Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
File: IMotTLPla10plwqX_GResv1odqE.cer (raw, json)
Hash identifier: YozUFafkpZg7lh7szV+0p2DyfA/7cuynObt8sLORa+w=
Subject key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DB184FF0846211B040DBA5A5E6D21F7EB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 16 Feb 2024 10:44:59 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 37.18.74.0 -- 37.18.77.255
IP: 37.230.152.0/22
IP: 37.230.248.0/24
IP: 62.113.58.0 -- 62.113.63.255
IP: 85.92.116.0 -- 85.92.118.255
IP: 128.0.66.0/23
IP: 141.101.204.0/24
IP: 141.101.228.0/24
IP: 141.101.231.0/24
IP: 178.170.225.0/24
IP: 2a0d:b1c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:84:ff:08:46:21:1b:04:0d:ba:5a:5e:6d:21:f7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 16 10:44:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:89:04:15:60:67:a8:e1:ec:e2:39:8e:6e:
77:d7:d1:db:a1:fd:51:94:f9:30:ed:17:ac:cf:da:
b1:19:2b:e7:af:01:3c:15:70:6e:92:d5:18:3f:19:
a6:26:08:ff:92:e0:8a:dd:3f:53:13:02:a7:2f:7d:
5b:b5:35:b0:f8:5c:8e:ea:06:43:64:3b:2b:dc:71:
20:48:6c:9d:21:98:f7:4b:e8:e2:c0:06:c7:a5:92:
7b:09:ec:e5:4d:13:c2:07:b1:f8:79:47:d9:35:72:
e4:dd:a1:05:99:99:82:75:fd:26:4c:13:24:c3:04:
1b:46:df:6c:ed:4d:9d:b5:d2:72:43:35:6a:35:54:
34:f8:1d:af:b3:c5:ff:88:15:e7:5c:c2:ea:28:46:
a7:32:3a:21:e6:fb:25:38:75:d2:ab:8e:51:dc:aa:
95:fc:82:72:dc:79:b4:7d:39:6f:30:44:25:35:f0:
2e:c3:46:19:e2:6f:fc:24:14:5a:c4:e6:fe:07:77:
8a:40:e4:2c:08:69:2f:e0:b6:1a:cf:b5:c6:81:ec:
34:e5:c4:a8:86:c5:f5:91:35:5d:5a:7f:80:00:ab:
e6:09:33:84:25:95:a7:b8:2b:08:cf:3f:c6:ec:1d:
d7:1b:eb:3d:2b:c7:c1:cd:be:22:7c:06:b4:84:b4:
3e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.74.0-37.18.77.255
37.230.152.0/22
37.230.248.0/24
62.113.58.0-62.113.63.255
85.92.116.0-85.92.118.255
128.0.66.0/23
141.101.204.0/24
141.101.228.0/24
141.101.231.0/24
178.170.225.0/24
IPv6:
2a0d:b1c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:6e:17:ae:8a:92:57:40:af:91:db:3e:43:58:a3:6b:e5:0c:
2f:2b:80:3c:d1:cb:e0:6b:94:2b:41:2d:06:73:1a:39:19:a1:
e3:52:78:6e:b1:23:a5:45:70:ac:9c:a7:50:ea:cf:1a:4e:6f:
f6:58:18:ed:ff:54:c5:3d:be:b4:dc:9c:56:27:f7:b0:4b:df:
12:2e:53:e6:25:9e:cf:11:dd:05:dc:11:f1:44:b0:e0:b4:40:
7f:f1:c9:1b:a2:b1:06:6a:c8:09:c4:04:0a:38:96:34:1a:28:
3b:dc:71:65:75:dd:a2:39:75:c4:d0:38:e4:a5:f0:5c:9e:36:
e9:8e:7e:43:a3:be:e7:8f:c4:9a:20:9d:7c:26:8d:10:0c:15:
98:ee:50:1c:4b:fd:c4:c8:f0:14:9e:f4:69:92:62:77:42:39:
78:05:f3:b2:c5:65:24:cb:9f:1e:52:05:7c:a9:5c:ef:5b:80:
ad:6e:53:d9:28:f2:e2:7e:2c:fc:50:58:f2:68:65:33:6a:e8:
e0:89:fc:65:5d:c1:ff:4d:05:c6:45:21:53:88:17:b3:97:ba:
9e:eb:b7:ca:5f:c6:95:68:de:e3:93:fd:4f:52:36:3a:ef:57:
18:23:e4:0f:c1:44:4a:e7:4e:7e:73:4f:b0:0d:b9:7f:4f:29:
c8:cd:33:1f
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAY2xhP8IRiEbBA26Wl5tIffrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjE2MTA0NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGNhMmQ0Y2IzZTU2YjVkMjk5NzBhOTdmYzY0NWViMmZkNjg3NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXKJBBVgZ6jh7OI5jm5319Hbof1R
lPkw7Resz9qxGSvnrwE8FXBuktUYPxmmJgj/kuCK3T9TEwKnL31btTWw+FyO6gZD
ZDsr3HEgSGydIZj3S+jiwAbHpZJ7CezlTRPCB7H4eUfZNXLk3aEFmZmCdf0mTBMk
wwQbRt9s7U2dtdJyQzVqNVQ0+B2vs8X/iBXnXMLqKEanMjoh5vslOHXSq45R3KqV
/IJy3Hm0fTlvMEQlNfAuw0YZ4m/8JBRaxOb+B3eKQOQsCGkv4LYaz7XGgew05cSo
hsX1kTVdWn+AAKvmCTOEJZWnuCsIzz/G7B3XG+s9K8fBzb4ifAa0hLQ+fwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFCDKLUyz5WtdKZcKl/xkXrL9aHahMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzJjMjgx
Ny0zNzAxLTQ3ODMtOGZiZC1lZWM0ODg1YzRmOGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvMmMyODE3
LTM3MDEtNDc4My04ZmJkLWVlYzQ4ODVjNGY4ZC8xL0lNb3RUTFBsYTEwcGx3cVhf
R1Jlc3Yxb2RxRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHwGCCsGAQUF
BwEHAQH/BG0wazBaBAIAATBUMAwDBAElEkoDBAElEkwDBAIl5pgDBAAl5vgwDAME
AT5xOgMEBj5xADAMAwQCVVx0AwQAVVx2AwQBgABCAwQAjWXMAwQAjWXkAwQAjWXn
AwQAsqrhMA0EAgACMAcDBQMqDbHAMA0GCSqGSIb3DQEBCwUAA4IBAQAzbheuipJX
QK+R2z5DWKNr5QwvK4A80cvga5QrQS0Gcxo5GaHjUnhusSOlRXCsnKdQ6s8aTm/2
WBjt/1TFPb603JxWJ/ewS98SLlPmJZ7PEd0F3BHxRLDgtEB/8ckborEGasgJxAQK
OJY0Gig73HFldd2iOXXE0DjkpfBcnjbpjn5Do77nj8SaIJ18Jo0QDBWY7lAcS/3E
yPAUnvRpkmJ3Qjl4BfOyxWUky58eUgV8qVzvW4CtblPZKPLifiz8UFjyaGUzaujg
ifxlXcH/TQXGRSFTiBezl7qe67fKX8aVaN7jk/1PUjY671cYI+QPwURK505+c0+w
Dbl/TynIzTMf
-----END CERTIFICATE-----
Generated at Thu Apr 18 01:57:11 2024 by rpki-client on console-ams.rpki-client.org