Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
File: j20qybaMMnEffof95SNFhPW89PI.cer (raw, json)
Hash identifier: ukbPc5EA8pPaJaGnaoDWTAA1ZGACQcHtlmMMHq3MnLE=
Subject key identifier: 8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B91F6B254807A1D16F0B506D5C5E62
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:31:10 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 198291
IP: 46.232.136.0/21
IP: 185.124.44.0/22
IP: 2a04:dc40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1f:6b:25:48:07:a1:d1:6f:0b:50:6d:5c:5e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f6d2ac9b68c32711f7e87fde5234584f5bcf4f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:7e:a6:59:07:fc:bf:9e:b2:30:04:01:90:
8a:76:7d:7e:12:8c:86:79:8c:5b:a7:55:79:86:08:
bc:d4:d0:42:97:a8:87:b2:28:73:04:49:1b:0c:41:
10:eb:27:d1:5e:38:0b:44:8b:21:ed:04:55:b4:d4:
b8:8a:82:5a:ba:3a:8d:73:9e:47:c9:6b:39:14:90:
60:c8:88:18:5c:2f:4c:2a:f1:65:b0:f0:5e:49:90:
58:30:01:f4:33:26:ac:90:8c:57:68:11:8a:03:f6:
79:b7:08:49:0e:12:35:86:97:07:96:48:50:6e:b4:
6b:ac:e2:7d:d0:49:63:45:f4:af:bb:44:cc:78:78:
2e:a5:33:be:91:0b:ef:f6:ce:21:d5:bd:bc:72:df:
a9:1c:b9:dc:60:bb:4f:0c:65:1c:8d:55:7d:cb:f3:
5e:34:23:d0:7b:f5:d7:7f:6e:4f:ac:aa:0f:41:71:
29:a9:45:0d:2d:8b:58:cb:56:d4:9f:8a:b3:1a:73:
15:21:df:74:c9:71:19:6b:7d:c9:8e:82:80:b4:4d:
6b:8c:b3:ae:10:c4:ea:d1:56:32:22:f5:86:f2:bf:
2d:91:e0:86:47:2e:a9:f6:2e:f2:3a:d4:0f:39:c8:
da:76:e1:58:7c:99:59:93:8e:5e:b9:23:20:6c:29:
20:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.136.0/21
185.124.44.0/22
IPv6:
2a04:dc40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198291
Signature Algorithm: sha256WithRSAEncryption
1b:3d:0b:33:2f:b2:05:fc:09:23:20:64:8f:da:27:61:20:c8:
a9:12:a9:2e:39:79:72:55:89:d1:0b:bf:0c:d4:72:c7:3a:b4:
05:c3:03:71:a3:37:25:b1:06:b0:7d:6f:e4:87:83:fa:b0:37:
1c:c0:7b:a7:d2:03:dc:8a:9b:56:4d:2c:a5:37:85:4e:02:bb:
2e:11:2f:26:bb:99:60:19:b2:9e:df:af:74:67:27:91:c3:9d:
e3:30:18:5f:df:3a:e2:d8:2f:bb:d6:ce:3d:9f:49:45:5d:23:
8a:02:00:21:42:57:6f:88:f7:4c:ac:27:d5:d7:35:69:66:38:
59:9d:21:9b:d2:9d:9f:6e:d5:80:ce:97:3c:a5:dd:27:0d:71:
d5:2f:1d:d0:25:12:88:fb:d2:58:36:83:81:4a:62:b6:de:d2:
f8:29:10:6b:e5:85:f6:21:6c:c4:34:73:4f:2c:38:2d:ea:7a:
a1:7c:93:ed:4c:b8:c0:b3:13:71:94:ba:a4:f3:e2:db:ae:32:
24:34:cc:d2:5f:62:81:dc:1d:ab:4b:3c:1d:f7:62:ca:b2:b0:
dc:e2:b6:1d:3c:b9:d7:70:18:cf:09:aa:68:aa:3c:61:b1:8b:
ab:0b:7a:c6:2f:00:1b:59:a4:d0:c5:6b:99:94:da:a1:1b:bc:
e6:6b:0d:bc
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzGuR9rJUgHodFvC1BtXF5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZkMmFjOWI2OGMzMjcxMWY3ZTg3ZmRlNTIzNDU4NGY1YmNmNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNp+plkH/L+esjAEAZCKdn1+EoyG
eYxbp1V5hgi81NBCl6iHsihzBEkbDEEQ6yfRXjgLRIsh7QRVtNS4ioJaujqNc55H
yWs5FJBgyIgYXC9MKvFlsPBeSZBYMAH0MyaskIxXaBGKA/Z5twhJDhI1hpcHlkhQ
brRrrOJ90EljRfSvu0TMeHgupTO+kQvv9s4h1b28ct+pHLncYLtPDGUcjVV9y/Ne
NCPQe/XXf25PrKoPQXEpqUUNLYtYy1bUn4qzGnMVId90yXEZa33JjoKAtE1rjLOu
EMTq0VYyIvWG8r8tkeCGRy6p9i7yOtQPOcjaduFYfJlZk45euSMgbCkgewIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFI9tKsm2jDJxH36H/eUjRYT1vPTyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2U3OGVl
MS0wYTJhLTQ2YzktOTc2OS1mOTRmMDg0YjFlZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvZTc4ZWUx
LTBhMmEtNDZjOS05NzY5LWY5NGYwODRiMWVlNy8xL2oyMHF5YmFNTW5FZmZvZjk1
U05GaFBXODlQSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDLuiIAwQCuXwsMA0EAgACMAcDBQMqBNxAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMGkzANBgkqhkiG9w0BAQsFAAOCAQEAGz0L
My+yBfwJIyBkj9onYSDIqRKpLjl5clWJ0Qu/DNRyxzq0BcMDcaM3JbEGsH1v5IeD
+rA3HMB7p9ID3IqbVk0spTeFTgK7LhEvJruZYBmynt+vdGcnkcOd4zAYX9864tgv
u9bOPZ9JRV0jigIAIUJXb4j3TKwn1dc1aWY4WZ0hm9Kdn27VgM6XPKXdJw1x1S8d
0CUSiPvSWDaDgUpitt7S+CkQa+WF9iFsxDRzTyw4Lep6oXyT7Uy4wLMTcZS6pPPi
264yJDTM0l9igdwdq0s8HfdiyrKw3OK2HTy513AYzwmqaKo8YbGLqwt6xi8AG1mk
0MVrmZTaoRu85msNvA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:20:02 2024 by rpki-client on console-fra.rpki-client.org