Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer
File: CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer (raw, json)
Hash identifier: 88sOgw1vmpvOBzT80KBawkE3d5T9UPcAGqz4xgb9kBQ=
Subject key identifier: 09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4935FF806E13B0A36AF70C2FA7264BF
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47474
IP: 37.130.248.0/21
IP: 46.18.216.0/21
IP: 62.64.140.0/22
IP: 62.64.160.0 -- 62.64.255.255
IP: 79.98.160.0/21
IP: 89.197.0.0/16
IP: 95.138.200.0/21
IP: 128.127.24.0/21
IP: 185.20.60.0/22
IP: 193.115.192.0/18
IP: 193.117.128.0/17
IP: 2a01:a000::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5f:f8:06:e1:3b:0a:36:af:70:c2:fa:72:64:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=097b5d1490b385a2f80c2a0324fe98e351091490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:75:ea:ab:4f:ff:10:ee:83:b0:d9:1b:a7:82:
48:af:b4:d9:fb:5d:46:99:9b:95:0c:6b:1a:ca:2a:
a2:43:00:23:fd:0f:b5:10:79:fa:88:0a:5f:ec:3f:
b5:97:75:30:1e:ab:38:52:a9:3c:05:42:d4:b3:60:
a0:94:cf:66:95:bb:77:a2:f1:0d:88:7e:14:aa:f0:
22:a6:0f:1f:5e:a1:f8:ad:7c:f7:76:e7:aa:13:9a:
7f:cb:00:4d:1f:df:20:5e:0d:7f:be:03:56:2b:e3:
76:8d:0b:75:0a:3a:da:f3:1d:a6:ce:74:c4:91:0a:
30:d0:8a:d0:e9:6c:56:90:32:fe:69:bf:2f:3f:2c:
74:85:ad:45:10:c3:4f:4b:44:c6:94:3b:59:e8:40:
31:72:06:1d:8f:48:92:a3:56:27:b6:8b:60:33:05:
f9:e7:dc:82:79:d4:4d:46:51:f2:a9:01:b7:0c:a9:
ee:73:09:9a:88:82:1a:01:ca:ef:46:3e:bf:02:ba:
3d:44:e3:4c:10:a4:16:11:eb:fc:b1:bb:9a:90:26:
87:d5:48:f6:d6:3b:c8:89:e1:13:1b:20:ae:8f:b4:
cc:9a:16:47:0f:8c:5b:67:10:5c:f8:82:0d:48:4e:
8a:12:17:e7:2c:6e:86:0f:30:98:ed:4b:88:c0:12:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.248.0/21
46.18.216.0/21
62.64.140.0/22
62.64.160.0-62.64.255.255
79.98.160.0/21
89.197.0.0/16
95.138.200.0/21
128.127.24.0/21
185.20.60.0/22
193.115.192.0/18
193.117.128.0/17
IPv6:
2a01:a000::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47474
Signature Algorithm: sha256WithRSAEncryption
07:5d:0c:32:f6:58:82:12:27:d6:62:75:c0:02:0e:8e:9e:15:
00:9c:0f:a9:7d:ef:8f:a7:9c:49:da:f1:b1:e0:c3:6a:27:89:
53:3a:89:a5:21:33:51:60:ca:7b:60:76:2e:d4:d1:77:fc:42:
f0:40:93:f8:67:e2:a8:70:52:a7:b1:8e:0d:1a:3a:73:e5:8f:
a6:98:cc:40:ac:52:e7:14:15:a0:c5:36:64:17:8f:56:d4:7b:
f9:9f:90:c7:cd:1a:4f:94:e8:c4:c6:0b:64:fd:6e:91:11:4f:
7a:7e:56:9d:39:71:24:6b:9a:d6:af:a1:86:71:87:58:42:9a:
2f:5c:be:88:e3:00:02:5c:a1:e4:de:f9:98:92:9f:1b:12:3c:
21:ac:56:78:c7:ba:91:cd:11:d7:f1:bb:6c:21:ae:b0:33:fc:
68:6f:1e:7e:b6:f5:82:58:b3:72:dc:40:8c:9d:ab:3c:7c:db:
51:7a:34:29:24:bd:83:6f:ae:65:71:ab:08:bc:c1:47:74:2f:
c0:30:59:6d:66:c0:bb:6e:3e:50:53:a7:b5:f6:ff:8e:3d:da:
16:b8:1a:91:a4:70:5a:4e:2a:90:72:44:43:f7:e5:f7:78:42:
c5:bf:44:c8:71:5a:3d:96:48:fb:d3:82:d5:2d:66:63:d2:26:
58:a4:d7:d1
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYzEk1/4BuE7CjavcML6cmS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdiNWQxNDkwYjM4NWEyZjgwYzJhMDMyNGZlOThlMzUxMDkxNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Xqq0//EO6DsNkbp4JIr7TZ+11G
mZuVDGsayiqiQwAj/Q+1EHn6iApf7D+1l3UwHqs4Uqk8BULUs2CglM9mlbt3ovEN
iH4UqvAipg8fXqH4rXz3dueqE5p/ywBNH98gXg1/vgNWK+N2jQt1Cjra8x2mznTE
kQow0IrQ6WxWkDL+ab8vPyx0ha1FEMNPS0TGlDtZ6EAxcgYdj0iSo1YntotgMwX5
59yCedRNRlHyqQG3DKnucwmaiIIaAcrvRj6/Aro9RONMEKQWEev8sbuakCaH1Uj2
1jvIieETGyCuj7TMmhZHD4xbZxBc+IINSE6KEhfnLG6GDzCY7UuIwBLWAQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFAl7XRSQs4Wi+AwqAyT+mONRCRSQMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0LzdlMzgx
Ni04YzhlLTQ3YTAtOTRlYy00ZmM5ZjBkMmFjYTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQvN2UzODE2
LThjOGUtNDdhMC05NGVjLTRmYzlmMGQyYWNhMy8xL0NYdGRGSkN6aGFMNERDb0RK
UDZZNDFFSkZKQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHAGCCsGAQUF
BwEHAQH/BGEwXzBOBAIAATBIAwQDJYL4AwQDLhLYAwQCPkCMMAsDBAU+QKADAwA+
QAMEA09ioAMDAFnFAwQDX4rIAwQDgH8YAwQCuRQ8AwQGwXPAAwQHwXWAMA0EAgAC
MAcDBQAqAaAAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC5cjANBgkqhkiG9w0B
AQsFAAOCAQEAB10MMvZYghIn1mJ1wAIOjp4VAJwPqX3vj6ecSdrxseDDaieJUzqJ
pSEzUWDKe2B2LtTRd/xC8ECT+GfiqHBSp7GODRo6c+WPppjMQKxS5xQVoMU2ZBeP
VtR7+Z+Qx80aT5ToxMYLZP1ukRFPen5WnTlxJGua1q+hhnGHWEKaL1y+iOMAAlyh
5N75mJKfGxI8IaxWeMe6kc0R1/G7bCGusDP8aG8efrb1glizctxAjJ2rPHzbUXo0
KSS9g2+uZXGrCLzBR3QvwDBZbWbAu24+UFOntfb/jj3aFrgakaRwWk4qkHJEQ/fl
93hCxb9EyHFaPZZI+9OC1S1mY9ImWKTX0Q==
-----END CERTIFICATE-----
Generated at Fri May 3 10:01:40 2024 by rpki-client on console-fra.rpki-client.org