Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YTIzl9blKd_wbHzxTRdg1ucGqm8.cer
File: YTIzl9blKd_wbHzxTRdg1ucGqm8.cer (raw, json)
Hash identifier: oik5WJ2JeFibu0i8dlHAkGyqAmWNYA0xjYmTySInUk8=
Subject key identifier: 61:32:33:97:D6:E5:29:DF:F0:6C:7C:F1:4D:17:60:D6:E7:06:AA:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019300831A1286FF10C9F1AADB7E6E6E6244
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/YTIzl9blKd_wbHzxTRdg1ucGqm8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 06 Nov 2024 08:06:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 202663
IP: 89.35.135.0/24
IP: 171.22.240.0/24
IP: 2a0e:9400::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:83:1a:12:86:ff:10:c9:f1:aa:db:7e:6e:6e:62:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Nov 6 08:06:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61323397d6e529dff06c7cf14d1760d6e706aa6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cb:05:4c:52:1d:de:44:37:9c:6a:73:80:e7:
67:4e:3d:60:70:9f:1e:0d:d6:19:e8:af:c9:12:84:
ef:8a:73:67:01:39:c1:6d:f0:92:ea:c5:5d:a1:ef:
2b:4b:5d:82:fc:0f:ee:a8:d4:56:9e:c7:2e:93:df:
e5:0f:15:2c:ae:42:1f:76:9c:da:70:ab:60:0a:8c:
47:61:dd:2a:73:ed:b2:55:41:50:c3:c6:95:82:f8:
2e:c6:30:be:29:9d:d6:0c:98:33:a6:74:1e:89:c6:
66:40:23:75:c7:41:73:51:e0:db:33:18:79:5a:bb:
8a:3d:e7:07:2d:96:13:b0:bf:1b:a8:7d:a0:bc:fe:
f9:ac:d9:17:a2:24:7e:60:98:bd:1f:3c:b0:5b:7a:
c3:9d:80:a5:9e:ff:f7:b1:da:90:19:a3:ae:a2:63:
5f:48:5c:c4:22:52:07:2c:50:d3:f8:85:e6:66:aa:
fa:77:8e:70:c2:1b:08:f3:be:c2:29:66:5a:e8:f3:
33:f8:b1:c3:32:30:5e:dc:79:7c:9b:d4:29:d3:90:
65:a6:84:ad:f2:14:bb:dd:f2:21:56:a5:0d:f5:26:
ff:61:78:0c:1d:c6:3c:6b:2e:03:f3:5a:f9:6a:20:
cc:18:6a:e7:6f:b8:b2:2d:3e:27:30:9c:84:9e:0d:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:32:33:97:D6:E5:29:DF:F0:6C:7C:F1:4D:17:60:D6:E7:06:AA:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/YTIzl9blKd_wbHzxTRdg1ucGqm8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.135.0/24
171.22.240.0/24
IPv6:
2a0e:9400::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202663
Signature Algorithm: sha256WithRSAEncryption
ab:17:f6:f4:62:68:03:d8:25:cc:58:93:86:fa:15:02:ea:35:
3c:93:47:c8:99:00:39:4c:76:8f:3f:7d:51:46:ee:ad:a8:8e:
32:ee:03:8a:13:c3:4b:41:8f:a4:d1:26:fe:a4:db:28:37:49:
e9:ba:3b:08:2a:56:b9:72:67:3c:d9:37:a3:70:c9:ac:24:2e:
ef:cf:2b:ea:43:85:0c:10:ea:b7:ee:e3:94:df:8b:6d:21:b3:
79:a1:99:25:79:2a:00:a1:e0:e7:4c:c2:28:80:2b:25:b6:7e:
e4:96:ad:d3:1e:a6:11:01:b2:18:25:15:b4:d7:8d:1d:2e:fb:
57:f8:c2:57:bd:80:f8:bb:b1:6c:09:4e:b2:a9:1f:9b:05:b6:
f7:3a:cd:2f:f6:2c:7b:a0:7a:d8:ad:4a:62:6e:2c:15:14:23:
5d:7e:ad:1b:b4:41:28:a2:b4:98:ff:09:b3:62:9f:78:a7:31:
65:07:f6:9c:df:e0:8f:71:95:91:1d:0c:fa:b4:d3:98:46:bf:
15:d0:84:6e:e8:70:64:2d:18:a7:90:1c:98:90:2c:4f:af:43:
fe:5d:4b:db:eb:7c:c3:2f:a4:28:f6:c3:8f:4f:85:2c:4d:a5:
6b:d1:66:f8:50:0f:89:9b:61:79:d2:1b:f1:15:87:23:ef:05:
15:77:0c:57
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZMAgxoShv8QyfGq235ubmJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMTA2MDgwNjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMyMzM5N2Q2ZTUyOWRmZjA2YzdjZjE0ZDE3NjBkNmU3MDZhYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMsFTFId3kQ3nGpzgOdnTj1gcJ8e
DdYZ6K/JEoTvinNnATnBbfCS6sVdoe8rS12C/A/uqNRWnscuk9/lDxUsrkIfdpza
cKtgCoxHYd0qc+2yVUFQw8aVgvguxjC+KZ3WDJgzpnQeicZmQCN1x0FzUeDbMxh5
WruKPecHLZYTsL8bqH2gvP75rNkXoiR+YJi9HzywW3rDnYClnv/3sdqQGaOuomNf
SFzEIlIHLFDT+IXmZqr6d45wwhsI877CKWZa6PMz+LHDMjBe3Hl8m9Qp05BlpoSt
8hS73fIhVqUN9Sb/YXgMHcY8ay4D81r5aiDMGGrnb7iyLT4nMJyEng1BJQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGEyM5fW5Snf8Gx88U0XYNbnBqpvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBiL2JhMzkx
Yi1jYjg5LTRlMjEtOTQ0YS1lZjMzZDg1YTRhODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIvYmEzOTFi
LWNiODktNGUyMS05NDRhLWVmMzNkODVhNGE4Ni8xL1lUSXpsOWJsS2Rfd2JIenhU
UmRnMXVjR3FtOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAWSOHAwQAqxbwMA0EAgACMAcDBQMqDpQAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMXpzANBgkqhkiG9w0BAQsFAAOCAQEAqxf2
9GJoA9glzFiThvoVAuo1PJNHyJkAOUx2jz99UUburaiOMu4DihPDS0GPpNEm/qTb
KDdJ6bo7CCpWuXJnPNk3o3DJrCQu788r6kOFDBDqt+7jlN+LbSGzeaGZJXkqAKHg
50zCKIArJbZ+5Jat0x6mEQGyGCUVtNeNHS77V/jCV72A+LuxbAlOsqkfmwW29zrN
L/Yse6B62K1KYm4sFRQjXX6tG7RBKKK0mP8Js2KfeKcxZQf2nN/gj3GVkR0M+rTT
mEa/FdCEbuhwZC0Yp5AcmJAsT69D/l1L2+t8wy+kKPbDj0+FLE2la9Fm+FAPiZth
edIb8RWHI+8FFXcMVw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:30:33 2024 by rpki-client on console-ams.rpki-client.org