Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
File: Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer (raw, json)
Hash identifier: dsKFH+dpskO6j9DmYf1NJBpPVDwraMupewLgx72c+/k=
Subject key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7274365042C71096A85789FB262E70F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 48359
IP: 45.155.192.0/22
IP: 91.213.151.0/24
IP: 91.213.157.0/24
IP: 91.213.167.0/24
IP: 91.213.172.0/24
IP: 185.47.48.0/22
IP: 185.82.64.0/22
IP: 185.121.56.0/22
IP: 185.125.20.0/22
IP: 185.137.60.0/22
IP: 185.142.92.0/22
IP: 185.142.124.0/22
IP: 185.212.192.0/22
IP: 185.221.192.0/22
IP: 185.238.44.0/22
IP: 193.246.174.0/23
IP: 193.246.200.0/23
IP: 195.8.102.0/24
IP: 195.8.110.0/24
IP: 195.8.112.0/24
IP: 195.8.114.0/24
IP: 195.191.22.0/23
IP: 195.191.44.0/23
IP: 195.230.97.0/24
IP: 195.230.105.0/24
IP: 195.230.107.0/24
IP: 195.230.124.0/24
IP: 2a04:acc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:43:65:04:2c:71:09:6a:85:78:9f:b2:62:e7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:61:94:94:74:f8:db:bf:f4:9e:2c:1d:3a:
30:e4:4a:0c:58:f3:9e:79:c9:eb:80:32:d5:f0:15:
c2:7f:1d:2a:78:bf:a8:ba:00:a5:99:d8:0e:48:73:
10:42:0e:98:2d:fe:6a:26:9f:8d:ac:61:61:93:c9:
cc:b5:b2:93:f9:ab:6a:5e:2a:87:ed:36:98:e3:97:
ac:5c:e0:5a:c3:53:d4:91:7f:8e:13:d6:d2:0b:24:
4a:80:2b:bd:6e:18:cb:9a:f0:00:0f:40:03:78:45:
7c:94:60:da:9b:00:e4:94:80:c9:8f:cb:5a:ff:a8:
bc:e3:f1:38:23:20:0d:a4:73:2e:72:0e:7e:2e:83:
c0:0d:57:70:98:c7:30:f1:6c:1d:05:af:d0:69:72:
e5:ff:a0:7a:d5:68:aa:b5:6f:dd:88:21:d1:e1:88:
af:e1:9f:d3:06:fc:80:fa:92:a5:e2:3d:2f:bc:01:
82:0f:89:9f:c0:25:48:34:52:75:b1:6b:e2:7e:56:
05:2c:90:e0:c1:1a:40:5d:29:6a:07:01:bc:d4:cf:
76:67:44:36:8a:bf:41:8c:98:79:bf:76:b7:2c:77:
0e:bf:63:a8:86:17:e0:0e:2a:04:c8:81:c2:44:36:
48:25:e8:02:e9:e3:48:d2:95:73:b7:26:d9:ce:4c:
db:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/22
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
IPv6:
2a04:acc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
48359
Signature Algorithm: sha256WithRSAEncryption
6b:43:38:46:6e:e8:ae:97:2b:82:28:88:ba:e8:62:e4:87:1b:
43:56:90:c1:df:92:0c:57:c9:9d:eb:db:37:3f:6e:be:c0:1d:
1a:6c:d2:17:35:09:72:9e:24:64:7c:33:25:79:97:c0:b2:aa:
e9:bb:89:1e:d7:1a:4e:f7:93:36:cc:db:2f:77:dc:0f:51:41:
34:e6:bd:ec:1c:93:d1:c9:62:5a:cb:54:72:fc:b4:42:c3:cb:
