Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
File: YKhR1ZNWypXUrnj6aTa6G4orHHo.cer (raw, json)
Hash identifier: DjdzJu9p1jSqMGmB7c4VFX1nzkxv0SAf8kSpsjRG1ok=
Subject key identifier: 60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DBECC0E9A0D5D956ECF1B6996600AB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44973
IP: 93.88.224.0/22
IP: 185.130.8.0/22
IP: 2a02:218::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ec:c0:e9:a0:d5:d9:56:ec:f1:b6:99:66:00:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60a851d59356ca95d4ae78fa6936ba1b8a2b1c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:77:db:2e:45:05:f1:ad:f6:d0:4a:24:89:
2e:21:fb:67:b1:da:2c:2b:bc:8a:d6:21:e7:3a:ea:
2d:4d:f7:c3:3a:ab:6f:be:32:33:a1:7b:a2:1d:18:
c3:26:fb:b1:f2:78:98:f5:b2:8c:6e:c3:c0:30:91:
57:2d:fe:af:f0:f5:0d:10:3d:28:a0:51:ca:c1:fd:
1c:5c:4a:ff:ba:02:85:f3:5e:c4:e7:45:55:29:05:
3d:0d:23:24:d4:8a:89:8d:0a:fd:4a:68:95:89:34:
50:b0:75:b0:43:1e:5f:dc:5f:5a:3b:f3:0f:9f:30:
c9:7c:70:0b:36:96:30:59:e1:e2:3b:4c:11:db:37:
56:77:dd:62:d2:19:cf:8c:d8:ea:c5:2d:14:6e:52:
99:71:d2:4b:57:fc:1c:aa:97:2d:fd:91:48:16:f8:
18:ac:74:6b:d1:3e:8c:bb:20:b1:52:d1:01:83:13:
f3:f1:c2:5d:77:cd:95:63:5a:be:7f:80:a4:79:7c:
b6:d2:5d:8a:1f:97:92:b4:a2:37:45:97:8b:30:1d:
bf:2a:36:33:69:13:3b:f0:36:4d:09:00:58:11:09:
a3:8e:c8:e9:60:4e:c4:cb:ed:f2:bb:c9:42:76:88:
3f:7c:ef:26:03:a5:ac:09:35:97:f5:ba:dd:02:8a:
ed:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.224.0/22
185.130.8.0/22
IPv6:
2a02:218::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44973
Signature Algorithm: sha256WithRSAEncryption
7b:4c:ce:d5:89:ba:d7:23:08:19:62:eb:5e:86:80:ef:e0:6b:
43:4e:15:34:7a:55:2a:df:ad:c3:81:27:c1:f2:d7:df:28:22:
e5:64:2a:54:5b:4c:61:ca:c1:a8:39:9b:fd:29:97:20:24:5e:
88:39:cd:19:05:12:58:b3:d6:a1:5b:63:79:8e:14:8a:a1:bc:
a5:8a:c4:a5:67:5b:55:53:bd:5b:9f:dd:9c:0e:ef:6d:d6:e5:
1d:44:9d:00:45:02:9e:53:19:24:b0:05:af:72:2a:7e:2c:bd:
38:7e:f5:85:4a:15:08:b6:0e:bd:f9:6d:cb:04:14:ca:fb:19:
ee:fa:d0:cb:f8:13:9f:7d:03:2f:06:b1:e3:b3:34:24:c3:fd:
cf:42:99:61:9b:62:ea:e2:4b:80:28:36:c8:d0:15:61:46:6d:
24:fa:06:ab:bb:62:70:4b:80:dc:dd:72:e0:07:54:4b:29:6b:
f0:e0:0e:75:29:6c:2a:0e:cf:bc:e7:cf:77:bf:11:ec:ce:ca:
39:73:02:ee:fe:96:6f:85:7a:ae:e1:e5:c8:0d:5f:20:41:da:
60:cf:46:0d:0b:23:6f:8f:95:a2:31:1a:e7:2b:63:f1:46:77:
c4:5c:de:be:00:09:79:0a:95:57:7c:66:68:89:eb:e5:ec:dd:
87:33:d3:dc
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzF2+zA6aDV2Vbs8baZZgCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE4NTFkNTkzNTZjYTk1ZDRhZTc4ZmE2OTM2YmExYjhhMmIxYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iB32y5FBfGt9tBKJIkuIftnsdos
K7yK1iHnOuotTffDOqtvvjIzoXuiHRjDJvux8niY9bKMbsPAMJFXLf6v8PUNED0o
oFHKwf0cXEr/ugKF817E50VVKQU9DSMk1IqJjQr9SmiViTRQsHWwQx5f3F9aO/MP
nzDJfHALNpYwWeHiO0wR2zdWd91i0hnPjNjqxS0UblKZcdJLV/wcqpct/ZFIFvgY
rHRr0T6MuyCxUtEBgxPz8cJdd82VY1q+f4CkeXy20l2KH5eStKI3RZeLMB2/KjYz
aRM78DZNCQBYEQmjjsjpYE7Ey+3yu8lCdog/fO8mA6WsCTWX9brdAortsQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGCoUdWTVsqV1K54+mk2uhuKKxx6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMwL2M5Nzg5
OC01ZTcyLTQ1NGEtYmUyZi01NDhlN2I3ZmE0ZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvYzk3ODk4
LTVlNzItNDU0YS1iZTJmLTU0OGU3YjdmYTRlMS8xL1lLaFIxWk5XeXBYVXJuajZh
VGE2RzRvckhIby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCXVjgAwQCuYIIMA0EAgACMAcDBQMqAgIYMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCvrTANBgkqhkiG9w0BAQsFAAOCAQEAe0zO
1Ym61yMIGWLrXoaA7+BrQ04VNHpVKt+tw4EnwfLX3ygi5WQqVFtMYcrBqDmb/SmX
ICReiDnNGQUSWLPWoVtjeY4UiqG8pYrEpWdbVVO9W5/dnA7vbdblHUSdAEUCnlMZ
JLAFr3Iqfiy9OH71hUoVCLYOvfltywQUyvsZ7vrQy/gTn30DLwax47M0JMP9z0KZ
YZti6uJLgCg2yNAVYUZtJPoGq7ticEuA3N1y4AdUSylr8OAOdSlsKg7PvOfPd78R
7M7KOXMC7v6Wb4V6ruHlyA1fIEHaYM9GDQsjb4+VojEa5ytj8UZ3xFzevgAJeQqV
V3xmaInr5ezdhzPT3A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:10:36 2024 by rpki-client on console-fra.rpki-client.org