Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IPDErRxLDFNu0YcjyKlaNI0ov2U.cer
File: IPDErRxLDFNu0YcjyKlaNI0ov2U.cer (raw, json)
Hash identifier: EQcPCOLYbivo8ecNAcuOXm8kLsGed7fRTdQJCh8Lip4=
Subject key identifier: 20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC79405411AE922A2F2A0276BA897F2E6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/IPDErRxLDFNu0YcjyKlaNI0ov2U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:15 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 59689
IP: 185.3.128.0/22
IP: 2a02:5cc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:05:41:1a:e9:22:a2:f2:a0:27:6b:a8:97:f2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20f0c4ad1c4b0c536ed18723c8a95a348d28bf65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:58:0d:1e:31:e6:3d:91:3c:24:3e:04:61:2a:
9b:5a:58:34:4f:e6:db:9d:25:8b:6e:ef:3c:18:65:
55:1f:26:97:80:65:ee:d9:cb:39:e7:92:f0:8a:38:
75:f0:6c:a9:b8:b8:59:d4:b7:dc:bb:91:a3:4f:85:
3c:52:8e:5d:6a:e3:a3:5c:6b:2a:18:03:27:c1:95:
8e:8c:78:0e:10:2d:07:6e:ac:7d:cf:d7:b1:0b:a2:
80:2c:22:1b:79:1a:b2:c5:fe:17:86:49:a8:9a:d8:
b1:a1:a6:97:1b:e9:34:fc:bf:bc:27:c8:b3:ca:1a:
54:ca:40:eb:73:fe:27:23:7a:c5:c2:7b:71:14:d6:
9d:b4:7f:e1:df:4a:00:88:df:2c:ad:05:b9:b1:f6:
69:b4:cf:c7:a8:ad:fe:d7:e3:80:b1:9e:cd:bb:92:
7a:26:d4:4a:21:71:da:1e:f7:37:d2:96:9c:fe:fd:
f9:fa:19:e6:7a:29:bd:c7:12:7d:03:a5:75:8b:82:
03:1f:1f:a2:f0:15:fc:36:b1:2e:d6:14:1d:c2:85:
cb:f5:ba:3f:31:a9:96:ba:9d:02:be:1f:7e:b4:95:
2e:8b:48:28:59:81:4b:09:56:6f:02:98:39:6b:64:
e8:29:1f:e6:51:4c:e2:37:9c:92:03:f8:8b:7d:cc:
11:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/IPDErRxLDFNu0YcjyKlaNI0ov2U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.128.0/22
IPv6:
2a02:5cc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59689
Signature Algorithm: sha256WithRSAEncryption
69:6a:4b:30:2d:59:67:7c:fc:08:20:4a:56:1f:fe:75:90:5b:
f4:df:65:11:0a:65:07:05:e8:8e:b8:8d:04:31:7b:b5:64:19:
4a:7a:58:6f:5a:37:73:4d:76:0e:24:34:ba:3c:94:d3:2b:57:
4d:95:8f:06:16:d6:48:ed:0e:90:cd:53:28:e6:20:58:3a:16:
2f:bb:5c:8d:aa:3d:f3:e4:65:08:64:e5:8e:b7:87:e8:9b:8b:
b2:f5:7b:c1:80:12:86:07:33:b3:2f:89:71:ef:5c:90:e6:3a:
f5:37:da:11:f5:bd:f9:7b:b3:62:4d:5e:94:70:3a:04:c9:b2:
a8:e2:8b:86:29:0e:d7:84:16:82:47:f2:d9:60:d8:07:d9:ae:
a5:29:0b:8d:80:85:1c:da:e4:e4:b6:cc:39:0b:33:5d:20:cf:
cf:90:0e:a8:4c:ae:79:22:55:fb:87:26:bd:30:10:81:8d:39:
bc:97:88:1c:a8:40:23:fa:13:3c:c5:27:3f:91:37:7f:d6:78:
5a:5c:08:d1:0a:65:89:8c:c2:5f:82:d3:0e:22:3e:bb:b8:f8:
17:9a:88:0b:7a:74:a7:e2:57:e1:34:a3:a9:80:32:7b:89:37:
e9:09:10:f0:95:23:19:43:30:8b:c0:84:4b:7b:62:c5:27:cc:
a6:e1:9a:0d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHlAVBGukiovKgJ2uol/LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGYwYzRhZDFjNGIwYzUzNmVkMTg3MjNjOGE5NWEzNDhkMjhiZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlgNHjHmPZE8JD4EYSqbWlg0T+bb
nSWLbu88GGVVHyaXgGXu2cs555Lwijh18GypuLhZ1Lfcu5GjT4U8Uo5dauOjXGsq
GAMnwZWOjHgOEC0Hbqx9z9exC6KALCIbeRqyxf4XhkmomtixoaaXG+k0/L+8J8iz
yhpUykDrc/4nI3rFwntxFNadtH/h30oAiN8srQW5sfZptM/HqK3+1+OAsZ7Nu5J6
JtRKIXHaHvc30pac/v35+hnmeim9xxJ9A6V1i4IDHx+i8BX8NrEu1hQdwoXL9bo/
MamWup0Cvh9+tJUui0goWYFLCVZvApg5a2ToKR/mUUziN5ySA/iLfcwRuwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCDwxK0cSwxTbtGHI8ipWjSNKL9lMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M5LzVjYWFi
Ny0wZWIwLTQyOWYtYTdiMC1lN2Q0NTUxYzE5YWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvNWNhYWI3
LTBlYjAtNDI5Zi1hN2IwLWU3ZDQ1NTFjMTlhYi8xL0lQREVyUnhMREZOdTBZY2p5
S2xhTkkwb3YyVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuQOAMA0EAgACMAcDBQAqAlzAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDpKTANBgkqhkiG9w0BAQsFAAOCAQEAaWpLMC1ZZ3z8
CCBKVh/+dZBb9N9lEQplBwXojriNBDF7tWQZSnpYb1o3c012DiQ0ujyU0ytXTZWP
BhbWSO0OkM1TKOYgWDoWL7tcjao98+RlCGTljreH6JuLsvV7wYAShgczsy+Jce9c
kOY69TfaEfW9+XuzYk1elHA6BMmyqOKLhikO14QWgkfy2WDYB9mupSkLjYCFHNrk
5LbMOQszXSDPz5AOqEyueSJV+4cmvTAQgY05vJeIHKhAI/oTPMUnP5E3f9Z4WlwI
0QpliYzCX4LTDiI+u7j4F5qIC3p0p+JX4TSjqYAye4k36QkQ8JUjGUMwi8CES3ti
xSfMpuGaDQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 12:26:11 2024 by rpki-client on console-ams.rpki-client.org