Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
File: v4CafmyhTQoal2Zz4DGeNOlW7T0.cer (raw, json)
Hash identifier: hBA8ZrkVLhGPqLlu6oKbZcTBvJUt1e8qFmxfIHms3FQ=
Subject key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E9D88852E3F5F4F5E2FCB726A3FAB49CB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Apr 2024 06:39:13 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35332
IP: 2.56.192.0/22
IP: 37.235.112.0/21
IP: 45.89.144.0/22
IP: 45.91.96.0/22
IP: 45.92.208.0/22
IP: 45.116.184.0/22
IP: 45.132.4.0/22
IP: 45.138.136.0/22
IP: 77.242.112.0/20
IP: 83.138.61.0/24
IP: 85.208.132.0/22
IP: 87.236.0.0/21
IP: 103.75.36.0/22
IP: 139.28.200.0/22
IP: 152.89.152.0/22
IP: 185.70.4.0/22
IP: 185.113.212.0/22
IP: 185.151.96.0/22
IP: 185.171.89.0 -- 185.171.90.255
IP: 185.217.160.0/22
IP: 188.34.0.0/18
IP: 188.92.56.0/21
IP: 194.5.181.0/24
IP: 194.153.185.0/24
IP: 194.156.2.0/24
IP: 194.156.134.0/24
IP: 194.156.144.0/24
IP: 195.234.88.0/23
IP: 205.132.144.0/21
IP: 208.75.220.0/22
IP: 208.88.128.0/22
IP: 212.16.112.0/20
IP: 2a00:a000::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:88:85:2e:3f:5f:4f:5e:2f:cb:72:6a:3f:ab:49:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 2 06:39:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:cd:42:e4:e3:f9:a5:fa:f9:ad:d1:7d:31:
2a:41:f3:a7:7c:67:91:fc:6c:ea:5e:9b:83:8d:88:
12:bb:c0:25:24:cf:82:de:04:22:f3:4c:ee:10:4f:
72:10:9d:64:08:c5:48:17:dc:01:3c:ee:80:72:f5:
23:03:b8:db:47:68:c3:c9:13:a9:b2:e4:5b:5b:6d:
ed:76:05:b4:ba:40:0f:15:fa:65:ff:36:ac:eb:4f:
93:c7:1a:d9:4e:15:41:2f:6b:e8:3e:29:0d:78:4d:
b1:27:03:46:71:f1:57:97:f8:89:09:94:90:aa:6e:
37:4d:8f:4f:ac:01:5e:b2:3a:c5:4b:0f:42:cc:2c:
01:7f:fd:8f:1e:f2:89:8f:1d:6d:89:e4:bb:7d:2b:
4b:a0:04:4b:2c:73:39:3b:93:07:96:27:c3:81:a2:
d5:b9:32:2a:d4:74:72:14:d5:3f:6a:a9:ea:4b:ec:
e4:f6:8b:f1:41:69:c1:6b:2c:fc:7c:fe:34:46:7f:
71:2d:0d:6e:48:f3:aa:ac:e5:24:78:50:14:ff:62:
3f:7d:dd:ac:59:b2:27:a7:98:50:c3:3d:53:16:16:
32:51:b0:e4:7f:c2:da:50:00:d8:58:f2:29:4f:7e:
c7:db:50:68:a7:ce:c1:e1:66:4a:34:bb:f2:e5:57:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.192.0/22
37.235.112.0/21
45.89.144.0/22
45.91.96.0/22
45.92.208.0/22
45.116.184.0/22
45.132.4.0/22
45.138.136.0/22
77.242.112.0/20
83.138.61.0/24
85.208.132.0/22
87.236.0.0/21
103.75.36.0/22
139.28.200.0/22
152.89.152.0/22
185.70.4.0/22
185.113.212.0/22
185.151.96.0/22
185.171.89.0-185.171.90.255
185.217.160.0/22
188.34.0.0/18
188.92.56.0/21
194.5.181.0/24
194.153.185.0/24
194.156.2.0/24
194.156.134.0/24
194.156.144.0/24
195.234.88.0/23
205.132.144.0/21
208.75.220.0/22
208.88.128.0/22
212.16.112.0/20
IPv6:
2a00:a000::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35332
Signature Algorithm: sha256WithRSAEncryption
