Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/l2bGSG3nTBPUnMo_C-AiSjXM6mQ.cer
File: l2bGSG3nTBPUnMo_C-AiSjXM6mQ.cer (raw, json)
Hash identifier: anbp6kRfGdRMli2X5OHzyfHgYAqKosR3rumritQx5XY=
Subject key identifier: 97:66:C6:48:6D:E7:4C:13:D4:9C:CA:3F:0B:E0:22:4A:35:CC:EA:64
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018FB8E60DD3E5EEDF1B2477DA64E37418AE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/cea9b6-56b4-4b04-8b71-5d4d9d0c6597/1/l2bGSG3nTBPUnMo_C-AiSjXM6mQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/cea9b6-56b4-4b04-8b71-5d4d9d0c6597/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 27 May 2024 07:13:55 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 201243
IP: 78.41.137.0/24
IP: 2a10:db80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b8:e6:0d:d3:e5:ee:df:1b:24:77:da:64:e3:74:18:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 27 07:13:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9766c6486de74c13d49cca3f0be0224a35ccea64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b4:d6:a9:f2:4e:90:c1:54:7c:a7:9c:d4:e6:
bb:8b:f0:b4:8f:8a:2f:b5:79:36:32:50:9a:ea:ce:
09:8d:1d:38:fb:8d:ad:31:fc:49:37:15:cf:84:4d:
0c:ce:96:b9:94:75:d3:ef:76:1a:6a:eb:46:76:51:
f3:b1:a1:d1:65:0f:15:6f:dc:8b:34:15:00:09:33:
d1:15:da:c6:8e:41:f1:63:63:70:4a:fd:88:1e:cf:
f1:bd:ee:4c:90:49:d1:7e:9e:9b:49:2a:ee:c4:c7:
7e:32:ff:15:47:f9:3d:bc:38:5a:af:37:3d:33:f5:
73:e4:84:d6:b5:33:de:46:37:45:3f:6e:d6:1c:81:
de:36:4d:2e:02:05:ce:24:25:33:18:88:9f:fc:9a:
01:91:50:38:6e:91:42:2d:f5:01:cd:fa:86:a7:f6:
f1:29:9f:37:bb:a7:bf:f3:76:51:1d:b5:21:51:cd:
a6:d7:f5:6b:5a:77:06:bb:68:15:df:aa:7c:cc:1c:
65:91:2c:eb:06:67:86:60:8a:51:91:6d:5b:8b:8e:
b1:83:d5:41:59:a9:2c:eb:48:59:5a:02:68:08:87:
ca:75:0b:0b:e5:a3:a9:2e:09:c6:1e:91:a3:cb:18:
02:36:48:16:0a:69:e3:34:53:fd:48:ec:73:8b:16:
22:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:66:C6:48:6D:E7:4C:13:D4:9C:CA:3F:0B:E0:22:4A:35:CC:EA:64
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/cea9b6-56b4-4b04-8b71-5d4d9d0c6597/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/cea9b6-56b4-4b04-8b71-5d4d9d0c6597/1/l2bGSG3nTBPUnMo_C-AiSjXM6mQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.137.0/24
IPv6:
2a10:db80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201243
Signature Algorithm: sha256WithRSAEncryption
27:ba:94:88:61:2d:15:73:9d:3b:81:af:3e:f4:72:2c:da:e2:
aa:d8:e6:4d:6e:22:ca:6e:66:d6:e9:50:65:8c:13:e9:a4:ce:
c2:c1:90:c4:3a:f5:82:40:bb:69:f7:aa:5d:b9:6f:37:9d:14:
10:c5:c4:83:c6:fb:0b:b0:dd:a9:71:dc:b1:57:28:6a:ff:50:
9e:1a:e2:63:2d:b9:02:c0:56:f6:39:71:82:3f:13:52:8f:35:
ea:1c:ae:f9:4c:a0:32:a5:a1:21:8e:1a:5b:64:4b:21:90:73:
35:55:9e:ed:04:a5:31:54:27:fb:fb:f9:d6:fc:b2:d0:ca:02:
80:f2:7b:80:92:13:8a:e7:a4:7a:7a:a3:a2:72:0c:ad:85:46:
e8:f1:0f:fc:4f:3d:7f:0b:51:52:c2:87:a4:8a:14:c0:1e:bd:
7e:3a:87:5a:3b:55:b1:34:19:13:cc:e5:5f:d0:63:c2:eb:6a:
b1:f0:93:bd:b7:fe:e8:83:45:0e:e5:81:ec:60:51:93:1f:e8:
d7:a8:a1:4f:c0:80:d0:8b:11:ca:fa:e4:21:43:46:f7:64:34:
6a:c3:3b:92:c9:af:6b:e9:28:a2:dd:80:20:4f:cd:88:33:ec:
bd:89:e1:08:c1:a6:6e:92:5e:04:9f:2d:60:5b:d3:84:ff:f7:
66:a8:db:b6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY+45g3T5e7fGyR32mTjdBiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTI3MDcxMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzY2YzY0ODZkZTc0YzEzZDQ5Y2NhM2YwYmUwMjI0YTM1Y2NlYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLTWqfJOkMFUfKec1Oa7i/C0j4ov
tXk2MlCa6s4JjR04+42tMfxJNxXPhE0Mzpa5lHXT73YaautGdlHzsaHRZQ8Vb9yL
NBUACTPRFdrGjkHxY2NwSv2IHs/xve5MkEnRfp6bSSruxMd+Mv8VR/k9vDharzc9
M/Vz5ITWtTPeRjdFP27WHIHeNk0uAgXOJCUzGIif/JoBkVA4bpFCLfUBzfqGp/bx
KZ83u6e/83ZRHbUhUc2m1/VrWncGu2gV36p8zBxlkSzrBmeGYIpRkW1bi46xg9VB
Waks60hZWgJoCIfKdQsL5aOpLgnGHpGjyxgCNkgWCmnjNFP9SOxzixYi+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJdmxkht50wT1JzKPwvgIko1zOpkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwL2NlYTli
Ni01NmI0LTRiMDQtOGI3MS01ZDRkOWQwYzY1OTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvY2VhOWI2
LTU2YjQtNGIwNC04YjcxLTVkNGQ5ZDBjNjU5Ny8xL2wyYkdTRzNuVEJQVW5Nb19D
LUFpU2pYTTZtUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQATimJMA0EAgACMAcDBQMqENuAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMSGzANBgkqhkiG9w0BAQsFAAOCAQEAJ7qUiGEtFXOd
O4GvPvRyLNriqtjmTW4iym5m1ulQZYwT6aTOwsGQxDr1gkC7afeqXblvN50UEMXE
g8b7C7DdqXHcsVcoav9QnhriYy25AsBW9jlxgj8TUo816hyu+UygMqWhIY4aW2RL
IZBzNVWe7QSlMVQn+/v51vyy0MoCgPJ7gJITiuekenqjonIMrYVG6PEP/E89fwtR
UsKHpIoUwB69fjqHWjtVsTQZE8zlX9BjwutqsfCTvbf+6INFDuWB7GBRkx/o16ih
T8CA0IsRyvrkIUNG92Q0asM7ksmva+koot2AIE/NiDPsvYnhCMGmbpJeBJ8tYFvT
hP/3Zqjbtg==
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:11:38 2024 by rpki-client on console-fra.rpki-client.org