Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
File: fKZDuzmcbYetxMfLpdK3L70A0EY.cer (raw, json)
Hash identifier: Kj+1ihdTeV9U0A44Z4wp/5M2nI1S2eQz3qhRxlUIQlA=
Subject key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D0301041FCB1733883AF3F52A4E6B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 2.56.16.0/22
IP: 2.59.0.0/22
IP: 5.182.124.0/22
IP: 45.13.248.0/22
IP: 45.67.60.0/22
IP: 45.81.24.0/22
IP: 45.82.40.0/22
IP: 45.85.108.0/22
IP: 45.87.48.0/22
IP: 45.91.164.0/22
IP: 45.94.96.0/22
IP: 45.130.64.0/22
IP: 45.139.0.0/22
IP: 45.144.24.0/22
IP: 45.150.20.0/22
IP: 80.76.52.0/22
IP: 83.150.220.0/22
IP: 91.209.162.0/23
IP: 91.209.230.0/23
IP: 94.154.140.0/22
IP: 171.22.32.0/22
IP: 176.113.64.0/22
IP: 185.101.144.0/22
IP: 185.198.36.0/22
IP: 185.201.128.0/22
IP: 194.32.224.0/22
IP: 213.184.92.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:03:01:04:1f:cb:17:33:88:3a:f3:f5:2a:4e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:62:80:77:8f:50:92:ed:d2:38:86:f0:5d:e3:
57:d8:b4:e4:9b:df:1a:df:d2:c5:60:5b:84:60:93:
fd:49:74:7b:e7:76:41:2d:a9:65:0a:98:77:70:51:
b9:7a:37:8f:05:ed:02:43:65:6d:44:fb:a4:1c:35:
4f:b9:0d:ed:fa:59:ec:09:90:5e:ff:79:c2:a4:ee:
ac:e4:4c:02:ae:36:4d:1c:cc:94:95:3f:43:8d:09:
09:23:62:e6:c8:a5:78:9d:a5:1a:fb:89:8d:94:92:
ff:97:ac:c7:6e:bc:39:87:66:48:e4:24:3a:e3:d2:
55:8d:aa:ad:a1:33:be:c6:8c:23:9c:59:e7:78:ca:
42:df:66:46:cc:6a:ab:4e:98:47:bf:6f:f2:08:97:
ba:3a:41:90:65:74:bf:d5:f3:68:b8:d4:d4:fc:df:
5a:9e:c7:2a:7f:4a:fe:83:8a:37:18:1c:d9:54:ca:
3f:80:ef:67:d3:05:5c:df:f0:26:d7:b2:77:0b:04:
9d:b4:e0:97:6e:0a:e1:1e:d3:dd:61:73:c9:04:c9:
31:49:98:04:62:f7:1e:d0:8f:e5:28:41:7f:2d:dd:
4a:d1:e9:f1:e4:96:1a:d9:3f:af:39:33:bb:0c:5a:
b3:af:75:2b:27:a7:a7:cf:a4:b8:c6:63:45:d6:96:
14:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.16.0/22
2.59.0.0/22
5.182.124.0/22
45.13.248.0/22
45.67.60.0/22
45.81.24.0/22
45.82.40.0/22
45.85.108.0/22
45.87.48.0/22
45.91.164.0/22
45.94.96.0/22
45.130.64.0/22
45.139.0.0/22
45.144.24.0/22
45.150.20.0/22
80.76.52.0/22
83.150.220.0/22
91.209.162.0/23
91.209.230.0/23
94.154.140.0/22
171.22.32.0/22
176.113.64.0/22
185.101.144.0/22
185.198.36.0/22
185.201.128.0/22
194.32.224.0/22
213.184.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:3e:b8:fa:b2:3f:f5:1c:e3:58:cc:fd:92:e7:38:d3:94:98:
0f:ce:71:b3:ff:d1:dc:0a:93:3d:a1:ea:aa:66:3a:ac:d3:c9:
