Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jT5ZS7JunAjm_Ec2yqXTwgCFTeo.cer
File: jT5ZS7JunAjm_Ec2yqXTwgCFTeo.cer (raw, json)
Hash identifier: VSgiSinYqzz8Eso4H1glNwcRGm/ACZvMRPBgtJbVeek=
Subject key identifier: 8D:3E:59:4B:B2:6E:9C:08:E6:FC:47:36:CA:A5:D3:C2:00:85:4D:EA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8714AD4CC232512E2E6E8AAF9B9CB56
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8b/c75317-d5fd-4a24-8714-e7dee9a7cad5/1/jT5ZS7JunAjm_Ec2yqXTwgCFTeo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8b/c75317-d5fd-4a24-8714-e7dee9a7cad5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:31:57 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 209247
IP: 185.149.52.0/22
IP: 2a07:6500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4a:d4:cc:23:25:12:e2:e6:e8:aa:f9:b9:cb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d3e594bb26e9c08e6fc4736caa5d3c200854dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a9:31:d6:e8:5e:ae:82:32:0c:53:6b:58:24:
3b:d8:fa:6d:4d:cd:b6:48:bb:18:ce:c9:62:b6:65:
35:de:7d:47:f3:6b:8a:f2:2d:72:00:12:9c:b9:05:
2d:96:dc:92:24:50:a9:db:47:9b:e1:49:3a:0d:c7:
f7:d8:cf:79:0e:1a:7b:52:24:f9:8b:a1:e3:fd:30:
84:f0:e6:a7:3b:b8:f7:cc:b3:41:ce:82:a2:ff:44:
60:7d:5b:08:96:0d:a5:79:b3:be:ed:c9:8c:f6:ab:
2d:bb:f0:b1:34:5e:06:d7:bb:4c:30:25:fc:58:69:
6c:7c:85:84:7c:68:63:a7:36:ae:1c:6e:07:c5:34:
7c:7c:5d:df:3c:47:54:9e:ce:bc:45:ec:f6:c8:10:
55:16:e2:2b:20:41:1f:93:82:36:34:90:6c:bd:49:
76:e6:5e:d7:4c:dd:e9:0d:9f:1e:33:40:ae:b0:92:
fe:f4:d9:a6:50:69:72:c9:ba:be:1b:d0:fc:4e:5a:
0e:45:92:ab:83:c2:1c:61:23:39:75:15:08:23:79:
83:d0:9b:14:fb:58:54:2d:ec:17:38:ed:b0:b7:18:
26:b2:e2:d5:47:73:cd:b3:1e:1b:83:1f:6b:74:ef:
2d:f8:06:44:44:5b:97:f1:9a:03:b2:77:07:88:8e:
c6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3E:59:4B:B2:6E:9C:08:E6:FC:47:36:CA:A5:D3:C2:00:85:4D:EA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c75317-d5fd-4a24-8714-e7dee9a7cad5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c75317-d5fd-4a24-8714-e7dee9a7cad5/1/jT5ZS7JunAjm_Ec2yqXTwgCFTeo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.52.0/22
IPv6:
2a07:6500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209247
Signature Algorithm: sha256WithRSAEncryption
44:77:79:f2:ae:f4:99:46:97:9d:d6:a5:5f:ff:0e:5d:0e:3c:
18:f8:81:1c:b4:f4:0e:1d:55:2e:00:ae:41:32:de:ff:85:f3:
f5:20:4d:ec:63:d0:63:ad:6b:68:27:b0:f0:34:dd:c3:b2:43:
4f:ed:1e:84:ff:1f:72:4b:da:e3:ff:11:d3:b1:96:4b:bd:e8:
fe:83:3a:80:db:09:1c:41:49:bc:79:e3:78:8a:9f:89:75:d8:
e2:f3:23:bb:3b:af:df:3e:18:94:2c:b6:63:35:24:a2:5a:95:
7b:d7:39:d4:18:0b:20:4e:a0:85:62:c9:cd:02:a2:b6:e7:ed:
3e:7b:c3:ef:85:85:d8:b6:67:b8:4d:00:59:77:ec:13:bf:7d:
af:cb:7e:fc:09:0d:3d:fb:66:fb:02:9b:23:12:a3:21:35:1c:
e6:57:96:0c:33:f6:94:c6:a9:c2:9b:1b:3b:4e:f1:6a:d4:70:
b3:74:49:cd:17:68:85:9a:34:0b:77:54:f8:3f:54:63:d4:47:
b5:93:c1:98:a6:74:f2:8e:ec:fd:8a:9a:63:1a:d4:0b:5e:13:
12:ed:cd:8f:b1:b6:4d:cb:c5:84:1c:f6:c2:24:9f:43:09:83:
e3:e1:ff:1b:bb:07:0c:88:f6:90:72:b0:2e:d0:83:56:57:cf:
1e:4a:0c:c1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIcUrUzCMlEuLm6Kr5uctWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNlNTk0YmIyNmU5YzA4ZTZmYzQ3MzZjYWE1ZDNjMjAwODU0ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiakx1uheroIyDFNrWCQ72PptTc22
SLsYzslitmU13n1H82uK8i1yABKcuQUtltySJFCp20eb4Uk6Dcf32M95Dhp7UiT5
i6Hj/TCE8OanO7j3zLNBzoKi/0RgfVsIlg2lebO+7cmM9qstu/CxNF4G17tMMCX8
WGlsfIWEfGhjpzauHG4HxTR8fF3fPEdUns68Rez2yBBVFuIrIEEfk4I2NJBsvUl2
5l7XTN3pDZ8eM0CusJL+9NmmUGlyybq+G9D8TloORZKrg8IcYSM5dRUII3mD0JsU
+1hULewXOO2wtxgmsuLVR3PNsx4bgx9rdO8t+AZERFuX8ZoDsncHiI7GfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFI0+WUuybpwI5vxHNsql08IAhU3qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhiL2M3NTMx
Ny1kNWZkLTRhMjQtODcxNC1lN2RlZTlhN2NhZDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIvYzc1MzE3
LWQ1ZmQtNGEyNC04NzE0LWU3ZGVlOWE3Y2FkNS8xL2pUNVpTN0p1bkFqbV9FYzJ5
cVhUd2dDRlRlby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZU0MA0EAgACMAcDBQMqB2UAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMxXzANBgkqhkiG9w0BAQsFAAOCAQEARHd58q70mUaX
ndalX/8OXQ48GPiBHLT0Dh1VLgCuQTLe/4Xz9SBN7GPQY61raCew8DTdw7JDT+0e
hP8fckva4/8R07GWS73o/oM6gNsJHEFJvHnjeIqfiXXY4vMjuzuv3z4YlCy2YzUk
olqVe9c51BgLIE6ghWLJzQKituftPnvD74WF2LZnuE0AWXfsE799r8t+/AkNPftm
+wKbIxKjITUc5leWDDP2lMapwpsbO07xatRws3RJzRdohZo0C3dU+D9UY9RHtZPB
mKZ08o7s/YqaYxrUC14TEu3Nj7G2TcvFhBz2wiSfQwmD4+H/G7sHDIj2kHKwLtCD
VlfPHkoMwQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:13:09 2024 by rpki-client on console-ams.rpki-client.org