Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
File: lNmOj-xoB3WhVyZuDGt4sUGjT14.cer (raw, json)
Hash identifier: j29AcWDPyEyvyoGOZlQUVfd3MEZPZHq2YZKSqNHr+Sk=
Subject key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018FF1ADE6AA0D2FAC04658499E7CB966D3C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 07 Jun 2024 07:50:56 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 15626
AS: 21100
AS: 34787
AS: 50979
AS: 59729
AS: 204957
IP: 5.34.176.0/21
IP: 45.90.56.0/22
IP: 46.28.64.0/21
IP: 62.233.57.0/24
IP: 82.117.252.0/22
IP: 82.118.16.0/21
IP: 85.90.196.0/22
IP: 185.14.28.0/22
IP: 185.82.216.0/22
IP: 193.238.152.0/22
IP: 195.123.208.0 -- 195.123.247.255
IP: 195.211.96.0/22
IP: 217.12.192.0/19
IP: 2a02:27a8::/29
IP: 2a05:9400::/29
IP: 2a12:6fc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:ad:e6:aa:0d:2f:ac:04:65:84:99:e7:cb:96:6d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jun 7 07:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:f1:68:de:c8:af:5a:98:b2:aa:9f:6c:8e:
85:09:8a:56:64:5d:45:a9:ad:cc:1d:38:0b:02:c3:
72:de:8e:b7:a7:e5:da:57:9c:6d:1a:e6:b5:c2:b5:
bf:44:c8:22:1d:bf:60:b6:9a:0d:a4:26:a1:88:de:
c4:5b:ca:ca:ec:66:30:31:08:ab:92:a7:46:f6:2e:
01:78:80:60:23:55:80:58:bc:16:fd:a7:80:a8:7f:
6e:39:d0:df:92:29:b9:73:16:f0:20:e6:a4:32:4a:
2e:17:6e:9a:cf:1b:cf:6a:d7:b4:c7:99:a0:6b:30:
c5:ba:36:e6:a6:7a:1b:3e:b9:0a:25:ad:33:f7:a2:
22:69:54:82:67:b0:99:33:17:c0:c2:74:b5:f3:5e:
28:69:d3:a6:a7:58:b6:15:89:4f:b7:a6:ea:f9:b2:
5e:e9:59:32:00:85:8b:ea:d3:b7:20:58:06:f1:3e:
0c:90:70:83:98:dd:26:24:56:ea:73:2e:f0:8b:2e:
da:0e:9a:b3:54:a0:f9:a7:10:26:6a:ad:1a:a9:a9:
47:dd:33:b8:60:85:92:31:e8:c3:95:b9:04:f4:4c:
32:e2:00:b4:b4:b6:52:b0:26:9d:19:54:0e:51:21:
92:d4:a9:be:51:49:df:c7:c6:b8:37:f8:59:98:c4:
19:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/21
45.90.56.0/22
46.28.64.0/21
62.233.57.0/24
82.117.252.0/22
82.118.16.0/21
85.90.196.0/22
185.14.28.0/22
185.82.216.0/22
193.238.152.0/22
195.123.208.0-195.123.247.255
195.211.96.0/22
217.12.192.0/19
IPv6:
2a02:27a8::/29
2a05:9400::/29
2a12:6fc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15626
21100
34787
50979
59729
204957
Signature Algorithm: sha256WithRSAEncryption
44:76:ae:f2:3b:88:5e:80:48:cf:81:a3:6e:26:e7:2f:a0:58:
cd:bf:dc:db:8f:bc:ba:8b:cc:68:1b:55:58:c1:3c:52:12:d1:
99:23:1e:f8:ab:74:04:68:a0:d8:96:c1:76:b2:19:ac:9f:ed:
b9:83:ef:92:af:b8:04:f3:7a:85:16:8d:fe:ee:7b:df:f0:cd:
b7:57:4a:14:40:fe:90:9c:fb:49:b3:40:c6:30:3f:ee:b0:36:
0a:5d:70:07:28:db:6f:61:65:4e:7d:40:7d:2d:ce:b9:b8:97:
df:9d:bf:4d:6f:fd:4d:63:d6:4b:ce:08:d0:8d:e8:75:56:5d:
d5:94:23:60:8d:7d:53:fa:47:ed:49:cc:43:a9:f4:d4:ac:db:
e3:b0:6f:e2:2f:95:b5:3e:6d:d9:a2:3f:3d:5d:5e:a9:6e:d9:
58:e6:4e:19:32:23:61:27:41:36:57:46:e0:ad:df:67:24:21:
ce:e6:c6:5f:7b:86:c2:3d:7f:0b:4c:1e:df:ac:29:ae:5e:a8:
74:c3:a2:28:2b:9d:69:08:2e:ee:30:15:b0:6f:23:c6:ef:bb:
70:4b:f0:4e:d1:b2:61:b2:f3:b0:b3:f7:58:75:cf:a6:8a:a8:
99:77:61:2f:a1:59:a0:3d:ed:eb:96:1f:18:6d:cd:5e:b8:ba:
8b:8b:2b:22
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAY/xreaqDS+sBGWEmefLlm08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNjA3MDc1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ5OGU4ZmVjNjgwNzc1YTE1NzI2NmUwYzZiNzhiMTQxYTM0ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidvxaN7Ir1qYsqqfbI6FCYpWZF1F
qa3MHTgLAsNy3o63p+XaV5xtGua1wrW/RMgiHb9gtpoNpCahiN7EW8rK7GYwMQir
kqdG9i4BeIBgI1WAWLwW/aeAqH9uOdDfkim5cxbwIOakMkouF26azxvPate0x5mg
azDFujbmpnobPrkKJa0z96IiaVSCZ7CZMxfAwnS1814oadOmp1i2FYlPt6bq+bJe
6VkyAIWL6tO3IFgG8T4MkHCDmN0mJFbqcy7wiy7aDpqzVKD5pxAmaq0aqalH3TO4
YIWSMejDlbkE9Ewy4gC0tLZSsCadGVQOUSGS1Km+UUnfx8a4N/hZmMQZ5wIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFJTZjo/saAd1oVcmbgxreLFBo09eMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcyLzdhZTNj
Ny02N2U0LTQ0ZGUtYjEzOS04N2QxN2RmNzRjN2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIvN2FlM2M3
LTY3ZTQtNDRkZS1iMTM5LTg3ZDE3ZGY3NGM3ZS8xL2xObU9qLXhvQjNXaFZ5WnVE
R3Q0c1VHalQxNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGMBggrBgEF
BQcBBwEB/wR9MHswXAQCAAEwVgMEAwUisAMEAi1aOAMEAy4cQAMEAD7pOQMEAlJ1
/AMEA1J2EAMEAlVaxAMEArkOHAMEArlS2AMEAsHumDAMAwQEw3vQAwQDw3vwAwQC
w9NgAwQF2QzAMBsEAgACMBUDBQMqAieoAwUDKgWUAAMFAyoSb8AwMQYIKwYBBQUH
AQgBAf8EIjAgoB4wHAICPQoCAlJsAgMAh+MCAwDHIwIDAOlRAgMDIJ0wDQYJKoZI
hvcNAQELBQADggEBAER2rvI7iF6ASM+Bo24m5y+gWM2/3NuPvLqLzGgbVVjBPFIS
0ZkjHvirdARooNiWwXayGayf7bmD75KvuATzeoUWjf7ue9/wzbdXShRA/pCc+0mz
QMYwP+6wNgpdcAco229hZU59QH0tzrm4l9+dv01v/U1j1kvOCNCN6HVWXdWUI2CN
fVP6R+1JzEOp9NSs2+Owb+IvlbU+bdmiPz1dXqlu2VjmThkyI2EnQTZXRuCt32ck
Ic7mxl97hsI9fwtMHt+sKa5eqHTDoigrnWkILu4wFbBvI8bvu3BL8E7RsmGy87Cz
91h1z6aKqJl3YS+hWaA97euWHxhtzV64uouLKyI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:29:40 2024 by rpki-client on console-ams.rpki-client.org