Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
File: xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer (raw, json)
Hash identifier: A/zConknsxUoYhKc5aS5nU+l1EgLkGWeUdb7rwVbkK4=
Subject key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942747267F61DBECA852FD155866E0D556
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:49:21 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29262
AS: 201064
IP: 46.29.24.0/22
IP: 91.106.216.0/22
IP: 91.194.53.0/24
IP: 91.194.55.0/24
IP: 93.190.12.0/22
IP: 109.236.48.0/22
IP: 160.20.108.0/22
IP: 185.85.188.0/22
IP: 185.85.236.0/22
IP: 185.86.4.0/22
IP: 185.86.12.0/22
IP: 185.86.152.0/22
IP: 185.86.164.0/22
IP: 185.87.24.0/22
IP: 185.87.120.0/22
IP: 185.88.172.0/22
IP: 185.98.60.0/22
IP: 185.119.80.0/22
IP: 185.141.32.0/22
IP: 185.184.24.0/22
IP: 185.185.232.0/22
IP: 185.243.180.0/22
IP: 185.249.200.0/22
IP: 185.250.210.0/24
IP: 185.254.28.0/22
IP: 185.254.236.0/22
IP: 193.35.152.0/22
IP: 193.35.204.0/22
IP: 193.160.140.0/22
IP: 193.223.104.0/22
IP: 194.62.52.0/22
IP: 194.127.116.0/22
IP: 2a03:f3c0::/29
IP: 2a05:4f80::/29
IP: 2a05:bf00::/29
IP: 2a06:3440::/29
IP: 2a06:a700::/29
IP: 2a07:21c0::/29
IP: 2a07:d800::/29
IP: 2a07:e700::/29
IP: 2a07:fe40::/29
IP: 2a0b:2780::/29
IP: 2a0b:6780::/29
IP: 2a0c:1340::/29
IP: 2a0c:46c0::/29
IP: 2a0c:5c40::/29
IP: 2a0c:67c0::/29
IP: 2a0c:7a40::/29
IP: 2a0c:89c0::/29
IP: 2a0c:9dc0::/29
IP: 2a0c:acc0::/29
IP: 2a0d:7c0::/29
IP: 2a0d:49c0::/29
IP: 2a10:8b00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:26:7f:61:db:ec:a8:52:fd:15:58:66:e0:d5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:36:6d:f9:3c:13:64:c3:c3:e5:36:e5:d4:2f:
da:22:c9:ab:49:b8:12:d0:a7:0e:02:d9:53:09:b3:
b9:89:f2:1d:72:29:f4:27:49:2c:50:14:ee:d7:93:
e6:f6:ee:1f:66:29:31:1a:d3:95:51:e6:98:bf:9f:
75:ed:39:c1:4f:10:19:27:12:6b:d5:17:cf:11:b5:
29:70:a4:9b:af:86:ce:6d:93:d1:5c:7c:5b:80:1b:
71:f6:6a:42:03:44:25:7e:66:bb:5e:58:e1:19:f1:
0a:60:a0:3d:8f:eb:74:5f:c7:89:7e:d4:82:36:00:
c9:db:06:58:e5:87:29:93:94:79:dd:d6:b4:0c:cb:
0c:71:38:f9:50:b1:b9:be:59:6d:51:31:84:86:61:
1e:0f:89:c5:be:e0:20:cc:6a:55:bd:89:07:0d:60:
3b:0d:4d:1e:4f:70:04:c0:fa:ad:fb:ef:81:cd:ab:
9e:76:a2:22:a3:de:45:e4:ce:6b:e7:bb:17:64:dc:
cb:15:f5:66:53:0d:dd:5f:46:3e:c7:b9:14:1c:04:
1c:24:40:20:99:52:f9:12:ff:9e:c3:7f:fe:e9:34:
62:b1:07:35:ba:20:03:20:fe:33:80:28:1d:ae:87:
f2:a3:91:e0:cf:10:60:39:31:fe:d9:fc:5c:ca:cc:
d8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.24.0/22
91.106.216.0/22
91.194.53.0/24
91.194.55.0/24
93.190.12.0/22
109.236.48.0/22
160.20.108.0/22
185.85.188.0/22
185.85.236.0/22
185.86.4.0/22
185.86.12.0/22
185.86.152.0/22
185.86.164.0/22
185.87.24.0/22
185.87.120.0/22
185.88.172.0/22
185.98.60.0/22
185.119.80.0/22
185.141.32.0/22
185.184.24.0/22
185.185.232.0/22
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/22
185.254.236.0/22
193.35.152.0/22
193.35.204.0/22
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
194.127.116.0/22
IPv6:
2a03:f3c0::/29
2a05:4f80::/29
2a05:bf00::/29
