Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
File: YhcForItk4GoI8l5xvTnc0I1I20.cer (raw, json)
Hash identifier: uqnhk8I6Zc1bDW6Ki6PO0DEkJOPpNnWrc8nSkYboxSA=
Subject key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C10267732ABD894481FA91DA0CDB3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:47:40 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 198355
IP: 37.18.240.0/21
IP: 185.91.136.0/22
IP: 2a03:26a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:10:26:77:32:ab:d8:94:48:1f:a9:1d:a0:cd:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=621705a2b22d9381a823c979c6f4e7734235236d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:68:90:5e:d7:70:2c:30:0d:b6:a0:e9:13:
03:79:40:2e:be:f5:91:d5:63:c4:6a:56:a6:70:10:
b4:45:50:46:69:7a:22:ba:d0:c8:ff:f8:87:9c:83:
6c:21:70:a8:b4:6e:28:fe:54:7c:ea:25:7b:44:31:
f2:5e:8e:5d:17:49:ec:af:47:27:7e:2d:e7:eb:73:
d9:af:3f:03:16:67:f6:3f:35:70:6e:e1:a0:cb:dc:
b9:b4:b7:52:28:57:7f:d7:55:00:bf:53:92:60:d1:
ef:1a:85:37:03:8e:c1:52:31:ab:a8:62:a4:46:ee:
ab:54:79:2d:31:31:90:c3:0b:a0:b2:44:38:2b:e2:
97:09:2e:3c:35:42:cc:42:84:3a:6b:19:da:63:64:
cb:ee:72:b4:fb:f9:71:e4:ad:ab:7a:b4:fe:75:d1:
01:35:9b:09:a5:6c:a1:bb:66:21:bb:02:e2:d3:c7:
ba:9a:b5:e6:47:4e:0b:4b:6c:16:59:4c:39:88:13:
c9:6f:36:d6:15:23:d1:4b:8d:36:58:eb:4f:40:7d:
a7:2f:70:89:8f:fc:cc:36:a0:c1:de:68:28:c4:67:
df:59:fb:dd:e2:34:67:e2:0e:22:92:11:01:36:a4:
e0:4f:ba:0e:da:4b:14:32:d4:95:31:8e:26:91:0b:
27:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.240.0/21
185.91.136.0/22
IPv6:
2a03:26a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198355
Signature Algorithm: sha256WithRSAEncryption
49:f7:b8:2a:08:39:e6:3e:3e:72:56:0f:21:d1:09:92:7a:9b:
c7:23:ee:44:35:33:c8:e8:66:18:e7:15:81:68:18:c3:2e:d5:
c0:ac:cc:86:35:ca:90:17:41:c2:99:66:d0:7e:3d:75:82:c3:
fd:7e:bc:3d:70:6e:7e:4b:07:65:84:0c:0b:f3:43:0e:da:79:
f3:80:97:e6:9c:17:3f:38:27:69:9d:03:fa:ca:b1:4a:5f:1d:
88:5e:23:eb:c0:bc:74:bf:79:92:ba:20:c0:36:e1:64:4c:ea:
1f:e5:55:3e:96:6a:a2:cf:16:f2:3c:21:44:af:2a:fc:c7:02:
a7:47:7e:de:00:0e:78:0a:cd:8e:6b:8a:07:09:20:a1:4c:d2:
5a:49:55:7d:07:f8:25:1a:7a:50:1b:f1:20:9b:7d:71:1c:a4:
4c:7d:6c:fd:58:b2:ee:ca:62:89:66:d9:57:29:3e:82:22:9c:
97:c8:1e:55:3e:bc:f2:d6:14:14:bc:f8:8a:4e:43:06:82:42:
8a:c4:ed:73:1f:8c:62:b5:0b:48:35:db:53:3e:6e:00:a1:12:
71:8c:37:34:41:76:bd:6c:48:8f:2d:d9:6f:03:3c:0e:ec:17:
a3:f0:21:3c:04:8b:b3:4b:cb:90:f3:65:38:40:e7:df:e6:2f:
92:54:30:c7
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQfjBAmdzKr2JRIH6kdoM2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE3MDVhMmIyMmQ5MzgxYTgyM2M5NzljNmY0ZTc3MzQyMzUyMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZpokF7XcCwwDbag6RMDeUAuvvWR
1WPEalamcBC0RVBGaXoiutDI//iHnINsIXCotG4o/lR86iV7RDHyXo5dF0nsr0cn
fi3n63PZrz8DFmf2PzVwbuGgy9y5tLdSKFd/11UAv1OSYNHvGoU3A47BUjGrqGKk
Ru6rVHktMTGQwwugskQ4K+KXCS48NULMQoQ6axnaY2TL7nK0+/lx5K2rerT+ddEB
NZsJpWyhu2YhuwLi08e6mrXmR04LS2wWWUw5iBPJbzbWFSPRS402WOtPQH2nL3CJ
j/zMNqDB3mgoxGffWfvd4jRn4g4ikhEBNqTgT7oO2ksUMtSVMY4mkQsndwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGIXBaKyLZOBqCPJecb053NCNSNtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjL2M5MjM0
ZC1lMTMzLTQxOTQtODRhYy03MWEzOWRiODhhMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvYzkyMzRk
LWUxMzMtNDE5NC04NGFjLTcxYTM5ZGI4OGEyMy8xL1loY0Zvckl0azRHb0k4bDV4
dlRuYzBJMUkyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDJRLwAwQCuVuIMA0EAgACMAcDBQAqAyagMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMG0zANBgkqhkiG9w0BAQsFAAOCAQEASfe4
Kgg55j4+clYPIdEJknqbxyPuRDUzyOhmGOcVgWgYwy7VwKzMhjXKkBdBwplm0H49
dYLD/X68PXBufksHZYQMC/NDDtp584CX5pwXPzgnaZ0D+sqxSl8diF4j68C8dL95
krogwDbhZEzqH+VVPpZqos8W8jwhRK8q/McCp0d+3gAOeArNjmuKBwkgoUzSWklV
fQf4JRp6UBvxIJt9cRykTH1s/Viy7spiiWbZVyk+giKcl8geVT688tYUFLz4ik5D
BoJCisTtcx+MYrULSDXbUz5uAKEScYw3NEF2vWxIjy3ZbwM8DuwXo/AhPASLs0vL
kPNlOEDn3+YvklQwxw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:48:01 2025 by rpki-client