Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
File: lNmOj-xoB3WhVyZuDGt4sUGjT14.cer (raw, json)
Hash identifier: +OH7Km93RVb/qxY7ckDaUITXTya1qdPAgm3Oceqqcc0=
Subject key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018F39B79FC6D9424F4D593776DB38560726
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 May 2024 14:31:26 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 34787
AS: 204957
IP: 45.90.56.0/22
IP: 62.233.57.0/24
IP: 82.117.252.0/22
IP: 85.90.196.0/22
IP: 85.90.210.0/24
IP: 85.90.213.0 -- 85.90.214.255
IP: 85.90.218.0/23
IP: 185.82.216.0/22
IP: 185.169.16.0/22
IP: 193.238.152.0/22
IP: 195.123.208.0 -- 195.123.247.255
IP: 195.211.96.0/22
IP: 2a05:9400::/29
IP: 2a12:6fc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:b7:9f:c6:d9:42:4f:4d:59:37:76:db:38:56:07:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 2 14:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:f1:68:de:c8:af:5a:98:b2:aa:9f:6c:8e:
85:09:8a:56:64:5d:45:a9:ad:cc:1d:38:0b:02:c3:
72:de:8e:b7:a7:e5:da:57:9c:6d:1a:e6:b5:c2:b5:
bf:44:c8:22:1d:bf:60:b6:9a:0d:a4:26:a1:88:de:
c4:5b:ca:ca:ec:66:30:31:08:ab:92:a7:46:f6:2e:
01:78:80:60:23:55:80:58:bc:16:fd:a7:80:a8:7f:
6e:39:d0:df:92:29:b9:73:16:f0:20:e6:a4:32:4a:
2e:17:6e:9a:cf:1b:cf:6a:d7:b4:c7:99:a0:6b:30:
c5:ba:36:e6:a6:7a:1b:3e:b9:0a:25:ad:33:f7:a2:
22:69:54:82:67:b0:99:33:17:c0:c2:74:b5:f3:5e:
28:69:d3:a6:a7:58:b6:15:89:4f:b7:a6:ea:f9:b2:
5e:e9:59:32:00:85:8b:ea:d3:b7:20:58:06:f1:3e:
0c:90:70:83:98:dd:26:24:56:ea:73:2e:f0:8b:2e:
da:0e:9a:b3:54:a0:f9:a7:10:26:6a:ad:1a:a9:a9:
47:dd:33:b8:60:85:92:31:e8:c3:95:b9:04:f4:4c:
32:e2:00:b4:b4:b6:52:b0:26:9d:19:54:0e:51:21:
92:d4:a9:be:51:49:df:c7:c6:b8:37:f8:59:98:c4:
19:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
85.90.196.0/22
85.90.210.0/24
85.90.213.0-85.90.214.255
85.90.218.0/23
185.82.216.0/22
185.169.16.0/22
193.238.152.0/22
195.123.208.0-195.123.247.255
195.211.96.0/22
IPv6:
2a05:9400::/29
2a12:6fc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34787
204957
Signature Algorithm: sha256WithRSAEncryption
23:72:26:2c:ef:68:69:88:70:46:43:db:f4:ca:cc:34:bb:7c:
d4:38:43:80:aa:37:8a:b7:8c:6f:bc:8a:b7:6f:b6:79:79:75:
b1:48:38:d5:af:cc:4b:1f:70:c6:01:f3:bd:be:6d:89:17:3b:
3d:18:e6:f7:bc:5c:d8:ba:c8:ad:a9:7c:70:1a:15:f5:6b:c4:
d0:7b:fe:fb:74:3f:b6:db:73:5e:65:97:5a:37:29:6e:2a:c1:
cd:16:84:77:b6:7b:f6:d5:e7:17:4e:5d:df:34:ce:ed:68:5a:
8e:81:fe:78:84:8e:86:75:f4:c9:2f:d6:a5:08:9b:18:99:5f:
7e:f1:6a:81:bc:89:32:de:1f:49:12:c4:dd:52:dc:4a:78:4a:
f8:93:7b:96:41:e3:56:53:02:19:ef:2e:7c:e0:17:9c:de:1a:
09:3f:f2:c7:28:2e:cb:69:5f:2a:89:c8:f2:56:44:9a:1c:1b:
06:0c:0c:b1:0e:41:6c:67:0b:52:e5:6c:67:67:b2:35:36:85:
a2:47:f7:c4:99:47:8d:d4:da:6f:1e:ad:be:e2:81:18:60:37:
8a:fe:96:7f:67:f1:41:4f:a3:6e:f7:2c:51:3a:7f:65:af:cc:
ed:c6:5e:a8:37:ef:78:68:6c:2a:e6:77:b7:9b:d7:05:8d:00:
08:6f:f2:3e
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAY85t5/G2UJPTVk3dts4VgcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNTAyMTQzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ5OGU4ZmVjNjgwNzc1YTE1NzI2NmUwYzZiNzhiMTQxYTM0ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidvxaN7Ir1qYsqqfbI6FCYpWZF1F
qa3MHTgLAsNy3o63p+XaV5xtGua1wrW/RMgiHb9gtpoNpCahiN7EW8rK7GYwMQir
kqdG9i4BeIBgI1WAWLwW/aeAqH9uOdDfkim5cxbwIOakMkouF26azxvPate0x5mg
azDFujbmpnobPrkKJa0z96IiaVSCZ7CZMxfAwnS1814oadOmp1i2FYlPt6bq+bJe
6VkyAIWL6tO3IFgG8T4MkHCDmN0mJFbqcy7wiy7aDpqzVKD5pxAmaq0aqalH3TO4
YIWSMejDlbkE9Ewy4gC0tLZSsCadGVQOUSGS1Km+UUnfx8a4N/hZmMQZ5wIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFJTZjo/saAd1oVcmbgxreLFBo09eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzdhZTNj
Ny02N2U0LTQ0ZGUtYjEzOS04N2QxN2RmNzRjN2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvN2FlM2M3
LTY3ZTQtNDRkZS1iMTM5LTg3ZDE3ZGY3NGM3ZS8xL2xObU9qLXhvQjNXaFZ5WnVE
R3Q0c1VHalQxNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGHBggrBgEF
BQcBBwEB/wR4MHYwXgQCAAEwWAMEAi1aOAMEAD7pOQMEAlJ1/AMEAlVaxAMEAFVa
0jAMAwQAVVrVAwQAVVrWAwQBVVraAwQCuVLYAwQCuakQAwQCwe6YMAwDBATDe9AD
BAPDe/ADBALD02AwFAQCAAIwDgMFAyoFlAADBQMqEm/AMB8GCCsGAQUFBwEIAQH/
BBAwDqAMMAoCAwCH4wIDAyCdMA0GCSqGSIb3DQEBCwUAA4IBAQAjciYs72hpiHBG
Q9v0ysw0u3zUOEOAqjeKt4xvvIq3b7Z5eXWxSDjVr8xLH3DGAfO9vm2JFzs9GOb3
vFzYusitqXxwGhX1a8TQe/77dD+223NeZZdaNyluKsHNFoR3tnv21ecXTl3fNM7t
aFqOgf54hI6GdfTJL9alCJsYmV9+8WqBvIky3h9JEsTdUtxKeEr4k3uWQeNWUwIZ
7y584Bec3hoJP/LHKC7LaV8qicjyVkSaHBsGDAyxDkFsZwtS5WxnZ7I1NoWiR/fE
mUeN1NpvHq2+4oEYYDeK/pZ/Z/FBT6Nu9yxROn9lr8ztxl6oN+94aGwq5ne3m9cF
jQAIb/I+
-----END CERTIFICATE-----
Generated at Fri May 3 10:55:49 2024 by rpki-client on console-fra.rpki-client.org