Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.cer
File: yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.cer (raw, json)
Hash identifier: /uVBgYpXxbqKcxatUNygbRijXlXAQKghJQ71vdhFSx8=
Subject key identifier: CA:18:3A:66:91:30:9A:79:D6:E6:60:5B:0D:5C:11:E3:FF:7E:91:94
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC803014AF9F4CE4EC1EDF536BA336C0C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:31:29 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 130.192.0.0 -- 130.192.95.255
IP: 130.192.160.0/21
IP: 130.192.176.0/20
IP: 130.192.224.0/20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:01:4a:f9:f4:ce:4e:c1:ed:f5:36:ba:33:6c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca183a6691309a79d6e6605b0d5c11e3ff7e9194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2a:7f:0f:4f:91:92:41:5c:38:1d:e1:85:ea:
70:12:4c:27:b5:a2:2f:19:6d:95:1c:aa:25:0f:f6:
17:9c:3f:e4:eb:4e:2e:eb:70:6e:59:99:79:30:e0:
54:76:5a:db:24:cd:ca:f5:60:41:c2:ad:e9:a8:0e:
c6:3b:ee:c3:3b:b8:90:80:c6:1e:bd:05:4a:0e:4d:
d2:62:0e:d2:43:6a:f2:36:85:7a:b2:1c:9c:e6:26:
a9:c2:28:42:52:23:89:d6:a0:eb:67:02:65:89:13:
e5:d5:1e:70:5c:4f:92:15:60:8a:75:ce:8a:05:f7:
06:43:d8:22:46:12:33:8e:a1:aa:e9:55:6e:d7:1b:
41:f5:bd:58:6d:46:9c:c2:5f:25:c9:a2:4b:5a:d4:
0b:38:57:28:67:b6:c0:76:30:95:d4:e4:f3:6a:36:
f6:da:7a:57:45:ef:5e:6a:7d:6e:3e:0c:6f:3a:c3:
06:b8:e3:c3:35:1f:c8:60:a4:95:e2:93:8b:22:6d:
eb:39:fc:31:d2:c4:d2:17:c9:7f:4d:c9:ff:46:16:
dc:05:d5:a6:d3:ef:fe:f6:2b:0c:e2:f6:3c:c3:34:
7d:6b:6d:b2:b1:c4:78:a6:85:27:5e:f2:27:ba:c5:
09:34:d6:1c:69:9e:ea:0c:24:2f:0d:38:97:d0:d1:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:18:3A:66:91:30:9A:79:D6:E6:60:5B:0D:5C:11:E3:FF:7E:91:94
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0774bb-3b0b-4f47-b151-19e708469cee/1/yhg6ZpEwmnnW5mBbDVwR4_9-kZQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.192.0.0-130.192.95.255
130.192.160.0/21
130.192.176.0/20
130.192.224.0/20
Signature Algorithm: sha256WithRSAEncryption
93:cb:2a:9b:25:3f:bc:b1:48:b9:1b:24:22:cd:83:18:fb:32:
15:84:b5:87:df:b5:94:b2:52:9b:84:ec:10:f3:fb:df:ce:fb:
fa:3e:8b:23:c6:8f:60:67:67:5e:a5:30:4e:66:9e:f6:4e:46:
54:fc:f6:fc:34:51:59:fc:de:52:aa:a9:51:9a:09:bb:52:6d:
61:96:93:a1:b5:f4:c4:57:de:c4:c1:be:28:12:4c:83:b0:04:
7d:d5:43:97:8f:b0:8c:56:00:c7:f5:05:de:6c:94:49:d2:dd:
29:8f:e5:f8:6c:d7:4c:7b:56:c2:98:ab:5d:9d:b4:79:c5:13:
2d:b7:03:1b:2a:71:59:20:89:a6:72:d6:02:3b:37:bb:32:fb:
5c:5c:71:1a:23:0c:1c:11:cd:2e:ce:6a:df:36:3b:fe:84:69:
f0:b5:11:85:53:41:e8:19:f9:5a:58:24:4f:ca:e2:fd:10:d8:
8d:45:9e:9f:7f:c3:3a:88:b8:29:82:46:f7:82:1e:03:36:6c:
7e:4b:64:f0:97:fc:65:af:5d:c3:9a:61:c0:af:e9:94:6f:a6:
6a:43:2b:46:92:a2:24:d3:f3:8b:29:02:ef:ce:c8:c4:12:da:
f3:8e:33:2e:31:19:3f:25:db:bc:0b:97:90:fb:88:e1:04:03:
95:4f:08:a8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYzIAwFK+fTOTsHt9Ta6M2wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE4M2E2NjkxMzA5YTc5ZDZlNjYwNWIwZDVjMTFlM2ZmN2U5MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyp/D0+RkkFcOB3hhepwEkwntaIv
GW2VHKolD/YXnD/k604u63BuWZl5MOBUdlrbJM3K9WBBwq3pqA7GO+7DO7iQgMYe
vQVKDk3SYg7SQ2ryNoV6shyc5iapwihCUiOJ1qDrZwJliRPl1R5wXE+SFWCKdc6K
BfcGQ9giRhIzjqGq6VVu1xtB9b1YbUacwl8lyaJLWtQLOFcoZ7bAdjCV1OTzajb2
2npXRe9ean1uPgxvOsMGuOPDNR/IYKSV4pOLIm3rOfwx0sTSF8l/Tcn/RhbcBdWm
0+/+9isM4vY8wzR9a22yscR4poUnXvInusUJNNYcaZ7qDCQvDTiX0NEL5wIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFMoYOmaRMJp51uZgWw1cEeP/fpGUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJlLzA3NzRi
Yi0zYjBiLTRmNDctYjE1MS0xOWU3MDg0NjljZWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUvMDc3NGJi
LTNiMGItNGY0Ny1iMTUxLTE5ZTcwODQ2OWNlZS8xL3loZzZacEV3bW5uVzVtQmJE
VndSNF85LWtaUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzAlBAIAATAfMAsDAwaCwAMEBYLAQAMEA4LAoAMEBILAsAMEBILA
4DANBgkqhkiG9w0BAQsFAAOCAQEAk8sqmyU/vLFIuRskIs2DGPsyFYS1h9+1lLJS
m4TsEPP73877+j6LI8aPYGdnXqUwTmae9k5GVPz2/DRRWfzeUqqpUZoJu1JtYZaT
obX0xFfexMG+KBJMg7AEfdVDl4+wjFYAx/UF3myUSdLdKY/l+GzXTHtWwpirXZ20
ecUTLbcDGypxWSCJpnLWAjs3uzL7XFxxGiMMHBHNLs5q3zY7/oRp8LURhVNB6Bn5
WlgkT8ri/RDYjUWen3/DOoi4KYJG94IeAzZsfktk8Jf8Za9dw5phwK/plG+makMr
RpKiJNPziykC787IxBLa844zLjEZPyXbvAuXkPuI4QQDlU8IqA==
-----END CERTIFICATE-----
Generated at Fri May 3 02:20:25 2024 by rpki-client on console-ams.rpki-client.org