Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer
File: rd0qgVBgqn5iGiCUNJdYsgNolvA.cer (raw, json)
Hash identifier: y0rBjefgcvVdR1o1t/n840GPZbor1SBMa3fbgHanK+0=
Subject key identifier: AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FDAEB691D26872A9613D92ED716800
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 21445
AS: 47203
AS: 201776
IP: 2.59.51.0/24
IP: 31.40.208.0/22
IP: 31.40.252.0/22
IP: 37.44.252.0/22
IP: 77.83.8.0/22
IP: 77.83.16.0/22
IP: 78.136.196.0 -- 78.136.207.255
IP: 78.153.137.0 -- 78.153.138.255
IP: 78.153.147.0/24
IP: 83.171.252.0/22
IP: 83.172.60.0/22
IP: 85.115.200.0/22
IP: 89.107.136.0/22
IP: 91.103.110.0/23
IP: 94.126.24.0/21
IP: 94.231.216.0/22
IP: 109.94.220.0/22
IP: 109.236.52.0/22
IP: 109.237.104.0/24
IP: 178.34.152.0/21
IP: 178.34.176.0/20
IP: 178.173.124.0/22
IP: 185.64.44.0/22
IP: 185.94.212.0/22
IP: 188.119.76.0/22
IP: 188.124.224.0/21
IP: 188.124.248.0/21
IP: 193.47.44.0/22
IP: 193.56.64.0/22
IP: 193.56.72.0/22
IP: 193.148.52.0/22
IP: 217.197.172.0/22
IP: 2a04:f800::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ae:b6:91:d2:68:72:a9:61:3d:92:ed:71:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=addd2a815060aa7e621a2094349758b2036896f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:67:05:e5:e0:03:3e:77:7a:00:73:8d:f7:3d:
73:b0:49:61:97:78:7f:f2:bb:0a:cb:67:93:7a:6c:
e5:81:93:3a:7a:9d:31:83:f4:83:7a:4d:18:fe:8b:
b6:34:e1:3d:c2:f7:a9:f1:26:b5:21:5f:90:06:78:
37:19:1c:61:0b:d4:94:5a:0f:f1:0c:e5:ab:ed:d8:
ae:8e:aa:86:cd:3d:6d:48:77:3e:1b:24:97:fd:82:
14:68:ad:00:4f:61:a5:dd:af:10:f8:15:d0:4b:80:
9a:81:52:41:b6:8a:02:1b:c1:a7:13:41:c5:35:fe:
56:e0:e6:e6:e7:93:d0:d9:d8:bc:4c:33:02:a3:fa:
2a:5c:3b:0c:13:f6:d7:03:34:ba:83:da:d0:4c:68:
67:38:45:d8:45:c1:f5:d6:53:76:1f:85:74:38:32:
30:54:09:6a:09:9d:a9:5e:5b:98:32:5a:d4:f7:96:
01:c9:e0:cd:24:94:c4:c4:74:73:f2:8f:12:b1:ce:
01:ab:5f:3f:eb:18:78:7a:6b:42:42:12:24:65:6d:
b8:84:9b:23:10:c2:16:59:54:25:ff:62:58:46:11:
d4:fc:7c:05:75:db:80:53:d0:33:09:7d:01:de:76:
59:0d:38:00:10:3d:8f:b3:7c:79:55:bc:7f:58:b6:
5b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.51.0/24
31.40.208.0/22
31.40.252.0/22
37.44.252.0/22
77.83.8.0/22
77.83.16.0/22
78.136.196.0-78.136.207.255
78.153.137.0-78.153.138.255
78.153.147.0/24
83.171.252.0/22
83.172.60.0/22
85.115.200.0/22
89.107.136.0/22
91.103.110.0/23
94.126.24.0/21
94.231.216.0/22
109.94.220.0/22
109.236.52.0/22
109.237.104.0/24
178.34.152.0/21
178.34.176.0/20
178.173.124.0/22
185.64.44.0/22
185.94.212.0/22
188.119.76.0/22
188.124.224.0/21
188.124.248.0/21
193.47.44.0/22
193.56.64.0/22
193.56.72.0/22
193.148.52.0/22
217.197.172.0/22
IPv6:
2a04:f800::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
