Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer
File: DsodW91QNE_174hKZg6C66g7wNs.cer (raw, json)
Hash identifier: fRK71dWFhbg0TcvdBsVlcj4+3xdix/5WCwQHIivJM5g=
Subject key identifier: 0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7941E48BE880468A214401D0BEF19B5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:22 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 3327
IP: 62.128.96.0/19
IP: 87.98.0.0/17
IP: 89.219.0.0/22
IP: 89.219.128.0/22
IP: 89.219.134.0 -- 89.219.154.255
IP: 89.219.161.0 -- 89.219.162.255
IP: 89.219.168.0/24
IP: 195.137.179.0/24
IP: 195.222.0.0/19
IP: 212.27.224.0/19
IP: 212.47.192.0/19
IP: 212.49.0.0/19
IP: 217.28.240.0/20
IP: 2001:7f8:39::/48
IP: 2001:ad0::/32
IP: 2a01:80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1e:48:be:88:04:68:a2:14:40:1d:0b:ef:19:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:42:10:95:45:92:47:b7:d2:47:56:3e:1b:
98:49:69:b1:ed:25:0c:8c:11:a5:e9:1d:df:18:ea:
13:92:6a:dc:b4:8d:8a:c4:88:03:fc:75:21:16:cb:
56:d7:e7:da:48:63:76:6d:9b:7d:0b:8a:ef:d1:a7:
44:73:02:e4:71:fb:c3:9b:9c:91:ea:03:45:e9:c8:
cb:0d:0f:9c:8b:86:75:b5:57:6c:1e:75:b9:0d:cf:
fb:c4:ad:ae:6a:b5:f1:df:bf:0e:a5:6c:83:af:11:
10:ae:25:e5:59:2b:46:e7:b1:68:b2:5e:54:6f:09:
f7:cb:4f:94:13:c4:e5:b3:86:c8:8b:0e:76:49:6f:
5a:9c:3e:88:c2:86:e4:aa:69:d0:2c:b4:30:2a:1b:
81:82:68:7d:2b:6a:b1:55:e2:07:e0:ab:74:06:5d:
79:35:90:52:1f:1c:fb:c6:cb:4c:45:d8:e8:41:5e:
21:70:3c:3f:6d:49:aa:fb:cf:f1:f6:a0:9e:ac:25:
39:5e:bb:92:ec:2b:b5:3c:a1:c9:02:77:76:eb:52:
1c:84:52:00:72:57:86:15:66:45:cf:23:5e:46:7c:
08:4e:41:70:a3:18:2c:6b:e5:f1:2f:3e:39:2c:a6:
d1:b6:4d:84:ce:14:77:11:25:bc:98:c2:47:73:e5:
8b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.96.0/19
87.98.0.0/17
89.219.0.0/22
89.219.128.0/22
89.219.134.0-89.219.154.255
89.219.161.0-89.219.162.255
89.219.168.0/24
195.137.179.0/24
195.222.0.0/19
212.27.224.0/19
212.47.192.0/19
212.49.0.0/19
217.28.240.0/20
IPv6:
2001:7f8:39::/48
2001:ad0::/32
2a01:80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3327
Signature Algorithm: sha256WithRSAEncryption
a0:3c:6c:c8:e1:fa:04:5a:87:d7:49:a8:bb:a0:10:3f:36:8e:
e7:af:75:d0:00:f3:1b:4a:7a:da:32:a2:19:1f:85:35:2d:5b:
4d:69:1d:d7:76:eb:bc:0c:f6:9d:b6:2e:5d:9d:a8:fa:71:5c:
88:28:3e:41:13:9e:d7:85:64:07:d2:b0:45:41:33:a3:63:51:
