Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
File: yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer (raw, json)
Hash identifier: tFb+TjD42DdWJzJf3Squ13FhtJozPdGLaahjVMPRp7s=
Subject key identifier: CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DC0FF07F0C716A30AED874D49C6893
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 197064
IP: 151.248.56.0/21
IP: 178.23.104.0/21
IP: 185.24.196.0/22
IP: 2a02:2408::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0f:f0:7f:0c:71:6a:30:ae:d8:74:d4:9c:68:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c9:bd:8b:23:58:e7:5b:2c:aa:5c:c5:f1:1d:
d7:93:15:d3:fa:bb:1e:6a:1b:61:8d:a2:28:49:6c:
2b:1c:5b:43:96:ac:03:5c:d0:ea:b6:3a:2d:cc:ee:
f5:1f:f7:88:2c:08:fb:a2:40:b3:dc:78:d1:1d:e2:
7f:ad:ef:6e:cc:14:67:95:a1:8a:b1:6e:f6:2b:f7:
0a:77:67:8f:1a:e9:f1:58:e7:f1:5c:ec:f3:bb:cb:
03:1b:4c:d0:1f:8c:59:56:c2:e4:65:4d:f4:b8:d7:
29:4f:76:85:f5:e1:c9:37:86:31:23:51:d0:3d:86:
76:3c:19:db:49:14:8c:0f:18:26:c4:c7:37:11:1f:
c6:64:c5:fa:cb:00:50:58:d7:f4:89:60:a7:b9:6a:
4f:73:66:7f:1f:d0:03:4e:22:0e:cf:cf:66:ad:e3:
fa:d7:68:83:6a:f3:9e:bb:d3:8b:b4:5b:94:45:13:
cf:4d:ce:43:b4:62:32:8a:23:43:27:e3:da:0e:07:
73:68:3d:90:a5:a8:f9:df:70:01:67:ed:3c:e7:25:
6f:4b:8c:52:7e:e1:c5:ef:49:61:75:69:19:f3:61:
0b:ac:11:7a:48:bd:82:37:f1:47:5b:58:97:90:0b:
3b:01:ad:dc:cd:11:01:91:84:4e:99:b0:7d:60:02:
bc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.56.0/21
178.23.104.0/21
185.24.196.0/22
IPv6:
2a02:2408::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197064
Signature Algorithm: sha256WithRSAEncryption
44:18:98:db:b7:91:c3:fc:b2:54:f8:48:6c:e2:31:18:cb:f2:
5e:ea:68:38:ff:8f:59:4e:96:dc:48:2a:f7:fd:9d:70:32:95:
83:e1:c3:6c:ca:23:be:d0:56:9b:bd:1c:6d:9b:12:c7:f6:aa:
46:8e:e1:f2:04:45:d4:c1:3c:7c:eb:b3:3f:2e:4d:bd:23:25:
f9:e4:94:2b:1e:e4:2b:49:48:f7:13:09:62:93:50:9c:6d:65:
bb:b6:aa:08:7e:79:60:88:56:f7:d4:aa:bd:f9:69:ec:1c:f6:
b8:96:06:e9:c8:09:e1:47:af:6e:d1:44:54:9c:aa:dd:c4:f8:
1a:99:12:db:38:c4:af:08:98:c3:af:f3:35:4c:af:97:96:f9:
5c:f2:1d:5c:66:a6:e1:01:97:a0:c2:4c:53:0a:e6:d1:34:95:
40:4d:05:e1:d9:fc:88:80:2e:fb:0f:4f:ff:b2:00:01:fe:38:
10:5c:87:12:7c:d3:a7:b1:56:22:4d:c2:21:49:0e:69:45:55:
4b:30:81:dd:aa:72:6b:64:0d:d3:46:50:c5:42:0a:c9:29:69:
4a:71:80:f4:3a:2a:f6:a5:aa:09:d4:81:b6:8c:62:f7:a3:19:
3c:0d:b9:ce:f1:c7:a8:54:40:a9:cd:df:28:be:be:7a:04:eb:
f4:10:de:1c
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzF3A/wfwxxajCu2HTUnGiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJjYzdjZTQyZTc5YzM1MWFjN2QyOGY2NDVkZTdmNTkzOGFjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcm9iyNY51ssqlzF8R3XkxXT+rse
ahthjaIoSWwrHFtDlqwDXNDqtjotzO71H/eILAj7okCz3HjRHeJ/re9uzBRnlaGK
sW72K/cKd2ePGunxWOfxXOzzu8sDG0zQH4xZVsLkZU30uNcpT3aF9eHJN4YxI1HQ
PYZ2PBnbSRSMDxgmxMc3ER/GZMX6ywBQWNf0iWCnuWpPc2Z/H9ADTiIOz89mreP6
12iDavOeu9OLtFuURRPPTc5DtGIyiiNDJ+PaDgdzaD2Qpaj533ABZ+085yVvS4xS
fuHF70lhdWkZ82ELrBF6SL2CN/FHW1iXkAs7Aa3czREBkYROmbB9YAK8eQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFMssx85C55w1GsfSj2Rd5/WTisycMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IwLzkwYzQw
My1lNmU5LTQxZTAtYjE1Ny03ODFkOGZiMWQyZmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAvOTBjNDAz
LWU2ZTktNDFlMC1iMTU3LTc4MWQ4ZmIxZDJmYi8xL3l5ekh6a0xubkRVYXg5S1Ba
RjNuOVpPS3pKdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDl/g4AwQDshdoAwQCuRjEMA0EAgACMAcDBQAq
AiQIMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMByDANBgkqhkiG9w0BAQsFAAOC
AQEARBiY27eRw/yyVPhIbOIxGMvyXupoOP+PWU6W3Egq9/2dcDKVg+HDbMojvtBW
m70cbZsSx/aqRo7h8gRF1ME8fOuzPy5NvSMl+eSUKx7kK0lI9xMJYpNQnG1lu7aq
CH55YIhW99Sqvflp7Bz2uJYG6cgJ4UevbtFEVJyq3cT4GpkS2zjErwiYw6/zNUyv
l5b5XPIdXGam4QGXoMJMUwrm0TSVQE0F4dn8iIAu+w9P/7IAAf44EFyHEnzTp7FW
Ik3CIUkOaUVVSzCB3apya2QN00ZQxUIKySlpSnGA9Doq9qWqCdSBtoxi96MZPA25
zvHHqFRAqc3fKL6+egTr9BDeHA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:52 2024 by rpki-client on console-fra.rpki-client.org