Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer
File: L4Z1RXWU1-dAqu7y59fv0CI5xhc.cer (raw, json)
Hash identifier: y06d8yvCq7+UVefXnU7zRL6V521NStY0WeC8shKmjgQ=
Subject key identifier: 2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019306536913B509B304329F278E0B1DEBB7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/L4Z1RXWU1-dAqu7y59fv0CI5xhc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 07 Nov 2024 11:12:29 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47583
AS: 204915
IP: 2.57.88.0/22
IP: 31.170.160.0/21
IP: 31.220.16.0/21
IP: 31.220.48.0/20
IP: 31.220.104.0/21
IP: 45.13.132.0/22
IP: 45.13.252.0/22
IP: 45.87.80.0/22
IP: 45.93.136.0/22
IP: 93.188.160.0/21
IP: 141.136.33.0 -- 141.136.36.255
IP: 141.136.39.0/24
IP: 141.136.41.0 -- 141.136.47.255
IP: 153.92.0.0/20
IP: 153.92.208.0/20
IP: 156.67.64.0/20
IP: 156.67.208.0/20
IP: 185.28.20.0/22
IP: 185.77.96.0/23
IP: 194.11.154.0/23
IP: 194.11.214.0/23
IP: 195.110.58.0/23
IP: 212.1.208.0/21
IP: 2a02:4780::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:53:69:13:b5:09:b3:04:32:9f:27:8e:0b:1d:eb:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 7 11:12:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f8675457594d7e740aaeef2e7d7efd02239c617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:e2:25:c2:7e:da:65:05:d9:26:7c:dc:bc:
a0:50:28:44:ef:3d:56:3d:20:58:f3:e6:d2:ab:70:
ec:f2:99:2f:4b:2a:a1:45:5a:26:c3:bc:d7:c3:b2:
9b:e7:2b:15:73:91:e2:e7:93:9b:aa:61:46:d9:7f:
b5:25:7d:d0:c4:54:77:ba:8e:90:ea:a1:98:87:b3:
b8:55:3d:2d:57:cc:5e:ea:85:72:fe:6d:15:dd:49:
40:30:fa:77:dc:6d:f0:14:b5:fa:f9:32:e7:d2:07:
ea:29:8e:6f:56:9d:4f:c9:e5:bc:fb:9f:93:19:02:
27:b5:a5:f9:db:28:e5:9e:36:ad:d5:41:04:6c:22:
c4:d5:6a:ef:39:a2:74:33:79:bc:a6:25:6d:62:7c:
a8:e5:4c:fd:2f:cb:54:b4:31:9d:80:23:e5:fd:92:
22:19:68:e7:13:7a:4e:a1:e9:46:a1:32:95:b7:1c:
3b:81:28:d4:b7:3f:97:cb:00:25:94:14:31:5c:84:
9c:58:b8:5b:9c:98:5b:8e:62:2d:8e:68:ef:4b:8e:
66:cf:95:21:60:32:94:b3:35:d1:92:7f:f4:34:dd:
de:63:46:54:9c:3e:be:c0:19:34:98:19:94:e8:b3:
59:36:ad:ba:fc:50:a0:cc:7f:6d:47:b5:d7:ed:26:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:86:75:45:75:94:D7:E7:40:AA:EE:F2:E7:D7:EF:D0:22:39:C6:17
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4cd4ca-c195-4bc4-bb9f-1031ae1eb032/1/L4Z1RXWU1-dAqu7y59fv0CI5xhc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.88.0/22
31.170.160.0/21
31.220.16.0/21
31.220.48.0/20
31.220.104.0/21
45.13.132.0/22
45.13.252.0/22
45.87.80.0/22
45.93.136.0/22
93.188.160.0/21
141.136.33.0-141.136.36.255
141.136.39.0/24
141.136.41.0-141.136.47.255
153.92.0.0/20
153.92.208.0/20
156.67.64.0/20
156.67.208.0/20
185.28.20.0/22
185.77.96.0/23
194.11.154.0/23
194.11.214.0/23
195.110.58.0/23
212.1.208.0/21
IPv6:
