Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer
File: ikAAEBrTk8rff8j9Y9qtPG2uEk8.cer (raw, json)
Hash identifier: pPkNqCrvYcf2IlixiqbYZ4W5C4NzScAJ8CPbf3zrd4s=
Subject key identifier: 8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DBF0ABCEA71FCD913C0481F21B78ED
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:34 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 41549
IP: 88.84.0.0/19
IP: 89.186.208.0/21
IP: 146.185.0.0/21
IP: 178.21.224.0/21
IP: 185.37.72.0/22
IP: 194.11.218.0/23
IP: 195.20.64.0/19
IP: 213.159.144.0/20
IP: 217.67.128.0/20
IP: 2a01:aec0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f0:ab:ce:a7:1f:cd:91:3c:04:81:f2:1b:78:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a4000101ad393cadf7fc8fd63daad3c6dae124f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:99:07:e2:23:bb:09:9d:7b:fe:32:ad:fb:33:
7e:3a:00:bc:ec:27:5b:f4:3e:d5:4c:69:23:c8:5e:
32:91:10:26:e4:8c:3f:94:b6:4e:8f:55:bb:a7:48:
bd:5a:19:12:50:b7:c0:07:f6:d6:5d:ff:a1:fe:66:
67:64:95:ba:9a:70:f6:c4:63:92:dd:69:f9:4f:4d:
91:b1:ed:49:ce:c1:5d:04:1d:8f:a2:da:39:cf:8d:
c5:da:18:ca:28:b9:9c:67:1b:4b:a8:b7:9e:1f:7d:
7f:64:9e:59:a1:d3:00:c1:f3:c7:fc:33:e6:78:21:
9b:24:6c:df:ec:9a:c0:20:e0:e7:13:5d:9c:50:db:
b3:ea:e9:9c:ad:f4:c6:3a:1d:41:99:37:b9:50:04:
c6:43:87:3f:b5:52:74:39:6d:ff:01:0c:68:58:15:
69:dd:1a:03:72:2c:06:e9:e5:17:aa:c8:81:e4:b7:
6d:48:3f:86:3f:b0:6d:bc:98:fd:32:1f:1c:2f:31:
8f:57:b7:0f:7f:93:61:b1:a3:44:12:bd:98:77:b8:
67:17:45:27:94:9a:b7:d5:b6:6b:98:4c:37:fb:2e:
8c:8a:54:31:a0:ad:c4:46:d7:5f:d1:db:15:1b:a4:
06:ad:86:b4:b2:75:b1:91:9f:7c:f5:3f:19:b2:a3:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:40:00:10:1A:D3:93:CA:DF:7F:C8:FD:63:DA:AD:3C:6D:AE:12:4F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b27bd0-3d39-4d78-aa2c-1f3ccfa61aac/1/ikAAEBrTk8rff8j9Y9qtPG2uEk8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.0.0/19
89.186.208.0/21
146.185.0.0/21
178.21.224.0/21
185.37.72.0/22
194.11.218.0/23
195.20.64.0/19
213.159.144.0/20
217.67.128.0/20
IPv6:
2a01:aec0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41549
Signature Algorithm: sha256WithRSAEncryption
75:3a:54:e4:cb:e5:4f:78:3f:7a:96:52:2b:a8:ec:33:c5:6c:
e0:bd:ab:7a:c6:97:26:79:dc:e7:5d:77:b0:8e:6a:7b:a1:08:
8e:a4:9e:3c:ed:a7:b5:58:cd:c1:a2:4d:30:37:8e:18:6b:53:
ee:6c:f8:5e:cd:64:b0:84:2a:7f:58:51:70:ff:9a:8a:5b:da:
0f:3a:42:66:f5:ca:a0:c5:2c:01:14:cd:24:71:91:9d:d2:8e:
e7:aa:49:1b:d8:8a:a6:dd:3b:3c:06:f0:22:fa:69:54:2e:aa:
f9:a7:53:83:60:a2:2f:cc:ae:38:38:40:41:07:fe:1b:23:7c:
b0:63:fe:ab:c3:a1:ad:1a:5e:1b:14:0a:3b:4b:d1:f3:65:04:
70:ab:fd:30:f1:7b:18:b1:81:4d:af:87:84:c9:0e:28:44:63:
ba:d3:8c:f4:65:6c:9c:71:24:84:4c:59:19:8f:71:48:d5:7a:
b8:51:ec:f1:6c:02:54:e7:3f:1e:3c:c6:3c:47:a3:9e:70:3a:
ec:2c:84:ed:a3:90:70:00:d5:98:9f:d2:77:92:2f:ea:37:07:
84:65:52:a4:ca:93:29:06:de:8b:60:c6:73:d2:54:9a:91:4d:
75:be:f0:96:7d:5d:34:18:55:2b:3f:a8:cc:26:25:a5:05:4d:
b8:79:72:c6
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAYzF2/CrzqcfzZE8BIHyG3jtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQwMDAxMDFhZDM5M2NhZGY3ZmM4ZmQ2M2RhYWQzYzZkYWUxMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZkH4iO7CZ17/jKt+zN+OgC87Cdb
9D7VTGkjyF4ykRAm5Iw/lLZOj1W7p0i9WhkSULfAB/bWXf+h/mZnZJW6mnD2xGOS
3Wn5T02Rse1JzsFdBB2Poto5z43F2hjKKLmcZxtLqLeeH31/ZJ5ZodMAwfPH/DPm
eCGbJGzf7JrAIODnE12cUNuz6umcrfTGOh1BmTe5UATGQ4c/tVJ0OW3/AQxoWBVp
3RoDciwG6eUXqsiB5LdtSD+GP7BtvJj9Mh8cLzGPV7cPf5NhsaNEEr2Yd7hnF0Un
lJq31bZrmEw3+y6MilQxoK3ERtdf0dsVG6QGrYa0snWxkZ989T8ZsqMZ5QIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFIpAABAa05PK33/I/WParTxtrhJPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZjL2IyN2Jk
MC0zZDM5LTRkNzgtYWEyYy0xZjNjY2ZhNjFhYWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMvYjI3YmQw
LTNkMzktNGQ3OC1hYTJjLTFmM2NjZmE2MWFhYy8xL2lrQUFFQnJUazhyZmY4ajlZ
OXF0UEcydUVrOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF4GCCsGAQUF
BwEHAQH/BE8wTTA8BAIAATA2AwQFWFQAAwQDWbrQAwQDkrkAAwQDshXgAwQCuSVI
AwQBwgvaAwQFwxRAAwQE1Z+QAwQE2UOAMA0EAgACMAcDBQAqAa7AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCiTTANBgkqhkiG9w0BAQsFAAOCAQEAdTpU5MvlT3g/
epZSK6jsM8Vs4L2resaXJnnc5113sI5qe6EIjqSePO2ntVjNwaJNMDeOGGtT7mz4
Xs1ksIQqf1hRcP+ailvaDzpCZvXKoMUsARTNJHGRndKO56pJG9iKpt07PAbwIvpp
VC6q+adTg2CiL8yuODhAQQf+GyN8sGP+q8OhrRpeGxQKO0vR82UEcKv9MPF7GLGB
Ta+HhMkOKERjutOM9GVsnHEkhExZGY9xSNV6uFHs8WwCVOc/HjzGPEejnnA67CyE
7aOQcADVmJ/Sd5Iv6jcHhGVSpMqTKQbei2DGc9JUmpFNdb7wln1dNBhVKz+ozCYl
pQVNuHlyxg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:02:50 2024 by rpki-client on console-ams.rpki-client.org