34:4c:99:b0:1f:97:44:43:92:91:c1:1a:e0:23:5f:8c:db:0e:
b9:7d:98:d0:3c:3d:55:49:a5:8e:9f:f9:b7:1f:99:02:d7:d5:
aa:90:20:d4:f3:ed:e5:8e:38:d0:d0:c4:97:a5:34:67:cc:ce:
e9:3e:c9:00:93:d4:51:c3:eb:74:3e:cd:23:b3:01:c3:69:cd:
59:99:3d:1f:f8:23:59:32:ff:47:d3:eb:2b:cf:1a:46:22:53:
a9:19:ab:84:26:ee:95:ae:33:67:2a:15:44:5b:fc:6d:66:5f:
1c:fa:24:3a:9d:ab:f5:e8:b2:70:21:b3:cb:84:71:f5:32:f0:
aa:1c:6e:c4:10:3b:07:4e:74:de:af:a9:3e:01:7f:86:91:d1:
e7:65:af:fb:6a:9b:4d:68:f7:ec:85:fe:24:33:bd:5e:29:d0:
ae:50:cc:66:99:cd:6e:5b:17:22:18:d0:e5:50:1c:b3:c3:a1:
97:44:95:63
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYzHlB5IvogEaKIUQB0L7xm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNhMWQ1YmRkNTAzNDRmZjVlZjg4NGE2NjBlODJlYmE4M2JjMGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqVCEJVFkke30kdWPhuYSWmx7SUM
jBGl6R3fGOoTkmrctI2KxIgD/HUhFstW1+faSGN2bZt9C4rv0adEcwLkcfvDm5yR
6gNF6cjLDQ+ci4Z1tVdsHnW5Dc/7xK2uarXx378OpWyDrxEQriXlWStG57Fosl5U
bwn3y0+UE8Tls4bIiw52SW9anD6IwobkqmnQLLQwKhuBgmh9K2qxVeIH4Kt0Bl15
NZBSHxz7xstMRdjoQV4hcDw/bUmq+8/x9qCerCU5XruS7Cu1PKHJAnd261IchFIA
cleGFWZFzyNeRnwITkFwoxgsa+XxLz45LKbRtk2EzhR3ESW8mMJHc+WLPwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFA7KHVvdUDRP9e+ISmYOguuoO8DbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2JlN2Zj
Yi0wNzU1LTRjMWUtYWM3Ny03YzdmMDBhOTUzZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvYmU3ZmNi
LTA3NTUtNGMxZS1hYzc3LTdjN2YwMGE5NTNlMS8xL0Rzb2RXOTFRTkVfMTc0aEta
ZzZDNjZnN3dOcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGYBggrBgEF
BQcBBwEB/wSBiDCBhTBkBAIAATBeAwQFPoBgAwQHV2IAAwQCWdsAAwQCWduAMAwD
BAFZ24YDBABZ25owDAMEAFnboQMEAFnbogMEAFnbqAMEAMOJswMEBcPeAAMEBdQb
4AMEBdQvwAMEBdQxAAMEBNkc8DAdBAIAAjAXAwcAIAEH+AA5AwUAIAEK0AMFACoB
AIAwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICDP8wDQYJKoZIhvcNAQELBQADggEB
AKA8bMjh+gRah9dJqLugED82juevddAA8xtKetoyohkfhTUtW01pHdd267wM9p22
Ll2dqPpxXIgoPkETnteFZAfSsEVBM6NjUTRMmbAfl0RDkpHBGuAjX4zbDrl9mNA8
PVVJpY6f+bcfmQLX1aqQINTz7eWOONDQxJelNGfMzuk+yQCT1FHD63Q+zSOzAcNp
zVmZPR/4I1ky/0fT6yvPGkYiU6kZq4Qm7pWuM2cqFURb/G1mXxz6JDqdq/XosnAh
s8uEcfUy8KocbsQQOwdOdN6vqT4Bf4aR0edlr/tqm01o9+yF/iQzvV4p0K5QzGaZ
zW5bFyIY0OVQHLPDoZdElWM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:40:16 2024 by rpki-client on console-fra.rpki-client.org