Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
File: bds4s0PaLRGTCe2qGceniHAyfr4.cer (raw, json)
Hash identifier: Blf/kGw3aUB3k+JUDVxohuScv2KNgRAZ6p5vaPpbu/w=
Subject key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019224678BC640227B810F47CD56D3A4D28A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 24 Sep 2024 14:20:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 198357
IP: 5.159.48.0/21
IP: 45.94.212.0/22
IP: 89.42.44.0/22
IP: 89.44.240.0/22
IP: 89.46.216.0/22
IP: 109.122.240.0/20
IP: 185.3.200.0/22
IP: 185.239.0.0/22
IP: 188.212.96.0/22
IP: 188.240.196.0/24
IP: 188.240.212.0/24
IP: 2a02:6040::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:67:8b:c6:40:22:7b:81:0f:47:cd:56:d3:a4:d2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 24 14:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:6d:8e:38:a0:62:a0:a3:4d:94:85:4c:65:
88:33:39:fc:1d:06:f0:ab:20:d1:5d:6d:b4:58:74:
fa:86:40:63:07:8b:cd:18:61:35:1c:ab:bc:69:8d:
79:04:18:13:79:43:13:e2:9c:62:d8:35:88:93:82:
a5:53:7e:f6:49:42:87:a2:af:f3:a2:11:5e:2e:7d:
9f:03:9f:77:95:3d:96:98:44:8c:42:96:d1:82:a7:
87:2f:88:ec:cf:0b:e6:9b:3d:1f:b9:02:cf:a5:68:
9a:b7:e5:9a:e2:a6:2b:a4:db:55:28:2a:02:66:8e:
1d:9a:b9:2a:63:b1:6b:07:31:fe:e1:40:67:2d:09:
84:3b:81:14:00:68:5d:c9:bd:64:dc:31:54:fe:b4:
2f:dc:ce:71:03:25:45:a6:c7:4f:43:47:79:ea:e0:
72:8a:bd:42:47:3f:13:d7:1a:06:7e:0b:f1:a7:a6:
d8:13:e9:3a:e1:e2:31:a8:04:1a:34:65:e4:15:eb:
3c:36:e2:a5:f2:ee:17:89:30:6d:8e:bc:01:11:83:
65:2b:1d:8e:0d:07:2e:8b:36:0e:1d:1b:a4:45:7e:
00:75:e2:24:c4:1b:08:91:f5:6b:45:e2:89:18:28:
9e:47:a9:f3:98:10:c5:d5:af:26:a2:a9:c4:26:32:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.48.0/21
45.94.212.0/22
89.42.44.0/22
89.44.240.0/22
89.46.216.0/22
109.122.240.0/20
185.3.200.0/22
185.239.0.0/22
188.212.96.0/22
188.240.196.0/24
188.240.212.0/24
IPv6:
2a02:6040::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198357
Signature Algorithm: sha256WithRSAEncryption
79:ad:c9:7c:0a:a7:23:4c:50:ed:74:86:6d:0d:2e:17:ff:ee:
b5:a8:d8:1f:2d:57:92:a8:1a:c7:11:c8:24:7c:96:c4:eb:af:
a0:06:26:82:17:fb:56:7f:29:26:71:ad:25:96:69:89:cb:da:
ab:83:05:c4:83:7c:31:e9:76:03:1e:80:47:0e:9e:e2:ab:a8:
0f:e5:6e:48:5d:92:cf:e0:e8:9d:23:b0:eb:a6:ba:1a:62:fc:
2a:62:65:4b:b7:95:32:4a:d0:59:8c:5c:74:1a:fc:a5:3c:81:
e1:57:e8:b0:cb:2b:f1:8d:b0:a4:2f:81:f6:8d:40:2d:4b:58:
bf:dc:00:0f:61:4e:02:a8:41:72:84:25:3e:2d:98:f2:88:e3:
e2:25:6a:7f:0a:1e:01:88:62:98:7f:13:6e:85:55:27:de:3b:
6a:8b:06:a3:8c:90:d9:bc:96:5f:85:49:31:77:a0:52:92:0a:
ea:b6:1b:00:fc:c1:5a:2c:64:22:83:6c:25:6d:0a:da:e5:e3:
d7:29:39:f7:83:1a:2b:b7:1f:15:2f:c6:01:58:5e:ca:59:b2:
21:a7:55:de:10:4f:4d:d4:44:4b:e6:b3:fc:3f:75:5a:e0:ee:
5b:8d:66:b6:30:a1:f8:54:e7:3d:d6:52:5a:40:3e:6d:98:e2:
2a:cb:aa:b7
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgISAZIkZ4vGQCJ7gQ9HzVbTpNKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwOTI0MTQyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRiMzhiMzQzZGEyZDExOTMwOWVkYWExOWM3YTc4ODcwMzI3ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGFtjjigYqCjTZSFTGWIMzn8HQbw
qyDRXW20WHT6hkBjB4vNGGE1HKu8aY15BBgTeUMT4pxi2DWIk4KlU372SUKHoq/z
ohFeLn2fA593lT2WmESMQpbRgqeHL4jszwvmmz0fuQLPpWiat+Wa4qYrpNtVKCoC
Zo4dmrkqY7FrBzH+4UBnLQmEO4EUAGhdyb1k3DFU/rQv3M5xAyVFpsdPQ0d56uBy
ir1CRz8T1xoGfgvxp6bYE+k64eIxqAQaNGXkFes8NuKl8u4XiTBtjrwBEYNlKx2O
DQcuizYOHRukRX4AdeIkxBsIkfVrReKJGCieR6nzmBDF1a8moqnEJjI7awIDAQAB
o4IC6zCCAucwHQYDVR0OBBYEFG3bOLND2i0RkwntqhnHp4hwMn6+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUyL2M5NjFh
MC00ZjUzLTQyMmEtYjdkZC0zZGZhNTEwZDZiMTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIvYzk2MWEw
LTRmNTMtNDIyYS1iN2RkLTNkZmE1MTBkNmIxNi8xL2JkczRzMFBhTFJHVENlMnFH
Y2VuaUhBeWZyNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGoGCCsGAQUF
BwEHAQH/BFswWTBIBAIAATBCAwQDBZ8wAwQCLV7UAwQCWSosAwQCWSzwAwQCWS7Y
AwQEbXrwAwQCuQPIAwQCue8AAwQCvNRgAwQAvPDEAwQAvPDUMA0EAgACMAcDBQAq
AmBAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMG1TANBgkqhkiG9w0BAQsFAAOC
AQEAea3JfAqnI0xQ7XSGbQ0uF//utajYHy1XkqgaxxHIJHyWxOuvoAYmghf7Vn8p
JnGtJZZpicvaq4MFxIN8Mel2Ax6ARw6e4quoD+VuSF2Sz+DonSOw66a6GmL8KmJl
S7eVMkrQWYxcdBr8pTyB4VfosMsr8Y2wpC+B9o1ALUtYv9wAD2FOAqhBcoQlPi2Y
8ojj4iVqfwoeAYhimH8TboVVJ947aosGo4yQ2byWX4VJMXegUpIK6rYbAPzBWixk
IoNsJW0K2uXj1yk594MaK7cfFS/GAVheylmyIadV3hBPTdRES+az/D91WuDuW41m
tjCh+FTnPdZSWkA+bZjiKsuqtw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:29:28 2024 by rpki-client on console-ams.rpki-client.org