Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
File: KY2bT7TP4nih65-iA1oInEwlaFg.cer (raw, json)
Hash identifier: Z82OZwYZrlc6X09Pnko0AFWUUsUD+XlNNZTG5j4c6m4=
Subject key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DC20F07EE88E530A3D6C6C53014525
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12643
IP: 146.140.0.0/16
IP: 2001:67c:134::/48
IP: 2001:67c:34c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:20:f0:7e:e8:8e:53:0a:3d:6c:6c:53:01:45:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c8:a1:bd:c9:6f:c5:51:3e:54:fb:08:cc:3f:
29:48:19:fe:17:87:3b:99:21:b4:57:ac:5e:72:72:
d8:a4:76:ca:fa:73:db:65:60:67:a9:3c:9a:91:65:
43:dd:6c:4f:12:1a:e2:93:f3:0d:5a:4d:bc:22:65:
7e:c7:b9:9d:3c:f6:ba:ce:b4:c0:10:4a:ff:e7:1c:
d6:2a:09:7e:ac:9f:55:90:d5:19:a2:36:fe:42:dc:
9e:a3:ac:ad:dc:c2:24:c7:72:ce:00:99:87:17:37:
10:2f:d4:88:3b:2c:44:08:9b:a3:4e:24:03:6c:5e:
f8:2c:df:61:ef:51:85:30:3b:19:fa:c0:ce:33:b2:
8b:2d:67:df:f2:cc:08:64:9a:d5:cd:11:c0:4f:17:
dc:19:c9:24:bf:3b:1b:70:59:a2:5e:b9:4b:77:ea:
96:6c:62:72:b2:b6:52:ea:d9:f9:61:a1:10:df:e5:
d7:36:a9:bf:80:ac:16:8a:83:08:10:c6:16:8b:e7:
f8:dd:f3:0f:0a:ed:5b:a5:8a:d4:68:3a:12:0f:b5:
9f:19:5f:23:30:02:37:98:62:ea:31:e7:ea:ae:5b:
4c:ff:82:f1:3e:7f:4b:cd:bd:be:6e:d7:93:98:3d:
2c:03:50:80:c3:1c:4c:18:02:c2:2a:cc:cc:f3:15:
de:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.140.0.0/16
IPv6:
2001:67c:134::/48
2001:67c:34c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12643
Signature Algorithm: sha256WithRSAEncryption
97:88:b2:36:23:14:30:c3:d6:c6:54:d6:0c:75:81:29:49:1f:
5d:b8:58:a6:22:0c:c0:81:1d:78:e1:73:c5:b8:9b:1d:e1:b8:
ef:d0:0f:0b:5c:7a:cb:8d:48:53:92:9a:28:13:6e:f7:10:7e:
2e:d1:67:a8:19:77:69:d4:c9:65:ad:c4:96:b5:56:29:cf:c6:
c5:0e:2f:36:57:a8:9e:ef:97:f1:c0:73:b2:17:92:3e:9f:ef:
b9:bd:86:b0:b8:0e:a4:a8:21:dd:22:fc:8c:fe:b6:68:a6:ad:
52:79:a7:cd:f7:62:ae:97:11:b3:15:0a:dd:7d:7c:81:a8:a0:
d7:a6:aa:72:7c:fb:88:d0:46:8d:63:58:4a:17:d7:8c:9f:0f:
c0:23:31:d8:69:78:ce:2a:a3:82:a5:e9:55:3d:9d:95:ed:e8:
77:3c:c8:95:f4:ea:bd:32:e9:86:ad:71:30:a7:64:e3:1c:86:
10:c3:72:ee:a0:fe:98:85:7b:51:e4:6b:c1:04:3e:b9:15:32:
7d:06:70:3e:b9:b7:be:24:8b:a4:8a:1e:e7:e8:a6:a4:af:96:
d2:61:e1:13:8c:b3:64:38:28:6f:ef:62:b3:6c:55:05:19:9d:
d5:d7:09:46:a6:00:9d:f9:4d:57:b8:80:55:49:0f:df:17:cd:
e9:99:b8:20
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYzF3CDwfuiOUwo9bGxTAUUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThkOWI0ZmI0Y2ZlMjc4YTFlYjlmYTIwMzVhMDg5YzRjMjU2ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMihvclvxVE+VPsIzD8pSBn+F4c7
mSG0V6xecnLYpHbK+nPbZWBnqTyakWVD3WxPEhrik/MNWk28ImV+x7mdPPa6zrTA
EEr/5xzWKgl+rJ9VkNUZojb+Qtyeo6yt3MIkx3LOAJmHFzcQL9SIOyxECJujTiQD
bF74LN9h71GFMDsZ+sDOM7KLLWff8swIZJrVzRHATxfcGckkvzsbcFmiXrlLd+qW
bGJysrZS6tn5YaEQ3+XXNqm/gKwWioMIEMYWi+f43fMPCu1bpYrUaDoSD7WfGV8j
MAI3mGLqMefqrltM/4LxPn9Lzb2+bteTmD0sA1CAwxxMGALCKszM8xXeBwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFCmNm0+0z+J4oeufogNaCJxMJWhYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5LzczNzcw
My1jOGMxLTQ2ODItYmIwMi1kODAwYmRkNjg2ZTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvNzM3NzAz
LWM4YzEtNDY4Mi1iYjAyLWQ4MDBiZGQ2ODZlMy8xL0tZMmJUN1RQNG5paDY1LWlB
MW9JbkV3bGFGZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzALBAIAATAFAwMAkowwGAQCAAIwEgMHACABBnwBNAMHACABBnwD
TDAZBggrBgEFBQcBCAEB/wQKMAigBjAEAgIxYzANBgkqhkiG9w0BAQsFAAOCAQEA
l4iyNiMUMMPWxlTWDHWBKUkfXbhYpiIMwIEdeOFzxbibHeG479APC1x6y41IU5Ka
KBNu9xB+LtFnqBl3adTJZa3ElrVWKc/GxQ4vNleonu+X8cBzsheSPp/vub2GsLgO
pKgh3SL8jP62aKatUnmnzfdirpcRsxUK3X18gaig16aqcnz7iNBGjWNYShfXjJ8P
wCMx2Gl4ziqjgqXpVT2dle3odzzIlfTqvTLphq1xMKdk4xyGEMNy7qD+mIV7UeRr
wQQ+uRUyfQZwPrm3viSLpIoe5+impK+W0mHhE4yzZDgob+9is2xVBRmd1dcJRqYA
nflNV7iAVUkP3xfN6Zm4IA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:07:13 2024 by rpki-client on console-fra.rpki-client.org