Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
File: YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer (raw, json)
Hash identifier: RAYsSPQ9mzBRL+NbG+i1o2wh0sGCzXmr+IBKAy1gwP0=
Subject key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01916AC517BED14E836032FD4F7E6F5C237B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 19 Aug 2024 13:13:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 197706
IP: 31.171.152.0/21
IP: 45.66.252.0/22
IP: 45.142.24.0/22
IP: 91.217.6.0/23
IP: 91.217.72.0/23
IP: 103.93.40.0/22
IP: 103.111.0.0/22
IP: 109.74.28.0/22
IP: 109.104.132.0 -- 109.104.143.255
IP: 109.104.156.0/22
IP: 144.48.52.0/22
IP: 185.53.100.0/22
IP: 185.153.124.0/22
IP: 185.233.124.0/22
IP: 194.113.80.0/23
IP: 194.113.94.0/23
IP: 2a04:27c0::/29
IP: 2a09:6e40::/29
IP: 2a09:6ec0::/29
IP: 2a0d:27c0::/29
IP: 2a0d:42c0::/29
IP: 2a0d:4a40::/29
IP: 2a0e:3f00::/29
IP: 2a0e:4f00::/29
IP: 2a0e:d4c0::/29
IP: 2a0f:42c0::/29
IP: 2a0f:a880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:c5:17:be:d1:4e:83:60:32:fd:4f:7e:6f:5c:23:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 19 13:13:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=624ad4535ac88dd534199f2a726095af71afe44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:c3:71:57:ab:c9:bc:32:ae:cc:0a:69:5c:
4c:52:80:78:9a:de:be:c1:58:19:f5:71:35:91:0d:
16:00:76:77:b0:b3:44:2d:30:9d:d5:a8:6a:6c:4f:
0e:99:2a:37:4b:bc:ac:91:15:8f:06:2d:e9:54:a0:
bd:c4:28:a9:26:3d:f4:8b:1e:1b:82:48:c0:32:4d:
a3:88:f3:b6:89:0e:f4:32:c4:83:67:fa:65:dc:e1:
24:be:6b:f5:c6:cc:a2:06:17:cc:9e:e3:ab:1b:0a:
94:58:c9:dc:99:99:51:0c:ec:2c:0e:83:f5:fe:93:
e0:f8:b8:53:b6:68:ed:f6:cb:52:b4:ae:44:3b:84:
d3:10:cd:47:0d:e2:e2:ec:cb:c8:4e:c8:3b:27:f2:
63:31:e0:7b:04:a7:c1:58:4d:30:d8:3e:4c:46:c7:
80:4f:63:93:ba:5a:98:6a:70:67:20:d2:ac:40:0b:
df:b1:11:29:3b:55:e4:32:88:98:1a:fe:b1:70:cd:
48:b1:44:1d:14:fa:28:ff:7c:91:33:c7:85:48:db:
64:a7:ca:b3:09:db:c4:5a:1c:f2:30:6e:3b:26:1d:
7f:6f:62:e9:aa:06:68:b4:15:9c:cc:2e:ff:a2:ae:
50:5d:89:54:09:4f:0d:ef:50:1d:4d:10:4d:89:a7:
0d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
91.217.6.0/23
91.217.72.0/23
103.93.40.0/22
103.111.0.0/22
109.74.28.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197706
Signature Algorithm: sha256WithRSAEncryption
74:21:78:0c:81:32:57:b6:af:0f:cd:82:d3:c3:bb:2f:22:27:
c9:39:f5:3f:1c:98:b6:a6:59:5f:c2:f2:52:ed:70:02:c1:e4:
d0:ce:71:d6:9d:d7:ae:71:38:98:59:9b:c3:38:02:2b:25:ce:
