Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
File: v4QRNUXZAAdg9mBipCIZM6LpWdg.cer (raw, json)
Hash identifier: Dy6LluM7G6tOYMufmKKGzvXYBK44RypuOwsd3xpKxRk=
Subject key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5014F281088F5192589C1E9C9B0766E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:30:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 61087
IP: 5.181.20.0/22
IP: 45.14.244.0/22
IP: 45.89.60.0/22
IP: 45.91.52.0/22
IP: 45.130.68.0/22
IP: 45.140.144.0/22
IP: 45.140.164.0/22
IP: 45.144.28.0/22
IP: 45.144.232.0/22
IP: 45.150.64.0/22
IP: 45.155.52.0/22
IP: 62.3.13.0/24
IP: 79.143.19.0/24
IP: 91.194.10.0/23
IP: 109.107.155.0/24
IP: 146.19.106.0/24
IP: 146.19.230.0/24
IP: 185.234.247.0/24
IP: 185.248.33.0/24
IP: 185.255.30.0/24
IP: 193.3.177.0/24
IP: 194.39.110.0/24
IP: 195.16.74.0/24
IP: 212.18.104.0/24
IP: 2a0c:ab00::/29
IP: 2a0e:4000::/29
IP: 2a10:2ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4f:28:10:88:f5:19:25:89:c1:e9:c9:b0:76:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf84113545d9000760f66062a4221933a2e959d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cc:67:75:e0:e1:53:07:55:3b:83:ed:98:e5:
34:3a:71:57:be:af:0b:f0:ef:a4:9f:33:fd:75:64:
f9:a5:93:3c:7f:3c:4b:fc:b8:75:64:8f:a3:3c:13:
37:fa:c1:a9:3e:f4:f4:16:78:aa:b2:d6:58:1d:33:
ee:65:10:96:1f:6e:5b:7f:f9:5f:d7:80:84:1b:13:
21:73:e6:49:b2:13:7d:d9:c9:da:b2:34:1b:d3:37:
0a:b5:39:7c:6f:4c:60:19:ff:bf:8a:5e:ff:16:9d:
4f:f9:0a:42:b5:c5:bc:4d:be:9d:a8:fe:78:66:40:
15:de:46:9b:a3:50:cd:64:5c:c5:82:c4:0b:77:c8:
6c:fa:f1:68:7c:e0:3f:86:97:de:e4:18:94:b6:b2:
6c:ce:a5:af:ba:de:eb:b3:84:8d:25:fc:1d:a3:de:
8d:2f:00:f6:43:28:c6:89:52:c2:12:33:d5:0e:36:
7f:aa:2e:ea:b2:bc:06:96:bd:82:22:a1:91:c9:02:
30:cc:b8:c4:27:51:98:bc:b3:0e:cf:47:23:bc:b9:
3d:88:d7:79:ac:46:04:c7:17:8a:7f:bf:b5:aa:9c:
75:0a:b0:6d:0d:29:6e:a5:05:ef:9f:8f:e3:c3:c0:
c0:81:30:98:c4:85:5b:9d:64:62:ee:3f:e8:5b:6b:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.89.60.0/22
45.91.52.0/22
45.130.68.0/22
45.140.144.0/22
45.140.164.0/22
45.144.28.0/22
45.144.232.0/22
45.150.64.0/22
45.155.52.0/22
62.3.13.0/24
79.143.19.0/24
91.194.10.0/23
109.107.155.0/24
146.19.106.0/24
146.19.230.0/24
185.234.247.0/24
185.248.33.0/24
185.255.30.0/24
193.3.177.0/24
194.39.110.0/24
195.16.74.0/24
212.18.104.0/24
IPv6:
2a0c:ab00::/29
2a0e:4000::/29
2a10:2ec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61087
Signature Algorithm: sha256WithRSAEncryption
