29
2a0c:4600::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42418
43220
48854
196976
197123
202816
204652
207199
Signature Algorithm: sha256WithRSAEncryption
42:11:57:90:27:dc:e3:a0:b2:af:b0:31:3a:d6:a0:1d:3a:70:
6b:72:65:09:33:01:64:c8:2d:5f:f2:3a:f9:b3:63:08:ef:5b:
6a:26:91:2c:65:a0:d7:18:64:07:67:f7:03:4b:a1:08:21:44:
34:95:15:ba:84:a2:eb:d8:5b:d8:3d:3e:86:03:3c:17:25:c2:
ba:79:58:dd:9e:e9:24:c5:7e:ec:03:ee:82:e6:35:8a:87:82:
ac:d9:99:6e:b3:c8:0f:bb:67:b4:95:43:d0:c8:66:cb:e4:68:
80:3f:ab:3e:da:eb:e0:32:dd:a0:c7:70:13:6e:6b:50:7d:d1:
79:ff:c0:a1:1a:3e:39:4e:f4:f5:9e:33:38:10:e5:45:e6:60:
65:a8:11:d4:d5:eb:e0:63:64:f1:06:12:b1:49:15:08:29:c9:
88:a8:25:52:9b:56:6f:da:b6:74:4b:5e:f3:8e:3b:f0:88:0d:
ef:41:06:78:19:8e:0e:93:ed:4e:c8:d1:c9:f4:38:6a:4f:ec:
2f:6b:ad:c3:bd:c3:24:ff:8c:ba:a5:51:83:59:b5:74:ef:f7:
dd:2c:5a:5c:27:59:c8:83:34:07:05:46:6a:73:4e:38:86:c5:
ba:16:7b:d6:f5:2c:c8:eb:45:e9:5f:90:bb:d6:5d:b7:64:db:
35:a3:2b:03
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgISAZQm2HHrcThlJmOBSrN029RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU3MjA1ZjVkNDEyNTdhNmJiOTVmOTAwZWVjMGExMTIzZTc1MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa+PsX98RflSU9Bq6Gyo0USO5Vmu
GZr3Iw7WwCWfGAo9I21kpR90RKEkhB/NVWsvpppW15AirTVlWTn2zdTCPkbIt2eN
SmQHr6IUmc5r8jDiLjlz6S7hP5iQUx9oxQBmIAXqGguyXW+97nFE844BUExDzqmt
buVDe5HR+L0XT4TauerFJuHGQAn+vLS5GBm362g9jiQFYobG3V0AI/CdWn8Fj2BR
Q15ZpWHlG6cgCRyeIVlSao649bGc+SDG/EMtmy4ObswpGz21YsMZs0bLi0L5pQ10
CP29UY5Qcomf/m+R6NP8T0hkB5Yn4tC9MroddIqCm8+1ttIZqu9uL2WNQwIDAQAB
o4IDuTCCA7UwHQYDVR0OBBYEFKTnIF9dQSV6a7lfkA7sChEj51FkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RjL2Y3NjFi
ZC01YzNhLTRkMmYtOGNkOS0zZTU5Y2U0NDViMWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMvZjc2MWJk
LTVjM2EtNGQyZi04Y2Q5LTNlNTljZTQ0NWIxYy8xL3BPY2dYMTFCSlhwcnVWLVFE
dXdLRVNQblVXUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBEwYIKwYB
BQUHAQcBAf8EggECMIH/MIHDBAIAATCBvDAMAwQCLiTMAwQDLiTQAwQETfOAAwQD
UEYAAwQEUV/wAwQDWbxIAwQFW4UgAwQCW8X4AwQAW9nJAwQDXb+YAwQDXo8IAwQE
XudgAwQDbUc4AwQDsvsAAwQCuRTMAwQCuRUoAwQCuRmMAwQCuYYcAwQCuZrwAwQC
ud0kAwQCud8YAwQCues0AwQCwe9gAwQCwpZwAwQCw0WAAwQBw7IOAwQBw7+OAwQC
1GGEAwQC1GGMAwQB1O34AwQC2T3sMDcEAgACMDEDBQAqABVoAwUAKgIiyAMFAyoC
IzgDBQAqAydAAwUDKgQxAAMFAyoG6sADBQMqDEYAMD0GCCsGAQUFBwEIAQH/BC4w
LKAqMCgCAwClsgIDAKjUAgMAvtYCAwMBcAIDAwIDAgMDGEACAwMfbAIDAylfMA0G
CSqGSIb3DQEBCwUAA4IBAQBCEVeQJ9zjoLKvsDE61qAdOnBrcmUJMwFkyC1f8jr5
s2MI71tqJpEsZaDXGGQHZ/cDS6EIIUQ0lRW6hKLr2FvYPT6GAzwXJcK6eVjdnukk
xX7sA+6C5jWKh4Ks2Zlus8gPu2e0lUPQyGbL5GiAP6s+2uvgMt2gx3ATbmtQfdF5
/8ChGj45TvT1njM4EOVF5mBlqBHU1evgY2TxBhKxSRUIKcmIqCVSm1Zv2rZ0S17z
jjvwiA3vQQZ4GY4Ok+1OyNHJ9DhqT+wva63DvcMk/4y6pVGDWbV07/fdLFpcJ1nI
gzQHBUZqc044hsW6FnvW9SzI60XpX5C71l23ZNs1oysD
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:03:25 2025 by rpki-client