12:73:75:d4:d7:ac:4a:fe:b9:a7:ad:e6:fb:f1:84:29:63:a6:
5d:34:e2:79:66:ef:88:bd:ed:86:d7:dd:e1:4f:6c:8e:f1:8c:
86:e2:1d:92:a1:51:53:6b:6b:0c:07:15:da:c0:c2:14:58:a2:
71:58:c2:27:f3:9e:43:e2:65:d1:d1:41:74:9b:e1:7c:58:91:
24:63:66:c9:66:cb:5a:8a:a1:ad:4f:c0:cc:f1:78:71:e6:e2:
e7:03:49:5f:57:d4:f0:35:78:b5:42:16:ad:ea:da:26:56:b6:
43:61:79:4d:6c:e8:19:2e:df:af:5f:84:ee:48:ce:3a:29:01:
17:ee:05:91:1b:e1:58:7c:50:1f:d8:d9:97:af:a9:bd:2c:ac:
8a:97:35:2d:f7:85:d4:cc:6c:bb:31:aa:82:50:e8:d1:d0:94:
e9:52:d7:69:92:d6:af:a7:49:a2:18:d6:c3:3e:e6:bf:8d:88:
c5:4a:b3:70:cf:c6:15:24:dc:8f:73:3a:98:63:2a:8a:15:2c:
4d:14:c2:78:53:94:8b:4b:14:19:8d:9b:95:20:1c:55:38:0a:
37:68:4f:ed:85:03:15:c8:e2:cd:52:ca:e0:f5:31:4b:9f:4a:
73:9e:03:2f:4b:36:5d:8d:03:5a:96:02:7f:a3:2d:9b:10:32:
7c:e8:87:ec
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISAY6diIUuP19PXi/Lcmo/q0nLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDAyMDYzOTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgwOWE3ZTZjYTE0ZDBhMWE5NzY2NzNlMDMxOWUzNGU5NTZlZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTLNQuTj+aX6+a3RfTEqQfOnfGeR
/GzqXpuDjYgSu8AlJM+C3gQi80zuEE9yEJ1kCMVIF9wBPO6AcvUjA7jbR2jDyROp
suRbW23tdgW0ukAPFfpl/zas60+TxxrZThVBL2voPikNeE2xJwNGcfFXl/iJCZSQ
qm43TY9PrAFesjrFSw9CzCwBf/2PHvKJjx1tieS7fStLoARLLHM5O5MHlifDgaLV
uTIq1HRyFNU/aqnqS+zk9ovxQWnBayz8fP40Rn9xLQ1uSPOqrOUkeFAU/2I/fd2s
WbInp5hQwz1TFhYyUbDkf8LaUADYWPIpT37H21Bop87B4WZKNLvy5VftrQIDAQAB
o4IDdjCCA3IwHQYDVR0OBBYEFL+Amn5soU0KGpdmc+AxnjTpVu09MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg5LzNhMzgy
YS0zZGRhLTQ3OTYtYjMyMC0zZmRmYjQxNDBmMjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkvM2EzODJh
LTNkZGEtNDc5Ni1iMzIwLTNmZGZiNDE0MGYyNC8xL3Y0Q2FmbXloVFFvYWwyWno0
REdlTk9sVzdUMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH0BggrBgEF
BQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgDBAICOMADBAMl63ADBAItWZADBAItW2AD
BAItXNADBAItdLgDBAIthAQDBAItiogDBARN8nADBABTij0DBAJV0IQDBANX7AAD
BAJnSyQDBAKLHMgDBAKYWZgDBAK5RgQDBAK5cdQDBAK5l2AwDAMEALmrWQMEALmr
WgMEArnZoAMEBrwiAAMEA7xcOAMEAMIFtQMEAMKZuQMEAMKcAgMEAMKchgMEAMKc
kAMEAcPqWAMEA82EkAMEAtBL3AMEAtBYgAMEBNQQcDANBAIAAjAHAwUAKgCgADAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAigQwDQYJKoZIhvcNAQELBQADggEBABJz
ddTXrEr+uaet5vvxhCljpl004nlm74i97YbX3eFPbI7xjIbiHZKhUVNrawwHFdrA
whRYonFYwifznkPiZdHRQXSb4XxYkSRjZslmy1qKoa1PwMzxeHHm4ucDSV9X1PA1
eLVCFq3q2iZWtkNheU1s6Bku369fhO5IzjopARfuBZEb4Vh8UB/Y2Zevqb0srIqX
NS33hdTMbLsxqoJQ6NHQlOlS12mS1q+nSaIY1sM+5r+NiMVKs3DPxhUk3I9zOphj
KooVLE0UwnhTlItLFBmNm5UgHFU4CjdoT+2FAxXI4s1SyuD1MUufSnOeAy9LNl2N
A1qWAn+jLZsQMnzoh+w=
-----END CERTIFICATE-----
Generated at Fri May 3 11:04:36 2024 by rpki-client on console-fra.rpki-client.org