Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yd1CJDGXhku0gWRh1NBlOrC6Mro.cer
File: yd1CJDGXhku0gWRh1NBlOrC6Mro.cer (raw, json)
Hash identifier: BXYmyMTYpYDgBi8F3Bg0P1yU8bUgnY/Ch7LLT7fRzZI=
Subject key identifier: C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B3760D7F4B20883BB122E25A4C020
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 198725
IP: 91.220.201.0/24
IP: 185.21.196.0/22
IP: 2a02:c280::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:37:60:d7:f4:b2:08:83:bb:12:2e:25:a4:c0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9dd42243197864bb4816461d4d0653ab0ba32ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:27:ee:bb:2f:2e:d6:9c:6e:92:4c:e7:01:a5:
43:46:1a:c8:66:9e:9f:92:c0:75:93:4a:8c:92:d5:
70:9c:29:4a:5b:70:77:2a:98:a0:8d:fe:f3:72:c6:
5e:6d:96:5c:b8:89:a2:52:2e:ef:15:43:05:7b:ed:
9d:97:0e:6a:6d:8d:45:e9:43:9d:15:8f:57:14:42:
ca:10:8b:3e:4f:16:bf:1a:fb:be:7c:91:1b:ad:26:
c5:47:3b:bb:a1:1c:76:b8:61:ff:4a:ae:b6:37:b5:
00:ee:2a:24:f8:94:14:63:76:d5:5d:fa:a6:8e:f8:
f8:36:3d:6b:8c:b2:72:91:8c:2b:08:7a:a3:8c:69:
01:f7:52:64:d4:50:8e:3a:8c:46:31:f2:d3:f9:4c:
1c:5b:8a:28:d4:9d:f6:c1:57:e5:01:7a:17:31:cd:
19:34:e7:ce:51:cd:15:92:99:da:b5:48:ec:cf:e9:
a1:e0:72:c8:bb:98:67:d6:e1:9a:20:0f:db:e5:5c:
e8:b7:61:26:09:70:ab:31:c9:9a:30:ee:e9:6d:c3:
67:a8:9d:45:6d:77:2f:3f:36:c9:7e:59:2b:6c:d5:
54:3b:c5:ce:65:f7:7f:a0:a9:05:e1:02:08:a9:4c:
9d:ff:20:fe:ea:6e:3b:90:1b:a7:29:b2:63:da:39:
b1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DD:42:24:31:97:86:4B:B4:81:64:61:D4:D0:65:3A:B0:BA:32:BA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5da15a-97a0-4a77-9bca-64a715a5f69b/1/yd1CJDGXhku0gWRh1NBlOrC6Mro.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.201.0/24
185.21.196.0/22
IPv6:
2a02:c280::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198725
Signature Algorithm: sha256WithRSAEncryption
74:bf:73:bd:9a:15:86:dc:04:ef:18:38:25:b9:21:58:6e:6b:
f6:1f:e0:09:89:82:11:9a:aa:18:ec:8d:12:ca:3e:db:21:0a:
17:bb:13:e0:a2:d0:f7:27:3d:7f:29:dd:46:10:e8:da:d1:7a:
79:60:ee:cb:5c:58:cc:b9:49:c5:e1:83:e3:0c:5d:bf:1a:f6:
45:58:35:68:20:8c:a1:6f:f1:46:28:fb:15:f5:70:e0:0c:9b:
46:a5:2c:6f:d1:63:6d:a4:d3:b0:b6:59:77:68:03:8e:cf:72:
bc:c7:9c:e1:75:ec:00:a5:c1:a5:c2:b0:a9:2e:66:9c:42:75:
36:78:a4:db:2a:9a:1d:04:fe:1f:48:18:9a:d8:78:c8:5c:f9:
b5:c2:5e:ba:ad:64:d8:b3:c3:23:96:e8:5a:28:78:43:ce:04:
c2:26:35:19:99:66:ea:a5:f2:e8:78:a9:99:a2:19:86:d7:ac:
7b:12:34:e2:e5:ff:89:4a:b1:76:0c:4b:78:23:7b:81:c5:3f:
10:77:6f:14:a2:d6:98:cc:32:f0:98:d6:f1:c2:39:f3:94:e8:
e7:15:06:9c:67:61:3c:29:92:2a:ae:03:86:98:84:e3:ba:28:
c9:61:1d:ae:be:c0:96:b7:9c:df:48:ff:b8:44:c6:b0:80:f5:
ae:46:fd:27
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzGSzdg1/SyCIO7Ei4lpMAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRkNDIyNDMxOTc4NjRiYjQ4MTY0NjFkNGQwNjUzYWIwYmEzMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyfuuy8u1pxukkznAaVDRhrIZp6f
ksB1k0qMktVwnClKW3B3Kpigjf7zcsZebZZcuImiUi7vFUMFe+2dlw5qbY1F6UOd
FY9XFELKEIs+Txa/Gvu+fJEbrSbFRzu7oRx2uGH/Sq62N7UA7iok+JQUY3bVXfqm
jvj4Nj1rjLJykYwrCHqjjGkB91Jk1FCOOoxGMfLT+UwcW4oo1J32wVflAXoXMc0Z
NOfOUc0VkpnatUjsz+mh4HLIu5hn1uGaIA/b5Vzot2EmCXCrMcmaMO7pbcNnqJ1F
bXcvPzbJflkrbNVUO8XOZfd/oKkF4QIIqUyd/yD+6m47kBunKbJj2jmxOQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMndQiQxl4ZLtIFkYdTQZTqwujK6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzVkYTE1
YS05N2EwLTRhNzctOWJjYS02NGE3MTVhNWY2OWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNWRhMTVh
LTk3YTAtNGE3Ny05YmNhLTY0YTcxNWE1ZjY5Yi8xL3lkMUNKREdYaGt1MGdXUmgx
TkJsT3JDNk1yby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAW9zJAwQCuRXEMA0EAgACMAcDBQMqAsKAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMIRTANBgkqhkiG9w0BAQsFAAOCAQEAdL9z
vZoVhtwE7xg4JbkhWG5r9h/gCYmCEZqqGOyNEso+2yEKF7sT4KLQ9yc9fyndRhDo
2tF6eWDuy1xYzLlJxeGD4wxdvxr2RVg1aCCMoW/xRij7FfVw4AybRqUsb9FjbaTT
sLZZd2gDjs9yvMec4XXsAKXBpcKwqS5mnEJ1Nnik2yqaHQT+H0gYmth4yFz5tcJe
uq1k2LPDI5boWih4Q84EwiY1GZlm6qXy6HipmaIZhtesexI04uX/iUqxdgxLeCN7
gcU/EHdvFKLWmMwy8JjW8cI585To5xUGnGdhPCmSKq4DhpiE47ooyWEdrr7Alrec
30j/uETGsID1rkb9Jw==
-----END CERTIFICATE-----
Generated at Fri May 3 07:35:53 2024 by rpki-client on console-ams.rpki-client.org