Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
File: DFFAKCWR-ZEvljnuFBK20dz_CGE.cer (raw, json)
Hash identifier: iSwcmXTfbNuTPd5ksgW38CaSJwj+OJGRA6jSRIBSFZU=
Subject key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC500D5C2A83782CB0189D2580FE8D26F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:30:15 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200178
AS: 210016
AS: 211970
IP: 185.72.252.0/22
IP: 185.234.245.0/24
IP: 188.72.0.0 -- 188.72.11.255
IP: 188.72.13.0 -- 188.72.14.255
IP: 188.72.20.0/24
IP: 188.72.23.0 -- 188.72.29.255
IP: 188.72.32.0 -- 188.72.41.255
IP: 188.72.44.0 -- 188.72.63.255
IP: 2a10:e880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d5:c2:a8:37:82:cb:01:89:d2:58:0f:e8:d2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4c:b0:2b:0b:ab:a6:e8:b6:bd:e8:97:52:73:
d2:89:1b:b4:fd:f0:0c:ae:10:14:49:d9:b1:e5:c6:
75:9d:6f:53:c4:5d:2e:1a:59:81:f2:dd:29:b1:60:
e6:ed:8d:01:58:fa:ce:09:f1:df:77:de:a4:c4:62:
4a:0a:31:c9:d6:86:61:a1:c2:ed:23:82:c3:66:d5:
37:a7:a4:f3:69:b2:f0:c4:ff:4a:a5:78:3b:b0:89:
03:71:3d:7b:27:48:93:b7:85:62:b2:b3:8a:00:e5:
50:fc:4f:9d:e0:c4:f4:1b:f2:87:c6:49:14:f2:3f:
05:43:1d:73:05:8b:49:b1:a7:31:b4:ad:f9:45:bc:
03:be:21:78:da:aa:7e:05:c7:ff:c7:31:cc:be:9f:
f5:c7:89:00:1e:bf:d0:bb:5d:76:bc:79:5d:58:f2:
71:39:c0:2a:89:1c:29:b3:ae:e6:fc:77:44:08:3c:
10:fb:3f:90:da:b5:da:8f:9a:a7:60:54:63:be:da:
26:0e:37:6e:47:4b:2d:07:7c:70:d5:e5:2e:29:f2:
c2:f8:7e:59:b0:ae:bf:d0:0b:d8:bf:2d:2a:0e:4b:
0b:da:cd:07:1f:a1:06:e9:38:c7:fb:13:2d:af:a5:
de:86:3a:b3:6f:70:bb:c9:87:f9:5e:6b:0c:ef:45:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.252.0/22
185.234.245.0/24
188.72.0.0-188.72.11.255
188.72.13.0-188.72.14.255
188.72.20.0/24
188.72.23.0-188.72.29.255
188.72.32.0-188.72.41.255
188.72.44.0-188.72.63.255
IPv6:
2a10:e880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200178
210016
211970
Signature Algorithm: sha256WithRSAEncryption
92:54:c7:ce:77:2f:74:76:1d:82:5a:5a:34:24:dd:e9:cb:66:
8d:08:76:72:25:97:10:e6:af:99:94:dd:d0:2d:5f:62:28:9e:
7a:91:0a:8d:b4:6d:ec:38:a2:12:96:ae:ac:6b:36:d4:d1:7a:
f3:14:e0:87:01:72:18:ba:fa:54:23:96:e4:96:4f:be:83:28:
6c:d4:92:c5:40:d2:88:a2:d5:68:79:21:e7:01:b7:71:ae:8b:
0c:00:3b:b9:11:db:84:6b:64:30:a0:a8:27:f9:fe:5d:b5:2e:
b0:62:97:60:88:2c:dd:e8:f4:1d:12:9e:a4:f8:75:29:11:16:
37:dc:b9:44:1e:6a:54:e9:9c:e0:b3:29:90:8c:4a:e1:64:86:
dc:c8:43:ba:16:3c:b0:3c:5e:94:91:4f:03:1a:4d:ea:6e:d9:
8f:5d:78:27:55:46:f0:41:c6:f7:b1:15:43:40:62:85:b3:22:
70:e5:b0:b3:b1:34:7d:61:b6:ff:5e:98:2c:d0:6c:c1:be:e4:
a6:56:89:4a:34:ba:20:01:b0:b0:29:9b:e0:ad:59:5f:84:a1:
a7:07:eb:47:fe:10:f8:7c:77:99:eb:9b:e1:73:dc:ab:6e:3e:
22:71:b7:81:e8:7b:89:4d:74:d1:b9:7b:a7:5e:ae:11:38:a2:
8e:c6:39:77
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYzFANXCqDeCywGJ0lgP6NJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUxNDAyODI1OTFmOTkxMmY5NjM5ZWUxNDEyYjZkMWRjZmYwODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EywKwurpui2veiXUnPSiRu0/fAM
rhAUSdmx5cZ1nW9TxF0uGlmB8t0psWDm7Y0BWPrOCfHfd96kxGJKCjHJ1oZhocLt
I4LDZtU3p6TzabLwxP9KpXg7sIkDcT17J0iTt4VisrOKAOVQ/E+d4MT0G/KHxkkU
8j8FQx1zBYtJsacxtK35RbwDviF42qp+Bcf/xzHMvp/1x4kAHr/Qu112vHldWPJx
OcAqiRwps67m/HdECDwQ+z+Q2rXaj5qnYFRjvtomDjduR0stB3xw1eUuKfLC+H5Z
sK6/0AvYvy0qDksL2s0HH6EG6TjH+xMtr6Xehjqzb3C7yYf5XmsM70WqiwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFAxRQCglkfmRL5Y57hQSttHc/whhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjLzA1NTRh
Mi1kM2Q5LTRmYzQtOGVkNS1kZTkxNDY5ZDM3NzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvMDU1NGEy
LWQzZDktNGZjNC04ZWQ1LWRlOTE0NjlkMzc3Mi8xL0RGRkFLQ1dSLVpFdmxqbnVG
QksyMGR6X0NHRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBdBAIAATBXAwQCuUj8AwQAuer1MAsDAwO8SAMEArxICDAMAwQA
vEgNAwQAvEgOAwQAvEgUMAwDBAC8SBcDBAG8SBwwDAMEBbxIIAMEAbxIKDAMAwQC
vEgsAwQGvEgAMA0EAgACMAcDBQMqEOiAMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8C
AwMN8gIDAzRgAgMDPAIwDQYJKoZIhvcNAQELBQADggEBAJJUx853L3R2HYJaWjQk
3enLZo0IdnIllxDmr5mU3dAtX2IonnqRCo20bew4ohKWrqxrNtTRevMU4IcBchi6
+lQjluSWT76DKGzUksVA0oii1Wh5IecBt3GuiwwAO7kR24RrZDCgqCf5/l21LrBi
l2CILN3o9B0SnqT4dSkRFjfcuUQealTpnOCzKZCMSuFkhtzIQ7oWPLA8XpSRTwMa
Tepu2Y9deCdVRvBBxvexFUNAYoWzInDlsLOxNH1htv9emCzQbMG+5KZWiUo0uiAB
sLApm+CtWV+EoacH60f+EPh8d5nrm+Fz3KtuPiJxt4Hoe4lNdNG5e6derhE4oo7G
OXc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:16:11 2024 by rpki-client on console-ams.rpki-client.org