Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
File: gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer (raw, json)
Hash identifier: 1g1NCSlKbceAw/opkNxLG//MPOGqgwHjhKxy48nDRuo=
Subject key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC79466610F6841B3B1E815D23D7F03C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:40 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 5060 -- 5061
AS: 6152
AS: 9504
AS: 16087
AS: 52132
AS: 52138
AS: 58089
AS: 61161
IP: 92.50.0.0/18
IP: 107.150.170.0/24
IP: 147.136.64.0/19
IP: 168.199.0.0/16
IP: 170.246.64.0/22
IP: 185.17.72.0/22
IP: 185.100.56.0/22
IP: 185.101.244.0/22
IP: 185.101.252.0/22
IP: 185.102.4.0/22
IP: 185.170.68.0/22
IP: 185.171.252.0/22
IP: 185.226.204.0/22
IP: 192.95.80.0/20
IP: 2001:678:8b4::/48
IP: 2001:678:8b8::/48
IP: 2001:678:8bc::/48
IP: 2001:678:8c0::/48
IP: 2001:678:8c4::/48
IP: 2001:678:8c8::/48
IP: 2001:67c:12d8::/48
IP: 2a04:600::/29
IP: 2a0d:3200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:66:61:0f:68:41:b3:b1:e8:15:d2:3d:7f:03:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=826605b4d27f13968e8794e6ef091223748817d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3a:1e:90:c7:2c:01:13:a4:cd:27:42:b2:40:
fe:94:e0:84:66:21:de:c6:3a:90:e3:2d:3f:a5:54:
e3:4c:db:d3:0d:0e:91:7b:8e:48:78:45:b0:60:07:
41:3c:2a:14:8b:18:16:ab:9c:92:07:8c:ae:46:f0:
da:82:12:fb:c6:87:a9:8a:61:7c:48:90:92:24:fc:
f2:c5:5c:72:5c:7c:54:5a:3f:62:7e:2f:45:e5:38:
78:0d:44:2b:c3:8d:de:63:43:9e:0c:b4:ef:b0:bf:
03:e4:3e:3e:14:31:37:30:b3:70:a9:7f:b5:fd:33:
13:d9:53:8d:f3:91:12:e4:00:f0:0c:62:c6:fa:83:
ec:f6:6c:ed:f0:61:3b:75:c5:b6:27:ec:f8:dd:ad:
43:d0:15:74:54:94:ee:d3:db:48:be:26:68:6a:fa:
5e:e6:a4:69:49:74:a3:0c:37:38:50:4f:6c:24:b1:
a9:a7:41:bf:5f:5a:e7:7a:9e:f0:9e:4e:3c:6a:3b:
35:2e:6f:ad:75:a3:cd:f8:58:56:9a:fe:a5:23:5d:
b4:db:fb:a9:cd:5a:90:75:52:dc:a1:8d:f3:f1:5b:
67:70:c1:ef:7f:97:17:8f:ea:31:60:40:e6:6e:02:
10:c3:23:bf:50:b1:25:55:b6:92:c6:a4:5a:7b:4a:
c8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.50.0.0/18
107.150.170.0/24
147.136.64.0/19
168.199.0.0/16
170.246.64.0/22
185.17.72.0/22
185.100.56.0/22
185.101.244.0/22
185.101.252.0/22
185.102.4.0/22
185.170.68.0/22
185.171.252.0/22
185.226.204.0/22
192.95.80.0/20
IPv6:
2001:678:8b4::/48
2001:678:8b8::/48
2001:678:8bc::/48
2001:678:8c0::/48
2001:678:8c4::/48
2001:678:8c8::/48
2001:67c:12d8::/48
2a04:600::/29
2a0d:3200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5060-5061
6152
9504
16087
52132
52138
58089
61161
