Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
File: hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer (raw, json)
Hash identifier: Lq3VmskgAFubgTTY88rNmX798i/UxrN3tGkTbD5/OlE=
Subject key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DA2EDA596D885F04DB1D955ED79C2C03F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 13 Feb 2024 14:44:59 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 28761
AS: 35533
AS: 43222
AS: 50140
IP: 91.194.162.0/23
IP: 185.135.180.0/22
IP: 185.138.200.0/22
IP: 185.141.40.0/22
IP: 193.27.242.0/23
IP: 193.47.166.0/24
IP: 193.104.145.0/24
IP: 193.238.108.0/22
IP: 194.9.26.0/23
IP: 195.3.244.0/22
IP: 2a05:5840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:ed:a5:96:d8:85:f0:4d:b1:d9:55:ed:79:c2:c0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 13 14:44:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:06:b0:ee:1c:22:77:a2:05:ba:77:4f:ed:
f0:dd:4d:8b:39:66:7c:ae:b7:9e:97:35:40:b2:f7:
c8:80:ac:2c:fe:7d:e6:1b:ab:0d:44:64:9e:28:79:
95:b2:d7:b8:f6:3b:9e:78:f4:0d:a4:4c:49:f6:6d:
1b:c5:d5:d0:31:fd:e7:e2:ee:71:1c:17:e7:56:72:
45:b2:fe:04:76:0f:6f:f4:24:e3:bc:54:15:37:91:
48:72:49:32:9a:8f:9c:9c:4f:d3:11:b2:51:0b:33:
68:ed:08:8e:fd:bd:15:15:4d:a6:ba:39:f3:3f:c1:
33:52:8c:ab:29:fb:0c:b1:29:fd:b9:e0:47:fb:68:
34:f0:67:06:24:a9:2a:5e:08:96:76:09:fa:d4:82:
e3:21:61:4a:75:db:c3:fc:c9:52:8a:c5:ba:98:22:
6a:4a:f9:28:68:ff:c7:e6:93:4a:4d:66:5b:81:9e:
69:f0:40:74:8a:3c:a0:da:53:f6:98:f0:f9:98:6d:
98:f9:d9:7b:da:02:f6:6b:71:44:08:16:9c:96:25:
d2:8e:76:9b:39:4d:39:07:c6:a5:d0:08:73:e6:c6:
db:bd:a3:de:09:1f:85:27:2a:19:eb:75:3d:1a:e6:
66:2c:fa:ae:bc:aa:b2:2b:f2:e6:2a:1f:ed:11:5c:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.162.0/23
185.135.180.0/22
185.138.200.0/22
185.141.40.0/22
193.27.242.0/23
193.47.166.0/24
193.104.145.0/24
193.238.108.0/22
194.9.26.0/23
195.3.244.0/22
IPv6:
2a05:5840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
28761
35533
43222
50140
Signature Algorithm: sha256WithRSAEncryption
31:29:3f:60:32:72:8a:f5:72:5c:5f:26:46:8c:ad:35:58:c1:
df:8d:13:db:0a:fb:00:ab:7b:ba:f3:61:0a:66:cf:cc:c0:6e:
54:cb:38:f6:89:a7:4f:60:51:8d:90:0d:1c:71:d5:9a:1d:89:
44:a6:f2:17:8c:56:37:ea:0e:a4:7d:2a:0a:e7:3a:9c:76:5f:
65:68:de:65:04:4c:4a:11:53:e9:0d:78:0c:1b:ff:61:f9:57:
2a:05:06:20:2a:c1:b0:38:d9:12:18:45:a1:64:b8:e8:6e:8c:
01:af:5e:63:db:0e:05:e5:92:62:cf:08:0e:0e:39:a8:0c:0f:
c4:23:13:c6:c9:8a:91:82:01:a9:32:5d:4a:aa:63:a3:7d:19:
6c:dd:cc:17:99:96:14:13:a7:50:b0:df:7f:40:01:2b:d8:2b:
ca:5e:d5:86:05:c5:50:be:ae:3b:ad:5b:3b:cf:69:62:94:21:
02:a8:cf:1e:41:ed:5a:70:8b:9b:15:d0:fd:67:40:72:51:71:
89:63:f0:51:9f:1f:8e:9d:d2:5a:c6:5b:ec:48:77:51:42:f2:
6d:ea:98:4d:e2:63:39:39:a1:70:36:08:37:9f:cb:a5:9e:db:
bc:7d:6c:9d:5c:b8:ec:88:2d:07:44:28:8d:38:7b:97:ac:ba:
ea:3f:0b:05
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY2i7aWW2IXwTbHZVe15wsA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjEzMTQ0NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJlY2U5YzlhMzI0ZDQ1YzM1Zjk1NTlmMzI5ZDg4NjlkYWI1M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC8GsO4cIneiBbp3T+3w3U2LOWZ8
rreelzVAsvfIgKws/n3mG6sNRGSeKHmVste49jueePQNpExJ9m0bxdXQMf3n4u5x
HBfnVnJFsv4Edg9v9CTjvFQVN5FIckkymo+cnE/TEbJRCzNo7QiO/b0VFU2mujnz
P8EzUoyrKfsMsSn9ueBH+2g08GcGJKkqXgiWdgn61ILjIWFKddvD/MlSisW6mCJq
SvkoaP/H5pNKTWZbgZ5p8EB0ijyg2lP2mPD5mG2Y+dl72gL2a3FECBacliXSjnab
OU05B8al0Ahz5sbbvaPeCR+FJyoZ63U9GuZmLPquvKqyK/LmKh/tEVxvVQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM4L2QzY2Nl
Ni1iNDdiLTRkMDYtYTMwZi1lYjI0MTFkMjEyYWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgvZDNjY2U2
LWI0N2ItNGQwNi1hMzBmLWViMjQxMWQyMTJhYi8xL2hTN09uSm95VFVYRFg1Vlo4
eW5ZaHAyclU3by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUF
BwEHAQH/BFUwUzBCBAIAATA8AwQBW8KiAwQCuYe0AwQCuYrIAwQCuY0oAwQBwRvy
AwQAwS+mAwQAwWiRAwQCwe5sAwQBwgkaAwQCwwP0MA0EAgACMAcDBQMqBVhAMCgG
CCsGAQUFBwEIAQH/BBkwF6AVMBMCAnBZAgMAis0CAwCo1gIDAMPcMA0GCSqGSIb3
DQEBCwUAA4IBAQAxKT9gMnKK9XJcXyZGjK01WMHfjRPbCvsAq3u682EKZs/MwG5U
yzj2iadPYFGNkA0ccdWaHYlEpvIXjFY36g6kfSoK5zqcdl9laN5lBExKEVPpDXgM
G/9h+VcqBQYgKsGwONkSGEWhZLjobowBr15j2w4F5ZJizwgODjmoDA/EIxPGyYqR
ggGpMl1KqmOjfRls3cwXmZYUE6dQsN9/QAEr2CvKXtWGBcVQvq47rVs7z2lilCEC
qM8eQe1acIubFdD9Z0ByUXGJY/BRnx+OndJaxlvsSHdRQvJt6phN4mM5OaFwNgg3
n8ulntu8fWydXLjsiC0HRCiNOHuXrLrqPwsF
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:29:26 2024 by rpki-client on console-fra.rpki-client.org