Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
File: ArmAwQ1xEPkf_54OzrY52edbNeI.cer (raw, json)
Hash identifier: Xe3KHpod/bik1acE3YfPMZAiP2KdZ0XtDQtBYcIX+E4=
Subject key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0192BE64BD2DA302BCA5FC0545B65F5FEAC8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 24 Oct 2024 11:58:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 29676
IP: 79.135.96.0/22
IP: 109.224.192.0/20
IP: 109.224.220.0 -- 109.224.222.255
IP: 109.224.233.0/24
IP: 109.236.161.0 -- 109.236.167.255
IP: 185.98.188.0/22
IP: 193.111.200.0/24
IP: 195.74.60.0/23
IP: 212.11.65.0 -- 212.11.66.255
IP: 212.11.77.0 -- 212.11.78.255
IP: 2a02:5b8::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:64:bd:2d:a3:02:bc:a5:fc:05:45:b6:5f:5f:ea:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 24 11:58:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0e:54:ea:e5:73:88:4b:cb:df:b8:5a:3e:b6:
cb:ce:26:e8:a3:1e:9a:a4:87:73:0b:bf:c0:d9:e4:
80:e4:d2:c1:5b:06:76:18:bf:2a:41:be:b3:19:36:
4e:e4:3f:de:a3:43:b5:c9:77:9e:db:21:d4:e9:a2:
bc:69:75:83:7a:40:0d:d3:00:60:f0:02:b3:a2:2f:
49:9d:41:87:8d:82:bc:6c:73:5a:1c:63:d7:71:0b:
99:c6:f8:1b:86:cd:3c:5c:b3:0f:c2:b4:b4:10:d6:
b6:a7:52:f4:16:ae:05:bb:97:a6:82:84:b8:30:64:
60:a0:a5:bb:bf:ad:b1:25:d0:af:03:dc:c2:b1:00:
eb:a2:c8:fb:c0:95:2b:cf:ef:5a:ab:a9:44:7f:f0:
29:97:4f:07:1a:b5:36:b3:f1:e8:a7:13:05:60:cb:
90:da:6e:8d:f8:4d:2c:29:bd:9b:ac:ee:77:5a:01:
5d:48:a2:30:bf:c6:d0:0c:0a:59:9e:18:84:0c:af:
10:49:c8:c4:90:a6:cd:3f:f6:30:01:95:38:be:a6:
6d:7e:a7:ee:af:7c:61:3a:f5:33:e6:cd:f3:d4:a7:
88:6e:3f:28:be:4e:94:26:cd:61:fe:78:53:77:f3:
a5:9b:cd:e1:32:aa:92:50:f2:a4:64:4c:dd:2b:81:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.96.0/22
109.224.192.0/20
109.224.220.0-109.224.222.255
109.224.233.0/24
109.236.161.0-109.236.167.255
185.98.188.0/22
193.111.200.0/24
195.74.60.0/23
212.11.65.0-212.11.66.255
212.11.77.0-212.11.78.255
IPv6:
2a02:5b8::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29676
Signature Algorithm: sha256WithRSAEncryption
21:98:c8:e0:b5:3f:70:fe:09:26:6d:9c:39:aa:62:7f:84:e8:
99:d4:0c:ce:37:8a:c3:f6:d0:64:6e:5d:7d:e2:44:9a:af:9d:
35:20:7d:0d:c3:9c:04:bb:ab:8b:32:37:d9:22:9e:6d:ad:09:
55:ca:c4:48:17:1c:62:e6:61:b3:00:ca:49:fd:23:fe:52:a4:
21:b2:eb:3c:b7:94:45:1e:96:fb:d0:6d:39:e3:98:40:9e:6e:
19:82:53:9c:17:67:d1:1b:2a:f7:61:64:45:c9:06:0d:be:9a:
9f:39:b2:2b:be:cd:20:b9:72:86:d1:c9:97:89:cd:fa:00:2f:
b5:f2:80:e9:81:90:70:58:10:4d:9e:0b:1b:1a:05:68:49:26:
e9:ba:82:86:11:9f:c7:a7:5e:1d:7b:a6:19:0c:11:4a:07:34:
6b:0b:d9:91:fc:50:e3:cd:9d:ca:76:cb:5a:c2:80:f0:83:af:
ab:89:4e:48:6b:89:ef:fc:2c:1c:d3:ef:a3:5d:fa:87:49:c7:
d7:d1:b3:df:36:98:19:93:93:50:07:0d:02:4b:51:0f:90:3f:
15:a6:45:8f:a0:cb:b8:f0:56:70:42:48:ae:63:eb:10:8e:a8:
9b:c8:2a:71:15:39:1e:81:aa:61:1e:e8:8f:db:99:ee:e2:b7:
36:56:a5:3d
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAZK+ZL0towK8pfwFRbZfX+rIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDI0MTE1ODQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI5ODBjMTBkNzExMGY5MWZmZjllMGVjZWI2MzlkOWU3NWIzNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g5U6uVziEvL37haPrbLziboox6a
pIdzC7/A2eSA5NLBWwZ2GL8qQb6zGTZO5D/eo0O1yXee2yHU6aK8aXWDekAN0wBg
8AKzoi9JnUGHjYK8bHNaHGPXcQuZxvgbhs08XLMPwrS0ENa2p1L0Fq4Fu5emgoS4
MGRgoKW7v62xJdCvA9zCsQDrosj7wJUrz+9aq6lEf/Apl08HGrU2s/HopxMFYMuQ
2m6N+E0sKb2brO53WgFdSKIwv8bQDApZnhiEDK8QScjEkKbNP/YwAZU4vqZtfqfu
r3xhOvUz5s3z1KeIbj8ovk6UJs1h/nhTd/Olm83hMqqSUPKkZEzdK4HFewIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFAK5gMENcRD5H/+eDs62OdnnWzXiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NmL2E4OTQ3
Zi1lNTJjLTRkZTEtYmFkZS03MGMwYTUwNmQ3OTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2YvYTg5NDdm
LWU1MmMtNGRlMS1iYWRlLTcwYzBhNTA2ZDc5Ny8xL0FybUF3UTF4RVBrZl81NE96
clk1MmVkYk5lSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGEBggrBgEF
BQcBBwEB/wR1MHMwYgQCAAEwXAMEAk+HYAMEBG3gwDAMAwQCbeDcAwQAbeDeAwQA
beDpMAwDBABt7KEDBANt7KADBAK5YrwDBADBb8gDBAHDSjwwDAMEANQLQQMEANQL
QjAMAwQA1AtNAwQA1AtOMA0EAgACMAcDBQMqAgW4MBkGCCsGAQUFBwEIAQH/BAow
CKAGMAQCAnPsMA0GCSqGSIb3DQEBCwUAA4IBAQAhmMjgtT9w/gkmbZw5qmJ/hOiZ
1AzON4rD9tBkbl194kSar501IH0Nw5wEu6uLMjfZIp5trQlVysRIFxxi5mGzAMpJ
/SP+UqQhsus8t5RFHpb70G0545hAnm4ZglOcF2fRGyr3YWRFyQYNvpqfObIrvs0g
uXKG0cmXic36AC+18oDpgZBwWBBNngsbGgVoSSbpuoKGEZ/Hp14de6YZDBFKBzRr
C9mR/FDjzZ3KdstawoDwg6+riU5Ia4nv/Cwc0++jXfqHScfX0bPfNpgZk5NQBw0C
S1EPkD8VpkWPoMu48FZwQkiuY+sQjqibyCpxFTkegaphHuiP25nu4rc2VqU9
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:19:50 2024 by rpki-client on console-ams.rpki-client.org