Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
File: pjvMbSX3R2-7PsM_bbw-nurZIhI.cer (raw, json)
Hash identifier: FQao+yHhHEEXPy1iDaLVULJveo6OTH8bl2S16xb3w7s=
Subject key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC794CD181094DBD32BEEAD1BCADE9F6F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:31:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 34400
AS: 35819
AS: 48237
IP: 5.82.0.0/16
IP: 5.108.0.0/14
IP: 5.244.0.0/14
IP: 31.166.0.0/15
IP: 37.16.32.0/19
IP: 37.16.128.0/17
IP: 37.42.0.0/15
IP: 37.121.0.0/16
IP: 37.124.0.0/14
IP: 37.141.0.0/16
IP: 37.216.0.0/15
IP: 37.240.0.0/14
IP: 46.44.64.0/18
IP: 46.52.0.0/17
IP: 46.152.0.0/15
IP: 46.230.0.0/17
IP: 46.240.0.0/17
IP: 46.251.128.0/19
IP: 62.120.0.0/16
IP: 84.23.96.0/19
IP: 86.51.0.0/16
IP: 92.48.0.0/18
IP: 109.82.0.0/15
IP: 146.251.0.0/16
IP: 176.16.0.0/14
IP: 176.224.0.0/15
IP: 178.73.64.0/18
IP: 178.80.0.0/15
IP: 185.27.220.0/22
IP: 185.29.92.0/22
IP: 188.132.0.0/17
IP: 2a02:9b0::/32
IP: 2a02:ce0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cd:18:10:94:db:d3:2b:ee:ad:1b:ca:de:9f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e3:d1:d4:86:e9:bc:24:c1:a2:e0:bd:92:a3:
64:76:8c:19:f4:5c:b2:ad:c9:56:6c:74:f3:84:34:
b6:c4:8d:b4:32:0f:7c:e6:6f:1b:f7:1b:b1:bc:eb:
1a:40:1e:db:6e:21:90:4f:d1:ce:79:b1:12:f0:a6:
54:44:75:56:0c:63:27:63:8e:e7:0e:d7:14:6e:cb:
19:f7:50:a4:76:c7:2f:ba:21:54:50:48:e9:2d:a4:
7b:48:1b:33:35:e2:e3:d0:e0:49:4c:67:b4:5f:ee:
7f:5e:d7:68:1f:15:6b:b1:77:56:9c:47:8a:cc:7d:
8a:2f:72:c1:83:44:dd:3a:85:a0:4c:3f:18:15:4e:
b7:d1:5c:3e:5b:b0:77:a5:43:c4:2f:1e:66:03:e8:
14:13:b5:0e:51:75:34:02:83:02:cc:e9:30:48:a6:
51:62:a9:02:8d:6f:6f:da:04:9b:5e:13:f9:f2:33:
5f:58:8f:b5:a5:b0:f1:90:1c:87:58:80:8d:db:d4:
7d:ca:56:94:12:ef:8e:69:3b:c6:4c:74:7f:b0:3a:
e9:5b:b2:96:b3:18:b4:b6:0f:14:db:53:e5:5c:03:
80:29:ea:25:cc:41:a2:85:da:d1:e7:08:e4:b1:06:
2d:ee:d1:7a:6b:58:39:27:b0:6d:0b:b2:19:0c:a3:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.82.0.0/16
5.108.0.0/14
5.244.0.0/14
31.166.0.0/15
37.16.32.0/19
37.16.128.0/17
37.42.0.0/15
37.121.0.0/16
37.124.0.0/14
37.141.0.0/16
37.216.0.0/15
37.240.0.0/14
46.44.64.0/18
46.52.0.0/17
46.152.0.0/15
46.230.0.0/17
46.240.0.0/17
46.251.128.0/19
62.120.0.0/16
84.23.96.0/19
86.51.0.0/16
92.48.0.0/18
109.82.0.0/15
146.251.0.0/16
176.16.0.0/14
176.224.0.0/15
178.73.64.0/18
178.80.0.0/15
185.27.220.0/22
185.29.92.0/22
188.132.0.0/17
IPv6:
2a02:9b0::/32
2a02:ce0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34400
35819
48237
Signature Algorithm: sha256WithRSAEncryption