b6:b7:7b:2e:67:45:8c:64:45:6d:bf:55:78:2c:db:e9:31:ac:
29:07:be:d6:76:1c:e5:1a:0d:f9:54:8c:e0:31:17:06:0e:8f:
0e:0e:d2:13:2d:64:3c:b7:37:b3:ca:3d:d1:99:8a:10:be:fb:
bf:3c:05:61:76:de:d6:dd:32:0d:99:8d:9c:89:2a:57:d0:9c:
24:f3:55:db:a6:67:57:9d:51:67:e1:92:f3:7f:30:b1:1b:61:
0a:52:ce:25:88:f6:a6:f2:33:cb:68:41:95:fc:86:a0:5c:a7:
7c:34:55:4b:95:79:b0:7d:d9:2e:f3:d9:ba:25:78:07:89:db:
17:32:73:88:3d:77:89:43:e0:d3:62:bb:ff:c1:4e:7e:61:b7:
23:93:c8:4b:ba:39:88:1b:b7:15:63:be:ce:0e:70:22:78:67:
33:7f:d3:0b
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgISAYzHJ0NlBCxxCWqFeJ+yYucPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk2NWRkMWY2ZjI0YTQ2ZDdjYzRiY2NmZWNkNDE1MWM2ZGQxYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8thlJR0+Nu/9J4sHTow5EoMWPOe
ecnrgDLV8BXCfx0qeL+ougClmdgOSHMQQg6YLf5qJp+NrGFhk8nMtbKT+atqXiqH
7TaY45esXOBaw1PUkX+OE9bSCyRKgCu9bhjLmvAAD0ADeEV8lGDamwDklIDJj8ta
/6i84/E4IyANpHMucg5+LoPADVdwmMcw8WwdBa/QaXLl/6B61WiqtW/diCHR4Yiv
4Z/TBvyA+pKl4j0vvAGCD4mfwCVINFJ1sWviflYFLJDgwRpAXSlqBwG81M92Z0Q2
ir9BjJh5v3a3LHcOv2OohhfgDioEyIHCRDZIJegC6eNI0pVztybZzkzbpQIDAQAB
o4IDUDCCA0wwHQYDVR0OBBYEFEOWXdH28kpG18xLzP7NQVHG3Rv7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzL2M3MzFj
NC05MTgzLTRkYjMtYjcwYS0zMzk4MGMwM2YwOGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYzczMWM0
LTkxODMtNGRiMy1iNzBhLTMzOTgwYzAzZjA4ZS8xL1E1WmQwZmJ5U2tiWHpFdk1f
czFCVWNiZEdfcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHOBggrBgEF
BQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAItm8ADBABb1ZcDBABb1Z0DBABb1acD
BABb1awDBAK5LzADBAK5UkADBAK5eTgDBAK5fRQDBAK5iTwDBAK5jlwDBAK5jnwD
BAK51MADBAK53cADBAK57iwDBAHB9q4DBAHB9sgDBADDCGYDBADDCG4DBADDCHAD
BADDCHIDBAHDvxYDBAHDvywDBADD5mEDBADD5mkDBADD5msDBADD5nwwDQQCAAIw
BwMFAyoErMAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDALznMA0GCSqGSIb3DQEB
CwUAA4IBAQBrQzhGbuiulyuCKIi66GLkhxtDVpDB35IMV8md69s3P26+wB0abNIX
NQlyniRkfDMleZfAsqrpu4ke1xpO95M2zNsvd9wPUUE05r3sHJPRyWJay1Ry/LRC
w8u2t3suZ0WMZEVtv1V4LNvpMawpB77WdhzlGg35VIzgMRcGDo8ODtITLWQ8tzez
yj3RmYoQvvu/PAVhdt7W3TINmY2ciSpX0Jwk81XbpmdXnVFn4ZLzfzCxG2EKUs4l
iPam8jPLaEGV/IagXKd8NFVLlXmwfdku89m6JXgHidsXMnOIPXeJQ+DTYrv/wU5+
Ybcjk8hLujmIG7cVY77ODnAieGczf9ML
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:15:49 2024 by rpki-client on console-ams.rpki-client.org