Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
File: NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer (raw, json)
Hash identifier: Sjpa17+l9rGzgyFmfpaIr8XwvHSbn+YqhrUhhgeQXD4=
Subject key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BB911D75E4510F00E345243CEA1C73
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:32:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 24768
AS: 34643
AS: 213277
IP: 5.253.180.0/22
IP: 82.102.4.0/24
IP: 82.102.7.0/24
IP: 94.46.12.0 -- 94.46.31.255
IP: 94.46.128.0/21
IP: 94.46.160.0 -- 94.46.183.255
IP: 109.71.40.0/21
IP: 130.185.80.0/21
IP: 185.15.20.0/22
IP: 2a00:1650::/29
IP: 2a09:58c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:91:1d:75:e4:51:0f:00:e3:45:24:3c:ea:1c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3545a7200164912041bb931efb1feac123b43a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:85:fb:a3:2d:b4:5d:d1:16:11:4a:69:1a:
2c:25:59:5a:ac:ae:eb:82:c3:55:50:c0:82:f1:f6:
6a:2b:df:cf:6e:bb:9b:56:c8:08:f1:92:31:99:4d:
e5:77:96:f3:21:44:55:83:a5:77:2d:34:bc:66:16:
2e:1a:e1:56:ab:db:ab:bc:bf:56:29:dc:1f:5a:94:
bf:c0:6f:39:48:90:00:5c:e6:47:4f:fb:47:ec:fb:
19:27:c1:2f:27:bb:06:6c:e1:b6:2c:26:f3:a3:4d:
bd:90:17:bb:44:99:87:06:b2:99:b4:98:d8:5c:87:
de:e7:33:09:bc:d4:d0:b3:91:70:16:08:60:21:79:
d1:6c:64:03:3a:83:39:90:76:b5:04:c3:93:44:86:
42:da:d9:e7:e4:1d:7b:11:eb:f5:95:db:56:ea:d4:
d9:4f:67:ab:5b:98:ea:73:fd:90:ea:08:3f:ce:69:
be:8b:44:61:7f:7c:cd:d2:cf:b2:1f:1d:30:26:43:
f0:9f:24:2e:de:6c:2b:95:c8:8a:3c:78:81:95:2b:
f8:6a:64:5f:c7:1b:54:a3:b4:eb:ef:2d:5a:81:55:
08:87:ac:56:4e:0d:ef:30:00:6b:c1:af:14:67:0e:
ca:b3:10:8f:70:a5:da:78:68:6f:76:35:b8:f0:62:
d9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.180.0/22
82.102.4.0/24
82.102.7.0/24
94.46.12.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/29
2a09:58c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24768
34643
213277
Signature Algorithm: sha256WithRSAEncryption
21:81:cb:37:72:6d:3f:69:17:a8:59:a4:67:51:45:a7:bf:c0:
4f:03:2d:df:66:4b:0d:81:04:c1:83:83:9d:73:19:90:75:0b:
f0:87:c0:14:7a:02:fd:6d:12:88:d2:22:d4:35:ba:3c:2d:d0:
83:b3:50:7d:0e:57:28:9e:d1:86:1b:cd:66:f9:bf:f0:55:81:
4e:7a:b0:da:e1:25:8d:a8:52:55:d5:51:05:fc:19:74:a7:85:
07:3a:38:89:82:ea:53:78:46:6c:3e:db:cf:d7:bf:e1:4f:b4:
a6:8d:98:ca:42:d3:b3:08:6f:08:db:91:15:fa:25:ae:13:9b:
ee:27:dd:3e:58:54:29:fc:be:a2:45:8c:f5:e9:69:ee:06:62:
f2:e0:a5:58:b3:8a:a5:c7:2e:c8:af:17:67:17:cb:36:7e:c6:
5e:40:b6:7d:c9:98:4d:09:b6:fe:91:99:c1:51:08:ff:b5:14:
0d:1a:06:e9:76:79:97:03:93:f3:4f:80:85:ca:b2:fa:68:dd:
ea:78:14:3c:29:51:5c:c2:13:06:b2:df:53:ed:3c:08:0c:a2:
05:eb:a4:dd:8c:97:0c:69:e8:3b:4e:b3:f3:b9:e1:7e:30:69:
bb:33:26:6b:77:7c:d4:b8:09:c7:e8:8d:22:8f:88:1b:31:12:
1a:9c:a0:b5
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAYzJu5EddeRRDwDjRSQ86hxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ1YTcyMDAxNjQ5MTIwNDFiYjkzMWVmYjFmZWFjMTIzYjQzYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTWF+6MttF3RFhFKaRosJVlarK7r
gsNVUMCC8fZqK9/PbrubVsgI8ZIxmU3ld5bzIURVg6V3LTS8ZhYuGuFWq9urvL9W
KdwfWpS/wG85SJAAXOZHT/tH7PsZJ8EvJ7sGbOG2LCbzo029kBe7RJmHBrKZtJjY
XIfe5zMJvNTQs5FwFghgIXnRbGQDOoM5kHa1BMOTRIZC2tnn5B17Eev1ldtW6tTZ
T2erW5jqc/2Q6gg/zmm+i0Rhf3zN0s+yHx0wJkPwnyQu3mwrlciKPHiBlSv4amRf
xxtUo7Tr7y1agVUIh6xWTg3vMABrwa8UZw7KsxCPcKXaeGhvdjW48GLZcwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFDVFpyABZJEgQbuTHvsf6sEjtDoYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjLzU5YzRi
OC04N2Y0LTRmMmYtYTQ0OS1hYWJiMDYyZTQwZGIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvNTljNGI4
LTg3ZjQtNGYyZi1hNDQ5LWFhYmIwNjJlNDBkYi8xL05VV25JQUZra1NCQnU1TWUt
eF9xd1NPME9oZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF
BwEHAQH/BGYwZDBMBAIAATBGAwQCBf20AwQAUmYEAwQAUmYHMAwDBAJeLgwDBAVe
LgADBANeLoAwDAMEBV4uoAMEA14usAMEA21HKAMEA4K5UAMEArkPFDAUBAIAAjAO
AwUDKgAWUAMFACoJWMAwIwYIKwYBBQUHAQgBAf8EFDASoBAwDgICYMACAwCHUwID
A0EdMA0GCSqGSIb3DQEBCwUAA4IBAQAhgcs3cm0/aReoWaRnUUWnv8BPAy3fZksN
gQTBg4OdcxmQdQvwh8AUegL9bRKI0iLUNbo8LdCDs1B9DlcontGGG81m+b/wVYFO
erDa4SWNqFJV1VEF/Bl0p4UHOjiJgupTeEZsPtvP17/hT7SmjZjKQtOzCG8I25EV
+iWuE5vuJ90+WFQp/L6iRYz16WnuBmLy4KVYs4qlxy7IrxdnF8s2fsZeQLZ9yZhN
Cbb+kZnBUQj/tRQNGgbpdnmXA5PzT4CFyrL6aN3qeBQ8KVFcwhMGst9T7TwIDKIF
66TdjJcMaeg7TrPzueF+MGm7MyZrd3zUuAnH6I0ij4gbMRIanKC1
-----END CERTIFICATE-----
Generated at Fri May 3 01:42:42 2024 by rpki-client on console-ams.rpki-client.org