Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
File: ydV0R-NCC4U4dbb6QDcqreMZLKI.cer (raw, json)
Hash identifier: FTNKk7f34eY1N0GxuWw5MksrdddcamCX16SE+dMS8nc=
Subject key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DA761797E9CEBAC72420CC88DE991FE1A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 14 Feb 2024 11:29:59 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 60683
IP: 31.210.34.0/24
IP: 31.210.37.0 -- 31.210.43.255
IP: 31.210.48.0/21
IP: 77.92.142.0 -- 77.92.147.255
IP: 77.92.150.0 -- 77.92.154.255
IP: 78.135.64.0 -- 78.135.78.255
IP: 78.135.80.0 -- 78.135.102.255
IP: 78.135.104.0/22
IP: 78.135.109.0 -- 78.135.111.255
IP: 185.17.136.0/22
IP: 185.241.10.0/24
IP: 188.132.128.0 -- 188.132.133.255
IP: 188.132.136.0 -- 188.132.141.255
IP: 188.132.143.0 -- 188.132.146.255
IP: 188.132.149.0 -- 188.132.156.255
IP: 188.132.159.0 -- 188.132.168.255
IP: 188.132.170.0/23
IP: 188.132.173.0 -- 188.132.174.255
IP: 188.132.178.0/24
IP: 188.132.181.0 -- 188.132.193.255
IP: 188.132.196.0 -- 188.132.203.255
IP: 188.132.206.0 -- 188.132.243.255
IP: 188.132.247.0 -- 188.132.251.255
IP: 212.68.34.0 -- 212.68.39.255
IP: 212.68.48.0/23
IP: 212.68.53.0 -- 212.68.54.255
IP: 212.68.58.0 -- 212.68.60.255
IP: 212.68.62.0/23
IP: 2a10:9440::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:61:79:7e:9c:eb:ac:72:42:0c:c8:8d:e9:91:fe:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 14 11:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:0c:00:3b:b8:ef:55:f0:d6:1a:e4:92:f3:
f4:93:a3:d4:17:da:5e:86:58:de:f5:ac:51:2f:4b:
de:23:6c:be:35:23:0c:d3:25:ac:88:c4:74:c9:c9:
81:0e:7c:42:88:46:82:0f:81:6f:87:74:4f:b3:8c:
cb:af:28:03:b4:9f:31:3b:3f:f0:63:58:21:a7:43:
f6:79:a1:99:9f:79:45:52:1a:f0:54:a3:92:1b:78:
3a:d6:9b:85:67:bb:ea:c5:2d:da:3a:92:7f:13:fc:
c5:59:24:93:0c:26:f6:27:b5:33:60:6b:3c:03:d9:
a5:2a:08:24:8f:6d:85:9f:a8:88:3c:95:10:01:d9:
31:f9:80:96:70:58:b9:27:c9:84:42:33:35:67:05:
82:9b:96:5d:24:c1:53:87:33:bc:b2:9e:b9:05:f9:
2d:26:f0:f7:f3:7a:56:db:fc:88:a2:32:f6:0f:c7:
18:22:32:e8:21:2d:64:4b:aa:bb:5a:de:dd:24:de:
3e:09:9c:cd:30:73:ca:c7:6e:05:07:67:97:0e:df:
d3:35:93:2f:74:3a:80:94:ef:56:46:45:68:7e:5c:
1c:22:8f:2b:09:ff:8f:87:ed:26:53:85:e3:26:08:
7f:fe:2a:51:17:ca:36:1a:ff:af:c0:f6:fe:40:66:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.34.0/24
31.210.37.0-31.210.43.255
31.210.48.0/21
77.92.142.0-77.92.147.255
77.92.150.0-77.92.154.255
78.135.64.0-78.135.78.255
78.135.80.0-78.135.102.255
78.135.104.0/22
78.135.109.0-78.135.111.255
185.17.136.0/22
185.241.10.0/24
188.132.128.0-188.132.133.255
188.132.136.0-188.132.141.255
188.132.143.0-188.132.146.255
188.132.149.0-188.132.156.255
188.132.159.0-188.132.168.255
188.132.170.0/23
188.132.173.0-188.132.174.255
188.132.178.0/24
188.132.181.0-188.132.193.255
188.132.196.0-188.132.203.255
188.132.206.0-188.132.243.255
188.132.247.0-188.132.251.255
212.68.34.0-212.68.39.255
212.68.48.0/23
