Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
File: ydV0R-NCC4U4dbb6QDcqreMZLKI.cer (raw, json)
Hash identifier: p/m2Fbe2xw9qDUcyU6hGo/p8GfPJEM4yLe68LklsEU0=
Subject key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427469792EF260B6C4BB84D61EB884549
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:48:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 60683
IP: 31.210.34.0 -- 31.210.55.255
IP: 77.92.130.0/23
IP: 77.92.142.0 -- 77.92.148.255
IP: 77.92.150.0 -- 77.92.154.255
IP: 78.135.64.0 -- 78.135.78.255
IP: 78.135.80.0 -- 78.135.107.255
IP: 78.135.109.0 -- 78.135.111.255
IP: 185.17.136.0/22
IP: 185.241.10.0/24
IP: 188.132.128.0 -- 188.132.133.255
IP: 188.132.136.0 -- 188.132.141.255
IP: 188.132.143.0 -- 188.132.146.255
IP: 188.132.149.0 -- 188.132.156.255
IP: 188.132.159.0 -- 188.132.168.255
IP: 188.132.170.0/23
IP: 188.132.173.0 -- 188.132.174.255
IP: 188.132.178.0/24
IP: 188.132.181.0 -- 188.132.193.255
IP: 188.132.196.0 -- 188.132.203.255
IP: 188.132.206.0 -- 188.132.243.255
IP: 188.132.247.0 -- 188.132.251.255
IP: 212.68.34.0 -- 212.68.39.255
IP: 212.68.48.0/23
IP: 212.68.53.0 -- 212.68.56.255
IP: 212.68.58.0 -- 212.68.60.255
IP: 212.68.62.0/23
IP: 2a10:9440::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:97:92:ef:26:0b:6c:4b:b8:4d:61:eb:88:45:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:0c:00:3b:b8:ef:55:f0:d6:1a:e4:92:f3:
f4:93:a3:d4:17:da:5e:86:58:de:f5:ac:51:2f:4b:
de:23:6c:be:35:23:0c:d3:25:ac:88:c4:74:c9:c9:
81:0e:7c:42:88:46:82:0f:81:6f:87:74:4f:b3:8c:
cb:af:28:03:b4:9f:31:3b:3f:f0:63:58:21:a7:43:
f6:79:a1:99:9f:79:45:52:1a:f0:54:a3:92:1b:78:
3a:d6:9b:85:67:bb:ea:c5:2d:da:3a:92:7f:13:fc:
c5:59:24:93:0c:26:f6:27:b5:33:60:6b:3c:03:d9:
a5:2a:08:24:8f:6d:85:9f:a8:88:3c:95:10:01:d9:
31:f9:80:96:70:58:b9:27:c9:84:42:33:35:67:05:
82:9b:96:5d:24:c1:53:87:33:bc:b2:9e:b9:05:f9:
2d:26:f0:f7:f3:7a:56:db:fc:88:a2:32:f6:0f:c7:
18:22:32:e8:21:2d:64:4b:aa:bb:5a:de:dd:24:de:
3e:09:9c:cd:30:73:ca:c7:6e:05:07:67:97:0e:df:
d3:35:93:2f:74:3a:80:94:ef:56:46:45:68:7e:5c:
1c:22:8f:2b:09:ff:8f:87:ed:26:53:85:e3:26:08:
7f:fe:2a:51:17:ca:36:1a:ff:af:c0:f6:fe:40:66:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.34.0-31.210.55.255
77.92.130.0/23
77.92.142.0-77.92.148.255
77.92.150.0-77.92.154.255
78.135.64.0-78.135.78.255
78.135.80.0-78.135.107.255
78.135.109.0-78.135.111.255
185.17.136.0/22
185.241.10.0/24
188.132.128.0-188.132.133.255
188.132.136.0-188.132.141.255
188.132.143.0-188.132.146.255
188.132.149.0-188.132.156.255
188.132.159.0-188.132.168.255
188.132.170.0/23
188.132.173.0-188.132.174.255
188.132.178.0/24
188.132.181.0-188.132.193.255
188.132.196.0-188.132.203.255
188.132.206.0-188.132.243.255
188.132.247.0-188.132.251.255
212.68.34.0-212.68.39.255
212.68.48.0/23
212.68.53.0-212.68.56.255
