Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
File: UfSwsEaesNBxmUzYI480vvAMb74.cer (raw, json)
Hash identifier: 0XkFiZQeYXDoqeR8df7a9CUD5oVbZh119Oj4DAXbqus=
Subject key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01979D2AA7D8FD575FE181BB6DDE1AD65917
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 23 Jun 2025 14:21:47 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200217
AS: 200999
AS: 207685
AS: 208660
IP: 5.102.40.0/22
IP: 45.92.240.0/22
IP: 45.130.28.0/22
IP: 46.60.16.0/20
IP: 64.225.128.0/20
IP: 74.63.0.0/20
IP: 91.212.135.0/24
IP: 91.212.141.0 -- 91.212.142.255
IP: 91.212.149.0/24
IP: 91.233.150.0/24
IP: 91.234.10.0/24
IP: 91.234.20.0/24
IP: 91.234.53.0/24
IP: 124.197.32.0/20
IP: 185.48.232.0/22
IP: 185.52.192.0/22
IP: 185.178.84.0/22
IP: 185.254.220.0/22
IP: 193.142.27.0/24
IP: 193.142.52.0/24
IP: 193.142.54.0/24
IP: 193.142.60.0/24
IP: 194.146.52.0/23
IP: 194.146.60.0/23
IP: 194.152.58.0/23
IP: 194.153.72.0/23
IP: 217.71.192.0/21
IP: 2a01:9aa0::/32
IP: 2a01:a160::/32
IP: 2a13:7bc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:2a:a7:d8:fd:57:5f:e1:81:bb:6d:de:1a:d6:59:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 23 14:21:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:0d:9e:ca:3a:75:75:3c:60:06:bc:26:6b:
22:e9:19:ac:4d:07:55:7a:96:ba:d0:ef:93:dc:88:
8a:26:e3:cb:f8:75:25:6b:f0:cb:0c:00:d1:01:2a:
c4:73:10:2b:69:b2:44:85:86:02:b9:1d:df:a1:9d:
f0:b2:b3:42:8c:fc:06:87:36:d1:12:c3:45:6f:bd:
8d:db:e1:06:15:5e:1b:60:60:b2:e4:47:23:4e:27:
00:b6:03:b9:ca:f2:16:f6:05:3a:e2:45:66:e8:85:
37:e0:bd:f1:c2:a9:08:0b:ee:65:06:8b:6a:45:fe:
b9:0e:83:60:ed:ce:eb:e1:d1:47:c3:fa:1f:7f:11:
e2:91:a7:7a:68:59:00:c7:b3:02:6a:a2:52:32:54:
1a:1d:7c:11:db:a7:78:e6:c4:7d:54:7d:26:db:15:
12:ef:b4:2d:06:f5:5a:22:0d:28:4a:27:17:48:9a:
53:ed:d1:41:26:74:3f:64:2e:49:a5:72:73:90:94:
ea:47:9d:2b:6c:8c:be:0e:5a:ab:ec:4b:28:27:1c:
41:34:fd:ff:d8:e4:28:2a:03:2a:48:66:d1:9e:e2:
5f:1a:34:9d:23:a6:8d:84:2e:00:de:94:43:fb:0d:
b3:d9:86:22:64:e6:b9:58:1b:f9:50:d4:ba:d9:4b:
c1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.40.0/22
45.92.240.0/22
45.130.28.0/22
46.60.16.0/20
64.225.128.0/20
74.63.0.0/20
91.212.135.0/24
91.212.141.0-91.212.142.255
91.212.149.0/24
91.233.150.0/24
91.234.10.0/24
91.234.20.0/24
91.234.53.0/24
124.197.32.0/20
185.48.232.0/22
185.52.192.0/22
185.178.84.0/22
185.254.220.0/22
193.142.27.0/24
193.142.52.0/24
193.142.54.0/24
193.142.60.0/24
194.146.52.0/23
194.146.60.0/23
194.152.58.0/23
194.153.72.0/23
217.71.192.0/21
IPv6:
2a01:9aa0::/32
2a01:a160::/32
2a13:7bc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200217
200999
207685
208660
