Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer
File: Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer (raw, json)
Hash identifier: Wz+j/a4XvfQLn6DGjC6j6kFGiaqJbURJT+QYGK9IrH4=
Subject key identifier: 63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B7CA3292FE4741BB6A49A42EA3BE52
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Y4xQnLd7AUm29m9QGfhYs6z5Quk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:29:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 29562
IP: 5.10.48.0/20
IP: 5.56.176.0 -- 5.56.255.255
IP: 5.158.128.0/18
IP: 37.49.0.0/17
IP: 37.209.0.0/17
IP: 46.5.0.0/16
IP: 46.223.0.0/16
IP: 46.237.192.0/18
IP: 78.42.0.0/15
IP: 82.212.0.0/18
IP: 85.216.0.0/17
IP: 91.89.0.0/16
IP: 95.208.0.0/16
IP: 109.192.0.0/15
IP: 134.3.0.0/16
IP: 149.172.0.0/16
IP: 185.2.140.0/22
IP: 217.8.48.0/20
IP: 2a02:8070::/31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ca:32:92:fe:47:41:bb:6a:49:a4:2e:a3:be:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=638c509cb77b0149b6f66f5019f858b3acf942e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:57:bb:ae:9c:e9:a0:4f:29:0f:42:f3:7b:0a:
10:17:31:30:d5:9e:69:16:d9:8b:7b:8a:74:d6:72:
d1:f2:66:ff:6d:75:de:25:3f:9c:d7:c1:58:4d:f1:
11:d6:16:b1:14:37:5e:26:c6:94:37:37:49:07:c6:
57:5a:11:3a:32:0d:6d:a4:88:45:47:83:bc:3f:d2:
63:3b:58:1c:58:4a:d2:c5:ef:d0:fe:cd:54:ad:83:
34:73:0f:44:25:7b:f2:29:50:03:57:e8:03:21:ec:
79:c6:b5:12:cf:0d:9d:6e:a4:17:3e:d6:d2:1b:cf:
76:bd:d4:15:99:60:46:3a:c0:3a:90:76:4e:82:50:
6f:43:65:88:b5:43:f0:46:ad:7f:80:3f:f1:77:3e:
58:b6:72:88:db:46:9b:5e:39:69:a2:75:3e:83:ea:
ae:43:db:4d:02:d8:e6:ce:d7:81:f5:8f:d7:a3:e1:
c6:9e:c5:0c:0e:5a:f4:13:d3:89:5d:06:84:b3:a9:
18:94:6e:5f:8f:00:09:fd:cb:58:c8:06:74:31:d4:
a1:b7:00:b7:bb:f2:b7:25:ea:5e:90:ff:e0:11:5c:
81:5e:53:15:af:f0:f2:04:ff:3d:c4:09:ce:e9:69:
26:48:2d:03:1a:e3:1b:3d:f3:9a:9f:04:64:30:a1:
c5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Y4xQnLd7AUm29m9QGfhYs6z5Quk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.48.0/20
5.56.176.0-5.56.255.255
5.158.128.0/18
37.49.0.0/17
37.209.0.0/17
46.5.0.0/16
46.223.0.0/16
46.237.192.0/18
78.42.0.0/15
82.212.0.0/18
85.216.0.0/17
91.89.0.0/16
95.208.0.0/16
109.192.0.0/15
134.3.0.0/16
149.172.0.0/16
185.2.140.0/22
217.8.48.0/20
IPv6:
2a02:8070::/31
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29562
Signature Algorithm: sha256WithRSAEncryption
97:2c:b0:df:ed:a8:b8:d5:74:16:08:49:3a:87:5b:3c:cf:04:
ca:29:32:ee:e9:cd:aa:af:c4:55:c5:df:00:a2:05:45:07:fa:
c4:fa:17:80:87:5c:ac:c9:33:ae:f2:99:c2:2d:1a:85:04:ea:
c2:0d:d9:2c:21:46:48:8b:ca:92:a2:cb:78:7b:b5:26:d2:7d:
0a:6e:de:c9:f4:d2:71:7f:9f:04:cf:16:23:9a:c3:b3:fb:b5:
c5:fe:50:50:9e:d0:6a:18:4b:8e:d2:ab:7b:3c:c0:f4:eb:fb:
75:31:69:fc:cc:bd:37:0f:ce:3e:1d:a9:c3:a2:ff:11:50:bf:
3d:3c:0d:15:b4:27:d7:42:fb:51:50:f5:3f:2c:8d:9f:d3:20:
a6:56:9e:02:ac:dc:81:de:57:61:7f:3c:c0:db:8e:65:63:e5:
78:13:3b:45:5d:a3:4c:da:32:1f:53:5b:11:04:41:50:63:2a:
72:b5:c5:4e:3d:3e:1e:6b:37:8a:51:d1:28:bf:03:04:9a:16:
31:6e:b7:fe:59:b8:8d:6e:4b:49:0b:8c:65:f9:e2:b2:23:cf:
b1:9d:22:79:72:c7:b7:ef:51:55:a1:f8:c3:0f:e7:f5:45:44:
6f:3c:77:86:45:e3:a8:7b:a8:12:c0:95:36:98:fc:35:82:5c:
4a:bc:7e:47
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYzGt8oykv5HQbtqSaQuo75SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhjNTA5Y2I3N2IwMTQ5YjZmNjZmNTAxOWY4NThiM2FjZjk0MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1e7rpzpoE8pD0LzewoQFzEw1Z5p
FtmLe4p01nLR8mb/bXXeJT+c18FYTfER1haxFDdeJsaUNzdJB8ZXWhE6Mg1tpIhF
R4O8P9JjO1gcWErSxe/Q/s1UrYM0cw9EJXvyKVADV+gDIex5xrUSzw2dbqQXPtbS
G892vdQVmWBGOsA6kHZOglBvQ2WItUPwRq1/gD/xdz5YtnKI20abXjlponU+g+qu
Q9tNAtjmzteB9Y/Xo+HGnsUMDlr0E9OJXQaEs6kYlG5fjwAJ/ctYyAZ0MdShtwC3
u/K3JepekP/gEVyBXlMVr/DyBP89xAnO6WkmSC0DGuMbPfOanwRkMKHFBQIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFGOMUJy3ewFJtvZvUBn4WLOs+ULpMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q4Lzg2MGE1
ZS1lMGQwLTQ0ZjUtOWM1NC0zY2M0ZmY5YWExYmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgvODYwYTVl
LWUwZDAtNDRmNS05YzU0LTNjYzRmZjlhYTFiYy8xL1k0eFFuTGQ3QVVtMjltOVFH
ZmhZczZ6NVF1ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGVBggrBgEF
BQcBBwEB/wSBhTCBgjBxBAIAATBrAwQEBQowMAsDBAQFOLADAwAFOAMEBgWegAME
ByUxAAMEByXRAAMDAC4FAwMALt8DBAYu7cADAwFOKgMEBlLUAAMEB1XYAAMDAFtZ
AwMAX9ADAwFtwAMDAIYDAwMAlawDBAK5AowDBATZCDAwDQQCAAIwBwMFASoCgHAw
GQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICc3owDQYJKoZIhvcNAQELBQADggEBAJcs
sN/tqLjVdBYISTqHWzzPBMopMu7pzaqvxFXF3wCiBUUH+sT6F4CHXKzJM67ymcIt
GoUE6sIN2SwhRkiLypKiy3h7tSbSfQpu3sn00nF/nwTPFiOaw7P7tcX+UFCe0GoY
S47Sq3s8wPTr+3UxafzMvTcPzj4dqcOi/xFQvz08DRW0J9dC+1FQ9T8sjZ/TIKZW
ngKs3IHeV2F/PMDbjmVj5XgTO0Vdo0zaMh9TWxEEQVBjKnK1xU49Ph5rN4pR0Si/
AwSaFjFut/5ZuI1uS0kLjGX54rIjz7GdInlyx7fvUVWh+MMP5/VFRG88d4ZF46h7
qBLAlTaY/DWCXEq8fkc=
-----END CERTIFICATE-----
Generated at Fri May 3 03:05:07 2024 by rpki-client on console-fra.rpki-client.org