Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
File: IlS8wDKT460OGaej_Rsc-9NMCZA.cer (raw, json)
Hash identifier: Gyi+8uXpkPO0u0QzLT7R/hkJIaSr7b8H9VOaRVBKQyU=
Subject key identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC72573625022053B3C5492DDEED9A539
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:29:29 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 209886
IP: 85.235.88.0/22
IP: 2a10:1ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:73:62:50:22:05:3b:3c:54:92:dd:ee:d9:a5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a7:ee:be:66:e9:21:d9:65:1e:80:41:78:31:
76:c5:ca:40:d7:ec:10:dd:65:c5:eb:27:12:e3:03:
0f:9b:d6:6f:ad:e7:65:08:a2:7e:98:71:90:62:7e:
39:9f:30:59:f4:c5:6a:84:87:14:67:3c:ef:72:e5:
5d:64:84:ce:39:e6:a9:12:81:1b:24:92:3f:56:6b:
f3:27:3f:38:2e:d1:e2:9f:4d:4a:3b:88:09:f9:f7:
b3:3a:f2:81:2e:5a:67:cc:58:53:f2:b8:7d:c8:f4:
d2:7c:9b:45:bd:a1:2f:d9:10:cf:66:e9:07:09:8d:
0f:ec:34:f5:3b:13:b7:27:a4:d3:b7:ed:91:66:ae:
1c:da:03:dd:7e:51:f1:24:45:84:38:16:f0:8e:89:
43:01:7e:cc:7a:5d:e0:e9:75:14:6e:ff:bf:5e:97:
13:3a:b4:b7:d7:84:7f:d1:63:35:21:46:7b:96:86:
f4:62:e6:a9:7a:38:f9:12:83:89:4d:39:37:2f:5f:
09:1d:d3:19:f2:6f:3f:04:7e:64:09:fc:ac:c8:17:
08:23:d4:28:e2:46:ac:e0:a9:ce:a7:87:b6:59:bb:
36:43:98:43:06:08:e8:90:7e:1c:d1:f8:2b:2b:69:
7d:c2:32:7a:fa:0e:d1:0d:18:2c:7b:d7:78:00:0a:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.88.0/22
IPv6:
2a10:1ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209886
Signature Algorithm: sha256WithRSAEncryption
0d:e7:b1:fb:f1:46:c4:ca:08:b6:74:65:87:ec:43:22:97:76:
77:af:36:e3:07:32:ef:b6:ae:a9:ec:d9:13:aa:62:ca:bf:c9:
88:ab:f7:3b:93:48:d6:d0:44:f6:f6:9c:c9:7f:bd:70:17:52:
c0:5f:55:36:8d:ab:4f:c3:ad:29:c3:cf:63:72:65:8e:31:e0:
76:7c:53:6f:45:ac:2a:b8:fb:46:8b:74:ff:7a:43:d8:1a:21:
ef:1a:b9:1d:fe:fc:f8:d0:d4:e4:34:2f:7f:0b:6c:03:a8:03:
b8:69:33:5e:c1:b0:93:0d:38:97:6b:4a:71:f9:bf:01:0c:db:
c8:b2:e3:4f:2d:32:f7:24:a2:6b:17:ff:06:0a:b3:4e:46:b8:
4e:92:fe:b5:48:dc:23:ea:77:cb:17:8b:75:fe:8f:ef:74:41:
2a:82:6f:df:7d:8d:da:1c:d4:79:7f:dd:04:2b:08:ad:18:77:
3b:99:b4:e0:13:dc:5b:7b:e7:e2:2e:b3:7d:6c:cf:b8:d3:df:
70:17:ab:d4:ed:62:a4:36:70:cd:56:f0:97:85:f8:b7:f4:be:
6b:1a:f3:16:c8:5a:ba:8b:cb:78:ed:30:ff:8a:60:f3:66:69:
48:be:b3:2e:06:29:c7:8a:a6:81:41:2e:fe:8f:7c:bc:88:c2:
77:40:50:56
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHJXNiUCIFOzxUkt3u2aU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU0YmNjMDMyOTNlM2FkMGUxOWE3YTNmZDFiMWNmYmQzNGMwOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyafuvmbpIdllHoBBeDF2xcpA1+wQ
3WXF6ycS4wMPm9ZvredlCKJ+mHGQYn45nzBZ9MVqhIcUZzzvcuVdZITOOeapEoEb
JJI/VmvzJz84LtHin01KO4gJ+fezOvKBLlpnzFhT8rh9yPTSfJtFvaEv2RDPZukH
CY0P7DT1OxO3J6TTt+2RZq4c2gPdflHxJEWEOBbwjolDAX7Mel3g6XUUbv+/XpcT
OrS314R/0WM1IUZ7lob0Yuapejj5EoOJTTk3L18JHdMZ8m8/BH5kCfysyBcII9Qo
4kas4KnOp4e2Wbs2Q5hDBgjokH4c0fgrK2l9wjJ6+g7RDRgse9d4AApICwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCJUvMAyk+OtDhmno/0bHPvTTAmQMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2L2EzYTUz
MC0yNWFhLTQwMjMtOWE4MC00ZTM0N2Q1NTFjM2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvYTNhNTMw
LTI1YWEtNDAyMy05YTgwLTRlMzQ3ZDU1MWMzZi8xL0lsUzh3REtUNDYwT0dhZWpf
UnNjLTlOTUNaQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCVetYMA0EAgACMAcDBQMqEBrAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMz3jANBgkqhkiG9w0BAQsFAAOCAQEADeex+/FGxMoI
tnRlh+xDIpd2d6824wcy77auqezZE6piyr/JiKv3O5NI1tBE9vacyX+9cBdSwF9V
No2rT8OtKcPPY3JljjHgdnxTb0WsKrj7Rot0/3pD2Boh7xq5Hf78+NDU5DQvfwts
A6gDuGkzXsGwkw04l2tKcfm/AQzbyLLjTy0y9ySiaxf/BgqzTka4TpL+tUjcI+p3
yxeLdf6P73RBKoJv332N2hzUeX/dBCsIrRh3O5m04BPcW3vn4i6zfWzPuNPfcBer
1O1ipDZwzVbwl4X4t/S+axrzFshauovLeO0w/4pg82ZpSL6zLgYpx4qmgUEu/o98
vIjCd0BQVg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 13:08:29 2024 by rpki-client on console-fra.rpki-client.org