Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
File: Om4uf_LHAsirUUn-6nF1mRxzQJw.cer (raw, json)
Hash identifier: 6pWk/ka09S3czltVRdAWQjAQ11SivpJ9Zi5RxQbWSlU=
Subject key identifier: 3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC42466802F2910D545CAC17103D40C61
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:29:29 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 37.35.8.0/21
IP: 62.240.0.0 -- 62.240.23.255
IP: 85.202.112.0/20
IP: 91.226.240.0/22
IP: 93.92.248.0/21
IP: 109.94.112.0 -- 109.94.125.255
IP: 109.94.224.0/22
IP: 178.22.216.0/21
IP: 185.102.236.0/22
IP: 185.118.168.0/22
IP: 185.125.176.0/22
IP: 212.57.40.0/21
IP: 2a01:6440::/29
IP: 2a06:9400::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:66:80:2f:29:10:d5:45:ca:c1:71:03:d4:0c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:25:16:5b:23:9a:b8:55:df:92:3d:60:93:
c4:df:fa:89:ed:5c:0f:1f:c8:ca:5b:b4:aa:51:89:
9b:f6:09:52:64:de:28:3c:de:1b:9d:1f:66:55:0b:
6d:33:68:8b:39:0d:f5:47:b1:ec:07:11:b4:3b:17:
f0:52:7e:9c:33:89:5a:50:ed:ab:cd:9a:8e:5f:c8:
94:3f:8e:8e:b2:c4:fe:0e:2c:2e:0a:4b:ec:de:76:
34:dd:5d:75:cf:b2:89:f6:1f:45:a1:70:42:6f:05:
52:ee:8e:c6:02:eb:d2:a1:d4:b9:b6:aa:e9:62:13:
ff:0d:1c:85:30:d4:46:25:17:cb:63:fb:ef:b8:2a:
fb:c4:f2:32:c6:a9:63:1e:19:3f:6d:b7:b6:de:76:
9c:9c:92:f4:8b:28:c1:43:6d:35:93:63:30:c7:86:
42:fc:ef:54:71:02:49:4a:1e:00:21:26:ed:de:43:
39:85:c0:d4:29:2f:29:e0:27:dc:2c:b3:c8:e5:4f:
cb:9b:34:ea:5d:87:f9:69:26:d9:a0:87:93:43:f3:
f4:ca:2b:5c:eb:a9:ce:2e:9e:77:ca:57:f9:11:01:
d7:d7:47:86:ab:8c:bd:c1:dc:5a:f5:dd:dc:27:0d:
17:07:43:66:88:75:3e:d8:3f:9c:1f:24:fc:26:be:
5e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.8.0/21
62.240.0.0-62.240.23.255
85.202.112.0/20
91.226.240.0/22
93.92.248.0/21
109.94.112.0-109.94.125.255
109.94.224.0/22
178.22.216.0/21
185.102.236.0/22
185.118.168.0/22
185.125.176.0/22
212.57.40.0/21
IPv6:
2a01:6440::/29
2a06:9400::/29
Signature Algorithm: sha256WithRSAEncryption
01:e3:bc:0a:92:b1:ef:6b:fb:0b:d4:98:9b:0c:8f:ab:63:89:
1a:e1:e6:2a:55:92:42:e7:fe:bd:95:52:69:af:04:ba:53:2c:
30:7a:10:48:6e:16:5b:a7:9f:1b:18:80:0c:1d:7a:b6:8e:78:
b9:b2:fc:f2:4a:17:32:d9:d2:bd:01:7d:06:7e:d4:82:e8:5c:
a2:16:2e:cf:7a:3c:02:de:89:13:d8:a0:00:a2:f3:5c:32:8d:
4c:e7:7b:e6:20:18:8e:88:7d:04:2a:e1:e4:5e:a5:15:9a:c2:
26:aa:ef:6f:e8:d8:19:d0:e3:0d:a0:51:3e:83:f6:ec:82:ca:
66:3f:13:e9:53:c3:87:7a:0e:76:6d:35:1f:6f:a7:0b:17:54:
a4:d3:2d:bb:9b:b7:44:42:eb:70:3e:06:fb:e3:a6:be:7c:a6:
90:f8:01:c8:f8:27:b2:c2:39:e9:a6:cb:d7:50:99:4b:db:78:
53:6c:6c:a1:ac:2a:ba:24:f2:ea:9a:f0:13:1f:92:f5:f1:10:
a1:a8:cd:8a:9d:51:04:bb:9d:98:30:67:9b:2f:82:3b:e0:d3:
a7:8e:c0:b2:f2:53:9f:27:41:26:bb:1e:4c:72:66:c1:3b:1d:
01:52:2f:57:79:43:96:77:d1:98:ae:ba:3b:3a:b8:04:27:f9:
d4:11:ff:7f
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAYzEJGaALykQ1UXKwXED1AxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZlMmU3ZmYyYzcwMmM4YWI1MTQ5ZmVlYTcxNzU5OTFjNzM0MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFQlFlsjmrhV35I9YJPE3/qJ7VwP
H8jKW7SqUYmb9glSZN4oPN4bnR9mVQttM2iLOQ31R7HsBxG0OxfwUn6cM4laUO2r
zZqOX8iUP46OssT+DiwuCkvs3nY03V11z7KJ9h9FoXBCbwVS7o7GAuvSodS5tqrp
YhP/DRyFMNRGJRfLY/vvuCr7xPIyxqljHhk/bbe23nacnJL0iyjBQ201k2Mwx4ZC
/O9UcQJJSh4AISbt3kM5hcDUKS8p4CfcLLPI5U/LmzTqXYf5aSbZoIeTQ/P0yitc
66nOLp53ylf5EQHX10eGq4y9wdxa9d3cJw0XB0NmiHU+2D+cHyT8Jr5eRwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFDpuLn/yxwLIq1FJ/upxdZkcc0CcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVmLzE4ODU0
Mi1kNGY3LTRhYTItYWRjNy03NzVhMDU3ODhjZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYvMTg4NTQy
LWQ0ZjctNGFhMi1hZGM3LTc3NWEwNTc4OGNmNS8xL09tNHVmX0xIQXNpclVVbi02
bkYxbVJ4elFKdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGGBggrBgEF
BQcBBwEB/wR3MHUwXQQCAAEwVwMEAyUjCDALAwMEPvADBAM+8BADBARVynADBAJb
4vADBANdXPgwDAMEBG1ecAMEAW1efAMEAm1e4AMEA7IW2AMEArlm7AMEArl2qAME
Arl9sAMEA9Q5KDAUBAIAAjAOAwUDKgFkQAMFAyoGlAAwDQYJKoZIhvcNAQELBQAD
ggEBAAHjvAqSse9r+wvUmJsMj6tjiRrh5ipVkkLn/r2VUmmvBLpTLDB6EEhuFlun
nxsYgAwderaOeLmy/PJKFzLZ0r0BfQZ+1ILoXKIWLs96PALeiRPYoACi81wyjUzn
e+YgGI6IfQQq4eRepRWawiaq72/o2BnQ4w2gUT6D9uyCymY/E+lTw4d6DnZtNR9v
pwsXVKTTLbubt0RC63A+Bvvjpr58ppD4Acj4J7LCOemmy9dQmUvbeFNsbKGsKrok
8uqa8BMfkvXxEKGozYqdUQS7nZgwZ5svgjvg06eOwLLyU58nQSa7HkxyZsE7HQFS
L1d5Q5Z30Ziuujs6uAQn+dQR/38=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:08:15 2024 by rpki-client on console-fra.rpki-client.org