Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
File: dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer (raw, json)
Hash identifier: YeIPq7inBu4QmTAJYQac2cg7xk83wBSmGevfiwYKA6g=
Subject key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA99681A23215B739723D9A45448C814
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 14:35:00 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47927
IP: 46.28.120.0/21
IP: 94.126.8.0/21
IP: 159.255.140.0/22
IP: 159.255.152.0/22
IP: 185.63.40.0/22
IP: 188.95.72.0/21
IP: 2a02:b88::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:68:1a:23:21:5b:73:97:23:d9:a4:54:48:c8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:35:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d6:e1:fc:19:da:2a:bb:14:50:e3:ea:21:ed:
59:5b:74:8e:bd:13:f5:6b:bc:a6:04:f9:79:c6:39:
ae:bb:91:ab:98:fb:bc:7f:77:51:18:d0:7b:2b:80:
25:3e:94:00:5c:e1:3d:7b:47:55:60:96:9a:37:63:
a7:c1:3f:68:2f:08:d4:04:0c:1e:93:93:bc:60:68:
fa:ec:e7:13:80:eb:8c:10:85:45:b6:0f:42:99:1e:
b8:f3:aa:fb:2f:a9:99:f9:70:52:34:cb:38:41:e6:
c7:7c:04:88:dc:e6:f9:0b:f3:3c:4a:bb:60:82:59:
0a:7a:b5:18:ce:1a:73:1d:ee:7a:00:b3:7f:3d:58:
c9:ae:8a:52:0a:ab:aa:ca:93:5c:33:43:9d:22:d5:
06:a9:7b:ad:6d:60:8f:51:86:a0:9d:3b:58:4f:00:
5b:06:58:0e:b0:0c:bd:c6:ef:2a:73:35:a6:90:70:
9f:80:9a:29:fa:ab:96:04:d2:15:33:54:80:e9:ff:
7d:24:83:14:0e:1f:e5:8d:f5:87:ee:5c:0d:a4:6d:
d5:fd:ac:c9:49:16:f9:b3:5a:01:f7:12:a5:9a:90:
11:aa:c5:c6:30:b3:61:eb:8a:32:a9:93:e4:d6:aa:
b9:80:b0:59:97:cf:fb:75:86:7f:40:75:c8:3d:26:
8a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.120.0/21
94.126.8.0/21
159.255.140.0/22
159.255.152.0/22
185.63.40.0/22
188.95.72.0/21
IPv6:
2a02:b88::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47927
Signature Algorithm: sha256WithRSAEncryption
aa:1d:c1:a9:ef:3e:57:67:f6:d2:8c:5f:62:27:5f:29:95:60:
f3:8c:08:f3:60:19:67:7e:10:d0:bd:b7:1f:71:76:c9:88:fe:
c5:cb:85:52:c6:a9:9f:06:fe:52:a7:9a:86:a2:bb:16:1c:11:
53:6b:d6:88:b6:7c:75:cd:0a:92:ce:ae:5e:6f:d4:46:6a:dc:
76:23:dc:4e:61:9a:bd:2d:01:9a:2f:4a:0e:b4:0b:6c:56:64:
d1:7f:36:53:ed:b5:de:ab:95:29:f2:bf:72:66:6f:51:9e:c1:
eb:b2:3b:78:02:97:13:6c:02:1a:1b:ad:28:99:74:d5:e6:f5:
6a:55:6b:79:1c:ed:f3:82:e9:a1:3a:4a:ce:46:9c:83:45:90:
bc:2e:72:92:ce:ca:e3:a7:50:d7:d8:e3:00:91:8c:c8:44:dc:
46:1c:11:93:42:8c:ae:59:02:18:86:83:64:5c:ae:79:f9:fa:
ac:2b:f5:5d:17:4f:83:93:65:e4:cf:27:36:eb:af:78:18:28:
72:9e:e2:d8:0c:85:95:1a:93:9b:28:cb:c1:12:8e:96:c3:ad:
ff:b4:67:52:60:b3:2c:f6:ba:39:68:26:cd:e0:3b:94:78:ca:
f9:8b:dd:79:bc:07:b0:40:2f:e4:1c:ed:8d:a2:49:4f:ff:d4:
d0:a3:4d:3e
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYzKmWgaIyFbc5cj2aRUSMgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZhY2IwN2YyY2NiOTJlZWJhODc4NTRjOTQyNDBlNGY1YWM4ZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9bh/BnaKrsUUOPqIe1ZW3SOvRP1
a7ymBPl5xjmuu5GrmPu8f3dRGNB7K4AlPpQAXOE9e0dVYJaaN2OnwT9oLwjUBAwe
k5O8YGj67OcTgOuMEIVFtg9CmR6486r7L6mZ+XBSNMs4QebHfASI3Ob5C/M8Srtg
glkKerUYzhpzHe56ALN/PVjJropSCquqypNcM0OdItUGqXutbWCPUYagnTtYTwBb
BlgOsAy9xu8qczWmkHCfgJop+quWBNIVM1SA6f99JIMUDh/ljfWH7lwNpG3V/azJ
SRb5s1oB9xKlmpARqsXGMLNh64oyqZPk1qq5gLBZl8/7dYZ/QHXIPSaK8QIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFHX6ywfyzLku66h4VMlCQOT1rI9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzkwMGNi
Zi00NzdiLTQ2YmUtOGY1ZC1jOTExNDgzZGE3OGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvOTAwY2Jm
LTQ3N2ItNDZiZS04ZjVkLWM5MTE0ODNkYTc4Yy8xL2RmckxCX0xNdVM3cnFIaFV5
VUpBNVBXc2oxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQDLhx4AwQDXn4IAwQCn/+MAwQCn/+YAwQCuT8o
AwQDvF9IMA0EAgACMAcDBQAqAguIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC7
NzANBgkqhkiG9w0BAQsFAAOCAQEAqh3Bqe8+V2f20oxfYidfKZVg84wI82AZZ34Q
0L23H3F2yYj+xcuFUsapnwb+UqeahqK7FhwRU2vWiLZ8dc0Kks6uXm/URmrcdiPc
TmGavS0Bmi9KDrQLbFZk0X82U+213quVKfK/cmZvUZ7B67I7eAKXE2wCGhutKJl0
1eb1alVreRzt84LpoTpKzkacg0WQvC5yks7K46dQ19jjAJGMyETcRhwRk0KMrlkC
GIaDZFyuefn6rCv1XRdPg5Nl5M8nNuuveBgocp7i2AyFlRqTmyjLwRKOlsOt/7Rn
UmCzLPa6OWgmzeA7lHjK+YvdebwHsEAv5BztjaJJT//U0KNNPg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:20:56 2024 by rpki-client on console-fra.rpki-client.org