Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/T4BFzPUJd-vDBmo87tj9MvHwI94.cer
File: T4BFzPUJd-vDBmo87tj9MvHwI94.cer (raw, json)
Hash identifier: N3KBxlniYJ3SPwKgYPwjdLGr7aBZx2yIV0NU1hmDk2s=
Subject key identifier: 4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7259D2483D685C8F5AE2C090DFC2D11
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:29:40 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35445
IP: 85.188.64.0 -- 85.188.191.255
IP: 2001:67c:191c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:9d:24:83:d6:85:c8:f5:ae:2c:09:0d:fc:2d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8045ccf50977ebc3066a3ceed8fd32f1f023de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:b9:c3:8d:0d:19:04:03:aa:fb:18:69:56:
91:92:63:d6:4b:bf:a8:b6:68:6e:75:b4:35:13:6b:
22:4d:c2:4e:66:e5:2b:76:be:f5:38:c3:01:46:ee:
47:6a:e1:63:2c:55:04:f9:18:34:f0:b3:6a:8e:39:
fa:9f:69:8d:8f:5b:76:58:4e:fb:9e:51:6d:30:69:
f9:cf:44:db:fd:75:5a:4f:7c:9a:3b:8f:cc:a7:80:
ef:88:f3:51:e5:c7:78:72:6b:cf:7a:18:1f:9a:91:
dd:5f:26:67:ab:e2:ad:05:81:78:c5:60:9d:f4:72:
f5:6c:98:85:32:35:9b:c8:2e:e6:03:d3:4e:b7:c2:
a0:7a:90:9b:65:80:79:f3:68:49:52:ea:f3:41:26:
9d:c6:34:c9:0c:83:8e:dc:27:b8:61:5d:99:42:b4:
e1:cc:50:ac:a8:e5:ea:e1:50:35:eb:6e:af:76:f2:
e1:d5:e6:c6:68:1f:11:a9:ac:23:dc:3d:b8:03:32:
ab:be:5e:35:01:08:38:40:b0:86:5a:d5:4b:fd:d2:
8b:8e:54:b2:65:50:01:57:80:61:97:59:d6:e9:fe:
1e:21:07:1b:02:40:54:54:f8:9a:77:0e:96:55:f1:
66:bb:5e:fe:22:2d:4c:37:8f:2f:b8:f5:0f:1d:a6:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:80:45:CC:F5:09:77:EB:C3:06:6A:3C:EE:D8:FD:32:F1:F0:23:DE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7d9e10-2c19-4dd8-a80f-40c8697bbde9/1/T4BFzPUJd-vDBmo87tj9MvHwI94.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.188.64.0-85.188.191.255
IPv6:
2001:67c:191c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35445
Signature Algorithm: sha256WithRSAEncryption
8c:e7:d2:b0:63:b5:ba:89:fc:fc:d8:eb:16:c4:bf:3f:2f:e6:
20:94:fc:1a:6c:b2:65:99:f1:79:df:e4:15:31:0f:a7:30:b5:
4c:e0:dd:88:24:76:33:e1:6f:97:88:f8:f2:e3:d5:a2:9c:4d:
84:22:63:9e:19:c5:94:a7:87:43:54:6e:ff:9b:d2:9e:de:ab:
bf:ef:c1:92:66:19:06:3e:75:0c:34:98:df:cb:3e:18:99:1b:
a9:29:86:74:39:89:a6:3e:58:bb:ee:5a:e9:66:2f:5b:63:47:
93:3c:f2:49:3f:7e:11:c2:b8:b5:9d:21:74:66:44:78:e7:37:
23:9c:8a:80:cd:d7:70:36:00:06:cf:16:ec:7a:dd:4a:e3:8a:
ac:9f:13:f2:6b:7f:f4:c7:6c:db:f6:e7:cf:bc:42:7f:25:b6:
2e:cd:68:51:cf:ad:e3:79:42:7a:13:3a:c3:17:2a:98:ff:e5:
1d:d8:8a:ba:31:7f:7c:ad:d1:03:c8:37:62:65:37:52:12:0d:
34:31:66:93:73:90:de:14:8d:5c:ec:c5:bf:2b:a7:a6:54:76:
da:3f:f1:c5:10:04:f7:cf:b6:a6:42:7b:74:0c:33:69:cb:5f:
54:4a:1e:2c:69:cb:6a:ec:00:5d:ab:5d:57:62:25:6a:ce:6e:
f2:39:fd:b6
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYzHJZ0kg9aFyPWuLAkN/C0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjgwNDVjY2Y1MDk3N2ViYzMwNjZhM2NlZWQ4ZmQzMmYxZjAyM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPm5w40NGQQDqvsYaVaRkmPWS7+o
tmhudbQ1E2siTcJOZuUrdr71OMMBRu5HauFjLFUE+Rg08LNqjjn6n2mNj1t2WE77
nlFtMGn5z0Tb/XVaT3yaO4/Mp4DviPNR5cd4cmvPehgfmpHdXyZnq+KtBYF4xWCd
9HL1bJiFMjWbyC7mA9NOt8KgepCbZYB582hJUurzQSadxjTJDIOO3Ce4YV2ZQrTh
zFCsqOXq4VA1626vdvLh1ebGaB8Rqawj3D24AzKrvl41AQg4QLCGWtVL/dKLjlSy
ZVABV4Bhl1nW6f4eIQcbAkBUVPiadw6WVfFmu17+Ii1MN48vuPUPHaYAbwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFE+ARcz1CXfrwwZqPO7Y/TLx8CPeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmLzdkOWUx
MC0yYzE5LTRkZDgtYTgwZi00MGM4Njk3YmJkZTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvN2Q5ZTEw
LTJjMTktNGRkOC1hODBmLTQwYzg2OTdiYmRlOS8xL1Q0QkZ6UFVKZC12REJtbzg3
dGo5TXZId0k5NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzAUBAIAATAOMAwDBAZVvEADBAZVvIAwDwQCAAIwCQMHACABBnwZ
HDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAinUwDQYJKoZIhvcNAQELBQADggEB
AIzn0rBjtbqJ/PzY6xbEvz8v5iCU/BpssmWZ8Xnf5BUxD6cwtUzg3YgkdjPhb5eI
+PLj1aKcTYQiY54ZxZSnh0NUbv+b0p7eq7/vwZJmGQY+dQw0mN/LPhiZG6kphnQ5
iaY+WLvuWulmL1tjR5M88kk/fhHCuLWdIXRmRHjnNyOcioDN13A2AAbPFux63Urj
iqyfE/Jrf/THbNv258+8Qn8lti7NaFHPreN5QnoTOsMXKpj/5R3Yiroxf3yt0QPI
N2JlN1ISDTQxZpNzkN4UjVzsxb8rp6ZUdto/8cUQBPfPtqZCe3QMM2nLX1RKHixp
y2rsAF2rXVdiJWrObvI5/bY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:50:35 2024 by rpki-client on console-ams.rpki-client.org