Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
File: v4CafmyhTQoal2Zz4DGeNOlW7T0.cer (raw, json)
Hash identifier: dVm4RMTccEb1jGcqChmCb+qm2jD2Yi3ek8U4zfQYQ6g=
Subject key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427488285F81D0E998482638299E849CD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35332
IP: 2.56.192.0/22
IP: 37.235.112.0/21
IP: 45.89.144.0/22
IP: 45.91.96.0/22
IP: 45.92.208.0/22
IP: 45.116.184.0/22
IP: 45.132.4.0/22
IP: 45.138.136.0/22
IP: 77.242.112.0/20
IP: 83.138.61.0/24
IP: 85.208.132.0/22
IP: 87.236.0.0/21
IP: 103.75.36.0/22
IP: 139.28.200.0/22
IP: 152.89.152.0/22
IP: 185.70.4.0/22
IP: 185.113.212.0/22
IP: 185.151.96.0/22
IP: 185.171.89.0 -- 185.171.90.255
IP: 185.217.160.0/22
IP: 188.34.0.0/18
IP: 188.92.56.0/21
IP: 194.5.181.0/24
IP: 194.153.185.0/24
IP: 194.156.2.0/24
IP: 194.156.134.0/24
IP: 194.156.144.0/24
IP: 195.234.88.0/23
IP: 205.132.144.0/21
IP: 208.75.220.0/22
IP: 208.88.128.0/22
IP: 212.16.112.0/20
IP: 2a00:a000::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:82:85:f8:1d:0e:99:84:82:63:82:99:e8:49:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:cd:42:e4:e3:f9:a5:fa:f9:ad:d1:7d:31:
2a:41:f3:a7:7c:67:91:fc:6c:ea:5e:9b:83:8d:88:
12:bb:c0:25:24:cf:82:de:04:22:f3:4c:ee:10:4f:
72:10:9d:64:08:c5:48:17:dc:01:3c:ee:80:72:f5:
23:03:b8:db:47:68:c3:c9:13:a9:b2:e4:5b:5b:6d:
ed:76:05:b4:ba:40:0f:15:fa:65:ff:36:ac:eb:4f:
93:c7:1a:d9:4e:15:41:2f:6b:e8:3e:29:0d:78:4d:
b1:27:03:46:71:f1:57:97:f8:89:09:94:90:aa:6e:
37:4d:8f:4f:ac:01:5e:b2:3a:c5:4b:0f:42:cc:2c:
01:7f:fd:8f:1e:f2:89:8f:1d:6d:89:e4:bb:7d:2b:
4b:a0:04:4b:2c:73:39:3b:93:07:96:27:c3:81:a2:
d5:b9:32:2a:d4:74:72:14:d5:3f:6a:a9:ea:4b:ec:
e4:f6:8b:f1:41:69:c1:6b:2c:fc:7c:fe:34:46:7f:
71:2d:0d:6e:48:f3:aa:ac:e5:24:78:50:14:ff:62:
3f:7d:dd:ac:59:b2:27:a7:98:50:c3:3d:53:16:16:
32:51:b0:e4:7f:c2:da:50:00:d8:58:f2:29:4f:7e:
c7:db:50:68:a7:ce:c1:e1:66:4a:34:bb:f2:e5:57:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.192.0/22
37.235.112.0/21
45.89.144.0/22
45.91.96.0/22
45.92.208.0/22
45.116.184.0/22
45.132.4.0/22
45.138.136.0/22
77.242.112.0/20
83.138.61.0/24
85.208.132.0/22
87.236.0.0/21
103.75.36.0/22
139.28.200.0/22
152.89.152.0/22
185.70.4.0/22
185.113.212.0/22
185.151.96.0/22
185.171.89.0-185.171.90.255
185.217.160.0/22
188.34.0.0/18
188.92.56.0/21
194.5.181.0/24
194.153.185.0/24
194.156.2.0/24
194.156.134.0/24
194.156.144.0/24
195.234.88.0/23
205.132.144.0/21
208.75.220.0/22
208.88.128.0/22
212.16.112.0/20
IPv6:
2a00:a000::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35332
Signature Algorithm: sha256WithRSAEncryption
