Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
File: gho_IfsMKU1tSlKbLx29S9ERm9c.cer (raw, json)
Hash identifier: 1BJSrPcRnaWBcOpKUFqbcj5WWrJRqbdvfrf58Cyj5mI=
Subject key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B934B0B6A38E0E22F2AD6666443CC7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:31:15 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 210347
IP: 5.182.100.0/22
IP: 45.11.236.0/22
IP: 45.14.72.0/22
IP: 45.84.44.0/22
IP: 45.157.72.0/22
IP: 85.8.188.0/22
IP: 85.209.216.0/22
IP: 88.218.100.0/22
IP: 91.201.140.0/22
IP: 92.119.180.0/22
IP: 139.28.136.0/22
IP: 141.98.240.0/22
IP: 193.31.72.0/22
IP: 194.5.0.0/22
IP: 194.38.24.0/22
IP: 194.124.52.0/22
IP: 195.206.108.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:34:b0:b6:a3:8e:0e:22:f2:ad:66:66:44:3c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:a6:b7:b3:d1:1f:ac:ae:4b:04:e0:66:3d:
41:98:0a:8f:69:1d:5c:35:a9:64:2d:64:eb:de:fb:
cd:3b:9d:57:ac:0d:2d:86:61:2c:ed:f9:67:11:90:
0e:d1:7b:02:17:b8:f2:aa:af:8b:37:8b:ff:be:8c:
aa:8c:82:08:27:d2:0a:cb:a4:28:77:3e:a9:9a:bf:
bd:81:72:d8:db:85:25:10:be:78:93:ed:aa:72:8e:
84:bb:b5:53:3e:e4:ba:74:09:a8:cd:8a:c9:a5:02:
40:e7:ad:79:fc:5e:b3:75:33:e2:8c:bb:aa:a2:f8:
0a:3d:d5:b8:f5:95:cf:05:87:42:cf:7c:3d:bc:16:
2a:ea:bd:fd:8d:73:f4:3f:0e:22:b6:8f:e8:d7:2d:
2b:48:c6:d6:de:5d:7f:a9:2d:1c:84:19:90:8a:69:
ee:0f:f5:ce:11:28:4a:52:5a:12:66:e0:0e:de:09:
f7:df:e2:0d:83:74:a5:2c:8c:63:0b:3b:e6:13:9e:
6c:0b:87:fa:1c:7d:25:bc:3f:fd:69:47:5a:26:ce:
ac:a0:84:a3:8b:d5:81:7d:f3:e3:1a:6c:49:0d:0e:
9e:07:0a:ee:8b:96:e4:97:33:07:71:07:df:c5:56:
70:2a:50:d3:c6:fd:72:bf:2a:f2:74:7b:19:8a:4b:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/22
45.11.236.0/22
45.14.72.0/22
45.84.44.0/22
45.157.72.0/22
85.8.188.0/22
85.209.216.0/22
88.218.100.0/22
91.201.140.0/22
92.119.180.0/22
139.28.136.0/22
141.98.240.0/22
193.31.72.0/22
194.5.0.0/22
194.38.24.0/22
194.124.52.0/22
195.206.108.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210347
Signature Algorithm: sha256WithRSAEncryption
36:19:23:5f:a9:8f:ae:e2:4b:03:86:9a:4c:da:3d:a2:c7:46:
83:6c:76:b5:5f:a3:04:7f:cc:4c:15:d6:3b:08:69:e6:77:4f:
50:73:28:8b:24:c5:bd:a8:58:6f:ba:5b:57:02:32:fd:cd:64:
a0:3a:63:6d:06:37:72:71:93:f7:56:0f:d1:a2:21:4c:dc:ff:
ae:73:b9:fa:2f:ed:8f:3f:c8:48:9e:06:50:f5:1a:3a:26:ae:
41:3d:15:27:69:c9:09:41:f0:d4:44:d8:7a:08:0d:8f:a2:40:
9e:f6:5b:0b:46:c8:f6:19:7c:19:2c:bc:e0:2d:22:70:b3:7c:
58:bc:08:02:c8:57:69:e0:1d:8b:02:81:14:42:b6:b2:c5:47:
bd:0c:35:79:8a:5d:48:0b:97:f5:92:1b:de:d0:fe:24:ea:2e:
8a:a2:6d:c6:2d:43:62:39:3c:4a:0e:2b:f5:61:07:0e:20:8e:
7c:e7:ca:52:4a:fd:a6:11:54:31:5c:ce:c9:e7:6b:6f:7a:76:
35:e8:46:68:78:b7:cd:d0:82:17:4b:99:c7:32:29:bb:c3:0d:
15:31:05:4a:55:9a:d4:8e:bb:e8:49:4f:26:42:cd:f4:8c:e2:
0d:0f:22:23:d6:53:cb:a4:24:63:e9:62:5b:cf:5a:c6:8f:b0:
65:28:db:1e
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgISAYzGuTSwtqOODiLyrWZmRDzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucumt7PRH6yuSwTgZj1BmAqPaR1c
NalkLWTr3vvNO51XrA0thmEs7flnEZAO0XsCF7jyqq+LN4v/voyqjIIIJ9IKy6Qo
dz6pmr+9gXLY24UlEL54k+2qco6Eu7VTPuS6dAmozYrJpQJA5615/F6zdTPijLuq
ovgKPdW49ZXPBYdCz3w9vBYq6r39jXP0Pw4ito/o1y0rSMbW3l1/qS0chBmQimnu
D/XOEShKUloSZuAO3gn33+INg3SlLIxjCzvmE55sC4f6HH0lvD/9aUdaJs6soISj
i9WBffPjGmxJDQ6eBwrui5bklzMHcQffxVZwKlDTxv1yvyrydHsZiksIRwIDAQAB
o4IDADCCAvwwHQYDVR0OBBYEFIIaPyH7DClNbUpSmy8dvUvREZvXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2VkYzg1
NS1mMmJjLTRlOWMtOGMwYy1iNmYyYWM4NmVmMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZWRjODU1
LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1UxdFNsS2JM
eDI5UzlFUm05Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBsBAIAATBmAwQCBbZkAwQCLQvsAwQCLQ5IAwQCLVQsAwQCLZ1I
AwQCVQi8AwQCVdHYAwQCWNpkAwQCW8mMAwQCXHe0AwQCixyIAwQCjWLwAwQCwR9I
AwQCwgUAAwQCwiYYAwQCwnw0AwQCw85sMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM1qzANBgkqhkiG9w0BAQsFAAOCAQEANhkjX6mPruJLA4aaTNo9osdGg2x2tV+j
BH/MTBXWOwhp5ndPUHMoiyTFvahYb7pbVwIy/c1koDpjbQY3cnGT91YP0aIhTNz/
rnO5+i/tjz/ISJ4GUPUaOiauQT0VJ2nJCUHw1ETYeggNj6JAnvZbC0bI9hl8GSy8
4C0icLN8WLwIAshXaeAdiwKBFEK2ssVHvQw1eYpdSAuX9ZIb3tD+JOouiqJtxi1D
Yjk8Sg4r9WEHDiCOfOfKUkr9phFUMVzOyedrb3p2NehGaHi3zdCCF0uZxzIpu8MN
FTEFSlWa1I676ElPJkLN9IziDQ8iI9ZTy6QkY+liW89axo+wZSjbHg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:48:43 2024 by rpki-client on console-fra.rpki-client.org