Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
File: 1mc4qNrawtDTrt25NPggBmufX-s.cer (raw, json)
Hash identifier: hfvLmYn9y7ilJYR01CzMJXp8jDlCtkSwge7P2VT8X3Q=
Subject key identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC50070BC319B727726CBC6DEC4F9A54B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:29:49 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 20771
AS: 28751
IP: 37.233.128.0/17
IP: 78.139.128.0/18
IP: 80.241.176.0/20
IP: 80.241.244.0/22
IP: 80.241.252.0/24
IP: 85.117.32.0/19
IP: 88.210.192.0/18
IP: 89.232.0.0/19
IP: 134.90.0.0/17
IP: 176.73.0.0/16
IP: 185.19.96.0/22
IP: 212.72.130.0/24
IP: 212.72.155.0/24
IP: 2a02:23f0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:70:bc:31:9b:72:77:26:cb:c6:de:c4:f9:a5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:6a:67:f7:8d:5d:78:25:68:5a:70:a2:94:
96:0f:c2:85:f1:70:f9:4a:29:37:ce:d9:d9:67:2b:
1e:9e:35:53:9f:82:f7:21:cf:2e:e6:3d:c3:74:3b:
c9:ba:6f:37:0b:d3:a5:3b:50:dd:29:0d:40:e1:c4:
4e:07:51:24:6f:06:35:19:fa:26:e4:66:ed:c5:18:
a6:f0:73:ba:09:12:e7:fc:56:08:74:68:4d:51:a3:
e5:7d:36:bd:99:03:84:3d:9c:be:98:67:f1:8b:73:
7b:c0:8e:8b:63:7f:71:09:78:5d:d6:2f:37:a7:b5:
e7:1a:8b:eb:00:9e:00:58:de:dc:23:f9:2c:12:3a:
37:5c:c8:06:9e:3c:d8:ed:1d:06:90:6a:4d:af:9a:
36:6c:e9:06:80:4e:0d:5d:07:c2:57:74:aa:c0:b9:
bf:21:3e:14:40:25:29:c9:ba:30:92:22:cc:47:93:
d6:25:1c:43:43:c9:17:3b:be:dc:e2:e9:fa:86:c6:
2c:06:ce:ee:ad:7f:da:86:5c:37:b6:3e:d4:07:62:
47:37:84:4c:12:09:d4:0d:cd:18:a8:0d:10:60:8d:
9a:ea:43:59:fe:4b:c9:70:36:31:a4:ad:02:7e:a2:
f9:a2:31:e3:14:99:10:35:96:f2:20:be:9b:e4:97:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.128.0/17
78.139.128.0/18
80.241.176.0/20
80.241.244.0/22
80.241.252.0/24
85.117.32.0/19
88.210.192.0/18
89.232.0.0/19
134.90.0.0/17
176.73.0.0/16
185.19.96.0/22
212.72.130.0/24
212.72.155.0/24
IPv6:
2a02:23f0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20771
28751
Signature Algorithm: sha256WithRSAEncryption
0f:13:a0:29:55:bd:48:4c:16:24:21:34:bc:b4:d8:66:9d:75:
ef:b7:c6:86:eb:54:4e:47:66:cd:6e:b1:20:cd:51:37:48:dd:
36:94:36:11:94:d8:f7:e3:48:08:e6:a1:07:40:51:e9:4a:c1:
2d:2b:ac:52:f2:83:62:fa:fc:37:cf:74:c0:2f:7c:10:a8:e8:
0c:19:1d:85:06:3c:f8:63:8b:5a:5b:1e:56:00:2e:bc:9a:43:
c4:7e:04:15:9e:79:04:d6:48:16:3c:0a:7a:eb:74:d1:25:d9:
4c:fa:57:78:09:80:c6:62:85:16:24:a1:83:e9:af:6f:2f:8b:
8d:9a:de:47:c4:0c:31:da:e8:c7:7b:4b:af:22:4e:82:b1:a5:
a3:93:05:3a:0a:6b:e1:f4:8d:03:ac:00:38:1d:77:18:d3:c9:
d1:5e:00:df:7d:e5:3b:53:f4:91:9b:91:92:41:bb:aa:40:8d:
bd:65:00:04:f3:ea:17:58:4a:40:10:5c:24:ec:fd:cd:c1:5c:
7c:0f:b6:33:c7:f1:66:18:d8:5b:3d:08:be:8c:82:b1:46:22:
e9:0b:96:b8:9f:6c:91:72:40:57:2f:0b:18:9b:3f:83:a8:21:
8b:f8:62:1b:dd:f7:82:d6:ee:08:35:0a:13:a6:31:50:75:14:
d3:54:40:64
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYzFAHC8MZtydybLxt7E+aVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY3MzhhOGRhZGFjMmQwZDNhZWRkYjkzNGY4MjAwNjZiOWY1ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWpqZ/eNXXglaFpwopSWD8KF8XD5
Sik3ztnZZysenjVTn4L3Ic8u5j3DdDvJum83C9OlO1DdKQ1A4cROB1EkbwY1Gfom
5GbtxRim8HO6CRLn/FYIdGhNUaPlfTa9mQOEPZy+mGfxi3N7wI6LY39xCXhd1i83
p7XnGovrAJ4AWN7cI/ksEjo3XMgGnjzY7R0GkGpNr5o2bOkGgE4NXQfCV3SqwLm/
IT4UQCUpybowkiLMR5PWJRxDQ8kXO77c4un6hsYsBs7urX/ahlw3tj7UB2JHN4RM
EgnUDc0YqA0QYI2a6kNZ/kvJcDYxpK0CfqL5ojHjFJkQNZbyIL6b5JdS9QIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFNZnOKja2sLQ067duTT4IAZrn1/rMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZiL2M1Nzcy
Ny05Mzk2LTRiZjgtYjI1ZC02YTFlMGVjNzFkYTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIvYzU3NzI3
LTkzOTYtNGJmOC1iMjVkLTZhMWUwZWM3MWRhOC8xLzFtYzRxTnJhd3REVHJ0MjVO
UGdnQm11Zlgtcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF
BwEHAQH/BGYwZDBTBAIAATBNAwQHJemAAwQGTouAAwQEUPGwAwQCUPH0AwQAUPH8
AwQFVXUgAwQGWNLAAwQFWegAAwQHhloAAwMAsEkDBAK5E2ADBADUSIIDBADUSJsw
DQQCAAIwBwMFACoCI/AwHQYIKwYBBQUHAQgBAf8EDjAMoAowCAICUSMCAnBPMA0G
CSqGSIb3DQEBCwUAA4IBAQAPE6ApVb1ITBYkITS8tNhmnXXvt8aG61ROR2bNbrEg
zVE3SN02lDYRlNj340gI5qEHQFHpSsEtK6xS8oNi+vw3z3TAL3wQqOgMGR2FBjz4
Y4taWx5WAC68mkPEfgQVnnkE1kgWPAp663TRJdlM+ld4CYDGYoUWJKGD6a9vL4uN
mt5HxAwx2ujHe0uvIk6CsaWjkwU6Cmvh9I0DrAA4HXcY08nRXgDffeU7U/SRm5GS
QbuqQI29ZQAE8+oXWEpAEFwk7P3NwVx8D7Yzx/FmGNhbPQi+jIKxRiLpC5a4n2yR
ckBXLwsYmz+DqCGL+GIb3feC1u4INQoTpjFQdRTTVEBk
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:15:30 2024 by rpki-client on console-fra.rpki-client.org