Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
File: p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer (raw, json)
Hash identifier: JSaG88SC0XZ/LpBuBTeZ+3Gn2dnLN0NszR+EuUmcrOM=
Subject key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801842F6201982C7DD5F598A7CA4FEA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:51 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 15577
IP: 185.112.172.0/22
IP: 217.9.0.0/20
IP: 2a06:64c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:2f:62:01:98:2c:7d:d5:f5:98:a7:ca:4f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9f:2f:36:81:c6:18:8f:dc:b6:88:2c:05:81:
98:14:6f:75:7f:f7:b6:99:1c:a8:f1:6e:ca:6e:1a:
75:6c:c6:c0:25:27:32:34:ba:d7:8a:2b:70:df:05:
70:c7:29:d2:fe:cb:64:01:4c:11:52:b2:fa:ae:6e:
a1:64:b9:9f:ec:9a:34:bb:1c:0e:3d:21:cc:d5:9d:
17:52:89:82:70:95:b1:60:83:2b:c2:2f:fb:8c:46:
f9:e9:3c:6b:36:4c:c0:52:dc:56:04:c0:32:42:05:
86:25:2b:b5:52:41:dc:52:c3:df:b0:06:08:07:67:
d2:b9:c6:23:11:94:32:17:95:89:2f:79:cb:ff:20:
ba:be:e6:63:96:60:77:54:40:83:b7:f2:3b:af:a9:
5c:86:fc:c1:97:1b:c1:6f:5b:07:36:e9:68:4a:b5:
f3:61:35:57:63:99:59:f3:8b:4c:cd:9a:7b:a3:f9:
fc:4f:23:e5:8e:d6:99:a1:a9:af:52:39:42:fa:9a:
9d:43:07:40:c9:b8:bc:54:be:8b:ac:51:a6:74:56:
b8:07:6b:79:ad:3f:82:4c:76:d3:2d:94:bb:95:5f:
f0:16:74:0b:c0:1c:65:4b:a0:8f:62:13:94:de:d5:
c8:6d:bc:0b:28:52:c4:be:34:83:e2:7b:04:25:9a:
90:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.172.0/22
217.9.0.0/20
IPv6:
2a06:64c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
15577
Signature Algorithm: sha256WithRSAEncryption
94:6c:eb:7e:10:22:fa:1e:4d:db:16:0f:57:0b:45:eb:60:b4:
89:8a:2c:06:13:40:b1:bf:df:61:ce:58:82:96:08:e0:66:20:
3e:43:1c:95:73:eb:28:9d:f1:30:df:52:de:7c:6a:fd:ef:06:
1a:f7:4e:24:ad:17:d1:d6:c1:2b:d3:cd:31:ad:a3:fa:a9:c3:
72:82:33:23:2d:1c:43:97:5f:92:63:fb:28:51:73:33:2a:20:
12:77:31:a3:7a:d4:e8:80:54:44:73:ec:ce:c6:20:2b:ac:74:
b6:95:89:bf:49:da:e6:05:6d:f2:b5:e8:32:c0:32:ca:c8:a8:
34:92:9f:77:90:90:7b:5a:3e:f3:b0:90:a0:dd:e5:86:a5:b5:
3e:aa:2e:56:ac:6d:8f:80:d8:93:d8:5a:6b:0d:a5:9a:04:99:
5e:e9:ab:94:e0:0d:78:26:ca:7e:09:c3:6d:1c:df:cd:dd:b1:
a4:b5:42:7a:31:c0:7d:da:45:68:5f:6a:bd:95:c2:81:79:26:
f9:f9:4f:52:bc:cb:57:2c:ce:c5:2d:8c:2e:4e:74:9b:44:83:
0c:49:fe:85:9d:61:d6:4d:14:db:ad:e1:a5:dc:e6:a3:2d:a5:
33:90:5b:33:5c:93:97:9e:07:33:43:42:d4:4b:59:15:df:c0:
a2:57:b5:6c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYzIAYQvYgGYLH3V9Zinyk/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2VlMTgyZDljNDNhNWNlNzA2OGRmZDliYTdhYThlZDkwZTVlMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6p8vNoHGGI/ctogsBYGYFG91f/e2
mRyo8W7Kbhp1bMbAJScyNLrXiitw3wVwxynS/stkAUwRUrL6rm6hZLmf7Jo0uxwO
PSHM1Z0XUomCcJWxYIMrwi/7jEb56TxrNkzAUtxWBMAyQgWGJSu1UkHcUsPfsAYI
B2fSucYjEZQyF5WJL3nL/yC6vuZjlmB3VECDt/I7r6lchvzBlxvBb1sHNuloSrXz
YTVXY5lZ84tMzZp7o/n8TyPljtaZoamvUjlC+pqdQwdAybi8VL6LrFGmdFa4B2t5
rT+CTHbTLZS7lV/wFnQLwBxlS6CPYhOU3tXIbbwLKFLEvjSD4nsEJZqQgQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2RhYjQy
MC0wZGUzLTQzMjEtOWMwOS02YjVmNjg1MjJhN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZGFiNDIw
LTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8xL3AtNFlMWnhEcGM1d2FOX1p1
bnFvN1pEbDRMby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuXCsAwQE2QkAMA0EAgACMAcDBQMqBmTAMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAjzZMA0GCSqGSIb3DQEBCwUAA4IBAQCUbOt+
ECL6Hk3bFg9XC0XrYLSJiiwGE0Cxv99hzliClgjgZiA+QxyVc+sonfEw31LefGr9
7wYa904krRfR1sEr080xraP6qcNygjMjLRxDl1+SY/soUXMzKiASdzGjetTogFRE
c+zOxiArrHS2lYm/SdrmBW3ytegywDLKyKg0kp93kJB7Wj7zsJCg3eWGpbU+qi5W
rG2PgNiT2FprDaWaBJle6auU4A14Jsp+CcNtHN/N3bGktUJ6McB92kVoX2q9lcKB
eSb5+U9SvMtXLM7FLYwuTnSbRIMMSf6FnWHWTRTbreGl3OajLaUzkFszXJOXngcz
Q0LUS1kV38CiV7Vs
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:31:00 2024 by rpki-client on console-fra.rpki-client.org