Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer
File: yri42pzNTSYbcq2gNKCHVmWmRIc.cer (raw, json)
Hash identifier: BKIC2AqzSkVh/+g+g0ThQDgA1aSmnivZtaOcq1GWcC0=
Subject key identifier: CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8013085650E1D6C0D85D03A841DD7D5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:30 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 209492
IP: 171.22.84.0/22
IP: 2a09:3c40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:30:85:65:0e:1d:6c:0d:85:d0:3a:84:1d:d7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cab8b8da9ccd4d261b72ada034a0875665a64487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:34:d1:5d:5b:89:25:30:4b:1f:28:e6:cc:56:
f1:c0:6d:29:8a:ea:d6:ac:d7:64:63:f8:f1:0a:1a:
20:9b:8d:72:8a:4b:6e:83:ce:2d:56:fa:41:90:2b:
44:50:70:5a:7a:8d:20:79:b4:e9:83:40:73:28:eb:
f8:69:f1:b6:d7:4d:b8:69:49:42:5c:d5:69:bc:0b:
14:9c:ae:a8:ab:d4:ae:bc:48:d3:04:e5:f9:ce:75:
b7:4a:ba:e1:d0:a6:9e:3c:b1:cb:91:2e:e8:86:69:
d2:ab:4e:e7:59:93:23:33:22:50:d0:5f:75:b8:38:
65:f7:c4:82:6b:d7:4d:0e:7d:fe:b5:b0:a9:8d:87:
39:19:b9:9e:95:c7:50:2b:a1:ae:33:8d:c9:f1:2c:
9d:5c:f4:31:17:d9:2e:14:96:05:79:7f:12:23:27:
96:18:c0:68:2f:7d:49:0a:d6:63:cd:69:a0:8a:aa:
79:fd:bb:46:11:25:74:7b:a9:cd:16:24:a8:d1:17:
66:28:81:5f:24:28:77:32:db:53:28:d6:e7:27:22:
95:24:78:6a:56:40:4f:7e:ee:ed:aa:d9:16:ca:ec:
c5:8d:58:69:c3:19:b6:de:28:fc:6b:34:bf:d1:aa:
93:89:ed:a0:47:2a:c2:8d:1f:7d:cd:cc:2b:1a:3e:
ae:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.84.0/22
IPv6:
2a09:3c40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209492
Signature Algorithm: sha256WithRSAEncryption
36:f4:32:95:62:34:0e:7f:99:51:c6:74:07:ed:dc:3b:8f:fb:
91:a8:98:06:9e:80:44:3b:47:06:29:96:b4:bd:24:32:e1:46:
be:a3:3a:ec:96:a1:c0:32:c5:6a:b7:4b:7a:db:06:7e:b4:41:
4c:89:ec:1b:ca:33:df:8f:82:eb:3b:ca:b7:bf:ed:4a:c7:87:
9c:59:5b:de:5e:a6:f1:56:8f:d9:e5:98:0f:fc:ca:15:4c:a5:
6b:c2:eb:69:61:f2:50:36:ed:cc:77:11:b3:83:8c:14:88:22:
d0:e5:78:b1:32:76:48:08:d1:79:93:ed:4f:9e:31:5d:cc:47:
45:9c:73:3b:42:60:f6:69:35:5a:88:eb:07:41:57:55:f0:e3:
f8:45:34:e1:1b:12:a8:32:08:df:5d:02:dd:5f:f7:59:ab:61:
a1:16:b8:a1:1f:66:01:38:93:37:6e:0e:63:9f:7a:1e:99:cb:
05:05:2e:6f:32:c5:00:77:8d:97:64:94:b8:e0:05:2d:a8:a6:
6b:23:76:83:34:86:58:81:33:b5:71:3e:ef:26:f0:86:72:ee:
3e:4a:50:6b:28:63:4e:b5:0f:e9:80:54:43:b8:5d:75:e7:5f:
7a:18:c8:74:e4:4f:72:03:11:e3:41:5b:fb:4b:80:f1:33:b4:
ad:69:e8:75
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIATCFZQ4dbA2F0DqEHdfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI4YjhkYTljY2Q0ZDI2MWI3MmFkYTAzNGEwODc1NjY1YTY0NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DTRXVuJJTBLHyjmzFbxwG0piurW
rNdkY/jxChogm41yiktug84tVvpBkCtEUHBaeo0gebTpg0BzKOv4afG21024aUlC
XNVpvAsUnK6oq9SuvEjTBOX5znW3Srrh0KaePLHLkS7ohmnSq07nWZMjMyJQ0F91
uDhl98SCa9dNDn3+tbCpjYc5GbmelcdQK6GuM43J8SydXPQxF9kuFJYFeX8SIyeW
GMBoL31JCtZjzWmgiqp5/btGESV0e6nNFiSo0RdmKIFfJCh3MttTKNbnJyKVJHhq
VkBPfu7tqtkWyuzFjVhpwxm23ij8azS/0aqTie2gRyrCjR99zcwrGj6ugwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMq4uNqczU0mG3KtoDSgh1ZlpkSHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2RiNDFj
OS1lOGEwLTRmOTAtYTBkNS04ODc1MDljNDYwMmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZGI0MWM5
LWU4YTAtNGY5MC1hMGQ1LTg4NzUwOWM0NjAyYS8xL3lyaTQycHpOVFNZYmNxMmdO
S0NIVm1XbVJJYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCqxZUMA0EAgACMAcDBQMqCTxAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMyVDANBgkqhkiG9w0BAQsFAAOCAQEANvQylWI0Dn+Z
UcZ0B+3cO4/7kaiYBp6ARDtHBimWtL0kMuFGvqM67JahwDLFardLetsGfrRBTIns
G8oz34+C6zvKt7/tSseHnFlb3l6m8VaP2eWYD/zKFUyla8LraWHyUDbtzHcRs4OM
FIgi0OV4sTJ2SAjReZPtT54xXcxHRZxzO0Jg9mk1WojrB0FXVfDj+EU04RsSqDII
310C3V/3WathoRa4oR9mATiTN24OY596HpnLBQUubzLFAHeNl2SUuOAFLaimayN2
gzSGWIEztXE+7ybwhnLuPkpQayhjTrUP6YBUQ7hddedfehjIdORPcgMR40Fb+0uA
8TO0rWnodQ==
-----END CERTIFICATE-----
Generated at Fri May 3 08:27:23 2024 by rpki-client on console-fra.rpki-client.org