Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/sDHiyoJMqNVWJAanAhrjwToUJdg.cer
File: sDHiyoJMqNVWJAanAhrjwToUJdg.cer (raw, json)
Hash identifier: gRidz5RiyHCSL16M30Z5JQSPRkUstQ1e7lrgozaxaBM=
Subject key identifier: B0:31:E2:CA:82:4C:A8:D5:56:24:06:A7:02:1A:E3:C1:3A:14:25:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC79445350A718821F7A6CEF9C33D9AC9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/99/b7b933-7e80-4b37-a285-130e4dc015ab/1/sDHiyoJMqNVWJAanAhrjwToUJdg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/99/b7b933-7e80-4b37-a285-130e4dc015ab/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:32 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 206901
IP: 185.72.140.0/22
IP: 2a03:3fa0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:45:35:0a:71:88:21:f7:a6:ce:f9:c3:3d:9a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b031e2ca824ca8d5562406a7021ae3c13a1425d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:22:e4:9c:35:ff:31:e8:97:4b:df:49:65:34:
bb:71:a4:0c:f7:37:e6:3f:f3:e9:b4:a3:00:d4:7a:
07:cf:35:d1:d0:16:bb:15:ed:c5:5d:34:c4:a4:09:
16:b3:95:18:91:52:43:1d:39:df:a5:36:ca:fd:26:
1e:15:3e:eb:45:95:2b:62:59:c9:72:6f:42:c5:40:
79:b0:2a:e0:6c:33:e8:9c:75:28:11:21:52:d2:a9:
b5:db:d7:ae:27:5e:b0:e7:1a:72:70:47:2a:eb:bd:
d2:16:30:a7:73:2a:67:54:a5:9b:15:33:a9:b5:29:
92:53:99:82:ac:db:10:f6:57:a9:14:b4:ee:1a:d9:
e4:2b:e6:96:ff:5b:c9:85:36:89:41:1b:07:e2:29:
66:92:2b:0c:a8:70:09:72:96:75:57:c5:a6:57:f2:
90:6b:c9:b3:11:fd:76:c7:bb:9b:b6:d9:bd:c9:f3:
af:13:94:ff:a7:22:7a:ef:1f:5a:b1:b7:3d:ff:a8:
74:d8:34:13:19:ab:00:37:c8:76:fd:d9:e3:b7:35:
c1:43:ad:a9:97:5a:4c:ef:a0:ae:51:bb:e0:de:ff:
8e:57:c8:58:29:50:44:f5:11:ea:f6:a2:11:fa:70:
81:be:78:af:7b:66:4d:01:67:0c:7c:42:88:1a:35:
5b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:31:E2:CA:82:4C:A8:D5:56:24:06:A7:02:1A:E3:C1:3A:14:25:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b7b933-7e80-4b37-a285-130e4dc015ab/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b7b933-7e80-4b37-a285-130e4dc015ab/1/sDHiyoJMqNVWJAanAhrjwToUJdg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.140.0/22
IPv6:
2a03:3fa0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206901
Signature Algorithm: sha256WithRSAEncryption
05:62:c8:8f:e5:86:72:49:cb:ef:1f:e3:ab:f2:0e:f5:c1:0f:
df:ef:01:26:58:0b:6c:45:dd:8e:d4:39:56:5c:f2:b5:6f:e1:
d6:b7:93:b3:0a:8a:5d:ea:89:ff:56:04:47:77:cb:9b:96:97:
92:ff:0c:f8:82:13:0f:ca:35:ce:e5:ca:91:69:d2:84:51:99:
99:82:c4:15:a9:07:c2:b3:e7:99:2b:55:a5:b6:a1:87:d2:ab:
6c:6f:db:6f:ba:36:0f:34:eb:81:e7:81:a3:50:e4:2d:d2:de:
c2:37:af:8e:5e:ca:71:ff:3a:85:a5:b7:e3:e1:8f:72:4e:42:
53:99:1d:a9:79:94:fa:9c:1d:45:66:98:d5:ce:33:91:4e:73:
68:23:5a:ac:9c:4d:73:c2:7f:90:8e:fd:8e:ce:49:44:b3:6a:
fe:29:3b:cf:2d:5b:f4:24:4d:65:9e:71:16:b0:16:45:40:18:
6e:0c:61:03:02:d9:82:ac:f2:b0:49:0c:1c:fa:a5:b8:73:c1:
c0:10:19:ea:6f:d5:f4:7e:a1:d7:1b:7c:83:e2:d1:c6:58:1c:
61:d4:1d:68:bb:8d:f5:e2:25:1f:1d:c7:85:41:95:da:61:5e:
42:18:05:4f:95:13:fe:d6:56:58:fe:27:6a:21:ba:ba:28:e0:
82:5d:8b:87
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHlEU1CnGIIfemzvnDPZrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDMxZTJjYTgyNGNhOGQ1NTYyNDA2YTcwMjFhZTNjMTNhMTQyNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CLknDX/MeiXS99JZTS7caQM9zfm
P/PptKMA1HoHzzXR0Ba7Fe3FXTTEpAkWs5UYkVJDHTnfpTbK/SYeFT7rRZUrYlnJ
cm9CxUB5sCrgbDPonHUoESFS0qm129euJ16w5xpycEcq673SFjCncypnVKWbFTOp
tSmSU5mCrNsQ9lepFLTuGtnkK+aW/1vJhTaJQRsH4ilmkisMqHAJcpZ1V8WmV/KQ
a8mzEf12x7ubttm9yfOvE5T/pyJ67x9asbc9/6h02DQTGasAN8h2/dnjtzXBQ62p
l1pM76CuUbvg3v+OV8hYKVBE9RHq9qIR+nCBvnive2ZNAWcMfEKIGjVbuwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLAx4sqCTKjVViQGpwIa48E6FCXYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5L2I3Yjkz
My03ZTgwLTRiMzctYTI4NS0xMzBlNGRjMDE1YWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvYjdiOTMz
LTdlODAtNGIzNy1hMjg1LTEzMGU0ZGMwMTVhYi8xL3NESGl5b0pNcU5WV0pBYW5B
aHJqd1RvVUpkZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuUiMMA0EAgACMAcDBQAqAz+gMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMoNTANBgkqhkiG9w0BAQsFAAOCAQEABWLIj+WGcknL
7x/jq/IO9cEP3+8BJlgLbEXdjtQ5VlzytW/h1reTswqKXeqJ/1YER3fLm5aXkv8M
+IITD8o1zuXKkWnShFGZmYLEFakHwrPnmStVpbahh9KrbG/bb7o2DzTrgeeBo1Dk
LdLewjevjl7Kcf86haW34+GPck5CU5kdqXmU+pwdRWaY1c4zkU5zaCNarJxNc8J/
kI79js5JRLNq/ik7zy1b9CRNZZ5xFrAWRUAYbgxhAwLZgqzysEkMHPqluHPBwBAZ
6m/V9H6h1xt8g+LRxlgcYdQdaLuN9eIlHx3HhUGV2mFeQhgFT5UT/tZWWP4naiG6
uijggl2Lhw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:47:16 2024 by rpki-client on console-fra.rpki-client.org