Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
File: tPljRdPyLts5XSR_e4bS1z5KAJE.cer (raw, json)
Hash identifier: C3/zwJDmUrjZARjP1jBw5IlqTjZMxJB6QCTojvuNrjM=
Subject key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0191C190ABCA2498818C4BF8079D0107B5DB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 05 Sep 2024 09:42:49 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 205125
IP: 5.180.136.0/22
IP: 5.252.116.0/22
IP: 45.8.208.0/22
IP: 45.9.72.0/22
IP: 45.86.44.0/22
IP: 45.89.64.0/22
IP: 45.90.216.0/22
IP: 45.95.200.0/22
IP: 45.128.176.0/22
IP: 45.132.252.0/22
IP: 45.133.244.0/22
IP: 45.137.104.0/22
IP: 45.138.72.0/22
IP: 45.142.120.0/22
IP: 45.144.64.0/22
IP: 46.17.104.0/22
IP: 80.76.32.0/22
IP: 82.115.220.0/22
IP: 84.252.72.0/22
IP: 85.209.0.0/22
IP: 91.103.252.0/22
IP: 91.217.76.0/23
IP: 91.217.80.0/23
IP: 92.118.8.0/22
IP: 94.142.136.0/21
IP: 95.214.8.0/22
IP: 103.82.102.0/23
IP: 103.127.76.0/23
IP: 139.28.220.0/22
IP: 147.78.64.0/22
IP: 176.118.196.0/22
IP: 185.5.248.0/22
IP: 185.17.0.0/22
IP: 185.40.4.0/22
IP: 185.58.204.0/22
IP: 185.87.48.0/22
IP: 185.94.164.0/22
IP: 185.102.136.0/22
IP: 185.103.108.0/22
IP: 185.103.252.0/22
IP: 185.104.248.0/22
IP: 185.105.88.0/22
IP: 185.105.116.0/22
IP: 185.106.92.0/22
IP: 185.106.106.0/24
IP: 185.109.20.0/22
IP: 185.112.80.0/22
IP: 185.112.100.0/22
IP: 185.114.72.0/22
IP: 185.117.116.0/22
IP: 185.117.152.0/22
IP: 185.125.48.0/22
IP: 185.125.216.0/22
IP: 185.125.228.0/22
IP: 185.128.104.0/22
IP: 185.139.68.0/22
IP: 185.172.128.0/22
IP: 185.174.136.0/22
IP: 185.180.228.0/22
IP: 185.188.180.0/22
IP: 185.189.12.0/22
IP: 185.195.24.0/22
IP: 185.200.188.0/22
IP: 185.204.0.0/22
IP: 185.212.148.0/22
IP: 185.217.196.0/22
IP: 185.221.160.0/22
IP: 185.229.64.0/22
IP: 185.232.168.0/22
IP: 185.233.80.0/22
IP: 185.233.200.0/22
IP: 185.244.172.0/22
IP: 185.252.144.0/22
IP: 185.255.132.0/22
IP: 192.162.100.0/22
IP: 193.0.200.0/22
IP: 193.34.232.0/22
IP: 193.109.78.0/23
IP: 193.109.84.0/23
IP: 193.124.176.0/20
IP: 193.162.143.0/24
IP: 193.168.224.0/22
IP: 193.238.44.0/24
IP: 193.239.160.0/23
IP: 193.239.166.0/23
IP: 194.36.176.0/22
IP: 194.53.52.0/22
IP: 194.63.140.0/22
IP: 194.67.192.0/19
IP: 195.47.250.0/24
IP: 195.66.87.0/24
IP: 195.66.104.0/24
IP: 195.66.114.0/24
IP: 213.108.196.0/22
IP: 2a03:e2c0::/32
IP: 2a04:5200::/29
IP: 2a09:5300::/29
IP: 2a0a:9300::/29
IP: 2a0b:7780::/29
IP: 2a0b:da00::/29
IP: 2a0c:77c0::/29
IP: 2a0c:aa40::/29
IP: 2a0d:2dc0::/29
IP: 2a0d:3880::/29
IP: 2a0d:8340::/29
IP: 2a0e:d600::/29
IP: 2a0f:7b80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:90:ab:ca:24:98:81:8c:4b:f8:07:9d:01:07:b5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 5 09:42:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:6a:36:9f:3f:58:45:d7:de:ce:15:44:a0:
87:5a:6d:43:2f:ef:69:e7:11:ef:30:0a:c4:07:88:
95:3a:a7:de:f9:3a:19:80:e1:82:2e:0d:c2:20:5f:
92:7c:e1:3b:bc:8a:69:df:2e:e8:eb:d5:c8:4a:2e:
a5:eb:3a:50:9f:fe:a4:17:df:13:f1:9e:7a:41:3a:
6e:86:76:65:b6:88:d1:7b:89:1b:31:ee:79:de:fb:
25:da:98:52:4a:21:87:fe:01:60:ee:d1:5b:1e:28:
31:a9:98:65:66:81:5d:5e:b5:9f:ce:83:dc:c6:54:
76:83:9b:1b:31:24:c9:1d:16:9a:e6:16:ab:dc:ac:
5e:16:ae:c0:05:09:05:bd:9d:0d:6c:52:a5:11:e0:
23:c1:42:60:1b:17:15:f4:6a:17:9e:49:e4:fc:fc:
bd:9c:fb:2d:a4:12:bd:c4:e5:51:26:d5:68:02:5c:
77:06:86:14:04:f5:3c:12:34:fd:4b:83:32:57:9a:
7e:4a:f3:a8:90:2b:a0:b4:53:81:4f:43:1e:08:c7:
00:3b:93:45:ba:db:09:c0:fb:34:3e:47:0c:f8:ad:
bb:5d:fe:69:60:93:65:1e:ca:0e:99:17:5e:fd:d5:
57:f9:3d:8d:42:3d:a8:bb:11:36:13:fd:de:63:9f:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/22
45.8.208.0/22
45.9.72.0/22
45.86.44.0/22
45.89.64.0/22
45.90.216.0/22
45.95.200.0/22
45.128.176.0/22
45.132.252.0/22
45.133.244.0/22
45.137.104.0/22
45.138.72.0/22
45.142.120.0/22
45.144.64.0/22
46.17.104.0/22
80.76.32.0/22
82.115.220.0/22
84.252.72.0/22
85.209.0.0/22
91.103.252.0/22
91.217.76.0/23
91.217.80.0/23
92.118.8.0/22
94.142.136.0/21
95.214.8.0/22
103.82.102.0/23
103.127.76.0/23
139.28.220.0/22
147.78.64.0/22
176.118.196.0/22
185.5.248.0/22
185.17.0.0/22
185.40.4.0/22
185.58.204.0/22
185.87.48.0/22
185.94.164.0/22
185.102.136.0/22
185.103.108.0/22
185.103.252.0/22
185.104.248.0/22
185.105.88.0/22
185.105.116.0/22
185.106.92.0/22
185.106.106.0/24
185.109.20.0/22
185.112.80.0/22
185.112.100.0/22
185.114.72.0/22
185.117.116.0/22
185.117.152.0/22
185.125.48.0/22
185.125.216.0/22
185.125.228.0/22
185.128.104.0/22
185.139.68.0/22
185.172.128.0/22
185.174.136.0/22
185.180.228.0/22
185.188.180.0/22
185.189.12.0/22
185.195.24.0/22
185.200.188.0/22
185.204.0.0/22
185.212.148.0/22
185.217.196.0/22
185.221.160.0/22
185.229.64.0/22
185.232.168.0/22
185.233.80.0/22
185.233.200.0/22
185.244.172.0/22
185.252.144.0/22
185.255.132.0/22
192.162.100.0/22
193.0.200.0/22
193.34.232.0/22
193.109.78.0/23
193.109.84.0/23
193.124.176.0/20
193.162.143.0/24
193.168.224.0/22
193.238.44.0/24
193.239.160.0/23
193.239.166.0/23
194.36.176.0/22
194.53.52.0/22
194.63.140.0/22
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
195.66.104.0/24
195.66.114.0/24
213.108.196.0/22
IPv6:
2a03:e2c0::/32
2a04:5200::/29
2a09:5300::/29
2a0a:9300::/29
2a0b:7780::/29
2a0b:da00::/29
2a0c:77c0::/29
2a0c:aa40::/29
2a0d:2dc0::/29
2a0d:3880::/29
2a0d:8340::/29
2a0e:d600::/29
2a0f:7b80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205125
Signature Algorithm: sha256WithRSAEncryption
9a:fb:2d:7d:9e:8a:6a:d8:ba:5f:36:63:4b:10:44:23:17:f5:
d4:d8:68:97:bc:81:70:d4:f8:30:78:7c:54:6b:6b:61:b4:3c:
67:2c:6c:42:aa:8c:95:9d:8d:2a:20:98:73:b5:d7:b1:2a:c2:
e9:0f:9b:17:13:dc:a8:e9:40:1d:7c:2d:e9:50:52:1d:8a:9c:
e3:a8:88:58:b4:57:a4:e6:f2:e1:ed:43:bc:e7:df:43:91:19:
f6:74:62:71:59:cb:fd:2a:70:a0:77:e3:18:33:ce:05:84:78:
0a:1a:f5:d7:38:c1:68:2a:0e:59:78:ce:f0:10:c7:84:ad:14:
0b:87:d1:f4:ef:77:ab:5e:03:b2:9c:35:d0:3f:e9:23:f3:d1:
50:07:eb:0e:21:b9:34:43:41:8f:06:df:9e:dd:b1:03:26:41:
1d:74:89:f8:78:bc:38:0f:99:ce:a9:f9:d4:6d:4b:5d:46:33:
30:8f:3c:50:16:e2:b0:b9:69:2d:9c:71:a8:db:47:e2:f3:03:
b6:3d:fc:40:9d:99:04:4a:2d:95:df:52:bd:80:a1:2e:a8:47:
6a:55:5b:ee:df:ae:66:64:3f:76:2a:50:2a:a4:78:4e:7c:33:
f9:ef:52:b0:9d:b2:4b:dc:bf:47:8e:9e:e1:50:3f:81:fd:09:
05:6a:00:7e
-----BEGIN CERTIFICATE-----
MIIILzCCBxegAwIBAgISAZHBkKvKJJiBjEv4B50BB7XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwOTA1MDk0MjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbJqNp8/WEXX3s4VRKCHWm1DL+9p
5xHvMArEB4iVOqfe+ToZgOGCLg3CIF+SfOE7vIpp3y7o69XISi6l6zpQn/6kF98T
8Z56QTpuhnZltojRe4kbMe553vsl2phSSiGH/gFg7tFbHigxqZhlZoFdXrWfzoPc
xlR2g5sbMSTJHRaa5har3KxeFq7ABQkFvZ0NbFKlEeAjwUJgGxcV9GoXnknk/Py9
nPstpBK9xOVRJtVoAlx3BoYUBPU8EjT9S4MyV5p+SvOokCugtFOBT0MeCMcAO5NF
utsJwPs0PkcM+K27Xf5pYJNlHsoOmRde/dVX+T2NQj2ouxE2E/3eY5//EwIDAQAB
o4IFOzCCBTcwHQYDVR0OBBYEFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M1LzhlMTIx
ZC03M2IzLTQzOGEtODNjNC02ZmMzNDNkNzdjZDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvOGUxMjFk
LTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRzNVhTUl9l
NGJTMXo1S0FKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICuAYIKwYB
BQUHAQcBAf8EggKnMIICozCCAjwEAgABMIICNAMEAgW0iAMEAgX8dAMEAi0I0AME
Ai0JSAMEAi1WLAMEAi1ZQAMEAi1a2AMEAi1fyAMEAi2AsAMEAi2E/AMEAi2F9AME
Ai2JaAMEAi2KSAMEAi2OeAMEAi2QQAMEAi4RaAMEAlBMIAMEAlJz3AMEAlT8SAME
AlXRAAMEAltn/AMEAVvZTAMEAVvZUAMEAlx2CAMEA16OiAMEAl/WCAMEAWdSZgME
AWd/TAMEAosc3AMEApNOQAMEArB2xAMEArkF+AMEArkRAAMEArkoBAMEArk6zAME
ArlXMAMEArlepAMEArlmiAMEArlnbAMEArln/AMEArlo+AMEArlpWAMEArlpdAME
ArlqXAMEALlqagMEArltFAMEArlwUAMEArlwZAMEArlySAMEArl1dAMEArl1mAME
Arl9MAMEArl92AMEArl95AMEArmAaAMEArmLRAMEArmsgAMEArmuiAMEArm05AME
Arm8tAMEArm9DAMEArnDGAMEArnIvAMEArnMAAMEArnUlAMEArnZxAMEArndoAME
ArnlQAMEArnoqAMEArnpUAMEArnpyAMEArn0rAMEArn8kAMEArn/hAMEAsCiZAME
AsEAyAMEAsEi6AMEAcFtTgMEAcFtVAMEBMF8sAMEAMGijwMEAsGo4AMEAMHuLAME
AcHvoAMEAcHvpgMEAsIksAMEAsI1NAMEAsI/jAMEBcJDwAMEAMMv+gMEAMNCVwME
AMNCaAMEAMNCcgMEAtVsxDBhBAIAAjBbAwUAKgPiwAMFAyoEUgADBQMqCVMAAwUD
KgqTAAMFAyoLd4ADBQMqC9oAAwUDKgx3wAMFAyoMqkADBQMqDS3AAwUDKg04gAMF
AyoNg0ADBQMqDtYAAwUDKg97gDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDIUUw
DQYJKoZIhvcNAQELBQADggEBAJr7LX2eimrYul82Y0sQRCMX9dTYaJe8gXDU+DB4
fFRra2G0PGcsbEKqjJWdjSogmHO117EqwukPmxcT3KjpQB18LelQUh2KnOOoiFi0
V6Tm8uHtQ7zn30ORGfZ0YnFZy/0qcKB34xgzzgWEeAoa9dc4wWgqDll4zvAQx4St
FAuH0fTvd6teA7KcNdA/6SPz0VAH6w4huTRDQY8G357dsQMmQR10ifh4vDgPmc6p
+dRtS11GMzCPPFAW4rC5aS2ccajbR+LzA7Y9/ECdmQRKLZXfUr2AoS6oR2pVW+7f
rmZkP3YqUCqkeE58M/nvUrCdskvcv0eOnuFQP4H9CQVqAH4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:38:58 2024 by rpki-client on console-ams.rpki-client.org