Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y4bd41wUj4l-nCddgGJ-CS6jwMc.cer
File: Y4bd41wUj4l-nCddgGJ-CS6jwMc.cer (raw, json)
Hash identifier: Siraq47dpXtLecTiEoXnZ1ALCj8O8gRMwSKCLUMjTeA=
Subject key identifier: 63:86:DD:E3:5C:14:8F:89:7E:9C:27:5D:80:62:7E:09:2E:A3:C0:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B8502230ECD3BB991C0EA89747E832
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/41/b81499-be00-4e58-bde2-9a91dd2b03d9/1/Y4bd41wUj4l-nCddgGJ-CS6jwMc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/41/b81499-be00-4e58-bde2-9a91dd2b03d9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:30:17 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 50599
AS: 206972
IP: 89.40.144.0/22
IP: 91.204.160.0 -- 91.204.162.255
IP: 91.236.52.0/24
IP: 91.236.54.0/23
IP: 128.0.54.0/24
IP: 185.11.128.0/22
IP: 185.72.196.0/22
IP: 185.170.104.0/22
IP: 188.210.220.0/22
IP: 193.105.125.0/24
IP: 195.177.216.0/23
IP: 2a02:e7c0::/29
IP: 2a0b:5480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:50:22:30:ec:d3:bb:99:1c:0e:a8:97:47:e8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6386dde35c148f897e9c275d80627e092ea3c0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b3:b6:36:aa:a0:f6:32:c6:b3:ef:81:d7:ca:
46:fd:89:22:64:a8:16:79:37:03:98:be:a5:0c:fa:
6c:f4:2a:26:25:56:1b:cb:70:85:5a:5f:16:10:da:
5e:81:b7:b7:85:7f:14:b7:72:a5:20:05:7b:63:4f:
94:6b:77:3e:6d:e8:12:84:13:bd:84:98:64:55:03:
82:9e:78:2e:f9:ed:e3:42:99:03:25:c5:c9:59:58:
2d:30:7f:dc:9f:9d:f3:7f:e9:c2:ec:21:59:3d:fd:
d4:b5:55:8d:75:88:bd:04:0f:2f:b5:14:72:67:6a:
b0:61:9a:41:cb:66:8d:49:b8:6b:56:53:56:a3:92:
28:87:e7:0e:08:a5:8b:93:d0:c7:43:d8:42:f9:c9:
31:5a:89:ff:4a:ac:09:dc:59:d1:e4:36:06:a3:87:
22:ee:74:c5:fd:36:16:0a:a9:53:22:aa:2f:28:e1:
73:9f:e1:0d:38:b0:a6:b4:5a:ca:e3:58:bf:76:c2:
7f:e0:aa:f3:44:4b:a6:75:fc:bd:3e:a1:5f:53:37:
f9:5f:7a:89:0f:56:5e:34:34:9b:28:9a:fe:7e:41:
ae:8f:a0:23:a1:96:be:3b:b9:6e:19:cf:a8:47:ed:
bf:55:01:5c:6d:93:9e:75:a6:7b:9d:c1:96:8a:28:
49:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:86:DD:E3:5C:14:8F:89:7E:9C:27:5D:80:62:7E:09:2E:A3:C0:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b81499-be00-4e58-bde2-9a91dd2b03d9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b81499-be00-4e58-bde2-9a91dd2b03d9/1/Y4bd41wUj4l-nCddgGJ-CS6jwMc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.144.0/22
91.204.160.0-91.204.162.255
91.236.52.0/24
91.236.54.0/23
128.0.54.0/24
185.11.128.0/22
185.72.196.0/22
185.170.104.0/22
188.210.220.0/22
193.105.125.0/24
195.177.216.0/23
IPv6:
2a02:e7c0::/29