88:c0:f4:4b:ff:ba:7b:30:2b:b3:17:d0:c8:af:d7:b2:1c:4a:
47:08:5d:32:cc:9c:cb:1b:be:5d:e2:64:84:13:18:1e:e1:91:
3a:ab:b4:82:08:45:3c:82:6d:a2:f4:58:ca:f0:0b:23:2c:37:
2b:ac:a3:54:dd:df:95:c1:c2:12:6a:ff:15:26:ae:f7:42:02:
a5:17:9b:dc:1f:fd:ec:83:01:01:6b:42:42:e1:af:d9:75:2c:
bd:de:9f:86:15:46:cb:88:32:77:1e:d7:7f:1b:81:cf:93:2b:
06:6e:a0:89:d0:a1:7f:8f:ab:01:0c:0b:3b:e0:2a:95:01:7d:
17:2b:dd:f5:35:71:db:c3:2f:0e:4a:d8:61:d0:d0:01:f6:1a:
19:61:7e:1a:45:8b:02:9a:93:c5:6d:83:72:36:9f:62:30:9b:
49:df:cf:b1:62:11:90:7e:1e:2e:9f:a7:38:f8:13:ad:96:6b:
40:38:83:f6:93:0b:f0:e4:97:73:ba:30:f3:4e:0b:d1:ea:ba:
39:5a:7d:cd:16:33:b4:74:61:a7:99:b5:58:5a:04:53:e1:cb:
4e:39:62:15:42:0e:b1:7e:ab:3c:f4:57:f6:42:03:e8:82:8f:
17:50:a1:f6:9f:a5:8d:e9:01:74:96:57:62:2c:87:3f:c4:9c:
b6:78:a3:31
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISAYzHlM0YEJTb0yvurRvK3p9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjNiY2M2ZDI1Zjc0NzZmYmIzZWMzM2Y2ZGJjM2U5ZWVhZDkyMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhePR1IbpvCTBouC9kqNkdowZ9Fyy
rclWbHTzhDS2xI20Mg985m8b9xuxvOsaQB7bbiGQT9HOebES8KZURHVWDGMnY47n
DtcUbssZ91CkdscvuiFUUEjpLaR7SBszNeLj0OBJTGe0X+5/XtdoHxVrsXdWnEeK
zH2KL3LBg0TdOoWgTD8YFU630Vw+W7B3pUPELx5mA+gUE7UOUXU0AoMCzOkwSKZR
YqkCjW9v2gSbXhP58jNfWI+1pbDxkByHWICN29R9ylaUEu+OaTvGTHR/sDrpW7KW
sxi0tg8U21PlXAOAKeolzEGihdrR5wjksQYt7tF6a1g5J7BtC7IZDKMsJwIDAQAB
o4IDZzCCA2MwHQYDVR0OBBYEFKY7zG0l90dvuz7DP228Pp7q2SISMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhLzc2OGZk
Yi1kMWI1LTRiZWYtYmNiZC00OTI0ZmEwMDBiN2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvNzY4ZmRi
LWQxYjUtNGJlZi1iY2JkLTQ5MjRmYTAwMGI3Yy8xL3Bqdk1iU1gzUjItN1BzTV9i
YnctbnVyWkloSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHbBggrBgEF
BQcBBwEB/wSByzCByDCBrwQCAAEwgagDAwAFUgMDAgVsAwMCBfQDAwEfpgMEBSUQ
IAMEByUQgAMDASUqAwMAJXkDAwIlfAMDACWNAwMBJdgDAwIl8AMEBi4sQAMEBy40
AAMDAS6YAwQHLuYAAwQHLvAAAwQFLvuAAwMAPngDBAVUF2ADAwBWMwMEBlwwAAMD
AW1SAwMAkvsDAwKwEAMDAbDgAwQGsklAAwMBslADBAK5G9wDBAK5HVwDBAe8hAAw
FAQCAAIwDgMFACoCCbADBQAqAgzgMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8CAwCG
YAIDAIvrAgMAvG0wDQYJKoZIhvcNAQELBQADggEBAIjA9Ev/unswK7MX0Miv17Ic
SkcIXTLMnMsbvl3iZIQTGB7hkTqrtIIIRTyCbaL0WMrwCyMsNyuso1Td35XBwhJq
/xUmrvdCAqUXm9wf/eyDAQFrQkLhr9l1LL3en4YVRsuIMnce138bgc+TKwZuoInQ
oX+PqwEMCzvgKpUBfRcr3fU1cdvDLw5K2GHQ0AH2GhlhfhpFiwKak8Vtg3I2n2Iw
m0nfz7FiEZB+Hi6fpzj4E62Wa0A4g/aTC/Dkl3O6MPNOC9Hqujlafc0WM7R0YaeZ
tVhaBFPhy045YhVCDrF+qzz0V/ZCA+iCjxdQofafpY3pAXSWV2Ishz/EnLZ4ozE=
-----END CERTIFICATE-----
Generated at Fri May 3 10:59:40 2024 by rpki-client on console-fra.rpki-client.org