Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
File: v4QRNUXZAAdg9mBipCIZM6LpWdg.cer (raw, json)
Hash identifier: mDvJaJW4GNDfwh41b9/96o5jR6tq5mFoMnJ9HuSDEOQ=
Subject key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01931B15422F8429A4D0CD76B1D4A7543B39
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 11 Nov 2024 11:56:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 61087
IP: 5.181.20.0/22
IP: 45.14.244.0/22
IP: 45.89.60.0/22
IP: 45.91.52.0/22
IP: 45.130.68.0/22
IP: 45.140.144.0/22
IP: 45.140.164.0/22
IP: 45.144.28.0/22
IP: 45.144.232.0/22
IP: 45.150.64.0/22
IP: 45.155.52.0/22
IP: 62.3.13.0/24
IP: 79.143.19.0/24
IP: 91.194.10.0/23
IP: 109.107.155.0/24
IP: 146.19.106.0/24
IP: 146.19.230.0/24
IP: 185.74.222.0/24
IP: 185.234.247.0/24
IP: 185.248.33.0/24
IP: 185.255.30.0/24
IP: 193.3.177.0/24
IP: 194.39.110.0/24
IP: 195.16.74.0/24
IP: 212.18.104.0/24
IP: 2a0c:ab00::/29
IP: 2a0e:4000::/29
IP: 2a10:2ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:15:42:2f:84:29:a4:d0:cd:76:b1:d4:a7:54:3b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 11 11:56:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf84113545d9000760f66062a4221933a2e959d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cc:67:75:e0:e1:53:07:55:3b:83:ed:98:e5:
34:3a:71:57:be:af:0b:f0:ef:a4:9f:33:fd:75:64:
f9:a5:93:3c:7f:3c:4b:fc:b8:75:64:8f:a3:3c:13:
37:fa:c1:a9:3e:f4:f4:16:78:aa:b2:d6:58:1d:33:
ee:65:10:96:1f:6e:5b:7f:f9:5f:d7:80:84:1b:13:
21:73:e6:49:b2:13:7d:d9:c9:da:b2:34:1b:d3:37:
0a:b5:39:7c:6f:4c:60:19:ff:bf:8a:5e:ff:16:9d:
4f:f9:0a:42:b5:c5:bc:4d:be:9d:a8:fe:78:66:40:
15:de:46:9b:a3:50:cd:64:5c:c5:82:c4:0b:77:c8:
6c:fa:f1:68:7c:e0:3f:86:97:de:e4:18:94:b6:b2:
6c:ce:a5:af:ba:de:eb:b3:84:8d:25:fc:1d:a3:de:
8d:2f:00:f6:43:28:c6:89:52:c2:12:33:d5:0e:36:
7f:aa:2e:ea:b2:bc:06:96:bd:82:22:a1:91:c9:02:
30:cc:b8:c4:27:51:98:bc:b3:0e:cf:47:23:bc:b9:
3d:88:d7:79:ac:46:04:c7:17:8a:7f:bf:b5:aa:9c:
75:0a:b0:6d:0d:29:6e:a5:05:ef:9f:8f:e3:c3:c0:
c0:81:30:98:c4:85:5b:9d:64:62:ee:3f:e8:5b:6b:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.89.60.0/22
45.91.52.0/22
45.130.68.0/22
45.140.144.0/22
45.140.164.0/22
45.144.28.0/22
45.144.232.0/22
45.150.64.0/22
45.155.52.0/22
62.3.13.0/24
79.143.19.0/24
91.194.10.0/23
109.107.155.0/24
146.19.106.0/24
146.19.230.0/24
185.74.222.0/24
185.234.247.0/24
185.248.33.0/24
185.255.30.0/24
193.3.177.0/24
194.39.110.0/24
195.16.74.0/24
212.18.104.0/24
IPv6:
2a0c:ab00::/29
2a0e:4000::/29
2a10:2ec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61087
Signature Algorithm: sha256WithRSAEncryption
81:ac:d4:8c:e4:23:32:82:06:d2:b4:eb:e7:a4:98:93:02:35:
4d:ae:7e:68:d7:d4:a3:1d:e2:b4:aa:c5:cb:82:d8:71:f7:2b:
ef:94:9e:5f:fa:be:d4:a0:39:e4:5f:c5:da:fb:35:29:21:66:
90:35:18:19:71:82:ca:c2:02:59:ef:9f:e8:46:5e:75:d6:e1:
4a:75:4a:de:dd:61:ff:6f:a1:bb:99:56:5a:5b:48:b9:c5:d0:
ad:88:9d:53:7b:a3:46:cb:32:5f:be:35:5f:7c:cc:e7:36:a8:
8f:ae:f2:72:9b:ab:45:bb:42:1e:f7:73:e4:84:1b:b1:14:f8:
c5:a9:a4:c3:24:5c:68:4e:cf:aa:2e:37:ef:b7:20:37:ba:b7:
07:e6:4c:c4:45:de:94:e7:75:d3:fa:aa:70:87:e4:e5:76:eb:
88:3f:1e:03:3f:0b:a1:61:0d:b3:26:3e:31:09:cb:ec:71:b9:
9d:a4:de:38:c4:00:69:09:83:ef:fa:a6:ce:68:1b:cc:b8:64:
e2:cd:cb:30:c5:8d:eb:e7:e7:4b:85:f7:b3:86:fa:f9:f1:d0:
4d:bd:6d:6a:00:9e:df:56:92:f8:63:6a:22:17:e9:57:56:91:
e6:e9:fa:d0:fb:90:4d:29:2a:d6:23:54:a1:a0:94:26:6d:ec:
ae:3b:c9:c8
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgISAZMbFUIvhCmk0M12sdSnVDs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTExMTE1NjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg0MTEzNTQ1ZDkwMDA3NjBmNjYwNjJhNDIyMTkzM2EyZTk1OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sxndeDhUwdVO4PtmOU0OnFXvq8L
8O+knzP9dWT5pZM8fzxL/Lh1ZI+jPBM3+sGpPvT0FniqstZYHTPuZRCWH25bf/lf
14CEGxMhc+ZJshN92cnasjQb0zcKtTl8b0xgGf+/il7/Fp1P+QpCtcW8Tb6dqP54
ZkAV3kabo1DNZFzFgsQLd8hs+vFofOA/hpfe5BiUtrJszqWvut7rs4SNJfwdo96N
LwD2QyjGiVLCEjPVDjZ/qi7qsrwGlr2CIqGRyQIwzLjEJ1GYvLMOz0cjvLk9iNd5
rEYExxeKf7+1qpx1CrBtDSlupQXvn4/jw8DAgTCYxIVbnWRi7j/oW2uT7QIDAQAB
o4IDUjCCA04wHQYDVR0OBBYEFL+EETVF2QAHYPZgYqQiGTOi6VnYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI1LzMwZGM4
NS0yZGQ4LTRiMWMtYjE1MS00YmQ2M2FkYzczNTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvMzBkYzg1
LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1NC8xL3Y0UVJOVVhaQUFkZzltQmlw
Q0laTTZMcFdkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHQBggrBgEF
BQcBBwEB/wSBwDCBvTCBnQQCAAEwgZYDBAIFtRQDBAItDvQDBAItWTwDBAItWzQD
BAItgkQDBAItjJADBAItjKQDBAItkBwDBAItkOgDBAItlkADBAItmzQDBAA+Aw0D
BABPjxMDBAFbwgoDBABta5sDBACSE2oDBACSE+YDBAC5St4DBAC56vcDBAC5+CED
BAC5/x4DBADBA7EDBADCJ24DBADDEEoDBADUEmgwGwQCAAIwFQMFAyoMqwADBQMq
DkAAAwUDKhAuwDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA7p8wDQYJKoZIhvcN
AQELBQADggEBAIGs1IzkIzKCBtK06+ekmJMCNU2ufmjX1KMd4rSqxcuC2HH3K++U
nl/6vtSgOeRfxdr7NSkhZpA1GBlxgsrCAlnvn+hGXnXW4Up1St7dYf9vobuZVlpb
SLnF0K2InVN7o0bLMl++NV98zOc2qI+u8nKbq0W7Qh73c+SEG7EU+MWppMMkXGhO
z6ouN++3IDe6twfmTMRF3pTnddP6qnCH5OV264g/HgM/C6FhDbMmPjEJy+xxuZ2k
3jjEAGkJg+/6ps5oG8y4ZOLNyzDFjevn50uF97OG+vnx0E29bWoAnt9WkvhjaiIX
6VdWkebp+tD7kE0pKtYjVKGglCZt7K47ycg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:11:45 2024 by rpki-client on console-fra.rpki-client.org