212.68.53.0-212.68.54.255
212.68.58.0-212.68.60.255
212.68.62.0/23
IPv6:
2a10:9440::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60683
Signature Algorithm: sha256WithRSAEncryption
a2:c7:60:9a:5c:fd:55:9a:1b:8e:1f:42:b1:d5:30:45:68:6a:
26:fa:ce:11:ad:14:5e:54:2c:ff:6a:aa:a0:1f:2e:64:2a:a6:
c7:79:7a:84:be:d7:15:60:64:9b:45:5f:ef:62:09:88:ee:01:
0b:60:42:cb:9c:c8:cd:19:5a:f8:9f:10:df:97:6b:3e:3e:2f:
50:3c:07:8f:29:04:ba:65:97:ad:7a:1e:43:8c:5f:86:2f:61:
49:56:a3:89:9a:0d:08:aa:28:53:30:2d:40:e1:fb:3b:65:61:
3e:43:f6:93:a2:83:60:8e:b3:4f:ae:06:32:f6:78:ab:dc:a7:
44:fc:03:bc:42:98:7d:cf:09:2e:c7:75:15:b8:7f:de:4f:59:
1c:f6:f4:30:9b:56:f6:ec:c1:a1:71:22:01:f1:41:f5:33:5f:
15:0a:df:9b:98:c1:8d:95:c9:3e:49:9a:58:7c:21:89:f0:0a:
de:68:91:bb:1c:0e:93:fe:24:d1:8d:12:ee:9a:f1:01:90:71:
96:b3:a1:05:cb:b9:ea:da:53:ca:89:c8:a2:e6:5b:e9:ad:ab:
88:98:a1:b0:61:64:d2:58:27:83:9e:c2:05:bd:23:28:a0:a8:
11:6c:42:fd:61:91:de:88:bd:00:61:cc:05:93:a3:45:be:f9:
26:8a:af:e3
-----BEGIN CERTIFICATE-----
MIIG5zCCBc+gAwIBAgISAY2nYXl+nOusckIMyI3pkf4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjE0MTEyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSUMADu471Xw1hrkkvP0k6PUF9pe
hlje9axRL0veI2y+NSMM0yWsiMR0ycmBDnxCiEaCD4Fvh3RPs4zLrygDtJ8xOz/w
Y1ghp0P2eaGZn3lFUhrwVKOSG3g61puFZ7vqxS3aOpJ/E/zFWSSTDCb2J7UzYGs8
A9mlKggkj22Fn6iIPJUQAdkx+YCWcFi5J8mEQjM1ZwWCm5ZdJMFThzO8sp65Bfkt
JvD383pW2/yIojL2D8cYIjLoIS1kS6q7Wt7dJN4+CZzNMHPKx24FB2eXDt/TNZMv
dDqAlO9WRkVoflwcIo8rCf+Ph+0mU4XjJgh//ipRF8o2Gv+vwPb+QGYfKwIDAQAB
o4ID8zCCA+8wHQYDVR0OBBYEFMnVdEfjQguFOHW2+kA3Kq3jGSyiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkLzE1ODZm
ZC1mZDJjLTQxZjgtOGZlOS00ZTE5OGYwYTYwMTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvMTU4NmZk
LWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRVNGRiYjZR
RGNxcmVNWkxLSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBcAYIKwYB
BQUHAQcBAf8EggFfMIIBWzCCAUgEAgABMIIBQAMEAB/SIjAMAwQAH9IlAwQCH9Io
AwQDH9IwMAwDBAFNXI4DBAJNXJAwDAMEAU1clgMEAE1cmjAMAwQGTodAAwQATodO
MAwDBAROh1ADBABOh2YDBAJOh2gwDAMEAE6HbQMEBE6HYAMEArkRiAMEALnxCjAM
AwQHvISAAwQBvISEMAwDBAO8hIgDBAG8hIwwDAMEALyEjwMEALyEkjAMAwQAvISV
AwQAvIScMAwDBAC8hJ8DBAC8hKgDBAG8hKowDAMEALyErQMEALyErgMEALyEsjAM
AwQAvIS1AwQBvITAMAwDBAK8hMQDBAK8hMgwDAMEAbyEzgMEAryE8DAMAwQAvIT3
AwQCvIT4MAwDBAHURCIDBAPURCADBAHURDAwDAMEANRENQMEANRENjAMAwQB1EQ6
AwQA1EQ8AwQB1EQ+MA0EAgACMAcDBQMqEJRAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwDtCzANBgkqhkiG9w0BAQsFAAOCAQEAosdgmlz9VZobjh9CsdUwRWhqJvrO
Ea0UXlQs/2qqoB8uZCqmx3l6hL7XFWBkm0Vf72IJiO4BC2BCy5zIzRla+J8Q35dr
Pj4vUDwHjykEumWXrXoeQ4xfhi9hSVajiZoNCKooUzAtQOH7O2VhPkP2k6KDYI6z
T64GMvZ4q9ynRPwDvEKYfc8JLsd1Fbh/3k9ZHPb0MJtW9uzBoXEiAfFB9TNfFQrf
m5jBjZXJPkmaWHwhifAK3miRuxwOk/4k0Y0S7prxAZBxlrOhBcu56tpTyonIouZb
6a2riJihsGFk0lgng57CBb0jKKCoEWxC/WGR3oi9AGHMBZOjRb75Joqv4w==
-----END CERTIFICATE-----
Generated at Fri May 3 02:20:23 2024 by rpki-client on console-ams.rpki-client.org