Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
File: tPljRdPyLts5XSR_e4bS1z5KAJE.cer (raw, json)
Hash identifier: Rh/YICvWuWaYCKlQi+AoaH/ItxSgWq3GWlcrgnIH7IQ=
Subject key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DCB7EA7E64D4DAA884694AFB6166E4F61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 21 Feb 2024 11:48:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35196
AS: 205125
IP: 5.180.136.0/22
IP: 5.252.116.0/22
IP: 45.8.208.0/22
IP: 45.9.72.0/22
IP: 45.86.44.0/22
IP: 45.89.64.0/22
IP: 45.90.216.0/22
IP: 45.95.200.0/22
IP: 45.128.176.0/22
IP: 45.132.252.0/22
IP: 45.133.244.0/22
IP: 45.137.104.0/22
IP: 45.138.72.0/22
IP: 45.142.120.0/22
IP: 45.144.64.0/22
IP: 46.17.104.0/22
IP: 80.76.32.0/22
IP: 82.115.220.0/22
IP: 84.252.72.0/22
IP: 85.209.0.0/22
IP: 91.103.252.0/22
IP: 91.217.76.0/23
IP: 91.217.80.0/23
IP: 92.118.8.0/22
IP: 94.142.136.0/21
IP: 95.214.8.0/22
IP: 103.82.102.0/23
IP: 103.127.76.0/23
IP: 139.28.220.0/22
IP: 147.78.64.0/22
IP: 176.118.196.0/22
IP: 185.5.248.0/22
IP: 185.17.0.0/22
IP: 185.40.4.0/22
IP: 185.58.204.0/22
IP: 185.87.48.0/22
IP: 185.94.164.0/22
IP: 185.102.136.0/22
IP: 185.103.108.0/22
IP: 185.103.252.0/22
IP: 185.104.248.0/22
IP: 185.105.88.0/22
IP: 185.105.116.0/22
IP: 185.106.92.0/22
IP: 185.106.106.0/24
IP: 185.109.20.0/22
IP: 185.112.80.0/22
IP: 185.112.100.0/22
IP: 185.114.72.0/22
IP: 185.117.116.0/22
IP: 185.117.152.0/22
IP: 185.125.48.0/22
IP: 185.125.216.0/22
IP: 185.125.228.0/22
IP: 185.128.104.0/22
IP: 185.139.68.0/22
IP: 185.172.128.0/22
IP: 185.174.136.0/22
IP: 185.180.228.0/22
IP: 185.188.180.0/22
IP: 185.189.12.0/22
IP: 185.195.24.0/22
IP: 185.200.188.0/22
IP: 185.204.0.0/22
IP: 185.212.148.0/22
IP: 185.217.196.0/22
IP: 185.221.160.0/22
IP: 185.229.64.0/22
IP: 185.232.168.0/22
IP: 185.233.80.0/22
IP: 185.233.200.0/22
IP: 185.244.172.0/22
IP: 185.252.144.0/22
IP: 185.255.132.0/22
IP: 192.162.100.0/22
IP: 193.0.200.0/22
IP: 193.34.232.0/22
IP: 193.109.78.0/23
IP: 193.109.84.0/23
IP: 193.124.176.0/20
IP: 193.162.143.0/24
IP: 193.168.224.0/22
IP: 193.238.44.0/24
IP: 193.239.160.0/23
IP: 193.239.166.0/23
IP: 194.36.176.0/22
IP: 194.53.52.0/22
IP: 194.63.140.0/22
IP: 194.67.192.0/19
IP: 195.47.250.0/24
IP: 195.66.87.0/24
IP: 195.66.104.0/24
IP: 195.66.114.0/24
IP: 213.108.196.0/22
IP: 2a03:e2c0::/32
IP: 2a04:5200::/29
IP: 2a09:5300::/29
IP: 2a0a:9300::/29
IP: 2a0b:7780::/29
IP: 2a0b:da00::/29
IP: 2a0c:77c0::/29
IP: 2a0c:aa40::/29
IP: 2a0d:2dc0::/29
IP: 2a0d:3880::/29
IP: 2a0d:8340::/29
IP: 2a0e:d600::/29
IP: 2a0f:7b80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:7e:a7:e6:4d:4d:aa:88:46:94:af:b6:16:6e:4f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 21 11:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:6a:36:9f:3f:58:45:d7:de:ce:15:44:a0:
87:5a:6d:43:2f:ef:69:e7:11:ef:30:0a:c4:07:88:
