Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer
File: Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.cer (raw, json)
Hash identifier: cjU1y+ztosXm8nEOQllAuODGc8B08cTz+iFqbH4RL+c=
Subject key identifier: 63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D13E3ADCB20889F514019561232A8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:29:37 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 39892
IP: 185.79.196.0/22
IP: 2a05:7780::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:13:e3:ad:cb:20:88:9f:51:40:19:56:12:32:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63f97267e7c00795309509f1e8d3d9cde0a76c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:87:59:f5:24:4d:27:21:f5:ef:c9:ce:07:c5:
c2:19:a9:c2:5f:ea:ce:16:35:51:b6:1e:5b:fe:3c:
2f:63:60:5a:f1:f9:0b:33:b0:ea:2c:67:09:7c:86:
f5:53:c2:cd:c3:c2:67:db:66:fa:9a:42:2d:ec:f3:
fb:5a:2b:06:a8:96:6f:5f:f2:79:ab:37:72:c0:ee:
4d:39:f2:c1:dd:a9:7e:13:37:3b:96:d6:53:c4:21:
48:67:2d:0f:cb:7f:9b:19:64:a9:09:86:fe:fb:bb:
25:f4:9f:4e:29:bd:f2:b2:59:0d:f9:ae:63:a7:22:
bf:83:53:fa:a9:a2:3f:f7:d0:43:6d:21:8e:fa:a9:
25:cb:99:30:8d:6c:51:f9:db:c8:23:ad:61:5d:d5:
76:ce:d7:5f:47:fc:52:32:af:13:d4:d3:bf:b6:65:
55:8d:4f:59:6b:39:29:3e:9a:89:03:2e:f8:3f:0c:
d4:54:64:fe:ff:a0:31:a5:e2:d6:5a:9c:ed:1f:89:
56:31:fe:b1:f3:04:f2:31:d1:cb:57:07:2b:82:67:
38:03:42:34:36:64:4d:6c:f6:05:35:b7:95:c1:a8:
a5:13:44:2f:03:1a:e9:75:db:7d:9a:ba:79:e7:30:
04:cc:ab:4d:53:b9:82:b5:68:3c:0c:09:ec:62:48:
69:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F9:72:67:E7:C0:07:95:30:95:09:F1:E8:D3:D9:CD:E0:A7:6C:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7a1c2e-75fb-44c6-a83c-14673c72a1df/1/Y_lyZ-fAB5UwlQnx6NPZzeCnbE4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.196.0/22
IPv6:
2a05:7780::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39892
Signature Algorithm: sha256WithRSAEncryption
a8:1b:04:40:3c:fa:22:9a:83:f2:6c:d9:cd:ce:bc:42:f8:77:
ac:cb:9f:ff:c7:24:23:63:d2:6d:97:d9:77:ce:c0:a4:be:fd:
30:0c:f4:35:dc:b0:d7:28:5e:67:ae:cb:4e:57:98:3d:07:0d:
42:21:4d:e3:4d:73:17:3c:44:ce:6b:32:c5:56:fc:23:1a:45:
94:b6:f5:d5:07:c5:f1:86:ec:ff:ec:d1:24:63:7c:57:82:ae:
8a:bd:57:36:19:84:67:46:f1:42:1c:ca:9a:a5:3f:0c:5c:6d:
61:f8:fd:9b:85:18:50:8e:7e:ca:41:fb:89:2b:96:d0:36:5f:
03:6c:7c:5b:d0:1e:fa:1e:fe:54:5e:1c:3b:fa:86:54:c4:d2:
30:b2:bb:f2:1e:a8:e8:7e:73:be:ae:33:3b:a2:e3:f9:68:6a:
4e:6b:af:39:08:7c:75:f7:40:e0:8a:5a:d0:8a:ab:a0:1e:01:
19:f4:a0:6d:92:b7:33:96:1c:77:55:5f:06:17:12:ac:33:5f:
0c:3f:22:b2:7e:eb:17:8d:c3:89:0a:eb:ca:de:0b:33:a5:d6:
0e:9c:f8:b9:45:3b:c7:90:b7:61:3d:df:1d:3b:a0:ea:90:ad:
c5:84:3f:1c:b7:a3:29:36:81:3b:7b:72:1c:05:da:c8:a9:d4:
44:3c:fb:03
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzCbRPjrcsgiJ9RQBlWEjKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y5NzI2N2U3YzAwNzk1MzA5NTA5ZjFlOGQzZDljZGUwYTc2YzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnodZ9SRNJyH178nOB8XCGanCX+rO
FjVRth5b/jwvY2Ba8fkLM7DqLGcJfIb1U8LNw8Jn22b6mkIt7PP7WisGqJZvX/J5
qzdywO5NOfLB3al+Ezc7ltZTxCFIZy0Py3+bGWSpCYb++7sl9J9OKb3yslkN+a5j
pyK/g1P6qaI/99BDbSGO+qkly5kwjWxR+dvII61hXdV2ztdfR/xSMq8T1NO/tmVV
jU9ZazkpPpqJAy74PwzUVGT+/6AxpeLWWpztH4lWMf6x8wTyMdHLVwcrgmc4A0I0
NmRNbPYFNbeVwailE0QvAxrpddt9mrp55zAEzKtNU7mCtWg8DAnsYkhp2wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGP5cmfnwAeVMJUJ8ejT2c3gp2xOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y1LzdhMWMy
ZS03NWZiLTQ0YzYtYTgzYy0xNDY3M2M3MmExZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUvN2ExYzJl
LTc1ZmItNDRjNi1hODNjLTE0NjczYzcyYTFkZi8xL1lfbHlaLWZBQjVVd2xRbng2
TlBaemVDbmJFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuU/EMA0EAgACMAcDBQMqBXeAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCb1DANBgkqhkiG9w0BAQsFAAOCAQEAqBsEQDz6IpqD
8mzZzc68Qvh3rMuf/8ckI2PSbZfZd87ApL79MAz0Ndyw1yheZ67LTleYPQcNQiFN
401zFzxEzmsyxVb8IxpFlLb11QfF8Ybs/+zRJGN8V4Kuir1XNhmEZ0bxQhzKmqU/
DFxtYfj9m4UYUI5+ykH7iSuW0DZfA2x8W9Ae+h7+VF4cO/qGVMTSMLK78h6o6H5z
vq4zO6Lj+WhqTmuvOQh8dfdA4Ipa0IqroB4BGfSgbZK3M5Ycd1VfBhcSrDNfDD8i
sn7rF43DiQrryt4LM6XWDpz4uUU7x5C3YT3fHTug6pCtxYQ/HLejKTaBO3tyHAXa
yKnURDz7Aw==
-----END CERTIFICATE-----
Generated at Fri May 3 03:05:34 2024 by rpki-client on console-fra.rpki-client.org