Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CNOlFWg-nduF0456s5wzrtrK9-8.cer
File: CNOlFWg-nduF0456s5wzrtrK9-8.cer (raw, json)
Hash identifier: vBkySXW2KIKJICVZtTAOU0u5vOppt+5qX8m+u97yufc=
Subject key identifier: 08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DE57EB09992E676E8F8185082EBF9A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:03 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 42229
AS: 60134
AS: 211653
IP: 45.144.204.0/22
IP: 45.152.156.0/22
IP: 185.1.90.0/24
IP: 185.1.242.0/24
IP: 185.158.252.0/22
IP: 193.30.129.0/24
IP: 213.232.248.0/24
IP: 2001:7f8:b2::/48
IP: 2001:7f8:12c::/48
IP: 2a0c:e40::/29
IP: 2a0c:5046::/31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:57:eb:09:99:2e:67:6e:8f:81:85:08:2e:bf:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d3a515683e9ddb85d38e7ab39c33aedacaf7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5a:77:0f:22:f5:c4:1e:24:85:b6:4c:7e:cb:
c4:25:75:b3:f0:66:6a:71:28:84:15:81:bf:40:14:
ec:50:40:6f:97:45:fd:73:52:05:93:15:8c:bf:4a:
06:7a:5b:c8:9a:4d:25:ea:0b:38:bc:4f:3e:73:4c:
42:18:b3:29:f8:67:1a:bc:35:be:4c:b1:99:00:5b:
37:d4:96:a7:d7:16:d8:a7:70:df:3c:e4:bd:d0:87:
21:2f:5a:13:72:d6:68:e5:04:15:d7:d6:31:01:a1:
b4:fb:fb:cf:70:9a:cd:16:29:93:cd:3d:4b:d8:d3:
43:07:ec:73:00:54:b7:e6:87:1f:0c:38:44:5a:3e:
5e:2a:3c:ba:69:4b:43:2e:6b:fa:8f:09:af:02:c8:
d4:40:1b:f3:be:a5:ba:87:90:15:5a:4b:08:2a:7f:
9c:23:56:8f:e6:e2:b4:61:b9:9e:4e:fc:11:6f:0c:
15:48:fe:75:39:d0:bf:d3:51:e6:c3:e0:dd:dc:64:
77:62:21:d6:4d:b4:59:be:ef:24:7b:a6:8f:ad:91:
b4:ed:6e:8c:00:1d:0b:1c:20:35:ef:47:5d:c2:21:
e2:31:5d:2f:3e:5e:81:71:81:d2:8d:a0:d1:b2:33:
2a:dd:fd:8c:1e:90:92:63:c4:c7:27:96:b7:e1:86:
f0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D3:A5:15:68:3E:9D:DB:85:D3:8E:7A:B3:9C:33:AE:DA:CA:F7:EF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/67cfa0-a32b-4063-9370-0b5c5d94426a/1/CNOlFWg-nduF0456s5wzrtrK9-8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
185.1.90.0/24
185.1.242.0/24
185.158.252.0/22
193.30.129.0/24
213.232.248.0/24
IPv6:
2001:7f8:b2::/48
2001:7f8:12c::/48
2a0c:e40::/29
2a0c:5046::/31
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
42229
60134
211653
Signature Algorithm: sha256WithRSAEncryption
1e:db:5d:2c:e1:4d:b1:68:3d:0c:f5:14:07:83:7e:cc:29:8c:
3d:34:48:5b:21:69:10:63:57:b1:e6:6f:3a:89:5c:4a:a4:dc:
