Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
File: YLlhXfjGWdrIzAh70BHUtf83Pio.cer (raw, json)
Hash identifier: c5vgQunwhj0CuMgMWcW0m1SSfLuyRU4AoWJ6KJKJV5I=
Subject key identifier: 60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DF88EABC6DE4BF8CFF68CAB7141EC1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:32:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8589
IP: 185.121.124.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:88:ea:bc:6d:e4:bf:8c:ff:68:ca:b7:14:1e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:c6:ec:3f:97:d0:59:27:26:d4:28:6d:fb:
a1:51:27:d7:5e:5f:b9:c0:49:b5:43:06:b4:04:fd:
d1:46:bc:4a:fa:5e:3b:26:2f:fc:47:07:8a:ee:11:
bb:16:d9:46:c4:c0:61:51:48:b0:47:3e:5d:47:39:
5c:b8:57:4b:3d:45:31:cf:af:27:f0:78:0e:9b:21:
56:e0:8d:29:d5:fc:d4:dd:d9:e4:93:0f:6e:f1:a5:
2b:d0:50:c5:2b:e7:9a:71:b5:90:1c:2b:ce:46:b7:
d0:4f:55:1b:8a:45:7b:b2:fc:b7:31:d5:6a:4b:56:
69:3b:47:12:12:cc:de:f2:47:87:5f:46:66:f9:b0:
ce:ab:60:23:ba:45:61:6d:73:7a:26:ca:ce:67:87:
43:04:21:0c:96:00:2b:75:dc:d2:31:b5:fc:d6:6d:
4f:15:da:3a:b3:c7:36:fb:ae:be:c6:43:26:32:fc:
45:81:58:d2:14:39:ce:cc:f3:75:f2:29:33:44:b6:
b1:76:34:e1:81:82:a7:ce:1b:1b:32:72:e3:c9:82:
f2:69:16:0c:e1:fb:63:f9:dd:6b:a0:7d:81:86:8a:
09:ce:73:bd:a4:ee:ea:10:aa:1a:16:73:53:75:ac:
63:c0:d3:9b:07:20:e2:1a:bd:1c:cd:09:6d:9b:66:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.124.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8589
Signature Algorithm: sha256WithRSAEncryption
35:da:b9:ad:40:c1:83:5e:3b:a5:42:d7:e0:ef:8e:ad:44:39:
0e:ca:2a:6c:39:c0:31:09:e6:7d:7d:ec:f8:07:19:19:91:97:
5b:7e:d1:e4:bc:78:48:c0:74:71:39:db:0e:80:69:ee:7c:d3:
31:2a:a2:36:62:c2:e6:57:62:0b:a5:90:ab:8f:4d:ad:99:8a:
ea:87:58:f9:19:86:67:44:d3:46:55:6a:99:66:85:19:8c:80:
26:ca:62:6e:a2:b5:76:3f:3e:7b:96:03:3c:5c:30:b3:da:f7:
57:d7:2f:37:4d:55:0d:28:ac:14:39:c4:2c:a7:ee:88:f4:ac:
6e:15:80:11:66:b9:23:f3:e7:81:43:fc:09:93:ae:62:e2:d2:
0e:82:19:a3:e4:f3:d8:52:fc:f3:ff:a6:0b:f1:6d:a9:8f:d1:
9d:ff:b8:a3:75:2f:46:8a:6a:a4:da:8a:69:02:97:e5:62:2f:
0e:a9:ab:11:5d:3f:9e:2d:9f:b3:c2:51:ac:ab:0c:a0:55:b0:
b1:67:8e:1e:69:13:77:84:63:e7:bf:1a:fe:1f:17:2d:54:4c:
7c:9a:ea:77:29:9a:a7:c4:32:96:01:14:29:cb:cb:f6:02:2d:
eb:ad:ea:eb:49:1c:15:9c:22:23:b5:17:7f:cd:07:20:3c:a2:
3f:25:d4:a4
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzI34jqvG3kv4z/aMq3FB7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI5NjE1ZGY4YzY1OWRhYzhjYzA4N2JkMDExZDRiNWZmMzczZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ffG7D+X0FknJtQobfuhUSfXXl+5
wEm1Qwa0BP3RRrxK+l47Ji/8RweK7hG7FtlGxMBhUUiwRz5dRzlcuFdLPUUxz68n
8HgOmyFW4I0p1fzU3dnkkw9u8aUr0FDFK+eacbWQHCvORrfQT1UbikV7svy3MdVq
S1ZpO0cSEsze8keHX0Zm+bDOq2AjukVhbXN6JsrOZ4dDBCEMlgArddzSMbX81m1P
Fdo6s8c2+66+xkMmMvxFgVjSFDnOzPN18ikzRLaxdjThgYKnzhsbMnLjyYLyaRYM
4ftj+d1roH2BhooJznO9pO7qEKoaFnNTdaxjwNObByDiGr0czQltm2ZR+QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFGC5YV34xlnayMwIe9AR1LX/Nz4qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA1LzlhOGFk
OC1iNmM5LTRjNmMtYWMyNy02MmQ4ODFhYTkwNmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvOWE4YWQ4
LWI2YzktNGM2Yy1hYzI3LTYyZDg4MWFhOTA2Zi8xL1lMbGhYZmpHV2RySXpBaDcw
QkhVdGY4M1Bpby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuXl8MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AiGNMA0GCSqGSIb3DQEBCwUAA4IBAQA12rmtQMGDXjulQtfg746tRDkOyipsOcAx
CeZ9fez4BxkZkZdbftHkvHhIwHRxOdsOgGnufNMxKqI2YsLmV2ILpZCrj02tmYrq
h1j5GYZnRNNGVWqZZoUZjIAmymJuorV2Pz57lgM8XDCz2vdX1y83TVUNKKwUOcQs
p+6I9KxuFYARZrkj8+eBQ/wJk65i4tIOghmj5PPYUvzz/6YL8W2pj9Gd/7ijdS9G
imqk2oppApflYi8OqasRXT+eLZ+zwlGsqwygVbCxZ44eaRN3hGPnvxr+HxctVEx8
mup3KZqnxDKWARQpy8v2Ai3rrerrSRwVnCIjtRd/zQcgPKI/JdSk
-----END CERTIFICATE-----
Generated at Fri May 3 09:11:07 2024 by rpki-client on console-ams.rpki-client.org