2a02:4780::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47583
204915
Signature Algorithm: sha256WithRSAEncryption
97:94:f4:d9:d4:bc:08:da:e0:6e:af:44:26:48:da:ed:d6:38:
6a:71:83:35:26:5d:57:ea:73:d0:50:3f:c0:94:5d:2c:3d:61:
a8:a3:bc:4b:c1:00:ae:76:69:5e:a2:b0:b9:90:e1:28:6c:d6:
d4:ca:4e:f3:f8:df:d5:54:b2:ed:9f:9a:12:b7:15:c9:17:e3:
02:cd:c3:8f:08:ef:4f:20:fc:d7:6b:91:d7:89:bd:71:86:fa:
a4:76:b1:8b:ef:d2:29:26:64:4e:4a:00:b1:33:b1:8a:33:85:
f0:37:1b:5b:24:ed:4b:fc:ca:da:a9:63:d3:04:b8:33:56:a8:
85:05:31:82:4f:ed:e1:e9:b5:10:ca:bd:de:cd:87:84:65:23:
15:2d:f4:19:09:69:7c:a3:0b:92:02:15:ad:5d:32:e1:55:8b:
f6:4e:7a:d7:eb:db:ab:e0:a9:90:02:a2:f1:f1:b0:13:bf:14:
eb:8e:42:cc:51:c3:17:d9:d7:b1:71:e8:70:fe:aa:7d:e9:0c:
15:9a:41:86:c2:50:16:aa:26:f0:fa:4a:67:43:b4:c0:5a:d7:
ce:2f:5a:8b:a6:56:ac:00:74:14:f6:a7:6b:45:33:7a:1b:2d:
86:83:b4:97:97:df:85:9b:c0:f0:c7:57:5f:9f:15:26:b5:9b:
a1:9d:41:6c
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZMGU2kTtQmzBDKfJ44LHeu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTA3MTExMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg2NzU0NTc1OTRkN2U3NDBhYWVlZjJlN2Q3ZWZkMDIyMzljNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTTiJcJ+2mUF2SZ83LygUChE7z1W
PSBY8+bSq3Ds8pkvSyqhRVomw7zXw7Kb5ysVc5Hi55ObqmFG2X+1JX3QxFR3uo6Q
6qGYh7O4VT0tV8xe6oVy/m0V3UlAMPp33G3wFLX6+TLn0gfqKY5vVp1PyeW8+5+T
GQIntaX52yjlnjat1UEEbCLE1WrvOaJ0M3m8piVtYnyo5Uz9L8tUtDGdgCPl/ZIi
GWjnE3pOoelGoTKVtxw7gSjUtz+XywAllBQxXIScWLhbnJhbjmItjmjvS45mz5Uh
YDKUszXRkn/0NN3eY0ZUnD6+wBk0mBmU6LNZNq26/FCgzH9tR7XX7SbW3QIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFC+GdUV1lNfnQKru8ufX79AiOcYXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVlLzRjZDRj
YS1jMTk1LTRiYzQtYmI5Zi0xMDMxYWUxZWIwMzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUvNGNkNGNh
LWMxOTUtNGJjNC1iYjlmLTEwMzFhZTFlYjAzMi8xL0w0WjFSWFdVMS1kQXF1N3k1
OWZ2MENJNXhoYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHGBggrBgEF
BQcBBwEB/wSBtjCBszCBoQQCAAEwgZoDBAICOVgDBAMfqqADBAMf3BADBAQf3DAD
BAMf3GgDBAItDYQDBAItDfwDBAItV1ADBAItXYgDBANdvKAwDAMEAI2IIQMEAI2I
JAMEAI2IJzAMAwQAjYgpAwQEjYggAwQEmVwAAwQEmVzQAwQEnENAAwQEnEPQAwQC
uRwUAwQBuU1gAwQBwguaAwQBwgvWAwQBw246AwQD1AHQMA0EAgACMAcDBQAqAkeA
MB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwC53wIDAyBzMA0GCSqGSIb3DQEBCwUA
A4IBAQCXlPTZ1LwI2uBur0QmSNrt1jhqcYM1Jl1X6nPQUD/AlF0sPWGoo7xLwQCu
dmleorC5kOEobNbUyk7z+N/VVLLtn5oStxXJF+MCzcOPCO9PIPzXa5HXib1xhvqk
drGL79IpJmROSgCxM7GKM4XwNxtbJO1L/MraqWPTBLgzVqiFBTGCT+3h6bUQyr3e
zYeEZSMVLfQZCWl8owuSAhWtXTLhVYv2TnrX69ur4KmQAqLx8bATvxTrjkLMUcMX
2dexcehw/qp96QwVmkGGwlAWqibw+kpnQ7TAWtfOL1qLplasAHQU9qdrRTN6Gy2G
g7SXl9+Fm8Dwx1dfnxUmtZuhnUFs
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:55:23 2024 by rpki-client on console-fra.rpki-client.org