30:b3:01:d9:38:f6:1d:82:fe:bd:04:3c:3d:4f:6d:89:53:bf:
7e:ed:3e:44:9d:82:ab:c3:d7:38:e8:f3:5d:53:e5:0f:79:fb:
72:c7:b7:e2:f2:45:60:15:c5:fa:61:54:55:e1:f7:eb:4a:5d:
d8:72:ea:a8:d2:b9:37:e6:c3:28:3a:c6:b2:67:8e:61:44:3d:
7f:a7:0c:5b:5b:bb:72:20:67:af:f6:67:fb:89:fd:6b:50:99:
f6:2d:8c:82:3c:dd:c4:1f:d6:18:6a:e4:d1:78:f4:6a:e1:74:
2c:95:44:ed:09:a8:52:3d:0b:a8:68:af:46:6d:e9:ed:db:3c:
d5:c7:cc:64:fd:5d:30:cf:56:fa:81:a5:fe:83:e7:f0:69:9f:
28:1b:9d:4e:04:34:37:5b:ab:f2:e7:bf:1b:7f:27:3f:66:aa:
82:62:47:92:e7:82:de:39:87:a4:90:4e:20:37:86:18:65:08:
5d:8e:58:bf:d6:a9:27:1d:74:10:8d:54:cb:f0:68:c3:7e:d0:
b3:b6:32:4c
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAZFqxRe+0U6DYDL9T35vXCN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODE5MTMxMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojfDcVerybwyrswKaVxMUoB4mt6+
wVgZ9XE1kQ0WAHZ3sLNELTCd1ahqbE8OmSo3S7yskRWPBi3pVKC9xCipJj30ix4b
gkjAMk2jiPO2iQ70MsSDZ/pl3OEkvmv1xsyiBhfMnuOrGwqUWMncmZlRDOwsDoP1
/pPg+LhTtmjt9stStK5EO4TTEM1HDeLi7MvITsg7J/JjMeB7BKfBWE0w2D5MRseA
T2OTulqYanBnINKsQAvfsREpO1XkMoiYGv6xcM1IsUQdFPoo/3yRM8eFSNtkp8qz
CdvEWhzyMG47Jh1/b2LpqgZotBWczC7/oq5QXYlUCU8N71AdTRBNiacNzwIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFGJK1FNayI3VNBmfKnJgla9xr+ROMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2FhMTAx
OS01NjRmLTRjNDYtYTIxNy1mYjU5NDk4MDhkZGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYWExMDE5
LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRVMEdaOHFj
bUNWcjNHdjVFNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHYBggrBgEF
BQcBBwEB/wSByDCBxTBuBAIAATBoAwQDH6uYAwQCLUL8AwQCLY4YAwQBW9kGAwQB
W9lIAwQCZ10oAwQCZ28AAwQCbUocMAwDBAJtaIQDBARtaIADBAJtaJwDBAKQMDQD
BAK5NWQDBAK5mXwDBAK56XwDBAHCcVADBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMq
CW5AAwUDKgluwAMFAyoNJ8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUD
Kg7UwAMFAyoPQsADBQMqD6iAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMESjAN
BgkqhkiG9w0BAQsFAAOCAQEAdCF4DIEyV7avD82C08O7LyInyTn1PxyYtqZZX8Ly
Uu1wAsHk0M5x1p3XrnE4mFmbwzgCKyXOMLMB2Tj2HYL+vQQ8PU9tiVO/fu0+RJ2C
q8PXOOjzXVPlD3n7cse34vJFYBXF+mFUVeH360pd2HLqqNK5N+bDKDrGsmeOYUQ9
f6cMW1u7ciBnr/Zn+4n9a1CZ9i2MgjzdxB/WGGrk0Xj0auF0LJVE7QmoUj0LqGiv
Rm3p7ds81cfMZP1dMM9W+oGl/oPn8GmfKBudTgQ0N1ur8ue/G38nP2aqgmJHkueC
3jmHpJBOIDeGGGUIXY5Yv9apJx10EI1Uy/Bow37Qs7YyTA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:02:35 2024 by rpki-client on console-ams.rpki-client.org