Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
File: preJsy4W6d0vcFExGdx36mH_Hgk.cer (raw, json)
Hash identifier: sU7Q9kFetuG0kKmTUfZGw05ncE0gCzujyAHWavDPAgI=
Subject key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B7BC9EFE2DF84B181F918CEC722174
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:29:39 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 24703
AS: 25236
IP: 147.78.116.0/22
IP: 176.111.48.0 -- 176.111.50.255
IP: 176.111.57.0 -- 176.111.63.255
IP: 193.111.8.0/23
IP: 195.128.16.0/22
IP: 195.234.212.0/22
IP: 2a09:21c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bc:9e:fe:2d:f8:4b:18:1f:91:8c:ec:72:21:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:62:5c:3d:7c:cd:b7:fa:70:37:3f:b1:db:8e:
76:d6:bf:61:ef:20:cf:47:ba:58:c3:a5:19:22:9f:
3e:49:0e:64:fe:71:d3:bd:43:ac:b0:e0:32:eb:7b:
a3:e5:14:99:d9:42:aa:9d:f5:16:c9:9c:7d:24:ca:
a9:a3:db:42:90:47:81:34:f9:21:94:b8:b7:a1:0c:
f4:9c:38:fb:d1:e9:1d:28:44:28:18:0c:1e:b0:9a:
9b:78:28:fa:05:7a:87:fd:3a:06:fe:50:94:40:4b:
44:78:70:55:9f:a7:99:74:5a:e5:48:f3:b4:a0:6a:
bc:7a:5a:be:30:66:ce:2e:7d:93:d1:3b:8e:24:4b:
ae:e1:ef:18:06:96:0c:55:9d:96:ee:c6:59:d8:5b:
fc:49:1e:03:25:25:83:84:d4:39:1a:db:4a:56:fb:
7e:55:85:23:58:15:85:91:2e:a5:cd:04:bc:ba:37:
95:0a:d4:54:e5:98:b2:db:2b:c7:3e:01:52:da:0a:
d2:05:f4:23:2e:c8:aa:ab:38:04:bc:1b:eb:85:cf:
bd:c5:33:d7:9e:bb:33:da:ba:ae:36:34:37:ba:57:
8f:53:d1:6e:cf:67:b7:0d:59:b1:76:e6:b5:0c:7b:
0e:ad:a3:80:33:4a:36:b5:0e:ec:be:c8:a8:23:6e:
ab:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.116.0/22
176.111.48.0-176.111.50.255
176.111.57.0-176.111.63.255
193.111.8.0/23
195.128.16.0/22
195.234.212.0/22
IPv6:
2a09:21c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24703
25236
Signature Algorithm: sha256WithRSAEncryption
97:22:3b:fa:c7:3c:25:e3:bd:3f:b9:53:85:94:d2:1f:bd:6f:
0d:0d:4f:10:40:bc:10:4c:4c:25:c4:6a:aa:ba:c2:48:bf:fe:
6e:37:78:ba:11:be:2b:82:20:db:b6:5e:74:13:03:58:7c:11:
ff:48:23:36:73:cc:1f:a5:2c:00:11:2e:82:60:3a:80:81:79:
b0:70:51:bc:26:3f:ce:bc:77:45:5e:69:f0:dc:1e:7a:80:80:
fc:e0:d0:00:db:29:33:66:7e:55:ed:2e:f3:15:ec:85:75:02:
5d:4c:47:8d:c7:d3:19:10:c4:83:e6:82:e7:fb:b6:ca:e2:c2:
98:79:04:ed:fd:cf:2c:a0:ff:2c:c3:21:41:38:68:76:13:43:
a8:6b:53:84:5f:a7:32:05:de:43:29:64:ea:eb:cb:da:c5:1a:
44:4f:c3:c8:ce:8b:12:5a:c3:d0:3c:86:79:4d:06:19:03:13:
71:02:ba:f6:56:3e:87:a7:b8:50:ce:d9:d9:ac:b7:b0:da:0a:
62:db:12:4c:d8:f3:f2:58:9b:46:55:67:ab:43:f3:b1:9e:e3:
bd:b3:f0:ca:68:82:e9:2b:e2:bf:b4:23:78:d7:67:8a:76:e9:
a3:9e:52:08:eb:08:d2:bd:41:b1:29:25:52:70:1d:23:7e:1f:
3f:04:42:6c
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYzGt7ye/i34SxgfkYzsciF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI3ODliMzJlMTZlOWRkMmY3MDUxMzExOWRjNzdlYTYxZmYxZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmJcPXzNt/pwNz+x24521r9h7yDP
R7pYw6UZIp8+SQ5k/nHTvUOssOAy63uj5RSZ2UKqnfUWyZx9JMqpo9tCkEeBNPkh
lLi3oQz0nDj70ekdKEQoGAwesJqbeCj6BXqH/ToG/lCUQEtEeHBVn6eZdFrlSPO0
oGq8elq+MGbOLn2T0TuOJEuu4e8YBpYMVZ2W7sZZ2Fv8SR4DJSWDhNQ5GttKVvt+
VYUjWBWFkS6lzQS8ujeVCtRU5Ziy2yvHPgFS2grSBfQjLsiqqzgEvBvrhc+9xTPX
nrsz2rquNjQ3ulePU9Fuz2e3DVmxdua1DHsOraOAM0o2tQ7svsioI26rTQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFKa3ibMuFundL3BRMRncd+ph/x4JMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmL2U3Njhi
ZC1mNTEyLTRiOGEtOTM2YS0wNmM5Mjk2ZjA4YTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvZTc2OGJk
LWY1MTItNGI4YS05MzZhLTA2YzkyOTZmMDhhMi8xL3ByZUpzeTRXNmQwdmNGRXhH
ZHgzNm1IX0hnay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGCCsGAQUF
BwEHAQH/BE0wSzA6BAIAATA0AwQCk050MAwDBASwbzADBACwbzIwDAMEALBvOQME
BrBvAAMEAcFvCAMEAsOAEAMEAsPq1DANBAIAAjAHAwUDKgkhwDAdBggrBgEFBQcB
CAEB/wQOMAygCjAIAgJgfwICYpQwDQYJKoZIhvcNAQELBQADggEBAJciO/rHPCXj
vT+5U4WU0h+9bw0NTxBAvBBMTCXEaqq6wki//m43eLoRviuCINu2XnQTA1h8Ef9I
IzZzzB+lLAARLoJgOoCBebBwUbwmP868d0VeafDcHnqAgPzg0ADbKTNmflXtLvMV
7IV1Al1MR43H0xkQxIPmguf7tsriwph5BO39zyyg/yzDIUE4aHYTQ6hrU4RfpzIF
3kMpZOrry9rFGkRPw8jOixJaw9A8hnlNBhkDE3ECuvZWPoenuFDO2dmst7DaCmLb
EkzY8/JYm0ZVZ6tD87Ge472z8Mpogukr4r+0I3jXZ4p26aOeUgjrCNK9QbEpJVJw
HSN+Hz8EQmw=
-----END CERTIFICATE-----
Generated at Fri May 3 12:03:25 2024 by rpki-client on console-ams.rpki-client.org