Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/xyCKi4W8uAfK1kE4VDJjrLIERIs.cer
File: xyCKi4W8uAfK1kE4VDJjrLIERIs.cer (raw, json)
Hash identifier: xpOojl7EuL+vUjYTpNo4qMTZ5CHilo4NQfsv0DcFQwA=
Subject key identifier: C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CE9A2F1F7B7793509120D15C6333E076D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 08 Jan 2024 15:13:39 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12715
IP: 37.11.0.0/16
IP: 37.14.0.0/15
IP: 37.35.128.0/17
IP: 37.97.124.0/22
IP: 37.132.0.0/14
IP: 62.14.0.0/15
IP: 87.216.0.0/13
IP: 95.16.0.0/13
IP: 146.158.128.0/17
IP: 185.4.188.0/22
IP: 188.76.0.0/14
IP: 212.9.64.0/19
IP: 212.106.192.0/18
IP: 213.179.96.0/19
IP: 2a02:2e00::/27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:a2:f1:f7:b7:79:35:09:12:0d:15:c6:33:3e:07:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 8 15:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7208a8b85bcb807cad64138543263acb204448b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:64:16:74:8c:96:50:08:52:7b:fe:b5:b9:d0:
c2:4e:07:6a:3c:3d:d9:37:87:03:09:f8:15:fc:d9:
1c:74:9e:88:3f:96:76:96:11:3b:b2:b1:73:75:e0:
43:04:8f:07:fc:63:10:68:4c:9a:29:7d:44:8f:16:
04:4f:03:53:02:6e:d5:1e:3a:34:19:11:f2:db:b6:
09:3d:6b:90:40:e0:d3:aa:c9:1b:a8:10:56:8a:9d:
bd:ef:02:73:c1:0b:d7:97:f8:d6:d7:37:bc:ab:27:
a7:0e:47:60:13:59:61:a2:d1:58:27:31:43:42:c4:
15:7a:2d:8f:73:43:fa:eb:bd:ce:18:89:d5:07:51:
72:cd:6b:0e:20:ab:fc:6b:78:b3:f7:17:b9:12:1c:
3f:b7:a0:30:14:ec:59:df:5b:2f:a7:0d:d0:ef:64:
a4:9d:76:b4:4f:c9:7f:92:4c:bc:b6:78:8f:a6:23:
cb:97:bc:e2:8b:35:50:f0:9b:c2:09:16:a0:bf:67:
fd:df:8e:ef:ab:20:75:6a:80:b0:de:76:5f:7f:d4:
c7:98:48:f2:9c:43:3a:13:3a:c8:76:ba:da:83:03:
f6:f0:63:84:aa:f2:14:ed:b0:f7:1b:b9:56:ed:72:
29:9b:9c:dc:05:f4:1c:93:d7:33:91:ba:8f:73:7b:
0b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:20:8A:8B:85:BC:B8:07:CA:D6:41:38:54:32:63:AC:B2:04:44:8B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/279a3a-e7a0-4065-b6d8-0f6c412cf3df/1/xyCKi4W8uAfK1kE4VDJjrLIERIs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.11.0.0/16
37.14.0.0/15
37.35.128.0/17
37.97.124.0/22
37.132.0.0/14
62.14.0.0/15
87.216.0.0/13
95.16.0.0/13
146.158.128.0/17
185.4.188.0/22
188.76.0.0/14
212.9.64.0/19
212.106.192.0/18
213.179.96.0/19
IPv6:
2a02:2e00::/27
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12715
Signature Algorithm: sha256WithRSAEncryption
8c:7c:e6:82:8b:7b:27:74:c3:d7:3c:a4:82:cf:9f:2c:59:44:
