Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
File: xCcI35OVSqxgGu8YNb1daSRfsC8.cer (raw, json)
Hash identifier: k3UD3fSPpcZKTALIia25hXYuSzskc9wBUyUGWONq/Bo=
Subject key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DAEB3A86BCFD907DFB11C30D026A00
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:36 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8648
AS: 24973
AS: 45012
AS: 45031
AS: 47215
AS: 57739
AS: 208582
IP: 5.11.48.0/21
IP: 5.44.96.0/20
IP: 31.47.240.0/20
IP: 37.218.248.0/21
IP: 45.87.136.0/22
IP: 46.243.88.0/21
IP: 81.88.16.0 -- 81.88.47.255
IP: 82.141.0.0/18
IP: 84.254.120.0/24
IP: 89.22.96.0/19
IP: 91.203.108.0/22
IP: 91.203.212.0/22
IP: 91.206.142.0/23
IP: 91.220.49.0/24
IP: 91.226.88.0/22
IP: 93.90.176.0/20
IP: 93.190.64.0/21
IP: 94.154.148.0/22
IP: 95.130.248.0/21
IP: 109.75.176.0/20
IP: 109.237.128.0/20
IP: 128.127.64.0/21
IP: 141.101.32.0/21
IP: 178.20.96.0/21
IP: 178.250.168.0/21
IP: 185.3.232.0/22
IP: 185.32.116.0/22
IP: 185.51.8.0/22
IP: 185.65.88.0/22
IP: 185.80.92.0/22
IP: 185.84.80.0/22
IP: 185.117.248.0/22
IP: 185.137.168.0/22
IP: 185.143.164.0/22
IP: 185.158.212.0/22
IP: 185.207.228.0/22
IP: 185.211.60.0/22
IP: 188.64.40.0/21
IP: 192.162.84.0/22
IP: 193.22.255.0/24
IP: 193.25.114.0/23
IP: 193.38.156.0/22
IP: 194.116.186.0/23
IP: 194.145.226.0/24
IP: 195.5.120.0/23
IP: 195.34.82.0/23
IP: 195.42.120.0/23
IP: 195.62.96.0/19
IP: 195.82.152.0/23
IP: 195.110.42.0/23
IP: 195.225.133.0/24
IP: 212.110.96.0/19
IP: 213.146.96.0/19
IP: 2001:880::/32
IP: 2a00:12c0::/29
IP: 2a00:5300::/32
IP: 2a00:fa40::/32
IP: 2a01:64c0::/32
IP: 2a01:aee0::/32
IP: 2a02:248::/32
IP: 2a02:a60::/32
IP: 2a02:2b80::/32
IP: 2a04:4cc0::/29
IP: 2a04:ff40::/29
IP: 2a0b:2a40::/29
IP: 2a0b:6340::/29
IP: 2a0d:6940::/29
IP: 2a0e:fe80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:3a:86:bc:fd:90:7d:fb:11:c3:0d:02:6a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42708df93954aac601aef1835bd5d69245fb02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d1:21:55:1f:7b:e7:b7:d7:04:0e:68:3f:84:
a8:99:ef:66:50:fe:c7:fe:b2:0f:b8:f0:e0:b4:b4:
ba:e1:6b:bd:16:41:a0:9c:bb:02:28:12:ad:0f:68:
45:e6:e5:e8:31:a3:97:48:eb:6c:90:eb:04:82:bb:
bc:3c:76:09:92:98:d2:e1:54:cd:ba:5d:59:0e:9d:
e7:ad:bd:fd:6e:5c:09:7b:3d:60:1a:67:d7:a4:cc:
3f:0f:7a:66:5b:6d:04:5f:7c:2e:32:3d:f4:8b:02:
95:15:b6:a6:18:ac:3f:92:c2:28:c6:5d:ed:1e:08:
59:38:c7:0a:94:9d:0d:c7:53:b6:e9:db:bb:b6:58:
2c:88:93:27:43:63:e8:ea:f0:30:14:6a:9e:7b:3c:
b4:23:32:64:26:3e:19:41:d0:b2:1d:6c:8f:7c:40:
f5:56:b5:b0:d6:4b:d0:c4:3a:3c:2f:93:ca:18:bf:
6d:12:0f:81:f9:fa:9c:ae:4d:9c:02:ce:94:72:dd:
f7:7f:43:7f:5d:83:d2:95:ff:9f:0a:e3:cc:84:b7:
ef:d6:85:97:63:fd:89:3f:44:23:a9:36:2f:d6:3a:
1d:db:85:d4:0c:06:42:ee:66:90:59:19:fb:4a:82:
c4:d7:b7:55:a6:1e:af:39:da:be:c0:e6:18:97:17:
5d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.48.0/21
5.44.96.0/20
31.47.240.0/20
37.218.248.0/21
45.87.136.0/22
46.243.88.0/21
81.88.16.0-81.88.47.255
82.141.0.0/18
84.254.120.0/24
89.22.96.0/19
91.203.108.0/22
91.203.212.0/22
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
93.190.64.0/21
94.154.148.0/22
95.130.248.0/21
109.75.176.0/20
109.237.128.0/20
128.127.64.0/21
141.101.32.0/21
178.20.96.0/21
178.250.168.0/21
185.3.232.0/22
185.32.116.0/22
185.51.8.0/22
185.65.88.0/22
185.80.92.0/22
185.84.80.0/22
185.117.248.0/22
185.137.168.0/22
185.143.164.0/22
185.158.212.0/22
185.207.228.0/22
185.211.60.0/22
188.64.40.0/21
192.162.84.0/22
193.22.255.0/24
193.25.114.0/23
193.38.156.0/22
194.116.186.0/23
194.145.226.0/24
195.5.120.0/23
195.34.82.0/23
195.42.120.0/23
195.62.96.0/19
195.82.152.0/23
195.110.42.0/23
195.225.133.0/24
212.110.96.0/19
213.146.96.0/19
IPv6:
2001:880::/32
2a00:12c0::/29
2a00:5300::/32
2a00:fa40::/32
2a01:64c0::/32
2a01:aee0::/32
2a02:248::/32
2a02:a60::/32
2a02:2b80::/32
2a04:4cc0::/29
2a04:ff40::/29
2a0b:2a40::/29
2a0b:6340::/29
2a0d:6940::/29
2a0e:fe80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8648
24973
45012
45031
47215
57739
208582
Signature Algorithm: sha256WithRSAEncryption
07:9f:10:d0:22:8e:45:f0:0c:ed:2a:df:87:6d:8b:25:c1:74:
09:65:1f:bd:94:6e:11:8d:99:e6:87:04:e7:65:ce:e2:70:62:
8c:ac:c0:6b:f2:7b:92:4e:43:90:0e:74:7e:da:41:dc:c2:35:
c7:61:a4:31:bd:33:f7:3c:49:30:15:4c:85:f4:a2:27:11:d3:
17:18:46:45:93:75:69:42:40:b7:4a:69:13:0e:31:68:4d:bc:
f7:ef:7d:54:94:a4:1c:61:d2:c0:4a:89:d5:97:37:f4:4e:ca:
6b:ed:98:7a:5e:a2:41:e8:56:fa:29:b1:ad:90:bf:94:a9:2e:
1d:36:99:30:61:25:de:39:2f:e3:04:04:33:f0:e8:67:9e:4e:
82:5f:30:fe:1d:3a:14:be:e0:8a:7b:9c:8c:4b:c8:f5:cb:17:
76:47:36:16:2e:c0:d7:20:cd:e3:8c:13:14:6b:15:bc:39:63:
fd:78:75:77:5c:95:ac:54:4c:bb:10:f3:f3:97:26:91:f2:0c:
63:00:00:d6:2f:16:88:80:2e:3d:93:3d:30:be:d6:bc:07:1b:
d6:f8:e3:8b:e3:e9:d4:c1:64:21:49:ad:44:99:9b:46:96:cd:
be:79:40:37:4f:49:11:24:43:76:1a:74:72:03:33:b0:fa:53:
1d:a7:49:e0
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgISAYzC2us6hrz9kH37EcMNAmoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI3MDhkZjkzOTU0YWFjNjAxYWVmMTgzNWJkNWQ2OTI0NWZiMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtEhVR9757fXBA5oP4Some9mUP7H
/rIPuPDgtLS64Wu9FkGgnLsCKBKtD2hF5uXoMaOXSOtskOsEgru8PHYJkpjS4VTN
ul1ZDp3nrb39blwJez1gGmfXpMw/D3pmW20EX3wuMj30iwKVFbamGKw/ksIoxl3t
HghZOMcKlJ0Nx1O26du7tlgsiJMnQ2Po6vAwFGqeezy0IzJkJj4ZQdCyHWyPfED1
VrWw1kvQxDo8L5PKGL9tEg+B+fqcrk2cAs6Uct33f0N/XYPSlf+fCuPMhLfv1oWX
Y/2JP0QjqTYv1jod24XUDAZC7maQWRn7SoLE17dVph6vOdq+wOYYlxdd2wIDAQAB
o4IEdzCCBHMwHQYDVR0OBBYEFMQnCN+TlUqsYBrvGDW9XWkkX7AvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0L2Y2MTdh
NS0zMjQwLTQ4YzQtYjcxNi03NDFjMWQ4ZGVhMmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQvZjYxN2E1
LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEyYi8xL3hDY0kzNU9WU3F4Z0d1OFlO
YjFkYVNSZnNDOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIB2AYIKwYB
BQUHAQcBAf8EggHHMIIBwzCCAU4EAgABMIIBRgMEAwULMAMEBAUsYAMEBB8v8AME
AyXa+AMEAi1XiAMEAy7zWDAMAwQEUVgQAwQEUVggAwQGUo0AAwQAVP54AwQFWRZg
AwQCW8tsAwQCW8vUAwQBW86OAwQAW9wxAwQCW+JYAwQEXVqwAwQDXb5AAwQCXpqU
AwQDX4L4AwQEbUuwAwQEbe2AAwQDgH9AAwQDjWUgAwQDshRgAwQDsvqoAwQCuQPo
AwQCuSB0AwQCuTMIAwQCuUFYAwQCuVBcAwQCuVRQAwQCuXX4AwQCuYmoAwQCuY+k
AwQCuZ7UAwQCuc/kAwQCudM8AwQDvEAoAwQCwKJUAwQAwRb/AwQBwRlyAwQCwSac
AwQBwnS6AwQAwpHiAwQBwwV4AwQBwyJSAwQBwyp4AwQFwz5gAwQBw1KYAwQBw24q
AwQAw+GFAwQF1G5gAwQF1ZJgMG8EAgACMGkDBQAgAQiAAwUDKgASwAMFACoAUwAD
BQAqAPpAAwUAKgFkwAMFACoBruADBQAqAgJIAwUAKgIKYAMFACoCK4ADBQMqBEzA
AwUDKgT/QAMFAyoLKkADBQMqC2NAAwUDKg1pQAMFAyoO/oAwNgYIKwYBBQUHAQgB
Af8EJzAloCMwIQICIcgCAmGNAgMAr9QCAwCv5wIDALhvAgMA4YsCAwMuxjANBgkq
hkiG9w0BAQsFAAOCAQEAB58Q0CKORfAM7Srfh22LJcF0CWUfvZRuEY2Z5ocE52XO
4nBijKzAa/J7kk5DkA50ftpB3MI1x2GkMb0z9zxJMBVMhfSiJxHTFxhGRZN1aUJA
t0ppEw4xaE289+99VJSkHGHSwEqJ1Zc39E7Ka+2Yel6iQehW+imxrZC/lKkuHTaZ
MGEl3jkv4wQEM/DoZ55Ogl8w/h06FL7ginucjEvI9csXdkc2Fi7A1yDN44wTFGsV
vDlj/Xh1d1yVrFRMuxDz85cmkfIMYwAA1i8WiIAuPZM9ML7WvAcb1vjji+Pp1MFk
IUmtRJmbRpbNvnlAN09JESRDdhp0cgMzsPpTHadJ4A==
-----END CERTIFICATE-----
Generated at Fri May 3 02:19:34 2024 by rpki-client on console-ams.rpki-client.org