Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
File: lVcdiLU5ZafQgfOx2CicvCh3W4g.cer (raw, json)
Hash identifier: VZfxmP7iQVG218LpabjT9/u27dNNnKdZ3H2K4XkVW8c=
Subject key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC79494A1FA89C5120C911C19FBAC8BAA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 202077
IP: 185.68.136.0/22
IP: 2a03:2b20::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:94:a1:fa:89:c5:12:0c:91:1c:19:fb:ac:8b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:9a:5d:d1:18:bb:da:45:7b:fb:6a:9f:91:
e7:3e:d6:17:ec:5a:8a:03:a3:9b:81:73:37:58:c8:
50:8c:d0:b8:9d:84:cb:ad:f9:cd:56:09:47:42:fc:
3d:c6:99:10:e4:1d:f5:d7:a1:d4:db:e2:73:be:35:
ea:c7:22:7b:ee:25:ca:98:6a:f2:64:9d:4e:aa:eb:
a9:46:aa:46:99:cb:5f:ca:ec:e9:0e:6c:6f:45:9a:
4e:3e:ac:c6:ba:2e:cd:88:2f:72:7e:9a:49:86:e3:
52:36:f3:02:4e:19:ce:89:58:2a:be:a5:6b:30:ce:
13:9e:4e:16:38:8f:65:3f:b4:e0:d2:13:a6:43:6a:
29:72:59:79:48:39:11:4f:a3:4e:42:db:7d:5a:f2:
ae:ca:e8:df:44:e1:db:77:65:90:61:15:52:69:ae:
52:d1:30:e3:28:48:8a:5a:2a:60:dc:d8:5d:df:da:
c9:c8:54:5e:94:b9:1c:f9:3e:87:96:d3:9e:08:52:
17:96:0f:e2:7b:06:ba:4a:85:0f:32:ff:9f:da:7d:
3f:ff:2b:af:67:42:e8:2a:b6:bd:67:72:94:c8:6e:
fb:4a:e9:db:54:df:d3:ac:ba:2f:7f:c4:4e:f8:ab:
7d:64:bf:b8:a6:50:07:2a:43:ee:8f:f6:5c:2d:61:
5c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.136.0/22
IPv6:
2a03:2b20::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202077
Signature Algorithm: sha256WithRSAEncryption
a2:2a:16:2e:b9:ec:1c:8a:4d:3b:e8:6e:77:aa:37:d3:5f:a6:
ff:da:36:6c:3e:08:97:b6:8e:85:5b:f6:3a:58:e4:53:7e:98:
6f:20:5b:18:65:6d:cb:4b:ff:7d:c5:53:04:82:8d:f9:d3:55:
cc:6e:f8:0f:0f:71:6c:d5:a8:66:11:4f:43:55:6d:23:cb:01:
7c:8a:dd:50:df:1f:a8:7b:25:d0:13:c2:24:75:5d:64:ec:45:
5f:92:01:1a:d0:2a:ca:54:90:80:ca:0a:21:fb:10:c2:25:cd:
cc:86:37:0e:81:b5:61:60:2c:59:49:25:98:5c:72:34:96:e0:
f9:33:c0:a6:e6:31:34:32:45:58:56:43:f2:32:d4:18:a5:88:
1a:e4:7d:58:01:08:22:c3:2a:17:2d:f0:ee:04:17:90:b7:50:
3f:f0:40:0c:89:d7:06:fb:bf:06:d8:dc:08:c5:e5:fd:da:62:
3d:0e:bb:17:c7:0f:b1:3d:4e:e3:42:99:5a:09:1e:e9:8a:dc:
99:6b:02:c8:46:63:72:fa:09:b1:a1:b1:77:9e:b1:0d:a1:c2:
48:2f:2e:43:58:6a:a5:34:31:13:dc:88:84:b7:15:96:5e:93:
d4:ed:a2:0b:0e:a8:46:47:e2:1c:f6:21:5a:4e:13:b0:a5:1e:
40:67:27:3e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHlJSh+onFEgyRHBn7rIuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU3MWQ4OGI1Mzk2NWE3ZDA4MWYzYjFkODI4OWNiYzI4Nzc1Yjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMCaXdEYu9pFe/tqn5HnPtYX7FqK
A6ObgXM3WMhQjNC4nYTLrfnNVglHQvw9xpkQ5B3116HU2+JzvjXqxyJ77iXKmGry
ZJ1OquupRqpGmctfyuzpDmxvRZpOPqzGui7NiC9yfppJhuNSNvMCThnOiVgqvqVr
MM4Tnk4WOI9lP7Tg0hOmQ2opcll5SDkRT6NOQtt9WvKuyujfROHbd2WQYRVSaa5S
0TDjKEiKWipg3Nhd39rJyFRelLkc+T6HltOeCFIXlg/iewa6SoUPMv+f2n0//yuv
Z0LoKra9Z3KUyG77SunbVN/TrLovf8RO+Kt9ZL+4plAHKkPuj/ZcLWFcLQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJVXHYi1OWWn0IHzsdgonLwod1uIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1L2IzZjk5
My1kMDNiLTRiMTMtODFhZi1hYTYyMjk2OTg0NjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvYjNmOTkz
LWQwM2ItNGIxMy04MWFmLWFhNjIyOTY5ODQ2MS8xL2xWY2RpTFU1WmFmUWdmT3gy
Q2ljdkNoM1c0Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuUSIMA0EAgACMAcDBQAqAysgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMVXTANBgkqhkiG9w0BAQsFAAOCAQEAoioWLrnsHIpN
O+hud6o301+m/9o2bD4Il7aOhVv2OljkU36YbyBbGGVty0v/fcVTBIKN+dNVzG74
Dw9xbNWoZhFPQ1VtI8sBfIrdUN8fqHsl0BPCJHVdZOxFX5IBGtAqylSQgMoKIfsQ
wiXNzIY3DoG1YWAsWUklmFxyNJbg+TPApuYxNDJFWFZD8jLUGKWIGuR9WAEIIsMq
Fy3w7gQXkLdQP/BADInXBvu/BtjcCMXl/dpiPQ67F8cPsT1O40KZWgke6YrcmWsC
yEZjcvoJsaGxd56xDaHCSC8uQ1hqpTQxE9yIhLcVll6T1O2iCw6oRkfiHPYhWk4T
sKUeQGcnPg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:36:19 2024 by rpki-client on console-fra.rpki-client.org