Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer
File: 7FraDckAoTyDtwrD9Yf7jC4d8DA.cer (raw, json)
Hash identifier: 3qAiAfSF6H3yILFLWisLOt/pOWoebXWC4n74gdripJg=
Subject key identifier: EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E3BAFA9A4E0777B92A6DEFB657F4B88BD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 14 Mar 2024 06:39:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 31611
AS: 51580
IP: 5.172.100.0 -- 5.172.127.255
IP: 31.193.16.0/20
IP: 46.17.152.0/21
IP: 80.66.208.0/20
IP: 81.173.100.0/22
IP: 89.105.76.0 -- 89.105.87.255
IP: 109.238.16.0/20
IP: 141.105.152.0/21
IP: 145.14.160.0/19
IP: 178.218.148.0/22
IP: 178.250.64.0/21
IP: 185.5.180.0/22
IP: 185.55.88.0/22
IP: 185.121.148.0/22
IP: 185.139.28.0/22
IP: 185.180.180.0/23
IP: 194.110.56.0/22
IP: 2a01:8440::/32
IP: 2a02:4860::/32
IP: 2a03:5300::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3b:af:a9:a4:e0:77:7b:92:a6:de:fb:65:7f:4b:88:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 14 06:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:1c:db:39:85:cb:23:6e:da:f2:26:c1:2f:
c2:f5:ee:02:1d:8c:96:f7:7e:73:9d:fe:fa:33:c9:
db:c9:a9:39:53:89:78:81:c8:2e:55:d4:48:ad:cd:
23:34:b6:37:a3:6b:d4:0c:bd:e0:6a:f7:28:74:b0:
98:d0:6b:71:6a:ea:e1:8b:1d:7c:3f:cb:67:63:fa:
6f:2e:55:a3:95:09:85:76:8a:de:a3:4f:fb:7b:fd:
13:68:fd:a2:ed:da:15:d2:3e:a8:85:51:48:e1:e6:
a6:aa:db:88:55:02:c9:a3:ae:bb:44:15:d9:ef:12:
1b:9c:0a:9a:a4:41:06:22:1e:56:3f:c1:70:79:bf:
11:e2:75:bf:92:a6:20:03:e3:f7:1e:39:56:d2:62:
9a:a5:93:fe:b2:ea:cb:09:03:65:ca:86:0f:df:e8:
77:88:d9:ea:35:d3:3c:2b:c2:a9:e1:d7:36:76:ce:
12:ea:24:65:ad:3c:6f:6b:5c:c2:33:97:ec:cd:f2:
10:d7:0e:f1:0f:ee:31:b7:de:26:b8:d1:cc:43:9b:
ce:91:bb:77:dd:73:c7:c3:2d:b9:a8:cb:8f:8b:0e:
1d:08:4a:a0:4a:ee:bf:1e:9e:e9:d7:70:22:84:c9:
7d:9d:39:73:d6:0a:3c:4a:19:20:9b:e2:34:cb:12:
0b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.100.0-5.172.127.255
31.193.16.0/20
46.17.152.0/21
80.66.208.0/20
81.173.100.0/22
89.105.76.0-89.105.87.255
109.238.16.0/20
141.105.152.0/21
145.14.160.0/19
178.218.148.0/22
178.250.64.0/21
185.5.180.0/22
185.55.88.0/22
185.121.148.0/22
185.139.28.0/22
185.180.180.0/23
194.110.56.0/22
IPv6:
2a01:8440::/32
2a02:4860::/32
2a03:5300::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
31611
51580
Signature Algorithm: sha256WithRSAEncryption
61:ee:fc:2b:3d:98:b6:f9:a5:bc:fd:ae:6a:b5:95:9f:62:fe:
10:db:9e:93:25:79:2d:c1:3b:ce:db:af:2d:0c:e4:1b:45:16:
03:23:e2:9a:4b:ab:70:f0:c6:5f:67:89:71:ae:df:18:1e:4e:
c7:12:71:66:5d:89:26:c3:4d:9d:9f:31:c8:c0:60:43:f3:4f:
69:55:9a:78:7b:ca:48:9a:b1:46:d1:ce:81:cd:fb:e3:60:2b:
6c:89:c8:58:d4:f9:18:c3:97:01:09:0d:f1:1c:bd:10:d7:1f:
8e:37:20:12:39:91:e7:c2:03:da:c1:6b:d0:3a:15:6a:b5:8f:
fa:5f:aa:f5:8f:94:0b:31:5b:bd:b0:f1:67:24:c4:d6:a9:43:
bc:91:8c:fd:ad:4e:e9:3a:b5:04:c0:16:2f:22:83:72:1e:4a:
96:c9:f2:41:7c:57:fb:b1:48:6a:2f:3f:e0:e4:eb:69:f0:bd:
b4:f8:45:e1:16:f2:a0:6c:4e:01:47:72:de:b2:7e:64:f7:a1:
ae:8c:1e:b7:fc:c2:f4:b8:04:e8:65:28:24:2b:31:22:b5:77:
e0:5e:7c:e3:01:57:74:48:1a:03:f6:53:39:a1:58:91:3f:9f:
67:b0:55:7a:58:65:c6:bc:b0:e4:56:70:83:e6:7f:ed:76:3f:
3a:d4:93:d4
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgISAY47r6mk4Hd7kqbe+2V/S4i9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzE0MDYzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzVhZGEwZGM5MDBhMTNjODNiNzBhYzNmNTg3ZmI4YzJlMWRmMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqUc2zmFyyNu2vImwS/C9e4CHYyW
935znf76M8nbyak5U4l4gcguVdRIrc0jNLY3o2vUDL3gavcodLCY0Gtxaurhix18
P8tnY/pvLlWjlQmFdoreo0/7e/0TaP2i7doV0j6ohVFI4eamqtuIVQLJo667RBXZ
7xIbnAqapEEGIh5WP8Fweb8R4nW/kqYgA+P3HjlW0mKapZP+surLCQNlyoYP3+h3
iNnqNdM8K8Kp4dc2ds4S6iRlrTxva1zCM5fszfIQ1w7xD+4xt94muNHMQ5vOkbt3
3XPHwy25qMuPiw4dCEqgSu6/Hp7p13AihMl9nTlz1go8Shkgm+I0yxILOQIDAQAB
o4IDNDCCAzAwHQYDVR0OBBYEFOxa2g3JAKE8g7cKw/WH+4wuHfAwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhL2NhNzM0
Yi01YTBiLTRhMDMtODEzMS1jZmVmZWFlZTg2NWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvY2E3MzRi
LTVhMGItNGEwMy04MTMxLWNmZWZlYWVlODY1ZS8xLzdGcmFEY2tBb1R5RHR3ckQ5
WWY3akM0ZDhEQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGuBggrBgEF
BQcBBwEB/wSBnjCBmzB8BAIAATB2MAwDBAIFrGQDBAcFrAADBAQfwRADBAMuEZgD
BARQQtADBAJRrWQwDAMEAllpTAMEA1lpUAMEBG3uEAMEA41pmAMEBZEOoAMEArLa
lAMEA7L6QAMEArkFtAMEArk3WAMEArl5lAMEArmLHAMEAbm0tAMEAsJuODAbBAIA
AjAVAwUAKgGEQAMFACoCSGADBQMqA1MAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkC
Ant7AgMAyXwwDQYJKoZIhvcNAQELBQADggEBAGHu/Cs9mLb5pbz9rmq1lZ9i/hDb
npMleS3BO87bry0M5BtFFgMj4ppLq3Dwxl9niXGu3xgeTscScWZdiSbDTZ2fMcjA
YEPzT2lVmnh7ykiasUbRzoHN++NgK2yJyFjU+RjDlwEJDfEcvRDXH443IBI5kefC
A9rBa9A6FWq1j/pfqvWPlAsxW72w8WckxNapQ7yRjP2tTuk6tQTAFi8ig3IeSpbJ
8kF8V/uxSGovP+Dk62nwvbT4ReEW8qBsTgFHct6yfmT3oa6MHrf8wvS4BOhlKCQr
MSK1d+BefOMBV3RIGgP2UzmhWJE/n2ewVXpYZca8sORWcIPmf+12PzrUk9Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:21 2024 by rpki-client on console-fra.rpki-client.org