99:28:47:7e:53:32:ec:aa:4b:d8:82:0f:d7:ae:13:90:90:bc:
5f:68:5e:02:cd:16:09:f1:3c:8a:b8:3b:ed:31:e3:d5:fb:f3:
37:4b:46:a6:23:19:51:7f:39:d3:f9:b8:7b:c4:36:58:a4:e5:
5e:a2:56:52:7a:8f:d1:5c:c2:70:56:a1:3b:a3:3a:15:6d:c6:
80:33:5f:f6:bd:46:50:5e:7f:81:4d:4a:4d:ec:2b:e9:0f:39:
2b:b2:35:7b:47:2f:68:9d:d0:10:71:a1:4e:44:8c:81:3a:db:
ee:17:cc:6b:e8:9d:a7:39:f4:2d:39:78:ce:51:43:e2:c3:c5:
06:2c:5b:33:7b:62:94:50:ca:5f:18:72:6e:c8:5c:fd:f2:9e:
49:15:b6:cf:eb:a7:00:7d:4c:0a:20:40:25:8a:70:ef:9c:87:
fa:7d:55:ec:08:35:8c:35:17:20:2f:13:72:b6:94:71:a3:0e:
f4:35:00:1d:2a:41:89:56:97:7b:84:b7:1a:23:0b:a0:41:fe:
32:bf:be:1f:51:4f:05:3e:6f:cf:4a:af:5d:9f:c4:74:33:46:
26:6c:d3:f4:13:ca:74:5d:24:e4:6a:0f:ac:fb:00:9b:7d:cc:
ab:93:fd:fd
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYzpovH3t3k1CRINFcYzPgdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTA4MTUxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIwOGE4Yjg1YmNiODA3Y2FkNjQxMzg1NDMyNjNhY2IyMDQ0NDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGQWdIyWUAhSe/61udDCTgdqPD3Z
N4cDCfgV/NkcdJ6IP5Z2lhE7srFzdeBDBI8H/GMQaEyaKX1EjxYETwNTAm7VHjo0
GRHy27YJPWuQQODTqskbqBBWip297wJzwQvXl/jW1ze8qyenDkdgE1lhotFYJzFD
QsQVei2Pc0P6673OGInVB1FyzWsOIKv8a3iz9xe5Ehw/t6AwFOxZ31svpw3Q72Sk
nXa0T8l/kky8tniPpiPLl7ziizVQ8JvCCRagv2f9347vqyB1aoCw3nZff9THmEjy
nEM6EzrIdrragwP28GOEqvIU7bD3G7lW7XIpm5zcBfQck9czkbqPc3sLzwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFMcgiouFvLgHytZBOFQyY6yyBESLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcwLzI3OWEz
YS1lN2EwLTQwNjUtYjZkOC0wZjZjNDEyY2YzZGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAvMjc5YTNh
LWU3YTAtNDA2NS1iNmQ4LTBmNmM0MTJjZjNkZi8xL3h5Q0tpNFc4dUFmSzFrRTRW
REpqckxJRVJJcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF
BwEHAQH/BGYwZDBTBAIAATBNAwMAJQsDAwElDgMEByUjgAMEAiVhfAMDAiWEAwMB
Pg4DAwNX2AMDA18QAwQHkp6AAwQCuQS8AwMCvEwDBAXUCUADBAbUasADBAXVs2Aw
DQQCAAIwBwMFBSoCLgAwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICMaswDQYJKoZI
hvcNAQELBQADggEBAIx85oKLeyd0w9c8pILPnyxZRJkoR35TMuyqS9iCD9euE5CQ
vF9oXgLNFgnxPIq4O+0x49X78zdLRqYjGVF/OdP5uHvENlik5V6iVlJ6j9FcwnBW
oTujOhVtxoAzX/a9RlBef4FNSk3sK+kPOSuyNXtHL2id0BBxoU5EjIE62+4XzGvo
nac59C05eM5RQ+LDxQYsWzN7YpRQyl8Ycm7IXP3ynkkVts/rpwB9TAogQCWKcO+c
h/p9VewINYw1FyAvE3K2lHGjDvQ1AB0qQYlWl3uEtxojC6BB/jK/vh9RTwU+b89K
r12fxHQzRiZs0/QTynRdJORqD6z7AJt9zKuT/f0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:32:17 2024 by rpki-client on console-ams.rpki-client.org