Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
File: pjvMbSX3R2-7PsM_bbw-nurZIhI.cer (raw, json)
Hash identifier: E2CGn5d4N8heDM99P/yp9/akSUxA13O2+vM34VMvnd0=
Subject key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422201519182B9BFC3D022C3BAB9F4D52
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:35 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29255
AS: 34400
AS: 35819
AS: 48237
IP: 5.82.0.0/16
IP: 5.108.0.0/14
IP: 5.244.0.0/14
IP: 31.166.0.0/15
IP: 37.16.32.0/19
IP: 37.16.128.0/17
IP: 37.42.0.0/15
IP: 37.121.0.0/16
IP: 37.124.0.0/14
IP: 37.141.0.0/16
IP: 37.216.0.0/15
IP: 37.240.0.0/14
IP: 45.135.112.0/22
IP: 46.44.64.0/18
IP: 46.52.0.0/17
IP: 46.152.0.0/15
IP: 46.230.0.0/17
IP: 46.240.0.0/17
IP: 46.251.128.0/19
IP: 62.120.0.0/16
IP: 78.138.192.0/18
IP: 82.147.192.0/19
IP: 84.23.96.0/19
IP: 85.194.64.0/18
IP: 86.51.0.0/16
IP: 89.237.128.0/18
IP: 92.48.0.0/18
IP: 109.82.0.0/15
IP: 146.251.0.0/16
IP: 176.16.0.0/14
IP: 176.224.0.0/15
IP: 178.73.64.0/18
IP: 178.80.0.0/15
IP: 185.27.220.0/22
IP: 185.29.92.0/22
IP: 188.132.0.0/17
IP: 212.24.224.0/19
IP: 2a00:f580::/32
IP: 2a02:9b0::/32
IP: 2a02:ce0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:15:19:18:2b:9b:fc:3d:02:2c:3b:ab:9f:4d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e3:d1:d4:86:e9:bc:24:c1:a2:e0:bd:92:a3:
64:76:8c:19:f4:5c:b2:ad:c9:56:6c:74:f3:84:34:
b6:c4:8d:b4:32:0f:7c:e6:6f:1b:f7:1b:b1:bc:eb:
1a:40:1e:db:6e:21:90:4f:d1:ce:79:b1:12:f0:a6:
54:44:75:56:0c:63:27:63:8e:e7:0e:d7:14:6e:cb:
19:f7:50:a4:76:c7:2f:ba:21:54:50:48:e9:2d:a4:
7b:48:1b:33:35:e2:e3:d0:e0:49:4c:67:b4:5f:ee:
7f:5e:d7:68:1f:15:6b:b1:77:56:9c:47:8a:cc:7d:
8a:2f:72:c1:83:44:dd:3a:85:a0:4c:3f:18:15:4e:
b7:d1:5c:3e:5b:b0:77:a5:43:c4:2f:1e:66:03:e8:
14:13:b5:0e:51:75:34:02:83:02:cc:e9:30:48:a6:
51:62:a9:02:8d:6f:6f:da:04:9b:5e:13:f9:f2:33:
5f:58:8f:b5:a5:b0:f1:90:1c:87:58:80:8d:db:d4:
7d:ca:56:94:12:ef:8e:69:3b:c6:4c:74:7f:b0:3a:
e9:5b:b2:96:b3:18:b4:b6:0f:14:db:53:e5:5c:03:
80:29:ea:25:cc:41:a2:85:da:d1:e7:08:e4:b1:06:
2d:ee:d1:7a:6b:58:39:27:b0:6d:0b:b2:19:0c:a3:
2c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.82.0.0/16
5.108.0.0/14
5.244.0.0/14
31.166.0.0/15
37.16.32.0/19
37.16.128.0/17
37.42.0.0/15
37.121.0.0/16
37.124.0.0/14
37.141.0.0/16
37.216.0.0/15
37.240.0.0/14
45.135.112.0/22
46.44.64.0/18
46.52.0.0/17
46.152.0.0/15
46.230.0.0/17
46.240.0.0/17
46.251.128.0/19
62.120.0.0/16
78.138.192.0/18
82.147.192.0/19
84.23.96.0/19
85.194.64.0/18
86.51.0.0/16
89.237.128.0/18
92.48.0.0/18
109.82.0.0/15
146.251.0.0/16
176.16.0.0/14
176.224.0.0/15
178.73.64.0/18
178.80.0.0/15
185.27.220.0/22
185.29.92.0/22
188.132.0.0/17
212.24.224.0/19
IPv6:
2a00:f580::/32
2a02:9b0::/32
