Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
File: HJnOvgzwmQOQPRnBygrmJCF2SFk.cer (raw, json)
Hash identifier: N1o0oNoOwvGENtJQ7luLc37JnkN6r90VpB5m4bc3VtE=
Subject key identifier: 1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018F29CED7CE1705E853944FC2C1C71EE8C5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 29 Apr 2024 12:22:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 16186
IP: 89.105.48.0/20
IP: 151.249.112.0/21
IP: 185.88.10.0/24
IP: 185.115.252.0/22
IP: 185.116.4.0/22
IP: 185.206.48.0/22
IP: 185.234.92.0/22
IP: 194.156.192.0/22
IP: 213.179.32.0/20
IP: 2001:820::/32
IP: 2a01:160::/32
IP: 2a01:a840::/32
IP: 2a07:40::/29
IP: 2a07:e140::/29
IP: 2a0b:1040::/29
IP: 2a0d:f00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:ce:d7:ce:17:05:e8:53:94:4f:c2:c1:c7:1e:e8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 29 12:22:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:82:e1:d2:43:16:13:9c:7e:06:80:ce:75:
5c:92:2d:e2:b8:e6:79:81:c2:1c:0f:a9:1b:4b:77:
ad:90:44:91:d2:b1:53:3c:dc:19:e9:b3:05:09:0a:
79:40:39:db:62:19:fb:ff:d1:d3:30:dc:b1:84:2a:
2a:02:12:a1:e4:33:88:df:1b:20:ad:8d:5b:34:2c:
86:f4:07:23:56:11:28:14:25:24:50:51:80:54:13:
a5:f5:c4:29:48:6c:b0:e2:5f:81:d6:b7:d1:08:c4:
ee:a5:87:4e:20:df:74:1e:f9:51:20:d6:c0:e0:ec:
56:20:8a:5a:18:da:61:17:e1:48:d2:7d:1e:56:4f:
fa:1d:18:91:38:3c:ed:08:29:32:89:f2:fa:d1:b7:
25:c1:c0:08:fe:0d:0c:0b:b1:6b:f9:7b:ce:78:0e:
be:8b:d0:f2:79:c0:4c:7e:6b:8a:72:e1:00:ed:9e:
a3:2d:44:15:71:26:f1:35:60:db:4a:e4:b2:0b:7e:
d8:61:b3:28:e4:75:c5:e3:b1:6b:48:49:da:55:71:
a1:d9:cc:a9:7f:83:29:69:a8:79:84:ff:f7:e6:23:
be:b8:fa:00:97:ed:75:bb:ec:d6:f1:4e:69:1c:91:
8c:7d:13:9f:af:77:2f:25:a2:18:e8:d1:58:da:0b:
64:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.48.0/20
151.249.112.0/21
185.88.10.0/24
185.115.252.0/22
185.116.4.0/22
185.206.48.0/22
185.234.92.0/22
194.156.192.0/22
213.179.32.0/20
IPv6:
2001:820::/32
2a01:160::/32
2a01:a840::/32
2a07:40::/29
2a07:e140::/29
2a0b:1040::/29
2a0d:f00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16186
Signature Algorithm: sha256WithRSAEncryption
7f:e4:1c:5c:cc:85:81:fe:4e:34:ba:27:6a:47:76:db:5a:75:
d3:06:6a:31:95:81:90:5b:51:16:37:1b:8e:8e:b9:65:99:cb:
cd:c0:41:6b:58:bf:8f:d1:0d:ca:a1:5d:01:95:c8:fd:41:ca:
41:df:9d:47:ae:ce:20:a6:03:55:00:17:64:c5:19:39:6d:da:
72:76:6a:7e:3f:c6:28:a2:8f:e3:b8:87:6d:7c:11:95:af:36:
54:3f:4e:2e:ca:c5:ef:91:2c:11:f9:f4:41:14:46:ae:79:22:
18:c1:f0:fc:a3:f4:37:77:c4:3c:9a:3b:b9:bf:36:14:37:a5:
85:74:fb:10:7f:9c:e5:93:b6:bd:e1:bd:52:5e:5c:fe:4f:c7:
62:07:20:9f:1d:66:a5:5a:b3:ae:4e:7a:37:0d:b8:1c:74:81:
22:c8:51:f6:dc:9e:2e:2d:03:ff:cb:eb:2a:dc:45:33:6e:6c:
0a:3a:c1:64:f6:31:15:bc:7b:16:4e:b6:cf:c3:16:6a:33:f5:
bd:f9:40:51:78:bd:b5:99:c4:62:bf:79:bf:86:24:f5:47:f1:
66:b9:b5:36:3c:d9:de:c3:70:92:4f:ac:91:24:c6:c4:f7:36:
d5:cc:1b:16:28:0a:68:4b:82:3a:a5:3f:8d:92:c9:54:50:3a:
43:35:da:68
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAY8pztfOFwXoU5RPwsHHHujFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDI5MTIyMjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5Y2ViZTBjZjA5OTAzOTAzZDE5YzFjYTBhZTYyNDIxNzY0ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1KC4dJDFhOcfgaAznVcki3iuOZ5
gcIcD6kbS3etkESR0rFTPNwZ6bMFCQp5QDnbYhn7/9HTMNyxhCoqAhKh5DOI3xsg
rY1bNCyG9AcjVhEoFCUkUFGAVBOl9cQpSGyw4l+B1rfRCMTupYdOIN90HvlRINbA
4OxWIIpaGNphF+FI0n0eVk/6HRiRODztCCkyifL60bclwcAI/g0MC7Fr+XvOeA6+
i9DyecBMfmuKcuEA7Z6jLUQVcSbxNWDbSuSyC37YYbMo5HXF47FrSEnaVXGh2cyp
f4Mpaah5hP/35iO+uPoAl+11u+zW8U5pHJGMfROfr3cvJaIY6NFY2gtkwQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFByZzr4M8JkDkD0ZwcoK5iQhdkhZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzNmZWEx
YS01N2JjLTQ5M2EtOWEzZS04YzI1YjVmYjI3NmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvM2ZlYTFh
LTU3YmMtNDkzYS05YTNlLThjMjViNWZiMjc2Zi8xL0hKbk92Z3p3bVFPUVBSbkJ5
Z3JtSkNGMlNGay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGIBggrBgEF
BQcBBwEB/wR5MHcwPAQCAAEwNgMEBFlpMAMEA5f5cAMEALlYCgMEArlz/AMEArl0
BAMEArnOMAMEArnqXAMEAsKcwAMEBNWzIDA3BAIAAjAxAwUAIAEIIAMFACoBAWAD
BQAqAahAAwUDKgcAQAMFAyoH4UADBQMqCxBAAwUDKg0PADAZBggrBgEFBQcBCAEB
/wQKMAigBjAEAgI/OjANBgkqhkiG9w0BAQsFAAOCAQEAf+QcXMyFgf5ONLonakd2
21p10wZqMZWBkFtRFjcbjo65ZZnLzcBBa1i/j9ENyqFdAZXI/UHKQd+dR67OIKYD
VQAXZMUZOW3acnZqfj/GKKKP47iHbXwRla82VD9OLsrF75EsEfn0QRRGrnkiGMHw
/KP0N3fEPJo7ub82FDelhXT7EH+c5ZO2veG9Ul5c/k/HYgcgnx1mpVqzrk56Nw24
HHSBIshR9tyeLi0D/8vrKtxFM25sCjrBZPYxFbx7Fk62z8MWajP1vflAUXi9tZnE
Yr95v4Yk9UfxZrm1NjzZ3sNwkk+skSTGxPc21cwbFigKaEuCOqU/jZLJVFA6QzXa
aA==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:03:34 2024 by rpki-client on console-fra.rpki-client.org