Signature Algorithm: sha256WithRSAEncryption
0d:ea:b3:58:56:a3:0e:5f:13:31:fa:41:65:15:b7:23:69:8e:
04:17:fa:f3:fa:82:de:a4:bc:cc:eb:3e:22:77:44:d7:cd:f2:
90:01:32:5c:b5:dd:45:78:d8:f6:14:ef:97:24:31:56:43:f5:
bf:25:1e:d8:86:44:d0:43:bb:9e:d6:f9:68:25:c4:94:cf:24:
f0:e5:fc:bb:68:f6:22:38:14:a5:ca:84:2d:f3:75:d0:42:f5:
e1:74:fa:cf:8f:80:fe:fc:5c:cb:69:a2:22:c9:2d:14:13:db:
a8:24:78:0a:99:6c:a0:cf:9e:d7:36:62:c2:9f:ac:bf:ce:75:
d3:fc:48:21:76:1a:c1:85:ec:59:f3:a6:a9:b0:e9:a0:ac:64:
c3:8e:36:fc:37:07:ad:96:60:2c:36:0c:6d:1e:12:9e:13:76:
86:e5:02:c6:98:0a:ea:9e:9f:64:e3:63:f3:42:dd:fb:33:eb:
ae:e5:19:dd:d7:8c:8f:cb:7d:ce:50:9c:8f:11:3d:12:55:60:
96:a2:8a:58:b2:ee:5c:58:18:54:9e:cf:99:54:4f:ce:46:0f:
3e:18:e5:84:18:c9:d1:84:9c:6a:17:66:02:78:b5:e8:31:c8:
41:ba:ea:a2:a0:8f:8a:c3:34:f7:d9:1e:da:de:f0:df:4e:48:
ee:c0:b1:08
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgISAZedKqfY/Vdf4YG7bd4a1lkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNjIzMTQyMTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWY0YjBiMDQ2OWViMGQwNzE5OTRjZDgyMzhmMzRiZWYwMGM2ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVwNnso6dXU8YAa8Jmsi6RmsTQdV
epa60O+T3IiKJuPL+HUla/DLDADRASrEcxArabJEhYYCuR3foZ3wsrNCjPwGhzbR
EsNFb72N2+EGFV4bYGCy5EcjTicAtgO5yvIW9gU64kVm6IU34L3xwqkIC+5lBotq
Rf65DoNg7c7r4dFHw/offxHikad6aFkAx7MCaqJSMlQaHXwR26d45sR9VH0m2xUS
77QtBvVaIg0oSicXSJpT7dFBJnQ/ZC5JpXJzkJTqR50rbIy+Dlqr7EsoJxxBNP3/
2OQoKgMqSGbRnuJfGjSdI6aNhC4A3pRD+w2z2YYiZOa5WBv5UNS62UvBDwIDAQAB
o4IDdTCCA3EwHQYDVR0OBBYEFFH0sLBGnrDQcZlM2COPNL7wDG++MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2L2QzYWIy
OC03ZjQ3LTQxZjMtYjIzMS03ODg0NGUxMDExMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvZDNhYjI4
LTdmNDctNDFmMy1iMjMxLTc4ODQ0ZTEwMTEzMy8xL1VmU3dzRWFlc05CeG1VellJ
NDgwdnZBTWI3NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHkBggrBgEF
BQcBBwEB/wSB1DCB0TCBsQQCAAEwgaoDBAIFZigDBAItXPADBAItghwDBAQuPBAD
BARA4YADBARKPwADBABb1IcwDAMEAFvUjQMEAFvUjgMEAFvUlQMEAFvplgMEAFvq
CgMEAFvqFAMEAFvqNQMEBHzFIAMEArkw6AMEArk0wAMEArmyVAMEArn+3AMEAMGO
GwMEAMGONAMEAMGONgMEAMGOPAMEAcKSNAMEAcKSPAMEAcKYOgMEAcKZSAMEA9lH
wDAbBAIAAjAVAwUAKgGaoAMFACoBoWADBQMqE3vAMCkGCCsGAQUFBwEIAQH/BBow
GKAWMBQCAwMOGQIDAxEnAgMDK0UCAwMvFDANBgkqhkiG9w0BAQsFAAOCAQEADeqz
WFajDl8TMfpBZRW3I2mOBBf68/qC3qS8zOs+IndE183ykAEyXLXdRXjY9hTvlyQx
VkP1vyUe2IZE0EO7ntb5aCXElM8k8OX8u2j2IjgUpcqELfN10EL14XT6z4+A/vxc
y2miIsktFBPbqCR4CplsoM+e1zZiwp+sv8510/xIIXYawYXsWfOmqbDpoKxkw442
/DcHrZZgLDYMbR4SnhN2huUCxpgK6p6fZONj80Ld+zPrruUZ3deMj8t9zlCcjxE9
ElVglqKKWLLuXFgYVJ7PmVRPzkYPPhjlhBjJ0YScahdmAni16DHIQbrqoqCPisM0
99ke2t7w305I7sCxCA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 15:08:26 2025 by rpki-client