2a02:ce0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29255
34400
35819
48237
Signature Algorithm: sha256WithRSAEncryption
28:f9:b5:66:20:d9:4f:3c:57:ea:1f:85:d5:29:92:da:2a:c4:
56:c8:8e:48:fa:c4:92:c9:5f:f7:da:d6:2a:4c:b9:39:c3:01:
6f:92:94:56:13:2a:27:6c:f6:94:09:f0:49:3a:bb:ae:10:0c:
a8:9a:55:7a:ec:fb:24:6c:fe:e5:a5:50:b3:08:a3:61:5a:ac:
a8:c7:03:ed:ea:23:c8:04:60:0c:3f:aa:74:14:02:83:42:f6:
17:e4:b1:9f:2e:83:77:cf:68:76:b0:61:08:e6:ec:41:3b:30:
5b:74:4b:5b:7b:a9:99:95:31:c4:68:65:0f:6b:93:ff:72:40:
f0:6b:84:16:46:15:2b:47:9e:fd:ea:bc:36:01:df:c2:15:6c:
63:0f:2b:45:80:24:0b:84:16:1f:e3:02:bc:e5:28:19:26:6b:
ff:28:8c:85:ce:4f:71:d7:1e:fa:24:62:82:b2:d0:bc:f6:f5:
dc:0d:34:46:18:cd:f8:36:f9:6c:5a:e0:a7:f1:c6:ba:da:93:
5a:b7:00:b5:9c:e5:c9:c4:a5:27:58:bc:2d:41:6e:00:10:20:
e6:cf:30:12:f8:97:49:c0:4a:c0:a0:fa:39:a7:79:72:40:52:
3c:a9:77:ea:50:87:76:5c:74:e8:85:3a:7c:73:f2:a5:f5:07:
de:09:5d:14
-----BEGIN CERTIFICATE-----
MIIGizCCBXOgAwIBAgISAZQiIBUZGCub/D0CLDurn01SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjNiY2M2ZDI1Zjc0NzZmYmIzZWMzM2Y2ZGJjM2U5ZWVhZDkyMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhePR1IbpvCTBouC9kqNkdowZ9Fyy
rclWbHTzhDS2xI20Mg985m8b9xuxvOsaQB7bbiGQT9HOebES8KZURHVWDGMnY47n
DtcUbssZ91CkdscvuiFUUEjpLaR7SBszNeLj0OBJTGe0X+5/XtdoHxVrsXdWnEeK
zH2KL3LBg0TdOoWgTD8YFU630Vw+W7B3pUPELx5mA+gUE7UOUXU0AoMCzOkwSKZR
YqkCjW9v2gSbXhP58jNfWI+1pbDxkByHWICN29R9ylaUEu+OaTvGTHR/sDrpW7KW
sxi0tg8U21PlXAOAKeolzEGihdrR5wjksQYt7tF6a1g5J7BtC7IZDKMsJwIDAQAB
o4IDlzCCA5MwHQYDVR0OBBYEFKY7zG0l90dvuz7DP228Pp7q2SISMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhLzc2OGZk
Yi1kMWI1LTRiZWYtYmNiZC00OTI0ZmEwMDBiN2MvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvNzY4ZmRi
LWQxYjUtNGJlZi1iY2JkLTQ5MjRmYTAwMGI3Yy8xL3Bqdk1iU1gzUjItN1BzTV9i
YnctbnVyWkloSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBBgYIKwYB
BQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwMABVIDAwIFbAMDAgX0AwMBH6YDBAUl
ECADBAclEIADAwElKgMDACV5AwMCJXwDAwAljQMDASXYAwMCJfADBAIth3ADBAYu
LEADBAcuNAADAwEumAMEBy7mAAMEBy7wAAMEBS77gAMDAD54AwQGTorAAwQFUpPA
AwQFVBdgAwQGVcJAAwMAVjMDBAZZ7YADBAZcMAADAwFtUgMDAJL7AwMCsBADAwGw
4AMEBrJJQAMDAbJQAwQCuRvcAwQCuR1cAwQHvIQAAwQF1BjgMBsEAgACMBUDBQAq
APWAAwUAKgIJsAMFACoCDOAwKAYIKwYBBQUHAQgBAf8EGTAXoBUwEwICckcCAwCG
YAIDAIvrAgMAvG0wDQYJKoZIhvcNAQELBQADggEBACj5tWYg2U88V+ofhdUpktoq
xFbIjkj6xJLJX/fa1ipMuTnDAW+SlFYTKids9pQJ8Ek6u64QDKiaVXrs+yRs/uWl
ULMIo2FarKjHA+3qI8gEYAw/qnQUAoNC9hfksZ8ug3fPaHawYQjm7EE7MFt0S1t7
qZmVMcRoZQ9rk/9yQPBrhBZGFStHnv3qvDYB38IVbGMPK0WAJAuEFh/jArzlKBkm
a/8ojIXOT3HXHvokYoKy0Lz29dwNNEYYzfg2+Wxa4Kfxxrrak1q3ALWc5cnEpSdY
vC1BbgAQIObPMBL4l0nASsCg+jmneXJAUjypd+pQh3ZcdOiFOnxz8qX1B94JXRQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:07:01 2025 by rpki-client