Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
File: LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer (raw, json)
Hash identifier: Q5vWfYTeSRPU6lWXBt/epNX3/2/TDEhtkZughc9NjCQ=
Subject key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2B9DE4540319F63FD4BBEA24FE3029
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:35:05 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 9098
AS: 30788
AS: 50175
IP: 5.181.12.0/22
IP: 45.82.80.0/22
IP: 45.145.52.0/22
IP: 45.150.48.0/22
IP: 45.159.180.0/22
IP: 94.199.7.0/24
IP: 194.34.244.0/22
IP: 2a06:7840::/29
IP: 2a0b:2a80::/29
IP: 2a0d:4440::/29
IP: 2a0f:f00::/29
IP: 2a0f:59c0::/29
IP: 2a0f:a380::/29
IP: 2a13:5200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:9d:e4:54:03:19:f6:3f:d4:bb:ea:24:fe:30:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:35:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:27:7d:94:c5:a9:4a:ea:0d:5f:b9:2c:db:85:
12:91:e6:f9:4f:73:e0:e4:97:7e:ce:e1:e5:a3:6c:
d0:44:5d:41:06:d7:3c:22:af:e8:dc:93:e1:6c:00:
7e:50:dd:f8:89:df:db:5d:1d:c9:ff:de:bf:ea:83:
6a:48:cd:18:f5:ec:0e:5d:bd:40:9d:01:5e:36:0c:
db:97:ee:3e:75:d4:37:1d:a3:2e:7e:ad:82:4f:c5:
55:5c:80:c4:1b:26:d5:c2:1a:3f:67:b2:7a:8b:1a:
7b:ad:13:b3:c7:9c:0d:a7:61:57:c7:9c:8f:62:16:
87:9f:c5:1b:20:e7:5a:ea:ab:1d:bd:3f:e3:79:a7:
e6:e6:18:1c:8f:39:80:25:23:68:5b:18:7a:03:96:
7b:85:cb:68:2e:d5:e4:fe:fd:9c:75:b0:f4:62:04:
00:c4:4a:58:06:b4:87:52:36:5f:85:4f:d1:64:db:
95:7d:c1:ef:42:48:44:d0:c7:84:0e:9f:99:24:ec:
32:ab:e9:f3:7f:07:1e:bd:a8:6f:9b:5a:91:cc:7d:
73:79:90:97:03:07:b5:64:9e:ee:94:0e:7c:10:2b:
ad:5a:b6:ee:12:a5:f6:b4:2d:14:aa:96:fd:1b:51:
d7:c1:09:ca:fa:ef:8f:c3:10:ec:7f:7b:75:99:96:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.12.0/22
45.82.80.0/22
45.145.52.0/22
45.150.48.0/22
45.159.180.0/22
94.199.7.0/24
194.34.244.0/22
IPv6:
2a06:7840::/29
2a0b:2a80::/29
2a0d:4440::/29
2a0f:f00::/29
2a0f:59c0::/29
2a0f:a380::/29
2a13:5200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9098
30788
50175
Signature Algorithm: sha256WithRSAEncryption
2e:cc:e9:b2:2b:23:bf:7f:82:79:04:7a:44:4e:3e:19:19:49:
9a:8a:e9:01:2d:4b:92:b8:e2:20:8c:58:c4:43:14:da:e5:17:
54:14:09:ad:d0:39:23:9b:9d:4b:23:43:43:12:a4:76:5e:ac:
61:f3:75:1d:cc:59:fb:b0:c8:98:bd:f1:c7:a1:e8:13:41:0b:
cd:e2:68:ad:6d:e4:aa:3f:01:c1:65:4a:fd:10:8a:10:ed:c9:
11:ef:bc:00:82:77:e7:10:32:46:36:0b:3d:e7:0f:a3:94:d8:
13:ba:89:fa:d9:91:3d:f6:08:e5:3e:d7:d8:50:69:89:bc:94:
13:aa:f6:7d:5d:d7:59:9c:95:ce:d5:2a:9c:a7:3f:9a:d1:74:
5c:51:cb:b7:63:70:ad:11:39:0a:68:15:5a:af:f0:bd:7e:c0:
7c:fb:7d:ef:5d:01:af:77:94:70:fa:f5:b7:db:32:30:61:a9:
d1:ab:06:1d:79:92:3f:af:11:9a:1f:59:c7:7b:df:4c:62:22:
82:e2:dd:36:d2:d0:89:a3:38:11:c4:33:06:f8:30:91:08:99:
8c:a1:a7:94:6b:4a:e2:f1:41:dd:44:5f:f3:15:b5:bb:7d:96:
3d:02:33:c2:95:db:23:6f:3c:58:46:de:7c:5d:0d:64:dd:70:
5b:1d:a5:0a
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYzKK53kVAMZ9j/Uu+ok/jApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTExNjRhOWI1MDEzZDYyZjA1MTM0NGY2ZGY5MWYxM2JjN2VjYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSd9lMWpSuoNX7ks24USkeb5T3Pg
5Jd+zuHlo2zQRF1BBtc8Iq/o3JPhbAB+UN34id/bXR3J/96/6oNqSM0Y9ewOXb1A
nQFeNgzbl+4+ddQ3HaMufq2CT8VVXIDEGybVwho/Z7J6ixp7rROzx5wNp2FXx5yP
YhaHn8UbIOda6qsdvT/jeafm5hgcjzmAJSNoWxh6A5Z7hctoLtXk/v2cdbD0YgQA
xEpYBrSHUjZfhU/RZNuVfcHvQkhE0MeEDp+ZJOwyq+nzfwcevahvm1qRzH1zeZCX
Awe1ZJ7ulA58ECutWrbuEqX2tC0Uqpb9G1HXwQnK+u+PwxDsf3t1mZbEJQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFC4RZKm1AT1i8FE0T235HxO8fssPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0L2ZiNDY5
Ni02NzhmLTRkNDUtYTA5MS1mZDdmMTdiYjFhNWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvZmI0Njk2
LTY3OGYtNGQ0NS1hMDkxLWZkN2YxN2JiMWE1Yy8xL0xoRmtxYlVCUFdMd1VUUlBi
ZmtmRTd4LXl3OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHwGCCsGAQUF
BwEHAQH/BG0wazAwBAIAATAqAwQCBbUMAwQCLVJQAwQCLZE0AwQCLZYwAwQCLZ+0
AwQAXscHAwQCwiL0MDcEAgACMDEDBQMqBnhAAwUDKgsqgAMFAyoNREADBQMqDw8A
AwUDKg9ZwAMFAyoPo4ADBQMqE1IAMCIGCCsGAQUFBwEIAQH/BBMwEaAPMA0CAiOK
AgJ4RAIDAMP/MA0GCSqGSIb3DQEBCwUAA4IBAQAuzOmyKyO/f4J5BHpETj4ZGUma
iukBLUuSuOIgjFjEQxTa5RdUFAmt0Dkjm51LI0NDEqR2Xqxh83UdzFn7sMiYvfHH
oegTQQvN4mitbeSqPwHBZUr9EIoQ7ckR77wAgnfnEDJGNgs95w+jlNgTuon62ZE9
9gjlPtfYUGmJvJQTqvZ9XddZnJXO1Sqcpz+a0XRcUcu3Y3CtETkKaBVar/C9fsB8
+33vXQGvd5Rw+vW32zIwYanRqwYdeZI/rxGaH1nHe99MYiKC4t020tCJozgRxDMG
+DCRCJmMoaeUa0ri8UHdRF/zFbW7fZY9AjPCldsjbzxYRt58XQ1k3XBbHaUK
-----END CERTIFICATE-----
Generated at Fri May 3 09:03:45 2024 by rpki-client on console-ams.rpki-client.org