2a06:3440::/29
2a06:a700::/29
2a07:21c0::/29
2a07:d800::/29
2a07:e700::/29
2a07:fe40::/29
2a0b:2780::/29
2a0b:6780::/29
2a0c:1340::/29
2a0c:46c0::/29
2a0c:5c40::/29
2a0c:67c0::/29
2a0c:7a40::/29
2a0c:89c0::/29
2a0c:9dc0::/29
2a0c:acc0::/29
2a0d:7c0::/29
2a0d:49c0::/29
2a10:8b00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29262
201064
Signature Algorithm: sha256WithRSAEncryption
21:2c:f0:58:8d:16:d0:76:fd:1f:3f:6b:a9:5f:bf:af:ce:a1:
1a:0b:c5:ce:1d:2a:65:cd:ea:ed:0b:30:be:10:e5:14:73:0e:
ad:4a:ef:ef:ab:32:84:72:4d:51:3e:4e:8b:16:25:7d:a3:a8:
e3:d3:3d:79:65:91:64:5f:52:c0:8d:fe:4e:a1:4d:e2:60:ce:
36:71:a9:26:f6:6c:f1:7e:16:87:b0:07:16:5a:b9:f3:b4:db:
e7:96:d0:97:92:87:e0:15:cc:ca:b6:32:31:5d:34:2a:aa:81:
b4:82:2d:97:0b:97:4b:b4:98:f1:aa:a2:5e:8d:a8:a4:e8:68:
b7:48:39:b9:09:96:af:e6:3c:f9:6b:f0:c7:55:71:d0:fa:f7:
65:ee:75:06:10:36:a9:90:8b:25:36:95:f9:3a:06:43:66:b6:
9e:5d:69:8c:19:fa:46:15:73:bd:e1:db:73:29:60:b6:03:71:
91:3d:54:99:d9:b0:86:97:fe:2b:3f:58:3e:b6:f4:89:ef:5e:
f3:68:c0:a3:55:dc:f3:d8:a0:bd:9d:92:19:fd:9a:1d:8a:be:
47:51:0a:56:41:f4:bd:20:9f:d0:0e:e4:96:39:fc:4c:d2:24:
74:89:97:ee:b7:91:4b:fd:fe:d7:3f:2d:68:fb:d2:0d:87:cb:
ed:6c:1f:5d
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgISAZQnRyZ/YdvsqFL9FVhm4NVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDZt+TwTZMPD5Tbl1C/aIsmrSbgS
0KcOAtlTCbO5ifIdcin0J0ksUBTu15Pm9u4fZikxGtOVUeaYv5917TnBTxAZJxJr
1RfPEbUpcKSbr4bObZPRXHxbgBtx9mpCA0Qlfma7XljhGfEKYKA9j+t0X8eJftSC
NgDJ2wZY5Ycpk5R53da0DMsMcTj5ULG5vlltUTGEhmEeD4nFvuAgzGpVvYkHDWA7
DU0eT3AEwPqt+++BzauedqIio95F5M5r57sXZNzLFfVmUw3dX0Y+x7kUHAQcJEAg
mVL5Ev+ew3/+6TRisQc1uiADIP4zgCgdrofyo5HgzxBgOTH+2fxcyszYJwIDAQAB
o4IECjCCBAYwHQYDVR0OBBYEFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3L2FkNjUy
MS1kM2E5LTRiMTMtYmU2OS0zOWZkYjk4NmYwNTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvYWQ2NTIx
LWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183Yjk3T3Y3
aXFuTGhrSkRrMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBgwYIKwYB
BQUHAQcBAf8EggFyMIIBbjCBxwQCAAEwgcADBAIuHRgDBAJbatgDBABbwjUDBABb
wjcDBAJdvgwDBAJt7DADBAKgFGwDBAK5VbwDBAK5VewDBAK5VgQDBAK5VgwDBAK5
VpgDBAK5VqQDBAK5VxgDBAK5V3gDBAK5WKwDBAK5YjwDBAK5d1ADBAK5jSADBAK5
uBgDBAK5uegDBAK587QDBAK5+cgDBAC5+tIDBAK5/hwDBAK5/uwDBALBI5gDBALB
I8wDBALBoIwDBALB32gDBALCPjQDBALCf3QwgaEEAgACMIGaAwUDKgPzwAMFAyoF
T4ADBQMqBb8AAwUDKgY0QAMFAyoGpwADBQMqByHAAwUDKgfYAAMFAyoH5wADBQMq
B/5AAwUDKgsngAMFAyoLZ4ADBQMqDBNAAwUDKgxGwAMFAyoMXEADBQMqDGfAAwUD
Kgx6QAMFAyoMicADBQMqDJ3AAwUDKgyswAMFAyoNB8ADBQMqDUnAAwUDKhCLADAe
BggrBgEFBQcBCAEB/wQPMA2gCzAJAgJyTgIDAxFoMA0GCSqGSIb3DQEBCwUAA4IB
AQAhLPBYjRbQdv0fP2upX7+vzqEaC8XOHSplzertCzC+EOUUcw6tSu/vqzKEck1R
Pk6LFiV9o6jj0z15ZZFkX1LAjf5OoU3iYM42cakm9mzxfhaHsAcWWrnztNvnltCX
kofgFczKtjIxXTQqqoG0gi2XC5dLtJjxqqJejaik6Gi3SDm5CZav5jz5a/DHVXHQ
+vdl7nUGEDapkIslNpX5OgZDZraeXWmMGfpGFXO94dtzKWC2A3GRPVSZ2bCGl/4r
P1g+tvSJ717zaMCjVdzz2KC9nZIZ/Zodir5HUQpWQfS9IJ/QDuSWOfxM0iR0iZfu
t5FL/f7XPy1o+9INh8vtbB9d
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:53:09 2025 by rpki-client