Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer
File: qQYfL0mm16-epna60D3xzi9QJg0.cer (raw, json)
Hash identifier: KnR/SD+ppGUeovN+AvSr6h5VDAISCNJbNMfgTY2AFAg=
Subject key identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4935AD96A23AF4ABAEF536061F6D38B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:40 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 29056
IP: 37.143.176.0/20
IP: 85.237.0.0/19
IP: 91.143.96.0/20
IP: 109.73.144.0/20
IP: 185.15.236.0/22
IP: 185.220.252.0/22
IP: 185.222.128.0/22
IP: 185.225.144.0/22
IP: 185.228.128.0/22
IP: 185.233.144.0/22
IP: 185.236.72.0/22
IP: 193.46.248.0/24
IP: 217.29.144.0/20
IP: 2a02:758::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5a:d9:6a:23:af:4a:ba:ef:53:60:61:f6:d3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:d9:22:cb:d5:c7:69:99:ac:77:22:c5:74:
89:f5:97:10:8c:f7:28:27:b9:86:ce:f4:eb:44:05:
22:b8:e1:de:94:8c:11:8c:6b:52:56:06:d6:1d:18:
32:79:96:2b:e6:b0:69:37:f8:bf:f4:e8:ec:10:3c:
2a:4a:91:c9:42:67:20:10:2e:29:bc:54:b0:c8:b4:
03:41:7c:88:3a:17:6a:90:22:72:87:60:9b:02:00:
f7:31:ba:f8:79:cc:50:a3:17:ca:60:ad:79:ca:a0:
e4:4d:46:77:b4:17:10:9a:04:bf:23:50:d0:5c:67:
d8:e4:18:14:b9:08:38:5f:42:fc:dc:a8:8b:12:f2:
41:e9:18:b9:48:d1:90:97:5f:25:f4:46:16:58:67:
d2:4e:85:50:1d:1c:8a:76:3b:1d:31:e9:9a:24:f3:
b3:51:25:12:39:6b:f0:e5:b8:e8:a5:27:65:b8:10:
b6:1c:ef:b5:43:8d:d8:85:cf:2b:67:ae:3c:28:70:
cd:5d:9f:d5:ab:fa:03:19:4d:cf:5d:62:0e:12:08:
4d:6c:c5:5c:f4:f9:d0:cb:67:dd:ce:f2:4f:c6:43:
2b:6e:f5:3b:3d:5e:88:89:68:22:6a:f4:22:0b:b3:
7a:f7:a8:89:07:57:07:7e:e4:46:19:0b:19:38:67:
75:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.176.0/20
85.237.0.0/19
91.143.96.0/20
109.73.144.0/20
185.15.236.0/22
185.220.252.0/22
185.222.128.0/22
185.225.144.0/22
185.228.128.0/22
185.233.144.0/22
185.236.72.0/22
193.46.248.0/24
217.29.144.0/20
IPv6:
2a02:758::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29056
Signature Algorithm: sha256WithRSAEncryption
55:b7:df:28:15:9d:bc:b9:25:0a:ea:f4:e1:c7:c1:fa:80:ec:
04:a5:23:44:64:88:a2:4a:74:71:03:89:d4:68:99:d0:d0:8b:
0c:0e:c1:11:9a:9c:75:03:80:40:8b:d3:1f:a7:14:e9:2b:af:
fa:ed:16:92:2a:33:1c:1e:54:32:36:77:6a:fa:c7:b3:8f:a7:
4f:ce:6c:28:31:6c:4d:53:df:12:c9:f4:b0:1d:28:b0:7e:00:
d0:1f:36:4b:cb:24:46:f1:b6:98:14:75:d4:0e:ee:b8:a1:c9:
7d:3a:15:63:c6:ce:9a:97:c2:9e:7b:89:91:49:d1:d0:c0:e6:
da:52:07:9b:e7:e0:ac:90:cf:3d:a4:4e:7b:69:22:32:3a:3f:
1e:aa:6d:38:60:6f:17:5d:11:8d:f3:20:9b:ef:ee:21:0d:50:
6f:dd:3a:90:3c:1c:95:ae:3f:32:fc:36:3e:61:97:92:36:ff:
0c:d4:a8:4d:3c:d9:2a:1a:3f:a9:d2:01:d9:af:9b:63:98:d6:
11:4c:aa:ad:2b:d4:a9:8a:27:01:57:da:b7:a4:80:4b:9e:50:
98:65:e6:2c:d7:d9:06:db:42:12:c4:4c:bc:65:01:20:23:45:
aa:3c:ce:88:cd:4a:23:e4:83:87:7e:4c:b3:e4:7b:12:5a:8c:
06:8e:1a:50
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAYzEk1rZaiOvSrrvU2Bh9tOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2MWYyZjQ5YTZkN2FmOWVhNjc2YmFkMDNkZjFjZTJmNTAyNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWPZIsvVx2mZrHcixXSJ9ZcQjPco
J7mGzvTrRAUiuOHelIwRjGtSVgbWHRgyeZYr5rBpN/i/9OjsEDwqSpHJQmcgEC4p
vFSwyLQDQXyIOhdqkCJyh2CbAgD3Mbr4ecxQoxfKYK15yqDkTUZ3tBcQmgS/I1DQ
XGfY5BgUuQg4X0L83KiLEvJB6Ri5SNGQl18l9EYWWGfSToVQHRyKdjsdMemaJPOz
USUSOWvw5bjopSdluBC2HO+1Q43Yhc8rZ648KHDNXZ/Vq/oDGU3PXWIOEghNbMVc
9PnQy2fdzvJPxkMrbvU7PV6IiWgiavQiC7N696iJB1cHfuRGGQsZOGd1TQIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFKkGHy9JptevnqZ2utA98c4vUCYNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4L2JhOWJl
MS0xZmEyLTQyNTMtYmYwMS1mNmMyNjg2MTJmYzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvYmE5YmUx
LTFmYTItNDI1My1iZjAxLWY2YzI2ODYxMmZjNy8xL3FRWWZMMG1tMTYtZXBuYTYw
RDN4emk5UUpnMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHYGCCsGAQUF
BwEHAQH/BGcwZTBUBAIAATBOAwQEJY+wAwQFVe0AAwQEW49gAwQEbUmQAwQCuQ/s
AwQCudz8AwQCud6AAwQCueGQAwQCueSAAwQCuemQAwQCuexIAwQAwS74AwQE2R2Q
MA0EAgACMAcDBQAqAgdYMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnGAMA0GCSqG
SIb3DQEBCwUAA4IBAQBVt98oFZ28uSUK6vThx8H6gOwEpSNEZIiiSnRxA4nUaJnQ
0IsMDsERmpx1A4BAi9MfpxTpK6/67RaSKjMcHlQyNndq+sezj6dPzmwoMWxNU98S
yfSwHSiwfgDQHzZLyyRG8baYFHXUDu64ocl9OhVjxs6al8Kee4mRSdHQwObaUgeb
5+CskM89pE57aSIyOj8eqm04YG8XXRGN8yCb7+4hDVBv3TqQPByVrj8y/DY+YZeS
Nv8M1KhNPNkqGj+p0gHZr5tjmNYRTKqtK9SpiicBV9q3pIBLnlCYZeYs19kG20IS
xEy8ZQEgI0WqPM6IzUoj5IOHfkyz5HsSWowGjhpQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:04:14 2024 by rpki-client on console-ams.rpki-client.org