Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lA_4gDMK92KubMBQ3l80tfV7Cwk.cer
File: lA_4gDMK92KubMBQ3l80tfV7Cwk.cer (raw, json)
Hash identifier: HOEIHprihihTh5caLFmPHq4doCyA98oq3p3CGqPBJyE=
Subject key identifier: 94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC42515804C2F27919E71F52D4DBB9DD5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:30:13 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 20723
IP: 79.170.248.0/21
IP: 131.117.208.0/21
IP: 178.20.136.0/21
IP: 185.84.232.0/22
IP: 217.112.160.0/20
IP: 217.115.240.0/20
IP: 2a00:6500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:15:80:4c:2f:27:91:9e:71:f5:2d:4d:bb:9d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=940ff880330af762ae6cc050de5f34b5f57b0b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:27:4f:ab:ea:31:b9:00:98:ef:80:da:98:b2:
1e:33:c4:d4:e0:6b:b7:de:55:36:1b:1e:77:46:4a:
1b:0b:c7:99:1e:40:de:a2:d1:56:1f:57:80:b4:6c:
4b:38:b6:f6:91:e5:e1:da:a9:e3:54:ba:dd:5f:41:
e8:01:48:d9:21:37:76:27:c4:c4:a6:89:99:18:d0:
16:22:c4:c6:44:da:21:34:f6:2c:1d:a6:2a:4b:35:
6c:2d:a5:28:79:3f:76:67:d8:8d:8c:2c:39:f4:00:
02:6a:d4:08:56:52:4d:d5:14:50:6a:78:93:74:69:
f4:84:43:a3:c1:83:9e:13:ca:36:dc:eb:9a:db:44:
4f:21:7f:a5:d0:e7:96:a4:62:d5:e2:0e:21:49:6b:
fa:b8:93:ad:f6:96:28:5a:ca:a5:10:9e:b6:8b:62:
05:d2:ac:d1:57:11:fa:c2:3f:aa:8d:90:3f:f8:68:
83:f2:a1:12:9d:3f:6b:50:62:43:13:90:01:a0:cf:
31:7a:8c:60:08:e7:21:f2:e6:72:95:a3:01:37:30:
c9:df:b5:38:c1:77:8c:f0:1e:d5:19:0f:50:1a:f7:
40:c2:0c:98:80:08:88:83:e0:fd:1e:1b:e8:ce:15:
2d:a1:62:b0:b3:cf:85:93:2c:c4:b6:da:ac:5e:b9:
8a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0F:F8:80:33:0A:F7:62:AE:6C:C0:50:DE:5F:34:B5:F5:7B:0B:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/23e16e-943e-4595-9530-a82f658a2aa1/1/lA_4gDMK92KubMBQ3l80tfV7Cwk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.248.0/21
131.117.208.0/21
178.20.136.0/21
185.84.232.0/22
217.112.160.0/20
217.115.240.0/20
IPv6:
2a00:6500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20723
Signature Algorithm: sha256WithRSAEncryption
4b:1a:81:cc:d7:51:b2:e6:b6:f8:3b:34:7b:a4:c6:97:9f:dd:
cd:ca:7c:28:09:e6:dd:a6:9d:b5:1e:2b:b2:d2:cf:77:7f:7a:
a1:8a:28:f8:6c:ad:90:14:e9:59:6d:8e:c2:bf:dd:2e:ae:4b:
9a:e3:7f:0f:bd:d9:14:48:45:3d:ef:c5:a9:5f:b6:27:b8:38:
d3:ae:59:54:8c:e1:42:30:11:cd:a4:72:e4:58:21:ff:8a:94:
37:52:94:b2:f5:02:50:60:0a:15:95:42:29:83:f0:40:5b:4d:
c7:9a:3a:27:ac:e7:5b:50:24:00:f3:5a:f4:fc:d0:87:67:ae:
8f:e4:bb:8f:9f:65:3b:b8:7c:7f:7e:d5:5d:e7:f9:53:5c:59:
53:7d:36:37:76:7b:19:e1:44:38:03:3c:84:ad:e8:e5:8f:74:
27:46:aa:5d:c3:96:13:d5:78:06:73:15:5b:d3:a6:d2:12:1f:
49:50:be:8f:cb:a0:29:14:e6:a6:67:dc:c4:6d:02:79:64:5b:
00:0f:8b:e7:f0:e0:1f:1c:80:5f:83:02:d2:34:33:fd:98:b2:
9e:82:e8:9c:47:9f:6a:5a:a8:00:f8:9f:a8:a2:5f:b0:50:0b:
8d:ac:94:ba:ff:3f:3a:72:84:72:5d:2f:b3:e3:bb:c1:9c:bc:
5c:8a:cf:e7
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYzEJRWATC8nkZ5x9S1Nu53VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBmZjg4MDMzMGFmNzYyYWU2Y2MwNTBkZTVmMzRiNWY1N2IwYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSdPq+oxuQCY74DamLIeM8TU4Gu3
3lU2Gx53RkobC8eZHkDeotFWH1eAtGxLOLb2keXh2qnjVLrdX0HoAUjZITd2J8TE
pomZGNAWIsTGRNohNPYsHaYqSzVsLaUoeT92Z9iNjCw59AACatQIVlJN1RRQaniT
dGn0hEOjwYOeE8o23Oua20RPIX+l0OeWpGLV4g4hSWv6uJOt9pYoWsqlEJ62i2IF
0qzRVxH6wj+qjZA/+GiD8qESnT9rUGJDE5ABoM8xeoxgCOch8uZylaMBNzDJ37U4
wXeM8B7VGQ9QGvdAwgyYgAiIg+D9HhvozhUtoWKws8+FkyzEttqsXrmKqQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFJQP+IAzCvdirmzAUN5fNLX1ewsJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2LzIzZTE2
ZS05NDNlLTQ1OTUtOTUzMC1hODJmNjU4YTJhYTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvMjNlMTZl
LTk0M2UtNDU5NS05NTMwLWE4MmY2NThhMmFhMS8xL2xBXzRnRE1LOTJLdWJNQlEz
bDgwdGZWN0N3ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUF
BwEHAQH/BD0wOzAqBAIAATAkAwQDT6r4AwQDg3XQAwQDshSIAwQCuVToAwQE2XCg
AwQE2XPwMA0EAgACMAcDBQMqAGUAMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAlDz
MA0GCSqGSIb3DQEBCwUAA4IBAQBLGoHM11Gy5rb4OzR7pMaXn93NynwoCebdpp21
Hiuy0s93f3qhiij4bK2QFOlZbY7Cv90urkua438PvdkUSEU978WpX7YnuDjTrllU
jOFCMBHNpHLkWCH/ipQ3UpSy9QJQYAoVlUIpg/BAW03HmjonrOdbUCQA81r0/NCH
Z66P5LuPn2U7uHx/ftVd5/lTXFlTfTY3dnsZ4UQ4AzyErejlj3QnRqpdw5YT1XgG
cxVb06bSEh9JUL6Py6ApFOamZ9zEbQJ5ZFsAD4vn8OAfHIBfgwLSNDP9mLKeguic
R59qWqgA+J+ool+wUAuNrJS6/z86coRyXS+z47vBnLxcis/n
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:05:40 2024 by rpki-client on console-fra.rpki-client.org