2a0b:5480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
50599
206972
Signature Algorithm: sha256WithRSAEncryption
9f:6c:65:0c:48:b9:9c:a8:bf:39:19:06:85:3d:31:d5:5b:6e:
97:68:f6:54:d1:73:12:b2:29:2f:62:64:f5:c5:c3:f8:12:f4:
ab:e6:51:1d:ac:12:fb:a6:d5:85:f7:e8:cb:7d:b2:d1:64:77:
25:5e:cc:17:23:3b:14:3b:8d:40:b4:bb:94:99:9e:19:ae:4e:
39:7b:c3:30:2d:38:87:d1:b7:c8:69:46:5c:7c:2e:4b:45:85:
bf:cb:9f:61:9a:9a:9f:46:cc:24:42:6d:7c:27:eb:cf:d9:7c:
ba:b9:ce:f3:30:1b:7d:c9:52:83:9e:cd:92:b5:49:a6:17:5f:
7c:40:af:b5:f0:e0:af:99:09:77:48:8e:91:1a:37:e6:c5:e4:
9e:a5:54:89:1d:9e:a2:ca:13:b9:45:7e:41:29:8d:ba:af:6d:
dc:69:37:01:5b:ea:c2:cc:21:71:c0:35:36:76:84:62:e0:42:
6b:bc:0f:94:5e:6b:34:8f:6b:14:d6:13:b4:34:71:44:08:a0:
e6:ba:69:28:f4:ae:a5:f8:00:94:6d:fe:8b:cc:34:1d:e2:e9:
e9:9c:39:22:87:fc:35:03:ae:a9:36:11:8b:87:04:a7:c0:b5:
3e:be:68:28:82:c3:a3:b0:63:22:5a:44:2f:fd:1f:7f:89:0a:
f2:72:fd:9d
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAYzGuFAiMOzTu5kcDqiXR+gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzg2ZGRlMzVjMTQ4Zjg5N2U5YzI3NWQ4MDYyN2UwOTJlYTNjMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLO2Nqqg9jLGs++B18pG/YkiZKgW
eTcDmL6lDPps9ComJVYby3CFWl8WENpegbe3hX8Ut3KlIAV7Y0+Ua3c+begShBO9
hJhkVQOCnngu+e3jQpkDJcXJWVgtMH/cn53zf+nC7CFZPf3UtVWNdYi9BA8vtRRy
Z2qwYZpBy2aNSbhrVlNWo5Ioh+cOCKWLk9DHQ9hC+ckxWon/SqwJ3FnR5DYGo4ci
7nTF/TYWCqlTIqovKOFzn+ENOLCmtFrK41i/dsJ/4KrzREumdfy9PqFfUzf5X3qJ
D1ZeNDSbKJr+fkGuj6AjoZa+O7luGc+oR+2/VQFcbZOedaZ7ncGWiihJoQIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFGOG3eNcFI+JfpwnXYBifgkuo8DHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQxL2I4MTQ5
OS1iZTAwLTRlNTgtYmRlMi05YTkxZGQyYjAzZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEvYjgxNDk5
LWJlMDAtNGU1OC1iZGUyLTlhOTFkZDJiMDNkOS8xL1k0YmQ0MXdVajRsLW5DZGRn
R0otQ1M2andNYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUF
BwEHAQH/BGowaDBQBAIAATBKAwQCWSiQMAwDBAVbzKADBABbzKIDBABb7DQDBAFb
7DYDBACAADYDBAK5C4ADBAK5SMQDBAK5qmgDBAK80twDBADBaX0DBAHDsdgwFAQC
AAIwDgMFAyoC58ADBQMqC1SAMB8GCCsGAQUFBwEIAQH/BBAwDqAMMAoCAwDFpwID
Ayh8MA0GCSqGSIb3DQEBCwUAA4IBAQCfbGUMSLmcqL85GQaFPTHVW26XaPZU0XMS
sikvYmT1xcP4EvSr5lEdrBL7ptWF9+jLfbLRZHclXswXIzsUO41AtLuUmZ4Zrk45
e8MwLTiH0bfIaUZcfC5LRYW/y59hmpqfRswkQm18J+vP2Xy6uc7zMBt9yVKDns2S
tUmmF198QK+18OCvmQl3SI6RGjfmxeSepVSJHZ6iyhO5RX5BKY26r23caTcBW+rC
zCFxwDU2doRi4EJrvA+UXms0j2sU1hO0NHFECKDmumko9K6l+ACUbf6LzDQd4unp
nDkih/w1A66pNhGLhwSnwLU+vmgogsOjsGMiWkQv/R9/iQrycv2d
-----END CERTIFICATE-----
Generated at Fri May 3 09:10:56 2024 by rpki-client on console-ams.rpki-client.org