21445
47203
201776
Signature Algorithm: sha256WithRSAEncryption
64:aa:7e:46:e2:8a:26:ba:7d:c0:2b:7f:bd:81:0b:ec:d1:5f:
0a:41:62:4b:cc:00:67:25:9f:71:cc:a2:82:62:00:56:52:f2:
43:10:4d:63:42:32:c8:31:98:3c:be:af:66:1d:64:ce:52:8e:
cc:76:7f:5b:d4:d5:0a:17:ca:61:a9:f3:a2:ea:d2:2e:36:85:
dd:c2:76:46:80:4c:04:9a:04:ea:db:a8:5c:1d:d0:40:b6:c6:
7a:9d:a2:e7:8d:13:27:58:6e:ba:e7:b9:0a:7d:3c:19:41:57:
b2:36:fa:be:96:84:e4:fd:e3:d9:c2:91:ac:3c:86:35:a2:50:
17:9f:a9:3d:e2:25:ed:be:eb:aa:02:ba:1e:3a:54:45:47:0b:
18:82:74:a1:c9:02:8d:04:31:57:0e:0c:a1:2e:78:7e:ed:d4:
cb:cd:30:79:f7:89:da:1d:52:99:bf:0a:18:61:dd:e2:4a:19:
a0:3e:e3:15:6d:64:4f:68:67:14:6e:c4:a4:42:2d:bb:a5:6d:
13:54:22:8d:27:05:42:e6:6d:e0:4d:60:f6:a8:12:83:de:77:
67:97:f9:c5:b0:b2:4c:19:ff:e8:33:62:99:26:5b:48:31:b3:
db:86:d6:87:b5:0d:3b:0e:fc:33:99:73:36:ac:ec:37:19:13:
55:68:90:7c
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZQl/a62kdJocqlhPZLtcWgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGRkMmE4MTUwNjBhYTdlNjIxYTIwOTQzNDk3NThiMjAzNjg5NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmcF5eADPnd6AHON9z1zsElhl3h/
8rsKy2eTemzlgZM6ep0xg/SDek0Y/ou2NOE9wvep8Sa1IV+QBng3GRxhC9SUWg/x
DOWr7diujqqGzT1tSHc+GySX/YIUaK0AT2Gl3a8Q+BXQS4CagVJBtooCG8GnE0HF
Nf5W4Obm55PQ2di8TDMCo/oqXDsME/bXAzS6g9rQTGhnOEXYRcH11lN2H4V0ODIw
VAlqCZ2pXluYMlrU95YByeDNJJTExHRz8o8Ssc4Bq18/6xh4emtCQhIkZW24hJsj
EMIWWVQl/2JYRhHU/HwFdduAU9AzCX0B3nZZDTgAED2Ps3x5Vbx/WLZbfwIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFK3dKoFQYKp+YhoglDSXWLIDaJbwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U0ZmE0
OC0zYmU4LTRmYTMtYTQzNi04YTBkMGJmMGI1NzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTRmYTQ4
LTNiZTgtNGZhMy1hNDM2LThhMGQwYmYwYjU3Ny8xL3JkMHFnVkJncW41aUdpQ1VO
SmRZc2dOb2x2QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH8BggrBgEF
BQcBBwEB/wSB7DCB6TCB1wQCAAEwgdADBAACOzMDBAIfKNADBAIfKPwDBAIlLPwD
BAJNUwgDBAJNUxAwDAMEAk6IxAMEBE6IwDAMAwQATpmJAwQATpmKAwQATpmTAwQC
U6v8AwQCU6w8AwQCVXPIAwQCWWuIAwQBW2duAwQDXn4YAwQCXufYAwQCbV7cAwQC
bew0AwQAbe1oAwQDsiKYAwQEsiKwAwQCsq18AwQCuUAsAwQCuV7UAwQCvHdMAwQD
vHzgAwQDvHz4AwQCwS8sAwQCwThAAwQCwThIAwQCwZQ0AwQC2cWsMA0EAgACMAcD
BQMqBPgAMCMGCCsGAQUFBwEIAQH/BBQwEqAQMA4CAlPFAgMAuGMCAwMUMDANBgkq
hkiG9w0BAQsFAAOCAQEAZKp+RuKKJrp9wCt/vYEL7NFfCkFiS8wAZyWfccyigmIA
VlLyQxBNY0IyyDGYPL6vZh1kzlKOzHZ/W9TVChfKYanzourSLjaF3cJ2RoBMBJoE
6tuoXB3QQLbGep2i540TJ1huuue5Cn08GUFXsjb6vpaE5P3j2cKRrDyGNaJQF5+p
PeIl7b7rqgK6HjpURUcLGIJ0ockCjQQxVw4MoS54fu3Uy80wefeJ2h1Smb8KGGHd
4koZoD7jFW1kT2hnFG7EpEItu6VtE1QijScFQuZt4E1g9qgSg953Z5f5xbCyTBn/
6DNimSZbSDGz24bWh7UNOw78M5lzNqzsNxkTVWiQfA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:52 2025 by rpki-client