Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
File: xCcI35OVSqxgGu8YNb1daSRfsC8.cer (raw, json)
Hash identifier: GGHG0oi+LgSM/zga2DiIyDQxvN2Mv80ywqvlp3VMmrw=
Subject key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019352D1C110A20D285AA4F410B6DCBB832F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 22 Nov 2024 07:41:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8648
AS: 24973
AS: 34432
AS: 45012
AS: 45031
AS: 47215
AS: 57739
AS: 208582
IP: 5.11.48.0/21
IP: 5.44.96.0/20
IP: 31.47.240.0/20
IP: 37.218.248.0/21
IP: 37.228.152.0/21
IP: 45.87.136.0/22
IP: 46.243.88.0/21
IP: 77.75.248.0/21
IP: 81.88.16.0 -- 81.88.47.255
IP: 82.141.0.0/18
IP: 84.254.120.0/24
IP: 85.158.176.0/21
IP: 89.22.96.0/19
IP: 91.151.16.0/21
IP: 91.203.108.0/22
IP: 91.203.212.0/22
IP: 91.206.142.0/23
IP: 91.220.49.0/24
IP: 91.226.88.0/22
IP: 93.90.176.0/20
IP: 93.190.64.0/21
IP: 94.154.148.0/22
IP: 95.130.248.0/21
IP: 109.75.176.0/20
IP: 109.237.128.0/20
IP: 128.127.64.0/21
IP: 141.101.32.0/21
IP: 178.20.96.0/21
IP: 178.250.8.0/21
IP: 178.250.168.0/21
IP: 185.3.232.0/22
IP: 185.32.116.0/22
IP: 185.39.220.0/22
IP: 185.51.8.0/22
IP: 185.61.40.0/22
IP: 185.65.88.0/22
IP: 185.80.92.0/22
IP: 185.84.80.0/22
IP: 185.117.248.0/22
IP: 185.137.168.0/22
IP: 185.143.164.0/22
IP: 185.158.212.0/22
IP: 185.207.228.0/22
IP: 185.211.60.0/22
IP: 188.64.40.0/21
IP: 192.162.84.0/22
IP: 193.22.255.0/24
IP: 193.25.114.0/23
IP: 193.38.156.0/22
IP: 194.116.186.0/23
IP: 194.121.56.0/24
IP: 194.145.226.0/24
IP: 195.5.120.0/23
IP: 195.34.82.0/23
IP: 195.42.120.0/23
IP: 195.62.96.0/19
IP: 195.82.152.0/23
IP: 195.110.42.0/23
IP: 195.225.133.0/24
IP: 212.110.96.0/19
IP: 213.146.96.0/19
IP: 2001:678:f44::/48
IP: 2001:880::/32
IP: 2a00:12c0::/29
IP: 2a00:5300::/32
IP: 2a00:fa40::/32
IP: 2a01:64c0::/32
IP: 2a01:aee0::/32
IP: 2a02:248::/32
IP: 2a02:a60::/32
IP: 2a02:2b80::/32
IP: 2a04:4cc0::/29
IP: 2a04:ff40::/29
IP: 2a0b:2a40::/29
IP: 2a0b:6340::/29
IP: 2a0d:6940::/29
IP: 2a0e:fe80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:52:d1:c1:10:a2:0d:28:5a:a4:f4:10:b6:dc:bb:83:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 22 07:41:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42708df93954aac601aef1835bd5d69245fb02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d1:21:55:1f:7b:e7:b7:d7:04:0e:68:3f:84:
a8:99:ef:66:50:fe:c7:fe:b2:0f:b8:f0:e0:b4:b4:
ba:e1:6b:bd:16:41:a0:9c:bb:02:28:12:ad:0f:68:
45:e6:e5:e8:31:a3:97:48:eb:6c:90:eb:04:82:bb:
