Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer
File: y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer (raw, json)
Hash identifier: QLElARYaV/WD5swuJbzj9jEjcNb3dyHqzo9A5mSaqas=
Subject key identifier: CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4938BF4BE2B827ED9F88E316E8B8466
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:53 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12969
AS: 21268
AS: 31441
IP: 5.23.64.0/19
IP: 46.239.192.0/18
IP: 62.145.128.0/19
IP: 81.15.0.0/17
IP: 83.173.0.0/18
IP: 85.197.192.0/18
IP: 88.149.0.0/17
IP: 89.160.128.0/17
IP: 185.21.16.0/22
IP: 185.24.0.0/22
IP: 185.245.172.0/22
IP: 193.4.0.0 -- 193.4.57.255
IP: 193.4.60.0 -- 193.4.255.255
IP: 194.144.0.0/16
IP: 213.176.128.0/19
IP: 213.213.128.0/19
IP: 213.220.64.0/18
IP: 217.9.128.0/20
IP: 217.151.160.0/19
IP: 2a01:44c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8b:f4:be:2b:82:7e:d9:f8:8e:31:6e:8b:84:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb662ceeb726774b1b44c51ff1fc0df908bdebbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:fa:e3:42:a6:05:da:c9:f8:db:1f:72:e9:
01:3c:0d:1e:3d:45:31:ca:d7:ad:cd:ff:c3:be:20:
5c:d6:78:94:fe:4b:81:c3:46:e3:5f:df:98:77:6b:
7c:9e:50:8e:9c:fa:79:4f:e6:d1:f7:a2:3b:be:77:
a5:96:e0:fa:dc:d2:32:8c:96:3a:6d:9a:83:85:09:
c8:9b:50:2c:09:ed:b4:14:d7:97:9f:8a:fa:5c:81:
29:d8:a9:d2:7e:b3:fc:54:c2:af:fa:93:82:bc:76:
d8:a3:af:74:05:ea:da:5e:d8:17:86:b0:d7:7e:be:
08:84:57:e3:66:a7:61:9a:21:7d:bd:bd:d3:d2:7a:
80:3e:ef:4e:7f:07:36:4e:10:84:dc:69:32:36:64:
21:33:f7:f1:c0:9f:c9:b2:1f:22:d4:b8:d1:f5:a1:
3b:f7:bc:b5:ba:03:90:3e:9c:34:17:f8:c7:a8:0d:
5f:32:61:b7:9d:ed:ad:3a:c3:05:50:50:ed:21:c8:
ee:6b:2e:f7:96:e0:88:66:a5:f7:f0:74:00:a8:0d:
ba:7c:22:01:63:8a:43:c0:2f:cb:98:a2:be:a9:ed:
c8:29:76:0b:82:ee:3b:7b:98:49:4a:bc:f1:43:83:
60:d3:75:e1:ff:a4:eb:30:8c:bd:f8:93:42:4e:26:
50:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.64.0/19
46.239.192.0/18
62.145.128.0/19
81.15.0.0/17
83.173.0.0/18
85.197.192.0/18
88.149.0.0/17
89.160.128.0/17
185.21.16.0/22
185.24.0.0/22
185.245.172.0/22
193.4.0.0-193.4.57.255
193.4.60.0-193.4.255.255
194.144.0.0/16
213.176.128.0/19
213.213.128.0/19
213.220.64.0/18
217.9.128.0/20
217.151.160.0/19
IPv6:
2a01:44c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12969
21268
31441
Signature Algorithm: sha256WithRSAEncryption
6d:7d:ca:5a:f2:b0:93:ef:a9:81:20:1b:c8:9d:39:75:75:c9:
22:e0:96:34:7a:13:b9:f4:27:a8:ed:38:7a:da:19:3d:73:45:
09:0a:04:3b:64:93:49:87:96:97:eb:2e:93:bb:6f:8c:4f:67:
cc:d1:a4:40:f7:e2:45:08:74:67:ec:23:a9:c1:10:1b:7d:58:
3d:a2:0f:13:07:06:d9:ab:4c:7c:09:cd:98:fb:4b:1e:06:ed:
a6:d2:26:07:04:9d:dd:bd:1a:66:b0:38:90:f4:4c:69:29:64:
d6:f1:9e:7a:c3:2b:ed:9f:97:d7:a8:7f:58:ef:3a:a1:ee:e5:
f5:28:b0:a4:5c:4e:f9:7a:25:66:9b:1f:d0:89:b8:b8:d6:d3:
5e:2d:84:ae:9c:ce:f4:2e:14:ef:1e:71:2a:ae:4d:6b:1c:c7:
14:bf:99:01:79:f7:08:e7:d3:93:40:bc:29:b7:4d:ed:fc:28:
13:8d:d0:74:ba:1c:00:8f:db:96:eb:d3:84:93:90:11:eb:f3:
99:e4:73:c1:fb:7f:39:54:5d:b8:3d:ae:e1:26:7a:9c:a4:7c:
f2:e4:ed:4f:ef:41:2b:f3:0b:e3:6b:02:d2:c1:d2:8e:b1:72:
43:3c:b5:2c:72:cf:66:e1:9e:c6:5f:57:46:8d:93:46:2f:35:
b3:5e:74:ca
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAYzEk4v0viuCftn4jjFui4RmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY2MmNlZWI3MjY3NzRiMWI0NGM1MWZmMWZjMGRmOTA4YmRlYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJX640KmBdrJ+NsfcukBPA0ePUUx
ytetzf/DviBc1niU/kuBw0bjX9+Yd2t8nlCOnPp5T+bR96I7vnelluD63NIyjJY6
bZqDhQnIm1AsCe20FNeXn4r6XIEp2KnSfrP8VMKv+pOCvHbYo690BeraXtgXhrDX
fr4IhFfjZqdhmiF9vb3T0nqAPu9Ofwc2ThCE3GkyNmQhM/fxwJ/Jsh8i1LjR9aE7
97y1ugOQPpw0F/jHqA1fMmG3ne2tOsMFUFDtIcjuay73luCIZqX38HQAqA26fCIB
Y4pDwC/LmKK+qe3IKXYLgu47e5hJSrzxQ4Ng03Xh/6TrMIy9+JNCTiZQHQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFMtmLO63JndLG0TFH/H8DfkIveu8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzL2E5NjJh
OS1hYmZmLTQ0OTUtODZjYy1iNTZjOGNjYjI5MzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvYTk2MmE5
LWFiZmYtNDQ5NS04NmNjLWI1NmM4Y2NiMjkzNS8xL3kyWXM3cmNtZDBzYlJNVWY4
ZndOLVFpOTY3dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGqBggrBgEF
BQcBBwEB/wSBmjCBlzCBhQQCAAEwfwMEBQUXQAMEBi7vwAMEBT6RgAMEB1EPAAME
BlOtAAMEBlXFwAMEB1iVAAMEB1mggAMEArkVEAMEArkYAAMEArn1rDALAwMCwQQD
BAHBBDgwCwMEAsEEPAMDAMEEAwMAwpADBAXVsIADBAXV1YADBAbV3EADBATZCYAD
BAXZl6AwDQQCAAIwBwMFACoBRMAwIQYIKwYBBQUHAQgBAf8EEjAQoA4wDAICMqkC
AlMUAgJ60TANBgkqhkiG9w0BAQsFAAOCAQEAbX3KWvKwk++pgSAbyJ05dXXJIuCW
NHoTufQnqO04etoZPXNFCQoEO2STSYeWl+suk7tvjE9nzNGkQPfiRQh0Z+wjqcEQ
G31YPaIPEwcG2atMfAnNmPtLHgbtptImBwSd3b0aZrA4kPRMaSlk1vGeesMr7Z+X
16h/WO86oe7l9SiwpFxO+XolZpsf0Im4uNbTXi2ErpzO9C4U7x5xKq5NaxzHFL+Z
AXn3COfTk0C8KbdN7fwoE43QdLocAI/bluvThJOQEevzmeRzwft/OVRduD2u4SZ6
nKR88uTtT+9BK/ML42sC0sHSjrFyQzy1LHLPZuGexl9XRo2TRi81s150yg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:43 2024 by rpki-client on console-fra.rpki-client.org