Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
File: KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer (raw, json)
Hash identifier: bEYt8QiZQrULIsE2qCRpezggxnBFsy2Fiv39+Wqh5b8=
Subject key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DD1ACC5CE69A2B03DB0854C3A1DE52
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:29:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 49720
IP: 91.236.224.0/22
IP: 185.168.128.0/22
IP: 185.250.20.0/22
IP: 193.107.136.0/22
IP: 195.182.194.0/23
IP: 2a0a:700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:1a:cc:5c:e6:9a:2b:03:db:08:54:c3:a1:de:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:eb:87:9e:65:5e:2f:53:fe:0d:a3:91:90:61:
ed:ac:c7:e9:d4:59:95:2f:13:cb:ef:80:73:ca:38:
9e:23:77:1c:b6:5e:df:91:4a:67:8f:ee:fd:39:75:
52:86:8e:cd:bc:05:53:98:bd:cf:3c:f0:d2:40:a7:
19:f4:89:0d:07:7f:ca:05:72:6a:36:79:52:18:26:
45:bd:66:7d:ce:e1:b2:03:20:2f:fe:a3:96:a3:f6:
1a:bc:51:b7:2d:b5:a9:9f:53:a7:5a:37:40:0b:89:
83:6d:31:bb:f0:57:1b:73:60:5e:aa:19:cb:aa:ac:
c4:3b:1f:d4:97:fd:1c:7c:4f:98:01:3f:d8:52:fb:
ce:0c:dd:b1:9d:52:d6:27:76:2d:2d:f4:ec:e5:17:
a1:e2:a0:a8:20:6c:57:8d:58:ba:ca:8b:68:72:72:
44:69:97:98:09:74:10:c9:5c:b2:04:e4:c6:02:0e:
54:2a:3f:ad:25:d8:11:2e:15:51:4b:56:4e:1a:d3:
19:cb:9a:df:f4:bf:53:c6:f8:15:0d:5c:37:7e:28:
72:06:94:43:b9:4c:d4:82:54:ed:b0:cc:59:e4:e6:
15:f4:e2:38:a7:38:c4:ff:b4:25:c8:93:dd:d8:7d:
58:47:fd:7e:1c:88:17:a0:c1:6d:61:85:77:a7:12:
a3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.224.0/22
185.168.128.0/22
185.250.20.0/22
193.107.136.0/22
195.182.194.0/23
IPv6:
2a0a:700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49720
Signature Algorithm: sha256WithRSAEncryption
90:95:e8:dc:83:63:26:3f:76:55:dd:c3:3a:a0:d0:f4:62:c9:
c1:fd:b3:3d:e5:cb:a9:ff:50:16:7e:0a:ad:8a:8c:24:ee:4c:
e6:65:3a:dd:e0:a7:31:a2:32:71:eb:88:cb:fd:67:a9:db:81:
74:5c:90:85:d7:1a:57:cb:1a:ac:56:f5:90:54:85:08:68:a6:
fd:b9:e9:20:3b:d0:d0:f4:db:f2:d1:21:2c:1d:65:0a:8e:ad:
ea:8f:b8:fc:c3:c3:b9:63:10:73:9f:92:c9:e7:2a:12:5e:81:
7e:26:54:7f:66:a8:71:e1:29:5b:b0:8d:a6:fb:5a:ab:c3:e5:
7e:76:4f:d1:76:38:8b:96:a4:e6:24:be:7c:2a:56:7d:02:72:
37:7e:e0:5d:db:3c:a0:8e:c9:a3:fc:6b:c5:bf:82:47:6e:e3:
1a:0b:64:bf:39:2c:bf:51:45:dd:0a:ce:06:7a:d1:1e:b1:5c:
b1:e4:9b:29:bd:95:6a:bb:47:9c:8c:11:64:30:ae:fd:b4:ea:
25:52:8c:f1:47:fc:3a:35:98:8c:6e:6d:9e:8b:75:2b:e4:f4:
3b:8d:86:8c:94:41:c8:0a:e0:06:2b:b6:78:85:b4:f3:15:5b:
64:c3:2a:e9:98:80:ae:74:9d:c3:cf:82:9b:a8:25:ea:6c:53:
96:da:3b:c7
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYzI3RrMXOaaKwPbCFTDod5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQyZmU2NDY2ZDA3MDk0YTQyNTZkYTJjYzg0NzA4M2M1MDA2YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveuHnmVeL1P+DaORkGHtrMfp1FmV
LxPL74BzyjieI3cctl7fkUpnj+79OXVSho7NvAVTmL3PPPDSQKcZ9IkNB3/KBXJq
NnlSGCZFvWZ9zuGyAyAv/qOWo/YavFG3LbWpn1OnWjdAC4mDbTG78Fcbc2BeqhnL
qqzEOx/Ul/0cfE+YAT/YUvvODN2xnVLWJ3YtLfTs5Reh4qCoIGxXjVi6yotocnJE
aZeYCXQQyVyyBOTGAg5UKj+tJdgRLhVRS1ZOGtMZy5rf9L9TxvgVDVw3fihyBpRD
uUzUglTtsMxZ5OYV9OI4pzjE/7QlyJPd2H1YR/1+HIgXoMFtYYV3pxKjwQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFCrS/mRm0HCUpCVtosyEcIPFAGsaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4LzhhMzFm
My03YWNmLTQ3YjQtYjk3Yi1mYTMxZTJkYzZhYmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgvOGEzMWYz
LTdhY2YtNDdiNC1iOTdiLWZhMzFlMmRjNmFiYi8xL0t0TC1aR2JRY0pTa0pXMml6
SVJ3ZzhVQWF4by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQCW+zgAwQCuaiAAwQCufoUAwQCwWuIAwQBw7bC
MA0EAgACMAcDBQMqCgcAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwDCODANBgkq
hkiG9w0BAQsFAAOCAQEAkJXo3INjJj92Vd3DOqDQ9GLJwf2zPeXLqf9QFn4KrYqM
JO5M5mU63eCnMaIyceuIy/1nqduBdFyQhdcaV8sarFb1kFSFCGim/bnpIDvQ0PTb
8tEhLB1lCo6t6o+4/MPDuWMQc5+SyecqEl6BfiZUf2aoceEpW7CNpvtaq8PlfnZP
0XY4i5ak5iS+fCpWfQJyN37gXds8oI7Jo/xrxb+CR27jGgtkvzksv1FF3QrOBnrR
HrFcseSbKb2VartHnIwRZDCu/bTqJVKM8Uf8OjWYjG5tnot1K+T0O42GjJRByArg
Biu2eIW08xVbZMMq6ZiArnSdw8+Cm6gl6mxTlto7xw==
-----END CERTIFICATE-----
Generated at Fri May 3 02:53:08 2024 by rpki-client on console-fra.rpki-client.org