Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/l8S83VMS-KfDPeS311wVtMu8Hdo.cer
File: l8S83VMS-KfDPeS311wVtMu8Hdo.cer (raw, json)
Hash identifier: CkYfJmDh13gMLkAxwIQ7lDMZKD3rsOqmnrKb9b/Wmz4=
Subject key identifier: 97:C4:BC:DD:53:12:F8:A7:C3:3D:E4:B7:D7:5C:15:B4:CB:BC:1D:DA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D7F57FC78A76D0223AC9098DDFEBF8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/l8S83VMS-KfDPeS311wVtMu8Hdo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:49:03 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 207255
IP: 185.161.204.0/22
IP: 2a07:c7c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f5:7f:c7:8a:76:d0:22:3a:c9:09:8d:df:eb:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97c4bcdd5312f8a7c33de4b7d75c15b4cbbc1dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:41:c4:cb:2d:6e:9e:b4:80:08:5f:23:78:81:
30:9e:c7:96:56:88:d8:ea:65:24:1f:f4:98:89:af:
10:e3:0a:4c:58:90:e3:83:36:8b:4e:fc:86:89:30:
72:cd:9e:ed:4d:91:8a:5c:0b:53:3a:03:6c:49:36:
f5:4d:0d:60:0a:dc:fa:10:5d:5c:b6:45:38:37:7c:
52:fd:07:e8:4e:78:67:d7:40:ca:ac:8a:9c:3a:9a:
8f:e7:38:6b:61:d2:c0:ee:05:70:76:66:68:a2:07:
3e:5f:81:e1:6b:d5:e2:6b:19:ba:84:b3:7c:e0:4b:
18:78:23:30:74:ca:a9:c9:dd:7d:2b:c3:ae:0d:e5:
c1:ce:15:fd:4e:2c:b5:3f:e3:14:fb:0d:dd:6d:3c:
59:e4:4f:c2:50:fb:00:dc:fa:53:97:54:63:5f:67:
64:70:e4:d5:e1:68:d2:fd:f8:e1:6b:ce:ce:95:89:
ad:59:a4:5e:11:22:ed:f7:09:18:a4:d0:c5:a3:ee:
52:e0:a5:4f:b2:1f:29:dc:35:87:4e:f0:c9:7d:52:
28:80:92:6e:f2:4d:aa:cd:8e:63:d1:b0:61:55:e6:
28:27:b4:42:4e:c3:6a:51:59:61:d4:95:48:4e:1d:
27:e1:d6:9e:19:4a:f2:fb:a9:20:da:75:28:0a:95:
c7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:BC:DD:53:12:F8:A7:C3:3D:E4:B7:D7:5C:15:B4:CB:BC:1D:DA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/44775f-37a6-4a86-9fe5-e93bdb8d9c85/1/l8S83VMS-KfDPeS311wVtMu8Hdo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.204.0/22
IPv6:
2a07:c7c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207255
Signature Algorithm: sha256WithRSAEncryption
25:a4:df:b2:38:51:e3:2b:07:4d:a2:37:43:b9:ef:c6:b4:96:
2f:2f:ab:3b:82:8a:e1:4a:70:c1:33:67:47:91:14:cf:1c:72:
88:b1:2b:0a:de:83:dd:9e:de:c4:c0:ab:8d:27:fe:a4:9e:74:
53:07:99:06:09:e4:69:38:9b:93:b6:06:c4:42:9b:84:be:9a:
fe:07:2c:72:38:0e:d3:3c:b1:0a:91:d3:88:6d:a8:66:a8:d2:
ef:0e:bb:70:5b:5d:f6:fa:59:e3:a3:a8:73:0a:23:55:4c:4a:
39:25:49:37:a3:ca:cd:7b:3c:b2:4e:84:b6:f0:59:cb:e1:45:
8a:e6:6f:26:78:fd:ec:bd:c6:27:77:a7:49:54:d3:51:42:34:
a2:26:21:74:d1:9f:c2:7f:54:76:d6:11:df:5a:a3:29:6c:8d:
a8:33:ab:0f:4f:b2:81:e5:a1:d7:90:83:d8:b2:d7:1f:27:4d:
2f:f1:2e:56:45:18:35:05:48:02:d3:cc:5a:a4:a4:61:cb:1d:
9b:e9:d1:fc:43:05:22:04:89:6a:33:9f:14:c2:89:0f:24:71:
7f:b8:b9:3e:39:a4:30:3f:24:69:1a:ba:7e:2b:bf:17:08:57:
19:7e:e3:1c:eb:7c:8e:7b:ed:6f:fb:44:fa:40:8a:41:38:00:
23:8c:ca:ed
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQj1/V/x4p20CI6yQmN3+v4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M0YmNkZDUzMTJmOGE3YzMzZGU0YjdkNzVjMTViNGNiYmMxZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0HEyy1unrSACF8jeIEwnseWVojY
6mUkH/SYia8Q4wpMWJDjgzaLTvyGiTByzZ7tTZGKXAtTOgNsSTb1TQ1gCtz6EF1c
tkU4N3xS/QfoTnhn10DKrIqcOpqP5zhrYdLA7gVwdmZoogc+X4Hha9Xiaxm6hLN8
4EsYeCMwdMqpyd19K8OuDeXBzhX9Tiy1P+MU+w3dbTxZ5E/CUPsA3PpTl1RjX2dk
cOTV4WjS/fjha87OlYmtWaReESLt9wkYpNDFo+5S4KVPsh8p3DWHTvDJfVIogJJu
8k2qzY5j0bBhVeYoJ7RCTsNqUVlh1JVITh0n4daeGUry+6kg2nUoCpXHqQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJfEvN1TEvinwz3kt9dcFbTLvB3aMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzQ0Nzc1
Zi0zN2E2LTRhODYtOWZlNS1lOTNiZGI4ZDljODUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvNDQ3NzVm
LTM3YTYtNGE4Ni05ZmU1LWU5M2JkYjhkOWM4NS8xL2w4UzgzVk1TLUtmRFBlUzMx
MXdWdE11OEhkby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuaHMMA0EAgACMAcDBQMqB8fAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMplzANBgkqhkiG9w0BAQsFAAOCAQEAJaTfsjhR4ysH
TaI3Q7nvxrSWLy+rO4KK4UpwwTNnR5EUzxxyiLErCt6D3Z7exMCrjSf+pJ50UweZ
BgnkaTibk7YGxEKbhL6a/gcscjgO0zyxCpHTiG2oZqjS7w67cFtd9vpZ46Oocwoj
VUxKOSVJN6PKzXs8sk6EtvBZy+FFiuZvJnj97L3GJ3enSVTTUUI0oiYhdNGfwn9U
dtYR31qjKWyNqDOrD0+ygeWh15CD2LLXHydNL/EuVkUYNQVIAtPMWqSkYcsdm+nR
/EMFIgSJajOfFMKJDyRxf7i5PjmkMD8kaRq6fiu/FwhXGX7jHOt8jnvtb/tE+kCK
QTgAI4zK7Q==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:04:13 2025 by rpki-client