Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
File: bW-_qXU9uNhGQz21NR2ansB8lr0.cer (raw, json)
Hash identifier: FHt94TRpzy3gIKxZogpVsxt5m1deBz0JSFhJOecEMN8=
Subject key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D12745F73CDBD5E03F367ED496820B14B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
caRepository: rsync://ca.rg.net/rpki/RGnet-OU/
Notify URL: https://ca.rg.net/rrdp/notify.xml
Certificate not before: Tue 16 Jan 2024 13:27:13 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 3130
AS: 3927
AS: 3970
AS: 4128
IP: 45.132.188.0/22
IP: 147.28.0.0/20
IP: 192.83.230.0/24
IP: 198.133.206.0/24
IP: 198.180.150.0 -- 198.180.153.255
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:74:5f:73:cd:bd:5e:03:f3:67:ed:49:68:20:b1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 16 13:27:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:13:f3:7a:84:e2:22:56:f9:b4:8c:cc:c2:7a:
4d:35:5a:9d:ef:29:11:b9:23:38:b9:7b:9d:9a:ca:
6c:bf:83:e9:17:f5:68:53:d6:49:8e:aa:28:6b:fe:
0f:a1:ca:5b:67:9d:92:bb:51:8d:9e:09:d1:ec:2d:
2e:37:f6:34:a0:f3:a3:d2:a8:57:18:75:ea:81:74:
37:8b:02:0d:67:aa:71:13:8f:a1:65:59:47:15:24:
ad:13:be:9e:7e:75:2a:46:9d:50:e5:35:b8:b8:33:
da:70:c1:ad:81:37:f5:95:c2:7a:af:be:bb:bb:e6:
59:e8:c3:55:15:15:ba:4e:96:4d:69:76:80:57:cf:
c1:03:54:46:60:81:a0:f4:f6:1f:80:9a:84:a9:27:
62:a8:ba:17:67:42:f2:04:c8:75:70:57:48:e6:a0:
dd:58:55:ae:c5:40:c8:9a:b1:5d:78:7b:8b:d8:8e:
8e:c5:3d:fa:e7:a8:4f:82:8a:0d:56:4e:ce:f3:a5:
20:24:75:1d:47:2f:0a:35:14:ec:eb:e9:ff:24:e2:
40:a4:2e:df:fe:5e:9b:fd:99:e1:51:f0:1e:8f:cd:
7e:1f:73:a1:e7:48:2d:9c:ae:55:ac:5c:7b:77:6d:
f7:88:fd:11:a8:b2:6e:20:20:1d:ee:b7:36:4d:85:
4e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://ca.rg.net/rpki/RGnet-OU/
RPKI Manifest - URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.mft
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/22
147.28.0.0/20
192.83.230.0/24
198.133.206.0/24
198.180.150.0-198.180.153.255
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3130
3927
3970
4128
Signature Algorithm: sha256WithRSAEncryption
17:c0:c0:3c:e0:52:5f:bc:79:bb:ad:d6:6f:1f:fe:96:04:12:
50:b6:b2:12:bf:a0:93:77:2f:97:81:f7:50:04:98:5b:ec:02:
c9:cd:66:e9:ec:f0:b9:88:59:80:e4:14:eb:6c:db:90:64:09:
f5:b7:63:7f:85:82:7f:46:2d:ed:88:1e:a0:9c:89:f7:8e:9b:
d9:af:3b:0b:f3:e4:57:a7:d4:1f:9f:98:a4:66:5e:5f:bf:cb:
1c:5b:62:91:a4:01:d2:0f:a1:ac:d3:fc:8d:5f:99:a5:31:39:
bc:3b:5f:0f:57:c3:46:49:45:28:18:49:96:a0:8e:a4:fc:88:
0f:1b:82:d1:b9:da:bf:23:6a:41:c0:3c:00:89:4e:99:12:62:
47:c3:1d:62:27:ad:2d:ba:64:9f:54:e8:b9:86:44:0b:16:d8:
9b:90:d7:4a:78:60:3a:98:03:97:5d:0b:ab:1a:12:38:dc:84:
bf:91:28:5c:52:cf:a5:27:1c:d3:12:3a:c5:18:a5:de:f6:58:
8e:79:d7:c8:d6:08:09:55:a0:7a:5c:10:23:9b:5d:b3:10:53:
e3:37:91:56:89:67:69:70:e7:90:28:c2:43:17:e3:69:a9:c3:
b9:6e:13:dd:26:e4:bc:8b:ea:b2:9a:6a:0e:44:a0:64:8b:2a:
5b:1b:9f:f1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY0SdF9zzb1eA/Nn7UloILFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTE2MTMyNzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDZmYmZhOTc1M2RiOGQ4NDY0MzNkYjUzNTFkOWE5ZWMwN2M5NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BPzeoTiIlb5tIzMwnpNNVqd7ykR
uSM4uXudmspsv4PpF/VoU9ZJjqooa/4PocpbZ52Su1GNngnR7C0uN/Y0oPOj0qhX
GHXqgXQ3iwINZ6pxE4+hZVlHFSStE76efnUqRp1Q5TW4uDPacMGtgTf1lcJ6r767
u+ZZ6MNVFRW6TpZNaXaAV8/BA1RGYIGg9PYfgJqEqSdiqLoXZ0LyBMh1cFdI5qDd
WFWuxUDImrFdeHuL2I6OxT3656hPgooNVk7O86UgJHUdRy8KNRTs6+n/JOJApC7f
/l6b/ZnhUfAej81+H3Oh50gtnK5VrFx7d233iP0RqLJuICAd7rc2TYVOlwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFG1vv6l1PbjYRkM9tTUdmp7AfJa9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgboGCCsGAQUFBwELBIGtMIGqMCwGCCsGAQUFBzAFhiByc3lu
YzovL2NhLnJnLm5ldC9ycGtpL1JHbmV0LU9VLzBLBggrBgEFBQcwCoY/cnN5bmM6
Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVOaEdRejIxTlIyYW5z
QjhscjAubWZ0MC0GCCsGAQUFBzANhiFodHRwczovL2NhLnJnLm5ldC9ycmRwL25v
dGlmeS54bWwwWQYDVR0fBFIwUDBOoEygSoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9LcFNvM1ZWSzV3RUhJSm5IQzJRSFZWM2Q1bWsu
Y3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAu
MCwEAgABMCYDBAIthLwDBASTHAADBADAU+YDBADGhc4wDAMEAca0lgMEAca0mDAl
BggrBgEFBQcBCAEB/wQWMBSgEjAQAgIMOgICD1cCAg+CAgIQIDANBgkqhkiG9w0B
AQsFAAOCAQEAF8DAPOBSX7x5u63Wbx/+lgQSULayEr+gk3cvl4H3UASYW+wCyc1m
6ezwuYhZgOQU62zbkGQJ9bdjf4WCf0Yt7YgeoJyJ946b2a87C/PkV6fUH5+YpGZe
X7/LHFtikaQB0g+hrNP8jV+ZpTE5vDtfD1fDRklFKBhJlqCOpPyIDxuC0bnavyNq
QcA8AIlOmRJiR8MdYietLbpkn1TouYZECxbYm5DXSnhgOpgDl10LqxoSONyEv5Eo
XFLPpScc0xI6xRil3vZYjnnXyNYICVWgelwQI5tdsxBT4zeRVolnaXDnkCjCQxfj
aanDuW4T3SbkvIvqsppqDkSgZIsqWxuf8Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:55 2024 by rpki-client on console-fra.rpki-client.org