Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
File: YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer (raw, json)
Hash identifier: V2meUsUHBTsuO1R6irJbX1HzcfAdZphtQB/xysl0Nys=
Subject key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DF95158FCD585445062B60732B765FADE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 01 Mar 2024 09:21:14 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 197706
IP: 31.171.152.0/21
IP: 45.66.252.0/22
IP: 45.142.24.0/22
IP: 91.217.6.0/23
IP: 91.217.72.0/23
IP: 109.74.28.0/22
IP: 109.104.132.0 -- 109.104.143.255
IP: 109.104.156.0/22
IP: 185.53.100.0/22
IP: 185.233.124.0/22
IP: 194.113.80.0/23
IP: 194.113.94.0/23
IP: 2a04:27c0::/29
IP: 2a09:6e40::/29
IP: 2a09:6ec0::/29
IP: 2a0d:27c0::/29
IP: 2a0d:42c0::/29
IP: 2a0d:4a40::/29
IP: 2a0e:3f00::/29
IP: 2a0e:4f00::/29
IP: 2a0e:d4c0::/29
IP: 2a0f:42c0::/29
IP: 2a0f:a880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:51:58:fc:d5:85:44:50:62:b6:07:32:b7:65:fa:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 1 09:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=624ad4535ac88dd534199f2a726095af71afe44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c3:71:57:ab:c9:bc:32:ae:cc:0a:69:5c:
4c:52:80:78:9a:de:be:c1:58:19:f5:71:35:91:0d:
16:00:76:77:b0:b3:44:2d:30:9d:d5:a8:6a:6c:4f:
0e:99:2a:37:4b:bc:ac:91:15:8f:06:2d:e9:54:a0:
bd:c4:28:a9:26:3d:f4:8b:1e:1b:82:48:c0:32:4d:
a3:88:f3:b6:89:0e:f4:32:c4:83:67:fa:65:dc:e1:
24:be:6b:f5:c6:cc:a2:06:17:cc:9e:e3:ab:1b:0a:
94:58:c9:dc:99:99:51:0c:ec:2c:0e:83:f5:fe:93:
e0:f8:b8:53:b6:68:ed:f6:cb:52:b4:ae:44:3b:84:
d3:10:cd:47:0d:e2:e2:ec:cb:c8:4e:c8:3b:27:f2:
63:31:e0:7b:04:a7:c1:58:4d:30:d8:3e:4c:46:c7:
80:4f:63:93:ba:5a:98:6a:70:67:20:d2:ac:40:0b:
df:b1:11:29:3b:55:e4:32:88:98:1a:fe:b1:70:cd:
48:b1:44:1d:14:fa:28:ff:7c:91:33:c7:85:48:db:
64:a7:ca:b3:09:db:c4:5a:1c:f2:30:6e:3b:26:1d:
7f:6f:62:e9:aa:06:68:b4:15:9c:cc:2e:ff:a2:ae:
50:5d:89:54:09:4f:0d:ef:50:1d:4d:10:4d:89:a7:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
91.217.6.0/23
91.217.72.0/23
109.74.28.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197706
Signature Algorithm: sha256WithRSAEncryption
89:93:f9:10:12:7a:bc:fd:24:fe:7f:e7:f0:5d:5d:93:a6:6e:
42:01:52:0c:92:3e:8d:90:79:f7:9f:80:7f:dd:0c:41:38:ae:
e0:5c:31:af:0a:e9:1c:88:f3:ac:a1:8f:f6:dd:e5:b9:e9:0e:
52:66:0c:e6:cf:0e:d7:9b:d6:98:4a:23:a8:89:2d:09:e9:17:
e2:3b:7e:6a:f0:88:76:a1:fa:4c:cd:a9:ee:af:69:4b:6b:bd:
cd:49:4b:fc:e7:18:60:a2:e7:58:9c:11:ca:7d:78:b9:40:bc:
f9:c0:4f:63:67:20:84:74:06:e8:60:9c:e1:30:72:85:ac:c1:
30:20:73:37:1b:ed:c2:e2:6a:19:1d:79:94:37:5b:f8:dd:66:
a5:c4:6c:2b:84:7f:d8:57:ef:51:9b:12:c1:d8:69:41:4e:22:
2c:4e:a0:d2:e7:cd:ad:6c:e3:a9:fe:d7:75:24:04:a1:4d:eb:
2a:e2:f6:e5:61:28:b7:87:d7:ea:b7:3d:49:e0:7a:db:74:90:
4b:fe:a5:6d:3b:16:79:8f:c9:df:ce:d9:91:6b:85:30:40:58:
d0:66:3d:e5:06:31:ec:12:5c:78:2c:5d:7f:0d:2f:fd:f7:29:
61:66:81:81:dd:7f:8c:19:3b:8a:3a:4a:bd:44:ee:19:6a:14:
98:e5:d9:4f
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAY35UVj81YVEUGK2BzK3ZfreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzAxMDkyMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfDcVerybwyrswKaVxMUoB4mt6+
wVgZ9XE1kQ0WAHZ3sLNELTCd1ahqbE8OmSo3S7yskRWPBi3pVKC9xCipJj30ix4b
gkjAMk2jiPO2iQ70MsSDZ/pl3OEkvmv1xsyiBhfMnuOrGwqUWMncmZlRDOwsDoP1
/pPg+LhTtmjt9stStK5EO4TTEM1HDeLi7MvITsg7J/JjMeB7BKfBWE0w2D5MRseA
T2OTulqYanBnINKsQAvfsREpO1XkMoiYGv6xcM1IsUQdFPoo/3yRM8eFSNtkp8qz
CdvEWhzyMG47Jh1/b2LpqgZotBWczC7/oq5QXYlUCU8N71AdTRBNiacNzwIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFGJK1FNayI3VNBmfKnJgla9xr+ROMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2FhMTAx
OS01NjRmLTRjNDYtYTIxNy1mYjU5NDk4MDhkZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYWExMDE5
LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRVMEdaOHFj
bUNWcjNHdjVFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHABggrBgEF
BQcBBwEB/wSBsDCBrTBWBAIAATBQAwQDH6uYAwQCLUL8AwQCLY4YAwQBW9kGAwQB
W9lIAwQCbUocMAwDBAJtaIQDBARtaIADBAJtaJwDBAK5NWQDBAK56XwDBAHCcVAD
BAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKgluwAMFAyoNJ8ADBQMqDULA
AwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoPQsADBQMqD6iAMBoGCCsG
AQUFBwEIAQH/BAswCaAHMAUCAwMESjANBgkqhkiG9w0BAQsFAAOCAQEAiZP5EBJ6
vP0k/n/n8F1dk6ZuQgFSDJI+jZB595+Af90MQTiu4FwxrwrpHIjzrKGP9t3luekO
UmYM5s8O15vWmEojqIktCekX4jt+avCIdqH6TM2p7q9pS2u9zUlL/OcYYKLnWJwR
yn14uUC8+cBPY2cghHQG6GCc4TByhazBMCBzNxvtwuJqGR15lDdb+N1mpcRsK4R/
2FfvUZsSwdhpQU4iLE6g0ufNrWzjqf7XdSQEoU3rKuL25WEot4fX6rc9SeB623SQ
S/6lbTsWeY/J387ZkWuFMEBY0GY95QYx7BJceCxdfw0v/fcpYWaBgd1/jBk7ijpK
vUTuGWoUmOXZTw==
-----END CERTIFICATE-----
Generated at Fri May 3 13:48:15 2024 by rpki-client on console-ams.rpki-client.org