bc:3c:76:09:92:98:d2:e1:54:cd:ba:5d:59:0e:9d:
e7:ad:bd:fd:6e:5c:09:7b:3d:60:1a:67:d7:a4:cc:
3f:0f:7a:66:5b:6d:04:5f:7c:2e:32:3d:f4:8b:02:
95:15:b6:a6:18:ac:3f:92:c2:28:c6:5d:ed:1e:08:
59:38:c7:0a:94:9d:0d:c7:53:b6:e9:db:bb:b6:58:
2c:88:93:27:43:63:e8:ea:f0:30:14:6a:9e:7b:3c:
b4:23:32:64:26:3e:19:41:d0:b2:1d:6c:8f:7c:40:
f5:56:b5:b0:d6:4b:d0:c4:3a:3c:2f:93:ca:18:bf:
6d:12:0f:81:f9:fa:9c:ae:4d:9c:02:ce:94:72:dd:
f7:7f:43:7f:5d:83:d2:95:ff:9f:0a:e3:cc:84:b7:
ef:d6:85:97:63:fd:89:3f:44:23:a9:36:2f:d6:3a:
1d:db:85:d4:0c:06:42:ee:66:90:59:19:fb:4a:82:
c4:d7:b7:55:a6:1e:af:39:da:be:c0:e6:18:97:17:
5d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.48.0/21
5.44.96.0/20
31.47.240.0/20
37.218.248.0/21
37.228.152.0/21
45.87.136.0/22
46.243.88.0/21
77.75.248.0/21
81.88.16.0-81.88.47.255
82.141.0.0/18
84.254.120.0/24
85.158.176.0/21
89.22.96.0/19
91.151.16.0/21
91.203.108.0/22
91.203.212.0/22
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
93.190.64.0/21
94.154.148.0/22
95.130.248.0/21
109.75.176.0/20
109.237.128.0/20
128.127.64.0/21
141.101.32.0/21
178.20.96.0/21
178.250.8.0/21
178.250.168.0/21
185.3.232.0/22
185.32.116.0/22
185.39.220.0/22
185.51.8.0/22
185.61.40.0/22
185.65.88.0/22
185.80.92.0/22
185.84.80.0/22
185.117.248.0/22
185.137.168.0/22
185.143.164.0/22
185.158.212.0/22
185.207.228.0/22
185.211.60.0/22
188.64.40.0/21
192.162.84.0/22
193.22.255.0/24
193.25.114.0/23
193.38.156.0/22
194.116.186.0/23
194.121.56.0/24
194.145.226.0/24
195.5.120.0/23
195.34.82.0/23
195.42.120.0/23
195.62.96.0/19
195.82.152.0/23
195.110.42.0/23
195.225.133.0/24
212.110.96.0/19
213.146.96.0/19
IPv6:
2001:678:f44::/48
2001:880::/32
2a00:12c0::/29
2a00:5300::/32
2a00:fa40::/32
2a01:64c0::/32
2a01:aee0::/32
2a02:248::/32
2a02:a60::/32
2a02:2b80::/32
2a04:4cc0::/29
2a04:ff40::/29
2a0b:2a40::/29
2a0b:6340::/29
2a0d:6940::/29
2a0e:fe80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8648
24973
34432
45012
45031
47215
57739
208582
Signature Algorithm: sha256WithRSAEncryption
62:e3:30:db:a9:7b:87:6a:a2:7b:ef:00:be:e9:67:86:9f:49:
7e:70:07:51:15:14:87:b5:4b:df:be:ab:94:a9:ae:08:78:91:
7c:58:9c:e3:cb:3a:6c:ff:89:62:b9:be:ea:e7:ba:e1:c5:55:
ab:01:ea:2b:a9:78:bd:3a:b6:4e:6e:54:9f:a8:b0:3a:c8:2f:
d8:8f:3e:a5:bb:95:d3:6c:37:7b:24:a7:e3:13:98:25:b3:87:
02:68:72:b1:d7:4a:72:b0:f0:e4:3b:1c:e7:35:fe:1b:c8:5d:
8c:5c:43:eb:ae:75:03:9f:39:03:ac:73:7f:a1:e8:85:08:5c:
b5:49:83:36:5c:4b:4c:e4:34:95:61:00:50:cd:1d:5e:4c:17:
a7:48:f8:80:e9:57:55:f2:96:00:99:6d:8f:bf:53:e9:6e:7c:
a7:01:49:e8:e5:40:21:aa:42:b5:2c:ae:5c:7c:36:e0:53:91:
1a:aa:c3:b6:26:aa:9d:1b:c2:87:75:cb:bf:a5:89:70:41:73:
e4:40:e8:54:8e:3c:09:5d:6c:bd:74:3e:3c:a7:12:6d:22:0b:
00:aa:88:89:e8:79:f4:4f:9c:3f:2c:2e:9e:e8:52:bd:22:1b:
25:ad:de:c4:95:9e:84:41:8f:95:88:99:27:f4:fb:5e:42:d9:
13:fc:6d:dd
-----BEGIN CERTIFICATE-----
MIIHqTCCBpGgAwIBAgISAZNS0cEQog0oWqT0ELbcu4MvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTIyMDc0MTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtEhVR9757fXBA5oP4Some9mUP7H
/rIPuPDgtLS64Wu9FkGgnLsCKBKtD2hF5uXoMaOXSOtskOsEgru8PHYJkpjS4VTN
ul1ZDp3nrb39blwJez1gGmfXpMw/D3pmW20EX3wuMj30iwKVFbamGKw/ksIoxl3t
HghZOMcKlJ0Nx1O26du7tlgsiJMnQ2Po6vAwFGqeezy0IzJkJj4ZQdCyHWyPfED1
VrWw1kvQxDo8L5PKGL9tEg+B+fqcrk2cAs6Uct33f0N/XYPSlf+fCuPMhLfv1oWX
Y/2JP0QjqTYv1jod24XUDAZC7maQWRn7SoLE17dVph6vOdq+wOYYlxdd2wIDAQAB
o4IEtTCCBLEwHQYDVR0OBBYEFMQnCN+TlUqsYBrvGDW9XWkkX7AvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0L2Y2MTdh
NS0zMjQwLTQ4YzQtYjcxNi03NDFjMWQ4ZGVhMmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQvZjYxN2E1
LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4Z0d1OFlO
YjFkYVNSZnNDOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIICEQYIKwYB
BQUHAQcBAf8EggIAMIIB/DCCAX4EAgABMIIBdgMEAwULMAMEBAUsYAMEBB8v8AME
AyXa+AMEAyXkmAMEAi1XiAMEAy7zWAMEA01L+DAMAwQEUVgQAwQEUVggAwQGUo0A
AwQAVP54AwQDVZ6wAwQFWRZgAwQDW5cQAwQCW8tsAwQCW8vUAwQBW86OAwQAW9wx
AwQCW+JYAwQEXVqwAwQDXb5AAwQCXpqUAwQDX4L4AwQEbUuwAwQEbe2AAwQDgH9A
AwQDjWUgAwQDshRgAwQDsvoIAwQDsvqoAwQCuQPoAwQCuSB0AwQCuSfcAwQCuTMI
AwQCuT0oAwQCuUFYAwQCuVBcAwQCuVRQAwQCuXX4AwQCuYmoAwQCuY+kAwQCuZ7U
AwQCuc/kAwQCudM8AwQDvEAoAwQCwKJUAwQAwRb/AwQBwRlyAwQCwSacAwQBwnS6
AwQAwnk4AwQAwpHiAwQBwwV4AwQBwyJSAwQBwyp4AwQFwz5gAwQBw1KYAwQBw24q
AwQAw+GFAwQF1G5gAwQF1ZJgMHgEAgACMHIDBwAgAQZ4D0QDBQAgAQiAAwUDKgAS
wAMFACoAUwADBQAqAPpAAwUAKgFkwAMFACoBruADBQAqAgJIAwUAKgIKYAMFACoC
K4ADBQMqBEzAAwUDKgT/QAMFAyoLKkADBQMqC2NAAwUDKg1pQAMFAyoO/oAwOwYI
KwYBBQUHAQgBAf8ELDAqoCgwJgICIcgCAmGNAgMAhoACAwCv1AIDAK/nAgMAuG8C
AwDhiwIDAy7GMA0GCSqGSIb3DQEBCwUAA4IBAQBi4zDbqXuHaqJ77wC+6WeGn0l+
cAdRFRSHtUvfvquUqa4IeJF8WJzjyzps/4liub7q57rhxVWrAeorqXi9OrZOblSf
qLA6yC/Yjz6lu5XTbDd7JKfjE5gls4cCaHKx10pysPDkOxznNf4byF2MXEPrrnUD
nzkDrHN/oeiFCFy1SYM2XEtM5DSVYQBQzR1eTBenSPiA6VdV8pYAmW2Pv1Ppbnyn
AUno5UAhqkK1LK5cfDbgU5EaqsO2JqqdG8KHdcu/pYlwQXPkQOhUjjwJXWy9dD48
pxJtIgsAqoiJ6Hn0T5w/LC6e6FK9Ihslrd7ElZ6EQY+ViJkn9PteQtkT/G3d
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:12:19 2024 by rpki-client on console-fra.rpki-client.org