95:3a:a7:de:f9:3a:19:80:e1:82:2e:0d:c2:20:5f:
92:7c:e1:3b:bc:8a:69:df:2e:e8:eb:d5:c8:4a:2e:
a5:eb:3a:50:9f:fe:a4:17:df:13:f1:9e:7a:41:3a:
6e:86:76:65:b6:88:d1:7b:89:1b:31:ee:79:de:fb:
25:da:98:52:4a:21:87:fe:01:60:ee:d1:5b:1e:28:
31:a9:98:65:66:81:5d:5e:b5:9f:ce:83:dc:c6:54:
76:83:9b:1b:31:24:c9:1d:16:9a:e6:16:ab:dc:ac:
5e:16:ae:c0:05:09:05:bd:9d:0d:6c:52:a5:11:e0:
23:c1:42:60:1b:17:15:f4:6a:17:9e:49:e4:fc:fc:
bd:9c:fb:2d:a4:12:bd:c4:e5:51:26:d5:68:02:5c:
77:06:86:14:04:f5:3c:12:34:fd:4b:83:32:57:9a:
7e:4a:f3:a8:90:2b:a0:b4:53:81:4f:43:1e:08:c7:
00:3b:93:45:ba:db:09:c0:fb:34:3e:47:0c:f8:ad:
bb:5d:fe:69:60:93:65:1e:ca:0e:99:17:5e:fd:d5:
57:f9:3d:8d:42:3d:a8:bb:11:36:13:fd:de:63:9f:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/22
45.8.208.0/22
45.9.72.0/22
45.86.44.0/22
45.89.64.0/22
45.90.216.0/22
45.95.200.0/22
45.128.176.0/22
45.132.252.0/22
45.133.244.0/22
45.137.104.0/22
45.138.72.0/22
45.142.120.0/22
45.144.64.0/22
46.17.104.0/22
80.76.32.0/22
82.115.220.0/22
84.252.72.0/22
85.209.0.0/22
91.103.252.0/22
91.217.76.0/23
91.217.80.0/23
92.118.8.0/22
94.142.136.0/21
95.214.8.0/22
103.82.102.0/23
103.127.76.0/23
139.28.220.0/22
147.78.64.0/22
176.118.196.0/22
185.5.248.0/22
185.17.0.0/22
185.40.4.0/22
185.58.204.0/22
185.87.48.0/22
185.94.164.0/22
185.102.136.0/22
185.103.108.0/22
185.103.252.0/22
185.104.248.0/22
185.105.88.0/22
185.105.116.0/22
185.106.92.0/22
185.106.106.0/24
185.109.20.0/22
185.112.80.0/22
185.112.100.0/22
185.114.72.0/22
185.117.116.0/22
185.117.152.0/22
185.125.48.0/22
185.125.216.0/22
185.125.228.0/22
185.128.104.0/22
185.139.68.0/22
185.172.128.0/22
185.174.136.0/22
185.180.228.0/22
185.188.180.0/22
185.189.12.0/22
185.195.24.0/22
185.200.188.0/22
185.204.0.0/22
185.212.148.0/22
185.217.196.0/22
185.221.160.0/22
185.229.64.0/22
185.232.168.0/22
185.233.80.0/22
185.233.200.0/22
185.244.172.0/22
185.252.144.0/22
185.255.132.0/22
192.162.100.0/22
193.0.200.0/22
193.34.232.0/22
193.109.78.0/23
193.109.84.0/23
193.124.176.0/20
193.162.143.0/24
193.168.224.0/22
193.238.44.0/24
193.239.160.0/23
193.239.166.0/23
194.36.176.0/22
194.53.52.0/22
194.63.140.0/22
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
195.66.104.0/24
195.66.114.0/24
213.108.196.0/22
IPv6:
2a03:e2c0::/32
2a04:5200::/29
2a09:5300::/29
2a0a:9300::/29
2a0b:7780::/29
2a0b:da00::/29
2a0c:77c0::/29
2a0c:aa40::/29
2a0d:2dc0::/29
2a0d:3880::/29
2a0d:8340::/29
2a0e:d600::/29
2a0f:7b80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35196
205125
Signature Algorithm: sha256WithRSAEncryption
3d:95:21:df:19:56:74:ad:78:0f:7e:c0:78:c9:8f:d4:9d:c0:
79:a2:df:71:b9:25:d8:0c:f0:97:42:a9:64:57:ea:f2:c9:2f:
32:22:68:8b:e1:c0:97:44:d4:00:f6:8c:40:d8:0b:cd:c0:80:
4e:a9:0c:3e:8b:24:a0:d5:3d:31:ee:7e:89:60:bb:15:44:f4:
a9:b4:62:3f:c9:ec:98:8a:b6:10:17:fc:ce:eb:83:10:4e:29:
37:ae:e2:64:19:44:8d:a0:91:f5:e5:30:55:1a:f4:72:00:0c:
d1:59:c0:87:27:7b:e5:9c:fb:14:10:49:29:84:50:34:91:1b:
ab:74:b0:ba:1d:d1:71:f6:d4:84:d4:b5:06:a6:bd:38:4c:06:
bf:d1:ee:80:35:f3:75:d1:f4:57:b4:18:f1:bc:29:95:5d:ee:
1a:96:b9:8a:52:b5:c4:9c:c3:36:93:b3:be:2b:ac:7a:98:39:
80:2c:fd:4e:5a:da:e1:ec:de:ad:6b:ae:a0:96:4b:a3:35:49:
8c:89:a5:3e:86:b6:3d:f6:34:ea:c8:02:d7:66:b4:c0:09:b2:
95:86:7e:01:d2:9d:12:b3:11:20:81:0a:32:b3:07:a8:26:9e:
25:a0:46:ff:0f:0e:85:dd:e7:28:68:0a:0b:42:f2:ec:09:88:
47:3b:d7:2b
-----BEGIN CERTIFICATE-----
MIIINDCCBxygAwIBAgISAY3LfqfmTU2qiEaUr7YWbk9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjIxMTE0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbJqNp8/WEXX3s4VRKCHWm1DL+9p
5xHvMArEB4iVOqfe+ToZgOGCLg3CIF+SfOE7vIpp3y7o69XISi6l6zpQn/6kF98T
8Z56QTpuhnZltojRe4kbMe553vsl2phSSiGH/gFg7tFbHigxqZhlZoFdXrWfzoPc
xlR2g5sbMSTJHRaa5har3KxeFq7ABQkFvZ0NbFKlEeAjwUJgGxcV9GoXnknk/Py9
nPstpBK9xOVRJtVoAlx3BoYUBPU8EjT9S4MyV5p+SvOokCugtFOBT0MeCMcAO5NF
utsJwPs0PkcM+K27Xf5pYJNlHsoOmRde/dVX+T2NQj2ouxE2E/3eY5//EwIDAQAB
o4IFQDCCBTwwHQYDVR0OBBYEFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M1LzhlMTIx
ZC03M2IzLTQzOGEtODNjNC02ZmMzNDNkNzdjZDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvOGUxMjFk
LTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRzNVhTUl9l
NGJTMXo1S0FKRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICuAYIKwYB
BQUHAQcBAf8EggKnMIICozCCAjwEAgABMIICNAMEAgW0iAMEAgX8dAMEAi0I0AME
Ai0JSAMEAi1WLAMEAi1ZQAMEAi1a2AMEAi1fyAMEAi2AsAMEAi2E/AMEAi2F9AME
Ai2JaAMEAi2KSAMEAi2OeAMEAi2QQAMEAi4RaAMEAlBMIAMEAlJz3AMEAlT8SAME
AlXRAAMEAltn/AMEAVvZTAMEAVvZUAMEAlx2CAMEA16OiAMEAl/WCAMEAWdSZgME
AWd/TAMEAosc3AMEApNOQAMEArB2xAMEArkF+AMEArkRAAMEArkoBAMEArk6zAME
ArlXMAMEArlepAMEArlmiAMEArlnbAMEArln/AMEArlo+AMEArlpWAMEArlpdAME
ArlqXAMEALlqagMEArltFAMEArlwUAMEArlwZAMEArlySAMEArl1dAMEArl1mAME
Arl9MAMEArl92AMEArl95AMEArmAaAMEArmLRAMEArmsgAMEArmuiAMEArm05AME
Arm8tAMEArm9DAMEArnDGAMEArnIvAMEArnMAAMEArnUlAMEArnZxAMEArndoAME
ArnlQAMEArnoqAMEArnpUAMEArnpyAMEArn0rAMEArn8kAMEArn/hAMEAsCiZAME
AsEAyAMEAsEi6AMEAcFtTgMEAcFtVAMEBMF8sAMEAMGijwMEAsGo4AMEAMHuLAME
AcHvoAMEAcHvpgMEAsIksAMEAsI1NAMEAsI/jAMEBcJDwAMEAMMv+gMEAMNCVwME
AMNCaAMEAMNCcgMEAtVsxDBhBAIAAjBbAwUAKgPiwAMFAyoEUgADBQMqCVMAAwUD
KgqTAAMFAyoLd4ADBQMqC9oAAwUDKgx3wAMFAyoMqkADBQMqDS3AAwUDKg04gAMF
AyoNg0ADBQMqDtYAAwUDKg97gDAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMAiXwC
AwMhRTANBgkqhkiG9w0BAQsFAAOCAQEAPZUh3xlWdK14D37AeMmP1J3AeaLfcbkl
2Azwl0KpZFfq8skvMiJoi+HAl0TUAPaMQNgLzcCATqkMPoskoNU9Me5+iWC7FUT0
qbRiP8nsmIq2EBf8zuuDEE4pN67iZBlEjaCR9eUwVRr0cgAM0VnAhyd75Zz7FBBJ
KYRQNJEbq3Swuh3RcfbUhNS1Bqa9OEwGv9HugDXzddH0V7QY8bwplV3uGpa5ilK1
xJzDNpOzviusepg5gCz9Tlra4ezerWuuoJZLozVJjImlPoa2PfY06sgC12a0wAmy
lYZ+AdKdErMRIIEKMrMHqCaeJaBG/w8Ohd3nKGgKC0Ly7AmIRzvXKw==
-----END CERTIFICATE-----
Generated at Fri May 3 02:17:15 2024 by rpki-client on console-ams.rpki-client.org