42:75:da:e6:bb:cb:38:40:b4:fe:e1:83:07:3b:67:ee:f1:ee:
20:e2:39:51:e8:ff:f8:19:b9:ac:33:79:d4:eb:a9:12:23:19:
2f:91:db:0a:dd:50:56:a0:e8:8c:2c:bc:26:4b:b4:77:50:93:
64:89:31:a4:0a:4d:0c:f1:7e:3c:80:37:01:e8:6a:b7:80:cc:
80:6e:66:30:32:6e:f3:15:eb:52:4a:ef:88:d1:92:a3:e4:25:
a5:71:95:e2:26:95:11:6e:f3:b7:3b:da:fc:fc:60:fc:ab:fc:
99:24:66:8a:59:68:f3:68:49:06:b3:2f:30:74:1c:da:42:9d:
ce:36:66:ed:c5:13:82:15:0c:5a:cc:5e:4b:70:4c:12:54:15:
7c:6b:53:30:c3:48:8a:b5:cd:20:7f:96:c2:ea:b1:79:58:71:
0e:7f:c0:8a:5a:81:ed:6d:68:d7:95:9f:4a:aa:82:34:2e:da:
fb:7b:73:ad:73:a3:b9:d1:ad:9b:35:53:c9:9b:60:c2:e8:41:
fd:24:96:e6:91:f2:86:6c:b5:8c:51:d3:87:8c:92:f8:bc:94:
ca:5b:37:e0:5b:ee:c7:ac:04:05:e1:9a:b9:f1:0c:c2:95:af:
8b:42:32:88:15:6c:14:63:07:69:21:d5:b8:8d:6b:03:18:6e:
53:b7:3c:6c
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISAZQnSIKF+B0OmYSCY4KZ6EnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgwOWE3ZTZjYTE0ZDBhMWE5NzY2NzNlMDMxOWUzNGU5NTZlZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTLNQuTj+aX6+a3RfTEqQfOnfGeR
/GzqXpuDjYgSu8AlJM+C3gQi80zuEE9yEJ1kCMVIF9wBPO6AcvUjA7jbR2jDyROp
suRbW23tdgW0ukAPFfpl/zas60+TxxrZThVBL2voPikNeE2xJwNGcfFXl/iJCZSQ
qm43TY9PrAFesjrFSw9CzCwBf/2PHvKJjx1tieS7fStLoARLLHM5O5MHlifDgaLV
uTIq1HRyFNU/aqnqS+zk9ovxQWnBayz8fP40Rn9xLQ1uSPOqrOUkeFAU/2I/fd2s
WbInp5hQwz1TFhYyUbDkf8LaUADYWPIpT37H21Bop87B4WZKNLvy5VftrQIDAQAB
o4IDdjCCA3IwHQYDVR0OBBYEFL+Amn5soU0KGpdmc+AxnjTpVu09MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg5LzNhMzgy
YS0zZGRhLTQ3OTYtYjMyMC0zZmRmYjQxNDBmMjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkvM2EzODJh
LTNkZGEtNDc5Ni1iMzIwLTNmZGZiNDE0MGYyNC8xL3Y0Q2FmbXloVFFvYWwyWno0
REdlTk9sVzdUMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIH0BggrBgEF
BQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgDBAICOMADBAMl63ADBAItWZADBAItW2AD
BAItXNADBAItdLgDBAIthAQDBAItiogDBARN8nADBABTij0DBAJV0IQDBANX7AAD
BAJnSyQDBAKLHMgDBAKYWZgDBAK5RgQDBAK5cdQDBAK5l2AwDAMEALmrWQMEALmr
WgMEArnZoAMEBrwiAAMEA7xcOAMEAMIFtQMEAMKZuQMEAMKcAgMEAMKchgMEAMKc
kAMEAcPqWAMEA82EkAMEAtBL3AMEAtBYgAMEBNQQcDANBAIAAjAHAwUAKgCgADAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAigQwDQYJKoZIhvcNAQELBQADggEBAEJ1
2ua7yzhAtP7hgwc7Z+7x7iDiOVHo//gZuawzedTrqRIjGS+R2wrdUFag6IwsvCZL
tHdQk2SJMaQKTQzxfjyANwHoareAzIBuZjAybvMV61JK74jRkqPkJaVxleImlRFu
87c72vz8YPyr/JkkZopZaPNoSQazLzB0HNpCnc42Zu3FE4IVDFrMXktwTBJUFXxr
UzDDSIq1zSB/lsLqsXlYcQ5/wIpage1taNeVn0qqgjQu2vt7c61zo7nRrZs1U8mb
YMLoQf0kluaR8oZstYxR04eMkvi8lMpbN+Bb7sesBAXhmrnxDMKVr4tCMogVbBRj
B2kh1biNawMYblO3PGw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:45:20 2025 by rpki-client