Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
File: Iyrza5wHnaCRgn2j0HycilI2y1Q.cer (raw, json)
Hash identifier: b8yIuu2B8VmbYVnnfieUTH1b1xFAqF4JAAClDwkz31Q=
Subject key identifier: 23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC424C0E6C19B8A7799AE6716F6D0CD8A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:29:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200984
IP: 185.89.180.0/22
IP: 2a05:da00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c0:e6:c1:9b:8a:77:99:ae:67:16:f6:d0:cd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=232af36b9c079da091827da3d07c9c8a5236cb54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1b:5b:a7:c0:9b:e9:ad:41:03:e2:8e:32:c7:
5d:75:3b:f5:63:78:3e:28:7f:d8:28:42:31:79:2b:
dc:bb:9e:6f:d4:56:35:44:82:8e:b9:96:38:3a:2c:
60:95:ee:ef:2c:ac:b9:d4:b8:61:fd:c2:cd:d5:52:
41:08:c4:e0:65:af:86:79:1e:c3:12:62:6a:a3:48:
e4:91:da:99:c6:25:b1:89:06:f2:b9:64:ac:04:34:
6f:77:58:15:43:be:71:7e:33:14:5c:25:4e:0e:3c:
bd:2a:69:f1:86:d0:8a:2b:b1:91:d6:e6:d7:2e:8c:
3c:ab:d9:17:03:7e:5f:3c:fc:84:bd:b1:28:7f:53:
fd:72:33:4b:89:10:da:08:ba:af:b2:23:4c:29:77:
18:70:10:95:24:5a:26:18:0b:60:1e:28:96:f9:df:
6b:36:0a:9b:45:5e:94:a2:ab:44:93:71:c2:64:8c:
7d:b1:42:cd:d1:ae:b9:99:6e:a5:7e:02:d6:72:0d:
f0:54:c0:45:6e:5f:be:37:5f:51:3c:8c:b4:b4:15:
c0:60:0e:86:7b:31:29:b9:7a:33:21:38:c5:4d:4c:
71:72:08:b5:a3:3e:5f:03:b1:39:52:d1:0b:3f:5a:
29:04:df:35:f5:e4:f2:8b:6f:bb:67:64:05:a8:ba:
0d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.180.0/22
IPv6:
2a05:da00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200984
Signature Algorithm: sha256WithRSAEncryption
23:bc:66:59:7e:da:0d:c2:aa:3c:0e:76:9d:49:78:9c:50:43:
dd:11:90:9f:a2:98:3f:76:8e:f7:3f:39:b2:c3:9f:58:dc:a6:
d4:81:bc:67:a1:50:d6:72:2c:83:e9:6a:5f:e5:df:a0:b5:97:
44:26:39:61:27:8f:e7:59:a8:9d:61:9e:88:ff:f4:6a:32:be:
42:75:f3:0a:8d:26:66:a7:88:78:b6:cd:c9:b7:ee:37:46:47:
96:e7:2a:c3:80:39:be:5a:38:7d:76:9c:ec:b1:2a:ff:4c:1e:
b2:03:56:ae:66:ae:63:fe:f0:26:bd:f1:18:e3:cd:d4:99:a1:
b1:97:40:25:6d:b5:42:90:d5:d6:55:6c:73:e2:b5:a5:5e:31:
67:38:f7:ab:98:ec:89:f8:7e:7c:95:18:94:a1:eb:2e:f0:c9:
c4:9f:82:e0:54:9a:43:b5:ae:40:69:c8:5c:34:28:e9:07:51:
82:b2:28:b2:57:75:86:8b:5a:73:ea:a9:ae:93:af:de:33:6d:
e0:28:de:55:fc:96:44:00:23:47:f2:99:df:d3:42:87:92:85:
83:2b:f0:13:9d:e3:a9:0b:26:bb:3c:49:8a:50:da:b5:f6:54:
dd:da:98:31:a4:a8:e1:f3:58:9c:08:93:f4:d5:03:a2:25:5a:
d6:a2:c4:7b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzEJMDmwZuKd5muZxb20M2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJhZjM2YjljMDc5ZGEwOTE4MjdkYTNkMDdjOWM4YTUyMzZjYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxtbp8Cb6a1BA+KOMsdddTv1Y3g+
KH/YKEIxeSvcu55v1FY1RIKOuZY4Oixgle7vLKy51Lhh/cLN1VJBCMTgZa+GeR7D
EmJqo0jkkdqZxiWxiQbyuWSsBDRvd1gVQ75xfjMUXCVODjy9KmnxhtCKK7GR1ubX
Low8q9kXA35fPPyEvbEof1P9cjNLiRDaCLqvsiNMKXcYcBCVJFomGAtgHiiW+d9r
NgqbRV6UoqtEk3HCZIx9sULN0a65mW6lfgLWcg3wVMBFbl++N19RPIy0tBXAYA6G
ezEpuXozITjFTUxxcgi1oz5fA7E5UtELP1opBN819eTyi2+7Z2QFqLoNfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCMq82ucB52gkYJ9o9B8nIpSNstUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U1L2MyZmQz
My1mZDQ0LTRlMDgtYjQyNC1hYTEwNDUyMjBiNWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUvYzJmZDMz
LWZkNDQtNGUwOC1iNDI0LWFhMTA0NTIyMGI1Yi8xL0l5cnphNXdIbmFDUmduMmow
SHljaWxJMnkxUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuVm0MA0EAgACMAcDBQMqBdoAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMRGDANBgkqhkiG9w0BAQsFAAOCAQEAI7xmWX7aDcKq
PA52nUl4nFBD3RGQn6KYP3aO9z85ssOfWNym1IG8Z6FQ1nIsg+lqX+XfoLWXRCY5
YSeP51monWGeiP/0ajK+QnXzCo0mZqeIeLbNybfuN0ZHlucqw4A5vlo4fXac7LEq
/0wesgNWrmauY/7wJr3xGOPN1JmhsZdAJW21QpDV1lVsc+K1pV4xZzj3q5jsifh+
fJUYlKHrLvDJxJ+C4FSaQ7WuQGnIXDQo6QdRgrIosld1hotac+qprpOv3jNt4Cje
VfyWRAAjR/KZ39NCh5KFgyvwE53jqQsmuzxJilDatfZU3dqYMaSo4fNYnAiT9NUD
oiVa1qLEew==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:10:46 2024 by rpki-client on console-fra.rpki-client.org