212.68.58.0-212.68.60.255
212.68.62.0/23
IPv6:
2a10:9440::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60683
Signature Algorithm: sha256WithRSAEncryption
2f:15:7b:36:6a:ef:a7:32:06:e7:55:0f:c4:94:17:cd:ad:17:
e6:0c:0a:ff:0c:66:92:b7:c6:98:df:05:45:fa:78:74:f1:66:
d6:69:0a:16:e3:cd:3a:98:74:02:eb:94:d4:ea:1c:f1:a3:6b:
d0:47:65:03:48:1c:9e:d8:2d:0d:f5:67:0d:4b:ce:d7:fe:60:
dc:9d:7a:e4:b7:99:c1:d5:d2:db:fe:cf:65:8a:6e:0b:be:1a:
a0:24:f8:a8:db:71:b9:7f:a8:6c:d6:f1:40:ec:79:52:46:46:
00:0d:52:89:99:4f:c7:1c:bc:d6:33:4a:b6:b0:c9:70:e3:e0:
0a:0b:62:07:05:e2:66:2d:c9:fe:dc:a3:81:93:15:69:ae:25:
67:95:49:64:ad:4d:60:cb:e3:68:0c:5f:e1:72:17:e6:53:fc:
45:d0:30:be:5b:ae:f8:0e:d1:27:95:95:76:f4:85:35:63:f4:
b7:d3:71:0b:f9:91:d2:ea:34:62:59:23:d1:c0:af:a4:3b:36:
83:25:06:08:cf:ed:bd:a4:e3:c4:da:95:e9:54:dc:77:6f:46:
02:fa:e7:da:f5:8b:6b:33:7a:2f:7b:2b:ab:68:8b:18:87:b7:
da:68:b1:45:2f:ea:f0:fc:12:42:cf:24:a3:80:70:76:48:59:
01:0f:54:e9
-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgISAZQnRpeS7yYLbEu4TWHriEVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSUMADu471Xw1hrkkvP0k6PUF9pe
hlje9axRL0veI2y+NSMM0yWsiMR0ycmBDnxCiEaCD4Fvh3RPs4zLrygDtJ8xOz/w
Y1ghp0P2eaGZn3lFUhrwVKOSG3g61puFZ7vqxS3aOpJ/E/zFWSSTDCb2J7UzYGs8
A9mlKggkj22Fn6iIPJUQAdkx+YCWcFi5J8mEQjM1ZwWCm5ZdJMFThzO8sp65Bfkt
JvD383pW2/yIojL2D8cYIjLoIS1kS6q7Wt7dJN4+CZzNMHPKx24FB2eXDt/TNZMv
dDqAlO9WRkVoflwcIo8rCf+Ph+0mU4XjJgh//ipRF8o2Gv+vwPb+QGYfKwIDAQAB
o4ID5zCCA+MwHQYDVR0OBBYEFMnVdEfjQguFOHW2+kA3Kq3jGSyiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRkLzE1ODZm
ZC1mZDJjLTQxZjgtOGZlOS00ZTE5OGYwYTYwMTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvMTU4NmZk
LWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRVNGRiYjZR
RGNxcmVNWkxLSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIIBZAYIKwYB
BQUHAQcBAf8EggFTMIIBTzCCATwEAgABMIIBNDAMAwQBH9IiAwQDH9IwAwQBTVyC
MAwDBAFNXI4DBABNXJQwDAMEAU1clgMEAE1cmjAMAwQGTodAAwQATodOMAwDBARO
h1ADBAJOh2gwDAMEAE6HbQMEBE6HYAMEArkRiAMEALnxCjAMAwQHvISAAwQBvISE
MAwDBAO8hIgDBAG8hIwwDAMEALyEjwMEALyEkjAMAwQAvISVAwQAvIScMAwDBAC8
hJ8DBAC8hKgDBAG8hKowDAMEALyErQMEALyErgMEALyEsjAMAwQAvIS1AwQBvITA
MAwDBAK8hMQDBAK8hMgwDAMEAbyEzgMEAryE8DAMAwQAvIT3AwQCvIT4MAwDBAHU
RCIDBAPURCADBAHURDAwDAMEANRENQMEANREODAMAwQB1EQ6AwQA1EQ8AwQB1EQ+
MA0EAgACMAcDBQMqEJRAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDtCzANBgkq
hkiG9w0BAQsFAAOCAQEALxV7NmrvpzIG51UPxJQXza0X5gwK/wxmkrfGmN8FRfp4
dPFm1mkKFuPNOph0AuuU1Ooc8aNr0EdlA0gcntgtDfVnDUvO1/5g3J165LeZwdXS
2/7PZYpuC74aoCT4qNtxuX+obNbxQOx5UkZGAA1SiZlPxxy81jNKtrDJcOPgCgti
BwXiZi3J/tyjgZMVaa4lZ5VJZK1NYMvjaAxf4XIX5lP8RdAwvluu+A7RJ5WVdvSF
NWP0t9NxC/mR0uo0Ylkj0cCvpDs2gyUGCM/tvaTjxNqV6VTcd29GAvrn2vWLazN6
L3srq2iLGIe32mixRS/q8PwSQs8ko4BwdkhZAQ9U6Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:10:23 2025 by rpki-client