ec:f4:38:50:ae:61:f8:df:ca:84:89:0b:9e:ea:f1:ca:15:0d:
5d:10:1d:37:93:af:3f:ef:19:39:7f:c7:7f:41:72:2e:97:a2:
d7:4c:43:20:75:31:93:10:3e:6a:cf:ef:87:62:b3:6d:dd:a5:
90:45:21:97:1f:8f:29:de:66:1c:b0:50:38:05:f2:7e:f3:50:
7e:9f:17:9d:16:52:ce:b0:c0:da:45:52:d5:b4:62:62:22:1a:
ee:b2:56:37:6c:e5:5c:9f:f1:f3:32:da:67:c2:19:02:21:62:
e2:6d:93:61:92:f8:f0:da:27:fa:3a:7b:33:7e:1b:68:a5:99:
1b:2a:c4:ca:6a:f5:b4:04:55:7f:32:3b:c7:da:a0:f1:dc:ee:
18:dd:c9:53:21:35:c0:74:91:7c:c4:98:af:16:05:4e:58:e7:
67:bc:19:35:b5:f8:19:27:6e:e2:81:aa:83:cc:5e:9c:60:0e:
5c:a9:be:f0:86:13:a5:21:2c:44:38:aa:75:24:b3:1c:c2:3c:
f0:46:00:48:03:bb:be:a0:09:1f:d3:f3:ea:69:fd:56:08:84:
1f:93:99:d6
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAYzI3lfrCZkuZ26PgYUILr+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQzYTUxNTY4M2U5ZGRiODVkMzhlN2FiMzljMzNhZWRhY2FmN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilp3DyL1xB4khbZMfsvEJXWz8GZq
cSiEFYG/QBTsUEBvl0X9c1IFkxWMv0oGelvImk0l6gs4vE8+c0xCGLMp+GcavDW+
TLGZAFs31Jan1xbYp3DfPOS90IchL1oTctZo5QQV19YxAaG0+/vPcJrNFimTzT1L
2NNDB+xzAFS35ocfDDhEWj5eKjy6aUtDLmv6jwmvAsjUQBvzvqW6h5AVWksIKn+c
I1aP5uK0YbmeTvwRbwwVSP51OdC/01Hmw+Dd3GR3YiHWTbRZvu8ke6aPrZG07W6M
AB0LHCA170ddwiHiMV0vPl6BcYHSjaDRsjMq3f2MHpCSY8THJ5a34YbwCQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFAjTpRVoPp3bhdOOerOcM67ayvfvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5LzY3Y2Zh
MC1hMzJiLTQwNjMtOTM3MC0wYjVjNWQ5NDQyNmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvNjdjZmEw
LWEzMmItNDA2My05MzcwLTBiNWM1ZDk0NDI2YS8xL0NOT2xGV2ctbmR1RjA0NTZz
NXd6cnRySzktOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGsGCCsGAQUF
BwEHAQH/BFwwWjAwBAIAATAqAwQCLZDMAwQCLZicAwQAuQFaAwQAuQHyAwQCuZ78
AwQAwR6BAwQA1ej4MCYEAgACMCADBwAgAQf4ALIDBwAgAQf4ASwDBQMqDA5AAwUB
KgxQRjAkBggrBgEFBQcBCAEB/wQVMBOgETAPAgMApPUCAwDq5gIDAzrFMA0GCSqG
SIb3DQEBCwUAA4IBAQAe210s4U2xaD0M9RQHg37MKYw9NEhbIWkQY1ex5m86iVxK
pNzs9DhQrmH438qEiQue6vHKFQ1dEB03k68/7xk5f8d/QXIul6LXTEMgdTGTED5q
z++HYrNt3aWQRSGXH48p3mYcsFA4BfJ+81B+nxedFlLOsMDaRVLVtGJiIhruslY3
bOVcn/HzMtpnwhkCIWLibZNhkvjw2if6OnszfhtopZkbKsTKavW0BFV/MjvH2qDx
3O4Y3clTITXAdJF8xJivFgVOWOdnvBk1tfgZJ27igaqDzF6cYA5cqb7whhOlISxE
OKp1JLMcwjzwRgBIA7u+oAkf0/Pqaf1WCIQfk5nW
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:02:14 2024 by rpki-client on console-fra.rpki-client.org