46:4d:1d:0a:e7:ed:27:da:74:82:d3:1b:ac:37:46:55:cf:09:
e7:92:87:0b:ec:13:c4:79:60:b4:3a:2d:d9:83:2a:11:62:9e:
ba:6a:f9:7d:4d:55:bd:19:13:77:d8:8d:63:86:de:92:de:d3:
e8:16:b2:5a:55:e4:97:8f:e9:7e:fe:fd:35:8f:1f:19:2f:fa:
df:d3:ae:22:a6:03:71:f6:30:52:79:d6:21:89:10:27:bb:0b:
f0:71:a6:2d:6d:86:91:35:58:ad:a7:e0:69:77:92:81:c4:ce:
73:b9:ca:24:4b:c5:bd:3d:d6:8b:a6:25:0f:85:5e:c6:ed:99:
b8:89:6e:ba:01:0d:83:91:29:9f:eb:d6:d3:ee:f0:59:8e:75:
dd:09:ba:bd:c9:d1:ad:19:c4:de:75:b0:0a:9b:46:47:9d:78:
12:54:3c:86:58:06:79:6e:7c:13:3a:01:f7:e7:55:e6:7f:68:
82:4a:de:4c:78:19:29:db:70:2e:aa:83:aa:ef:9c:f1:5b:4c:
af:43:96:3e:58:3f:68:00:94:f1:f9:a6:e7:a8:63:12:7e:61:
84:b7:1c:5e:40:35:75:d3:4b:80:a2:5b:2b:44:95:b4:62:3d:
45:d6:b0:9e:b5:89:ce:64:e8:4a:3c:0b:3e:bb:b0:ae:b5:5b:
34:26:8a:85
-----BEGIN CERTIFICATE-----
MIIGQDCCBSigAwIBAgISAYzFAU8oEIj1GSWJwenJsHZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sxndeDhUwdVO4PtmOU0OnFXvq8L
8O+knzP9dWT5pZM8fzxL/Lh1ZI+jPBM3+sGpPvT0FniqstZYHTPuZRCWH25bf/lf
14CEGxMhc+ZJshN92cnasjQb0zcKtTl8b0xgGf+/il7/Fp1P+QpCtcW8Tb6dqP54
ZkAV3kabo1DNZFzFgsQLd8hs+vFofOA/hpfe5BiUtrJszqWvut7rs4SNJfwdo96N
LwD2QyjGiVLCEjPVDjZ/qi7qsrwGlr2CIqGRyQIwzLjEJ1GYvLMOz0cjvLk9iNd5
rEYExxeKf7+1qpx1CrBtDSlupQXvn4/jw8DAgTCYxIVbnWRi7j/oW2uT7QIDAQAB
o4IDTDCCA0gwHQYDVR0OBBYEFL+EETVF2QAHYPZgYqQiGTOi6VnYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzMwZGM4
NS0yZGQ4LTRiMWMtYjE1MS00YmQ2M2FkYzczNTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMzBkYzg1
LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFkZzltQmlw
Q0laTTZMcFdkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHKBggrBgEF
BQcBBwEB/wSBujCBtzCBlwQCAAEwgZADBAIFtRQDBAItDvQDBAItWTwDBAItWzQD
BAItgkQDBAItjJADBAItjKQDBAItkBwDBAItkOgDBAItlkADBAItmzQDBAA+Aw0D
BABPjxMDBAFbwgoDBABta5sDBACSE2oDBACSE+YDBAC56vcDBAC5+CEDBAC5/x4D
BADBA7EDBADCJ24DBADDEEoDBADUEmgwGwQCAAIwFQMFAyoMqwADBQMqDkAAAwUD
KhAuwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA7p8wDQYJKoZIhvcNAQELBQAD
ggEBAEZNHQrn7SfadILTG6w3RlXPCeeShwvsE8R5YLQ6LdmDKhFinrpq+X1NVb0Z
E3fYjWOG3pLe0+gWslpV5JeP6X7+/TWPHxkv+t/TriKmA3H2MFJ51iGJECe7C/Bx
pi1thpE1WK2n4Gl3koHEznO5yiRLxb091oumJQ+FXsbtmbiJbroBDYORKZ/r1tPu
8FmOdd0Jur3J0a0ZxN51sAqbRkedeBJUPIZYBnlufBM6AffnVeZ/aIJK3kx4GSnb
cC6qg6rvnPFbTK9Dlj5YP2gAlPH5pueoYxJ+YYS3HF5ANXXTS4CiWytElbRiPUXW
sJ61ic5k6Eo8Cz67sK61WzQmioU=
-----END CERTIFICATE-----
Generated at Thu Apr 25 13:06:36 2024 by rpki-client on console-ams.rpki-client.org