Signature Algorithm: sha256WithRSAEncryption
96:54:ed:ad:22:7f:5f:ab:34:e9:89:57:64:c7:b4:3b:5d:f4:
6f:fd:82:87:e1:60:0a:53:c4:7c:fb:8c:28:79:c7:6b:0d:3e:
ec:d9:11:f0:ce:4e:59:70:7f:91:5a:7a:8d:39:4a:27:fd:23:
71:62:35:a6:51:42:f0:3a:df:e1:86:c7:c3:66:f0:6f:d5:fb:
33:a9:8e:86:14:13:18:3b:ac:b5:0a:01:56:04:41:0b:73:33:
a9:cf:76:10:38:fe:d0:09:d1:89:07:86:ad:81:19:6a:f8:01:
84:74:6a:b3:9e:5d:c9:6d:8c:d4:b4:32:94:9c:7d:5b:72:37:
af:16:22:0f:e3:53:7c:50:0e:98:11:8d:08:c0:65:55:5d:72:
83:04:22:6f:b5:e3:5e:d3:96:f3:eb:53:9f:08:79:30:8d:d4:
9d:ce:be:59:2e:05:1a:4b:38:7e:76:5c:52:7a:bc:12:ee:95:
bc:0f:9a:96:d0:4d:9b:c3:6e:91:94:ca:d4:32:7c:fc:86:4a:
6e:75:60:ea:6a:fb:45:5a:dd:ef:23:b3:9e:aa:11:27:ab:47:
7f:9d:5b:8f:05:fc:aa:b6:3d:78:28:83:75:99:aa:2b:71:0f:
71:a3:c1:5f:cc:12:46:b3:e0:4b:6c:0b:26:08:ae:c0:2d:d9:
1e:54:6f:7b
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgISAYzHlGZhD2hBs7HoFdI9fwPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDoekMcsAROkzSdCskD+lOCEZiHe
xjqQ4y0/pVTjTNvTDQ6Re45IeEWwYAdBPCoUixgWq5ySB4yuRvDaghL7xoepimF8
SJCSJPzyxVxyXHxUWj9ifi9F5Th4DUQrw43eY0OeDLTvsL8D5D4+FDE3MLNwqX+1
/TMT2VON85ES5ADwDGLG+oPs9mzt8GE7dcW2J+z43a1D0BV0VJTu09tIviZoavpe
5qRpSXSjDDc4UE9sJLGpp0G/X1rnep7wnk48ajs1Lm+tdaPN+FhWmv6lI1202/up
zVqQdVLcoY3z8VtncMHvf5cXj+oxYEDmbgIQwyO/ULElVbaSxqRae0rI4QIDAQAB
o4IDajCCA2YwHQYDVR0OBBYEFIJmBbTSfxOWjoeU5u8JEiN0iBfYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3L2ZiY2Mz
Mi0zM2M4LTQxZmYtODlmYS0yZDE5MThiYTFjMGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvZmJjYzMy
LTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVhT2g1VG03
d2tTSTNTSUY5Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHDBggrBgEF
BQcBBwEB/wSBszCBsDBZBAIAATBTAwQGXDIAAwQAa5aqAwQFk4hAAwMAqMcDBAKq
9kADBAK5EUgDBAK5ZDgDBAK5ZfQDBAK5ZfwDBAK5ZgQDBAK5qkQDBAK5q/wDBAK5
4swDBATAX1AwUwQCAAIwTQMHACABBngItAMHACABBngIuAMHACABBngIvAMHACAB
BngIwAMHACABBngIxAMHACABBngIyAMHACABBnwS2AMFAyoEBgADBQMqDTIAMD8G
CCsGAQUFBwEIAQH/BDAwLqAsMCowCAICE8QCAhPFAgIYCAICJSACAj7XAgMAy6QC
AwDLqgIDAOLpAgMA7ukwDQYJKoZIhvcNAQELBQADggEBAJZU7a0if1+rNOmJV2TH
tDtd9G/9gofhYApTxHz7jCh5x2sNPuzZEfDOTllwf5Faeo05Sif9I3FiNaZRQvA6
3+GGx8Nm8G/V+zOpjoYUExg7rLUKAVYEQQtzM6nPdhA4/tAJ0YkHhq2BGWr4AYR0
arOeXcltjNS0MpScfVtyN68WIg/jU3xQDpgRjQjAZVVdcoMEIm+1417TlvPrU58I
eTCN1J3OvlkuBRpLOH52XFJ6vBLulbwPmpbQTZvDbpGUytQyfPyGSm51YOpq+0Va
3e8js56qESerR3+dW48F/Kq2PXgog3WZqitxD3GjwV/MEkaz4EtsCyYIrsAt2R5U
b3s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:35:48 2024 by rpki-client on console-ams.rpki-client.org