
Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
File: t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer (raw, json)
Hash identifier: BkqmIjfbblFuo8ZE/K+mCM4fMVMnKWgeOcax7akwQZg=
Subject key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B18FFFE2DC69633601A31EB0B94FD9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:47:52 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 199775
AS: 201508
IP: 45.94.32.0/22
IP: 46.36.192.0/21
IP: 185.4.24.0/22
IP: 185.6.152.0/22
IP: 185.42.0.0/22
IP: 185.65.164.0/22
IP: 185.95.108.0/22
IP: 185.168.132.0/22
IP: 185.182.52.0/22
IP: 185.199.56.0/22
IP: 185.208.240.0/22
IP: 185.242.218.0/24
IP: 185.245.212.0/22
IP: 194.126.152.0/22
IP: 2a02:66c0::/32
IP: 2a03:1940::/32
IP: 2a04:8d80::/29
IP: 2a05:1c0::/29
IP: 2a09:1580::/29
IP: 2a0a:e480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Feb 2025 17:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8f:ff:e2:dc:69:63:36:01:a3:1e:b0:b9:4f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:14:1e:90:54:92:62:d0:9e:ab:4c:fc:d9:aa:
47:ee:c0:17:4b:94:29:64:16:fa:c3:a1:7f:57:d1:
fd:f1:b5:b3:98:a0:7e:1b:86:5f:c0:79:78:15:7a:
90:12:c4:a3:47:ea:5d:23:2a:bb:6b:b9:79:a2:4b:
3b:27:5f:6a:17:09:75:89:05:65:66:20:28:65:38:
77:20:b5:6f:36:b3:06:00:ca:06:a4:49:d8:f8:52:
82:a9:3d:8a:70:3b:75:a8:f1:0a:1a:34:27:ab:ca:
ce:3a:d6:f4:e2:64:96:74:c3:37:55:2d:88:77:d1:
e4:63:40:65:02:31:51:1c:19:a4:47:0e:61:9a:04:
8e:16:72:5c:bf:c3:f2:d6:a5:af:3f:6c:81:3b:60:
ff:2e:2d:e2:cf:d3:32:5b:19:1f:e6:d2:52:fc:9b:
a5:64:a7:80:1b:10:d1:0f:c0:45:34:49:70:43:f6:
d5:02:40:5a:8d:89:ae:86:b2:8b:39:4d:5e:a3:9b:
90:d6:13:33:c3:9e:3f:96:b9:fe:c7:46:d0:ca:8d:
2e:50:3b:f3:e6:3b:3d:15:04:79:be:77:35:bb:8f:
3b:e1:19:08:e1:21:64:93:d5:dc:a1:37:38:c0:75:
88:a5:b0:41:44:34:9b:af:ce:17:46:60:b2:97:be:
4f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.32.0/22
46.36.192.0/21
185.4.24.0/22
185.6.152.0/22
185.42.0.0/22
185.65.164.0/22
185.95.108.0/22
185.168.132.0/22
185.182.52.0/22
185.199.56.0/22
185.208.240.0/22
185.242.218.0/24
185.245.212.0/22
194.126.152.0/22
IPv6:
2a02:66c0::/32
2a03:1940::/32
2a04:8d80::/29
2a05:1c0::/29
2a09:1580::/29
2a0a:e480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199775
201508
Signature Algorithm: sha256WithRSAEncryption
6c:7a:f8:e5:43:8c:c9:e2:fd:50:43:67:e4:eb:47:dd:d4:4b:
4a:d4:6a:a1:83:9d:4c:88:7f:6e:d7:3f:a3:44:dd:af:b5:ce:
1f:e7:c3:22:b2:4d:01:ee:3c:e7:67:82:25:0c:56:ed:4a:b9:
08:5e:66:b6:34:62:28:2f:ab:af:55:c4:be:7b:11:7d:70:1c:
c1:65:c3:05:35:7d:0d:5f:54:33:45:01:e7:e9:6b:58:22:1e:
c0:88:4f:a9:04:34:b7:29:4b:7f:7d:f4:7c:fe:88:0e:f9:3b:
0d:dc:d3:f5:0c:6f:3d:ea:6a:6a:34:3c:86:c8:f3:10:d0:c3:
d3:88:f0:67:bb:8f:5d:0d:17:be:74:5f:0e:81:8c:61:12:30:
e0:1f:5c:0f:95:f8:2d:38:c4:8e:a5:d9:07:bf:7d:34:28:3a:
3c:87:24:e4:01:9f:d1:c9:2e:bc:ea:1b:14:d5:80:c6:74:11:
61:b8:8e:37:57:4b:fe:d1:36:d1:a9:b8:05:87:5e:f8:a2:8a:
91:58:f3:2e:ec:33:a9:fe:84:4a:b5:2f:37:c6:c0:7d:5e:0d:
f2:c7:8c:db:46:3b:68:66:5e:38:90:14:00:a5:ca:c5:42:c2:
25:c1:e0:51:8d:2d:c1:db:c7:f9:a2:08:71:5a:8e:8a:3f:04:
d3:ba:4b:a7
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAZQhsY//4txpYzYBox6wuU/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzVhMDU2NmQwYjYzYTFmODYyZDgzNDU4ZTRmMmVhNmZkOGY3ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBQekFSSYtCeq0z82apH7sAXS5Qp
ZBb6w6F/V9H98bWzmKB+G4ZfwHl4FXqQEsSjR+pdIyq7a7l5oks7J19qFwl1iQVl
ZiAoZTh3ILVvNrMGAMoGpEnY+FKCqT2KcDt1qPEKGjQnq8rOOtb04mSWdMM3VS2I
d9HkY0BlAjFRHBmkRw5hmgSOFnJcv8Py1qWvP2yBO2D/Li3iz9MyWxkf5tJS/Jul
ZKeAGxDRD8BFNElwQ/bVAkBajYmuhrKLOU1eo5uQ1hMzw54/lrn+x0bQyo0uUDvz
5js9FQR5vnc1u4874RkI4SFkk9XcoTc4wHWIpbBBRDSbr84XRmCyl75PPQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFLdaBWbQtjofhi2DRY5PLqb9j30hMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQyLzEwMzU3
MC0xY2Y2LTQyYWMtODFkNC04M2Y2MDFjM2ZiNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvMTAzNTcw
LTFjZjYtNDJhYy04MWQ0LTgzZjYwMWMzZmI1OS8xL3Qxb0ZadEMyT2gtR0xZTkZq
azh1cHYyUGZTRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGhBggrBgEF
BQcBBwEB/wSBkTCBjjBaBAIAATBUAwQCLV4gAwQDLiTAAwQCuQQYAwQCuQaYAwQC
uSoAAwQCuUGkAwQCuV9sAwQCuaiEAwQCubY0AwQCucc4AwQCudDwAwQAufLaAwQC
ufXUAwQCwn6YMDAEAgACMCoDBQAqAmbAAwUAKgMZQAMFAyoEjYADBQMqBQHAAwUD
KgkVgAMFAyoK5IAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAwxfAgMDEyQwDQYJ
KoZIhvcNAQELBQADggEBAGx6+OVDjMni/VBDZ+TrR93US0rUaqGDnUyIf27XP6NE
3a+1zh/nwyKyTQHuPOdngiUMVu1KuQheZrY0Yigvq69VxL57EX1wHMFlwwU1fQ1f
VDNFAefpa1giHsCIT6kENLcpS3999Hz+iA75Ow3c0/UMbz3qamo0PIbI8xDQw9OI
8Ge7j10NF750Xw6BjGESMOAfXA+V+C04xI6l2Qe/fTQoOjyHJOQBn9HJLrzqGxTV
gMZ0EWG4jjdXS/7RNtGpuAWHXviiipFY8y7sM6n+hEq1LzfGwH1eDfLHjNtGO2hm
XjiQFAClysVCwiXB4FGNLcHbx/miCHFajoo/BNO6S6c=
-----END CERTIFICATE-----
Generated at Sat Feb 15 00:49:25 2025 by rpki-client