e7:f7:07:bf:a3:c0:ca:15:0b:f6:28:82:24:13:c4:22:5d:e2:
77:b4:5b:2d:d0:b2:cc:ff:bb:f7:3e:c4:2e:81:ef:de:e5:34:
9f:66:fb:d7:21:3d:39:3f:18:96:69:aa:74:08:ae:11:3f:3a:
af:67:14:3b:7e:07:81:41:98:b3:68:61:3b:38:88:f6:44:8f:
2e:6c:f8:d0:af:2d:b3:d4:a4:82:93:2a:8c:6a:b7:f0:d8:5f:
b7:f1:25:02:e5:cd:15:24:72:79:06:77:87:11:94:a4:ad:30:
f8:a0:0c:90:67:9c:ef:9c:7c:5d:1c:5d:c6:75:6d:f0:39:76:
bc:60:bc:43:c2:ab:35:18:85:6f:02:0b:b9:60:cf:40:0a:d1:
3b:a5:60:13:62:5d:87:b4:d3:81:99:db:1f:3c:35:e7:4d:29:
f0:0d:08:9d:44:f3:a1:d0:3b:5e:6c:50:aa:fe:8e:d8:ff:f0:
0b:25:af:7a:3f:ca:4c:d6:d8:2d:cb:1d:22:9a:bf:b2:57:34:
15:d7:e8:66:3d:e3:c0:85:75:11:d3:be:e2:72:c7:98:dd:e7:
e0:8a:91:32
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAYzCbQMBBB/LFzOIOvP1Kk5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E2NDNiYjM5OWM2ZDg3YWRjNGM3Y2JhNWQyYjcyZmJkMDBkMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmKAd49Qku3SOIbwXeNX2LTkm98a
39LFYFuEYJP9SXR753ZBLallCph3cFG5ejePBe0CQ2VtRPukHDVPuQ3t+lnsCZBe
/3nCpO6s5EwCrjZNHMyUlT9DjQkJI2LmyKV4naUa+4mNlJL/l6zHbrw5h2ZI5CQ6
49JVjaqtoTO+xowjnFnneMpC32ZGzGqrTphHv2/yCJe6OkGQZXS/1fNouNTU/N9a
nscqf0r+g4o3GBzZVMo/gO9n0wVc3/Am17J3CwSdtOCXbgrhHtPdYXPJBMkxSZgE
Yvce0I/lKEF/Ld1K0enx5JYa2T+vOTO7DFqzr3UrJ6enz6S4xmNF1pYUQQIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFHymQ7s5nG2HrcTHy6XSty+9ANBGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2L2MwMzAx
ZC01ODAxLTRhYzYtYjUwMy00NGVhNjQ3MjFjOWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvYzAzMDFk
LTU4MDEtNGFjNi1iNTAzLTQ0ZWE2NDcyMWM5ZS8xL2ZLWkR1em1jYllldHhNZkxw
ZEszTDcwQTBFWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG/BggrBgEF
BQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAICOBADBAICOwADBAIFtnwDBAItDfgD
BAItQzwDBAItURgDBAItUigDBAItVWwDBAItVzADBAItW6QDBAItXmADBAItgkAD
BAItiwADBAItkBgDBAItlhQDBAJQTDQDBAJTltwDBAFb0aIDBAFb0eYDBAJemowD
BAKrFiADBAKwcUADBAK5ZZADBAK5xiQDBAK5yYADBALCIOADBALVuFwwDQYJKoZI
hvcNAQELBQADggEBADw+uPqyP/Uc41jM/ZLnONOUmA/OcbP/0dwKkz2h6qpmOqzT
yef3B7+jwMoVC/YogiQTxCJd4ne0Wy3Qssz/u/c+xC6B797lNJ9m+9chPTk/GJZp
qnQIrhE/Oq9nFDt+B4FBmLNoYTs4iPZEjy5s+NCvLbPUpIKTKoxqt/DYX7fxJQLl
zRUkcnkGd4cRlKStMPigDJBnnO+cfF0cXcZ1bfA5drxgvEPCqzUYhW8CC7lgz0AK
0TulYBNiXYe004GZ2x88NedNKfANCJ1E86HQO15sUKr+jtj/8Aslr3o/ykzW2C3L
HSKav7JXNBXX6GY948CFdRHTvuJyx5jd5+CKkTI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:58 2024 by rpki-client on console-ams.rpki-client.org