Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer (raw, json)
Hash identifier: NqwnkSg2LBqToYULXWChO1MYSTfcrzuGCTH9gQGGhWY=
Subject key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801BEB1489AA737D3663BF3FB22ED91
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:06 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 56361
IP: 31.41.184.0/21
IP: 46.175.120.0/21
IP: 176.98.168.0/21
IP: 176.118.128.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:be:b1:48:9a:a7:37:d3:66:3b:f3:fb:22:ed:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a1:06:3f:b1:79:88:31:05:80:7a:5e:e4:67:
a9:ec:2f:c7:ad:6a:97:69:90:87:ff:fa:00:bf:05:
2d:87:19:ff:d2:93:85:4b:e8:ac:0f:bb:b9:82:f1:
25:db:b5:68:37:c8:95:92:7f:05:0a:0d:e2:3d:b9:
6a:80:f1:89:ef:5b:93:80:38:dd:41:fa:47:36:1e:
cc:ac:66:4f:b2:f3:54:2a:e3:24:ef:67:97:28:8d:
ad:5c:7b:b4:a9:42:a9:71:44:61:df:b7:05:87:08:
8a:11:c6:65:31:4e:f4:ce:a3:33:7c:9a:e7:0d:36:
1c:ae:6a:9e:58:ac:7b:65:90:72:e1:95:a3:b1:8e:
07:cd:28:30:d5:c7:6b:89:23:bc:2d:3d:fb:12:1a:
4d:5a:82:a4:a1:c6:85:29:6e:6d:84:9a:f1:cf:76:
a1:fc:7d:5e:75:61:f1:96:87:5e:6d:ef:27:a8:f2:
13:a3:6b:e7:76:4b:bb:10:ce:d0:83:05:aa:67:6f:
8d:67:f1:48:fe:02:3c:4f:2b:c4:09:97:9c:f7:bd:
51:e3:84:96:c6:5d:da:be:be:7a:0a:9a:24:c1:40:
bd:4b:97:4c:38:1b:5b:58:ed:de:c7:70:e3:02:c3:
a9:b2:fd:2b:21:0c:c3:ef:07:2b:7a:00:ef:bb:2a:
d7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.184.0/21
46.175.120.0/21
176.98.168.0/21
176.118.128.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56361
Signature Algorithm: sha256WithRSAEncryption
4a:e2:93:e9:31:7f:a2:5c:fa:86:14:9d:9b:04:d9:53:44:58:
ef:46:ba:6e:7e:c3:05:dc:d8:55:b0:d3:4e:83:49:83:db:05:
60:07:ed:28:c8:7a:19:2a:67:fb:a8:17:e1:51:7d:96:1d:cd:
6b:27:4b:4f:8f:37:14:52:94:57:f6:96:ea:4f:68:13:63:29:
f9:63:b8:08:96:00:26:e1:a5:f1:f5:9e:93:a1:1d:7f:03:f5:
f4:04:37:c4:dc:2d:7c:7c:b9:df:07:cf:73:18:83:58:a2:36:
19:00:07:a1:60:0b:d3:45:df:ff:35:6f:f5:b5:bf:93:f4:78:
a7:d5:66:62:03:7f:8a:12:f9:8d:e5:f2:be:b6:e6:eb:f1:58:
fb:3b:5a:61:38:59:48:a8:0c:15:ec:53:fe:72:1d:99:64:d3:
05:ae:9b:2b:7a:33:58:e1:51:dc:3f:ee:14:25:9f:10:a5:fa:
4d:a3:73:85:79:a7:8f:6d:5d:51:a8:1e:c6:9f:ab:ac:b4:1b:
15:61:98:d7:57:ac:cb:14:4b:0a:f4:97:1b:79:78:b2:01:e0:
3c:be:af:45:d8:32:77:d3:a5:84:c2:1b:30:15:98:b4:12:65:
f0:b5:2d:db:b4:2b:1f:ae:c3:35:9a:43:fb:88:53:ab:39:ac:
88:06:a5:e8
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYzIAb6xSJqnN9NmO/P7Iu2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI4N2U1ZmQxYWFkYzFiYmVhMzcyYjQyNjllZWJkMzkzYzVjZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKEGP7F5iDEFgHpe5Gep7C/HrWqX
aZCH//oAvwUthxn/0pOFS+isD7u5gvEl27VoN8iVkn8FCg3iPblqgPGJ71uTgDjd
QfpHNh7MrGZPsvNUKuMk72eXKI2tXHu0qUKpcURh37cFhwiKEcZlMU70zqMzfJrn
DTYcrmqeWKx7ZZBy4ZWjsY4HzSgw1cdriSO8LT37EhpNWoKkocaFKW5thJrxz3ah
/H1edWHxlodebe8nqPITo2vndku7EM7QgwWqZ2+NZ/FI/gI8TyvECZec971R44SW
xl3avr56CpokwUC9S5dMOBtbWO3ex3DjAsOpsv0rIQzD7wcregDvuyrXSQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFJa4fl/RqtwbvqNytCae69OTxc1nMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiLzZhODhh
Yy1lZmI0LTQ1ZTQtOTE5OS0yYWJkYjIxOTQxYmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvNmE4OGFj
LWVmYjQtNDVlNC05MTk5LTJhYmRiMjE5NDFiYy8xL2xyaC1YOUdxM0J1LW8zSzBK
cDdyMDVQRnpXYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQDHym4AwQDLq94AwQDsGKoAwQDsHaAMBoGCCsG
AQUFBwEIAQH/BAswCaAHMAUCAwDcKTANBgkqhkiG9w0BAQsFAAOCAQEASuKT6TF/
olz6hhSdmwTZU0RY70a6bn7DBdzYVbDTToNJg9sFYAftKMh6GSpn+6gX4VF9lh3N
aydLT483FFKUV/aW6k9oE2Mp+WO4CJYAJuGl8fWek6EdfwP19AQ3xNwtfHy53wfP
cxiDWKI2GQAHoWAL00Xf/zVv9bW/k/R4p9VmYgN/ihL5jeXyvrbm6/FY+ztaYThZ
SKgMFexT/nIdmWTTBa6bK3ozWOFR3D/uFCWfEKX6TaNzhXmnj21dUagexp+rrLQb
FWGY11esyxRLCvSXG3l4sgHgPL6vRdgyd9OlhMIbMBWYtBJl8LUt27QrH67DNZpD
+4hTqzmsiAal6A==
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:39:48 2024 by rpki-client on console-fra.rpki-client.org