Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
File: YhcForItk4GoI8l5xvTnc0I1I20.cer (raw, json)
Hash identifier: hpvSpskI8OhL8GI7C4ZDdBQABYJcKEMBor6BJkFAU94=
Subject key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC795537292A566F219F38E257EDF7E0B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:31:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 198355
IP: 37.18.240.0/21
IP: 185.91.136.0/22
IP: 2a03:26a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:53:72:92:a5:66:f2:19:f3:8e:25:7e:df:7e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=621705a2b22d9381a823c979c6f4e7734235236d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:68:90:5e:d7:70:2c:30:0d:b6:a0:e9:13:
03:79:40:2e:be:f5:91:d5:63:c4:6a:56:a6:70:10:
b4:45:50:46:69:7a:22:ba:d0:c8:ff:f8:87:9c:83:
6c:21:70:a8:b4:6e:28:fe:54:7c:ea:25:7b:44:31:
f2:5e:8e:5d:17:49:ec:af:47:27:7e:2d:e7:eb:73:
d9:af:3f:03:16:67:f6:3f:35:70:6e:e1:a0:cb:dc:
b9:b4:b7:52:28:57:7f:d7:55:00:bf:53:92:60:d1:
ef:1a:85:37:03:8e:c1:52:31:ab:a8:62:a4:46:ee:
ab:54:79:2d:31:31:90:c3:0b:a0:b2:44:38:2b:e2:
97:09:2e:3c:35:42:cc:42:84:3a:6b:19:da:63:64:
cb:ee:72:b4:fb:f9:71:e4:ad:ab:7a:b4:fe:75:d1:
01:35:9b:09:a5:6c:a1:bb:66:21:bb:02:e2:d3:c7:
ba:9a:b5:e6:47:4e:0b:4b:6c:16:59:4c:39:88:13:
c9:6f:36:d6:15:23:d1:4b:8d:36:58:eb:4f:40:7d:
a7:2f:70:89:8f:fc:cc:36:a0:c1:de:68:28:c4:67:
df:59:fb:dd:e2:34:67:e2:0e:22:92:11:01:36:a4:
e0:4f:ba:0e:da:4b:14:32:d4:95:31:8e:26:91:0b:
27:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.240.0/21
185.91.136.0/22
IPv6:
2a03:26a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198355
Signature Algorithm: sha256WithRSAEncryption
16:6f:ac:47:45:5b:fe:f1:64:df:7d:9b:a5:e1:d5:11:d7:51:
71:63:e7:de:a4:28:b0:aa:c6:fe:b1:6f:70:33:cb:c0:80:38:
e6:d7:f2:62:2c:aa:a8:fd:fd:b6:46:03:67:df:3f:56:10:e4:
3b:8c:1d:b4:98:c2:41:8f:e5:c3:eb:ba:d6:73:ae:c6:b3:02:
49:ad:4a:55:84:8f:2d:23:20:b3:aa:d5:ff:9e:49:cb:40:24:
bb:03:b7:4c:1c:12:84:2f:d4:7d:21:a1:bd:11:7e:4a:52:63:
a8:10:d9:63:7d:ee:09:51:fb:2f:d0:6d:97:66:85:89:9a:ff:
24:a6:58:1f:58:bd:92:2a:2a:0a:36:fe:a5:83:82:97:36:08:
ec:7a:a4:a6:c9:b7:06:5d:f6:ea:48:a5:ba:a1:31:26:c7:15:
42:bc:0a:bc:f7:46:f3:a4:8c:b8:87:50:fd:5b:e7:15:95:15:
e3:6c:b9:f0:3a:ce:26:86:e7:96:19:f1:e5:dc:6a:15:e8:fa:
2b:83:de:e6:3c:9d:ed:3b:34:5a:50:4e:3b:0c:36:22:fc:ea:
46:e3:34:76:01:53:a7:4a:b6:a9:5b:c0:5c:f7:c8:5f:e3:e3:
34:02:4c:45:f4:63:0d:15:75:a6:38:cd:ba:4c:fb:1d:e2:22:
6d:30:f2:9f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzHlVNykqVm8hnzjiV+334LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE3MDVhMmIyMmQ5MzgxYTgyM2M5NzljNmY0ZTc3MzQyMzUyMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZpokF7XcCwwDbag6RMDeUAuvvWR
1WPEalamcBC0RVBGaXoiutDI//iHnINsIXCotG4o/lR86iV7RDHyXo5dF0nsr0cn
fi3n63PZrz8DFmf2PzVwbuGgy9y5tLdSKFd/11UAv1OSYNHvGoU3A47BUjGrqGKk
Ru6rVHktMTGQwwugskQ4K+KXCS48NULMQoQ6axnaY2TL7nK0+/lx5K2rerT+ddEB
NZsJpWyhu2YhuwLi08e6mrXmR04LS2wWWUw5iBPJbzbWFSPRS402WOtPQH2nL3CJ
j/zMNqDB3mgoxGffWfvd4jRn4g4ikhEBNqTgT7oO2ksUMtSVMY4mkQsndwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGIXBaKyLZOBqCPJecb053NCNSNtMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FjL2M5MjM0
ZC1lMTMzLTQxOTQtODRhYy03MWEzOWRiODhhMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMvYzkyMzRk
LWUxMzMtNDE5NC04NGFjLTcxYTM5ZGI4OGEyMy8xL1loY0Zvckl0azRHb0k4bDV4
dlRuYzBJMUkyMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDJRLwAwQCuVuIMA0EAgACMAcDBQAqAyagMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMG0zANBgkqhkiG9w0BAQsFAAOCAQEAFm+s
R0Vb/vFk332bpeHVEddRcWPn3qQosKrG/rFvcDPLwIA45tfyYiyqqP39tkYDZ98/
VhDkO4wdtJjCQY/lw+u61nOuxrMCSa1KVYSPLSMgs6rV/55Jy0AkuwO3TBwShC/U
fSGhvRF+SlJjqBDZY33uCVH7L9Btl2aFiZr/JKZYH1i9kioqCjb+pYOClzYI7Hqk
psm3Bl326kiluqExJscVQrwKvPdG86SMuIdQ/VvnFZUV42y58DrOJobnlhnx5dxq
Fej6K4Pe5jyd7Ts0WlBOOww2IvzqRuM0dgFTp0q2qVvAXPfIX+PjNAJMRfRjDRV1
pjjNukz7HeIibTDynw==
-----END CERTIFICATE-----
Generated at Fri May 3 09:11:19 2024 by rpki-client on console-ams.rpki-client.org