Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
File: XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer (raw, json)
Hash identifier: o/JNBYEWuf0ENTUWqUzoCOTV+dbNAL41Z8z//ZSqA0s=
Subject key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC49375B4CFE14CE50A96C856FB405840
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 15793
AS: 21195
AS: 44368
AS: 206408
IP: 31.25.64.0/21
IP: 62.181.192.0/18
IP: 83.241.128.0/17
IP: 91.196.240.0/22
IP: 91.199.68.0/24
IP: 94.140.32.0/19
IP: 158.255.216.0/21
IP: 176.222.96.0/19
IP: 185.10.132.0/22
IP: 185.130.0.0/22
IP: 217.13.224.0/19
IP: 217.16.192.0/20
IP: 2a00:d90::/29
IP: 2a02:7720::/29
IP: 2a03:ac80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:75:b4:cf:e1:4c:e5:0a:96:c8:56:fb:40:58:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:14:5a:11:29:ec:ad:6c:47:d1:79:56:c9:
2d:89:4f:e8:61:2b:b5:43:16:1d:3f:6a:31:d5:d4:
62:43:bb:2c:b5:e1:82:62:c1:34:c3:2b:40:cc:79:
7f:21:f3:98:f9:21:0a:c3:b4:4d:56:63:b8:e3:09:
43:cf:53:c4:aa:31:66:83:19:93:fb:47:32:c2:a4:
ab:c1:63:74:ac:a3:25:b9:ff:7c:dd:ec:41:64:ee:
97:d6:66:5a:3a:20:72:1d:0e:d4:d0:f7:99:36:3c:
b7:c9:4a:b8:73:b1:94:c8:63:7e:0e:e2:bd:87:10:
63:88:dc:95:e5:5c:5e:68:ce:69:db:da:fe:3c:d2:
4c:cc:52:7a:19:cb:d7:db:c2:f8:3c:82:bd:c2:cc:
64:59:37:b5:14:b2:b8:93:af:b0:48:4c:36:0b:eb:
a8:c0:32:1f:8e:e8:f2:c3:8b:a4:59:c6:5c:a4:c7:
ee:01:83:83:b0:f5:bf:fe:7d:91:0a:1a:9f:49:0e:
3d:8c:6d:be:eb:86:63:ce:8a:1e:b5:0d:f5:95:c9:
fd:06:51:c7:9e:0d:f0:fe:1e:72:dc:e9:52:2b:62:
20:bd:54:e6:ff:f7:72:3b:03:0b:0c:41:fd:a0:36:
04:d1:66:d8:42:90:d6:21:02:9e:dc:48:6a:a3:be:
77:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
62.181.192.0/18
83.241.128.0/17
91.196.240.0/22
91.199.68.0/24
94.140.32.0/19
158.255.216.0/21
176.222.96.0/19
185.10.132.0/22
185.130.0.0/22
217.13.224.0/19
217.16.192.0/20
IPv6:
2a00:d90::/29
2a02:7720::/29
2a03:ac80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15793
21195
44368
206408
Signature Algorithm: sha256WithRSAEncryption
59:f4:aa:f2:77:ca:f9:d4:ad:1d:5c:2a:94:c9:1e:0b:45:93:
97:3b:11:ec:2d:a9:b2:54:85:05:14:75:71:18:ad:a7:1b:b1:
8e:e8:1e:b0:68:6b:30:eb:6e:85:1f:33:84:c8:38:60:25:1f:
d8:a6:91:84:54:8b:b9:e3:ff:bf:12:fb:58:70:3e:d4:d6:8a:
be:dd:c0:94:42:c1:43:a0:1b:7e:8e:81:68:e1:06:90:85:5c:
a6:83:44:9a:77:c1:4d:22:e7:13:9b:16:98:d1:4b:5c:5b:1b:
76:87:a7:dd:46:fe:be:de:3a:57:d1:86:03:ff:8c:cf:66:e2:
dd:25:e3:2c:e7:89:2e:0a:8d:17:51:90:dd:52:c1:4f:86:07:
fa:54:5e:a2:59:7f:9a:b5:24:dc:ad:a8:a7:14:be:8a:36:33:
70:de:ea:e8:b3:be:13:85:8c:54:62:77:6e:38:18:ba:8d:dc:
65:a0:f3:fa:b0:76:55:b7:3b:76:e1:70:de:eb:00:6e:3d:50:
4e:11:5a:4b:04:b5:ce:d8:f3:2b:bf:41:ca:86:79:4f:c8:b2:
29:b2:25:e9:bc:0b:1a:51:c8:f1:62:00:9f:4a:96:ab:df:36:
9d:8a:b2:00:e2:c6:e3:75:41:d0:e1:bd:33:9a:a5:6b:53:5f:
37:15:12:16
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYzEk3W0z+FM5QqWyFb7QFhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzc0NmU5ZjEyYzJjMGU1NDU5ZmU0ZTNkNDEzYzFjODlkZTZkYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9kUWhEp7K1sR9F5VsktiU/oYSu1
QxYdP2ox1dRiQ7ssteGCYsE0wytAzHl/IfOY+SEKw7RNVmO44wlDz1PEqjFmgxmT
+0cywqSrwWN0rKMluf983exBZO6X1mZaOiByHQ7U0PeZNjy3yUq4c7GUyGN+DuK9
hxBjiNyV5VxeaM5p29r+PNJMzFJ6GcvX28L4PIK9wsxkWTe1FLK4k6+wSEw2C+uo
wDIfjujyw4ukWcZcpMfuAYODsPW//n2RChqfSQ49jG2+64ZjzooetQ31lcn9BlHH
ng3w/h5y3OlSK2IgvVTm//dyOwMLDEH9oDYE0WbYQpDWIQKe3Ehqo753swIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFFx0bp8SwsDlRZ/k49QTwcid5tsOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3L2Q2YmY1
ZS00ODEyLTQzMGUtOWExMy1lNTk0NzYxNGVmM2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvZDZiZjVl
LTQ4MTItNDMwZS05YTEzLWU1OTQ3NjE0ZWYzZi8xL1hIUnVueExDd09WRm4tVGox
QlBCeUozbTJ3NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH4GCCsGAQUF
BwEHAQH/BG8wbTBOBAIAATBIAwQDHxlAAwQGPrXAAwQHU/GAAwQCW8TwAwQAW8dE
AwQFXowgAwQDnv/YAwQFsN5gAwQCuQqEAwQCuYIAAwQF2Q3gAwQE2RDAMBsEAgAC
MBUDBQMqAA2QAwUDKgJ3IAMFACoDrIAwJwYIKwYBBQUHAQgBAf8EGDAWoBQwEgIC
PbECAlLLAgMArVACAwMmSDANBgkqhkiG9w0BAQsFAAOCAQEAWfSq8nfK+dStHVwq
lMkeC0WTlzsR7C2pslSFBRR1cRitpxuxjugesGhrMOtuhR8zhMg4YCUf2KaRhFSL
ueP/vxL7WHA+1NaKvt3AlELBQ6Abfo6BaOEGkIVcpoNEmnfBTSLnE5sWmNFLXFsb
doen3Ub+vt46V9GGA/+Mz2bi3SXjLOeJLgqNF1GQ3VLBT4YH+lReoll/mrUk3K2o
pxS+ijYzcN7q6LO+E4WMVGJ3bjgYuo3cZaDz+rB2Vbc7duFw3usAbj1QThFaSwS1
ztjzK79ByoZ5T8iyKbIl6bwLGlHI8WIAn0qWq982nYqyAOLG43VB0OG9M5qla1Nf
NxUSFg==
-----END CERTIFICATE-----
Generated at Fri May 3 03:04:18 2024 by rpki-client on console-fra.rpki-client.org