Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/i9S8vzXbf-LvZjUipaOjl5pPH_g.cer
File: i9S8vzXbf-LvZjUipaOjl5pPH_g.cer (raw, json)
Hash identifier: LTRbkoHOYIjpHq3co+hgHea7O1DSQ+GQIDA/lYEoWoU=
Subject key identifier: 8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC349429B80380887B8AAA5FBB7446512
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 208591
IP: 45.84.208.0/22
IP: 2a0e:a180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:42:9b:80:38:08:87:b8:aa:a5:fb:b7:44:65:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bd4bcbf35db7fe2ef663522a5a3a3979a4f1ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fd:fd:ff:b5:80:45:6d:5f:e4:ef:11:20:08:
d5:fe:26:bc:3b:40:23:2a:2f:96:ca:01:5b:17:c6:
16:35:cf:24:fc:07:2e:bd:82:a0:3e:d0:2b:00:69:
aa:70:95:54:bd:4c:7f:d3:2f:64:b3:9f:a7:06:67:
9b:4c:0d:be:67:08:b4:bd:6f:cb:6f:75:96:11:d8:
cf:8f:36:24:e8:3d:f7:5f:8d:50:9d:98:1a:ef:84:
aa:25:29:76:6b:95:1d:b1:f3:2f:e7:e8:b1:5e:36:
2b:eb:2b:64:dd:c8:31:f5:1f:ef:4d:f3:e2:28:f3:
52:59:ba:55:a8:14:30:eb:1e:90:05:0e:08:18:d6:
24:8c:ae:05:6d:ed:5d:1d:58:9d:03:42:33:20:71:
62:cc:57:23:1e:f0:b2:cb:db:97:a7:66:7b:a1:ec:
d5:3a:42:b8:29:62:2d:d6:da:ed:83:60:6b:02:19:
e4:48:dd:c7:e1:35:c0:ee:f2:60:75:55:2a:69:84:
20:5d:8e:fb:4a:4a:6b:6f:dd:01:bf:c6:84:fc:c7:
fe:8d:48:98:6d:4d:8c:72:9a:8f:bc:d2:cb:49:16:
c5:b7:0c:bf:2c:84:1f:16:1d:40:79:2b:92:f8:be:
06:f7:46:ab:62:b5:79:d1:70:0d:69:dc:b1:94:ff:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D4:BC:BF:35:DB:7F:E2:EF:66:35:22:A5:A3:A3:97:9A:4F:1F:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a14272-2794-4f38-9640-478ed7f8d05e/1/i9S8vzXbf-LvZjUipaOjl5pPH_g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.208.0/22
IPv6:
2a0e:a180::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208591
Signature Algorithm: sha256WithRSAEncryption
0f:d3:15:71:3d:5d:84:4f:d6:6d:64:9c:a6:cd:2a:79:8c:03:
e7:26:8f:a3:82:6a:a1:4d:89:2d:0e:8a:36:db:b4:99:03:98:
b7:57:c2:2a:ce:64:31:a7:ba:bb:41:96:dd:92:90:08:6e:8e:
17:4c:3b:fb:4c:14:1d:5a:81:b6:a0:10:bc:9c:92:4c:c3:d2:
02:76:04:f7:78:69:35:ef:02:9f:a0:7a:5a:4d:3a:02:c0:9a:
cf:a6:ae:8a:9d:6d:a6:35:df:92:6c:e2:fe:ae:f4:79:18:31:
a3:ce:80:90:7d:8f:d6:02:cb:7e:70:32:54:d2:70:51:f3:a8:
21:a7:37:dc:60:35:3a:ad:ac:e8:3c:f7:47:be:f5:56:b5:da:
a6:6b:bd:ed:b1:2b:44:5b:fd:c7:48:c5:79:e5:dc:e8:e0:d0:
a1:d3:e9:41:60:1f:bd:64:8e:44:57:6c:57:9d:fd:00:fe:76:
4e:d9:dd:ef:8d:96:6a:19:35:b9:1a:f1:51:69:54:d5:70:76:
3c:5a:72:93:52:9b:8f:bb:27:c3:76:ef:82:2c:1e:f5:55:ba:
d8:90:7b:a5:bc:bf:f3:b4:ba:1c:78:d7:25:06:60:5c:d3:e7:
95:fc:78:2a:23:75:98:00:cb:2b:8e:8f:67:a4:4b:d7:43:5e:
b7:61:6f:81
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDSUKbgDgIh7iqpfu3RGUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmQ0YmNiZjM1ZGI3ZmUyZWY2NjM1MjJhNWEzYTM5NzlhNGYxZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv39/7WARW1f5O8RIAjV/ia8O0Aj
Ki+WygFbF8YWNc8k/AcuvYKgPtArAGmqcJVUvUx/0y9ks5+nBmebTA2+Zwi0vW/L
b3WWEdjPjzYk6D33X41QnZga74SqJSl2a5UdsfMv5+ixXjYr6ytk3cgx9R/vTfPi
KPNSWbpVqBQw6x6QBQ4IGNYkjK4Fbe1dHVidA0IzIHFizFcjHvCyy9uXp2Z7oezV
OkK4KWIt1trtg2BrAhnkSN3H4TXA7vJgdVUqaYQgXY77Skprb90Bv8aE/Mf+jUiY
bU2McpqPvNLLSRbFtwy/LIQfFh1AeSuS+L4G90arYrV50XANadyxlP+q4QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIvUvL8123/i72Y1IqWjo5eaTx/4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkL2ExNDI3
Mi0yNzk0LTRmMzgtOTY0MC00NzhlZDdmOGQwNWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvYTE0Mjcy
LTI3OTQtNGYzOC05NjQwLTQ3OGVkN2Y4ZDA1ZS8xL2k5Uzh2elhiZi1MdlpqVWlw
YU9qbDVwUEhfZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVTQMA0EAgACMAcDBQMqDqGAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMuzzANBgkqhkiG9w0BAQsFAAOCAQEAD9MVcT1dhE/W
bWScps0qeYwD5yaPo4JqoU2JLQ6KNtu0mQOYt1fCKs5kMae6u0GW3ZKQCG6OF0w7
+0wUHVqBtqAQvJySTMPSAnYE93hpNe8Cn6B6Wk06AsCaz6auip1tpjXfkmzi/q70
eRgxo86AkH2P1gLLfnAyVNJwUfOoIac33GA1Oq2s6Dz3R771VrXapmu97bErRFv9
x0jFeeXc6ODQodPpQWAfvWSORFdsV539AP52Ttnd742Wahk1uRrxUWlU1XB2PFpy
k1Kbj7snw3bvgiwe9VW62JB7pby/87S6HHjXJQZgXNPnlfx4KiN1mADLK46PZ6RL
10Net2FvgQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 09:37:48 2024 by rpki-client on console-ams.rpki-client.org