Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
File: zRCMIl8keM1CMBeYkNByhL4WNs0.cer (raw, json)
Hash identifier: RSSKmItvZQXvi1VMvxRoFdUgOT1FSX8t6nTVN+srE7U=
Subject key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86FFD558BAA80634B0D328A03B7FAD0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:30:31 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 205960
AS: 212921
IP: 2.59.152.0/22
IP: 45.91.224.0/22
IP: 45.142.152.0/22
IP: 91.204.224.0/22
IP: 185.202.100.0/22
IP: 193.239.150.0/23
IP: 193.239.154.0/23
IP: 194.126.202.0/24
IP: 194.126.215.0/24
IP: 194.126.219.0/24
IP: 194.126.227.0/24
IP: 2a0e:1840::/29
IP: 2a0e:a0c0::/29
IP: 2a0f:aec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:fd:55:8b:aa:80:63:4b:0d:32:8a:03:b7:fa:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd108c225f2478cd4230179890d07284be1636cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:26:80:e2:ae:2b:30:fd:3a:10:ae:91:a8:f2:
e5:6d:e2:7a:c7:34:da:7c:3c:75:a3:7f:fa:1d:21:
3e:e1:cb:f6:9d:9d:cc:39:4d:ae:39:07:0d:a1:05:
5d:c3:ac:4c:f0:c3:b7:96:e9:56:3b:05:29:19:e6:
81:b2:87:da:3e:25:5a:33:16:86:bf:77:fa:5b:7e:
40:9c:62:04:9e:ca:75:b6:b9:a5:37:ac:04:98:dc:
34:60:41:fe:bd:31:f6:07:7b:bc:0e:28:cf:27:f4:
37:4b:80:df:67:46:8a:fc:c9:48:45:b6:55:35:f2:
55:df:7b:5f:ef:25:be:4d:99:f5:d0:95:6d:04:f1:
30:d9:e0:a0:33:25:7b:cd:b9:ac:d9:47:99:91:b8:
0c:d4:d0:98:fb:8e:f6:ec:26:e5:b7:1c:7e:a7:85:
9f:80:17:41:ee:83:ed:22:60:89:07:cf:2d:c2:e8:
30:2c:f0:5a:dc:c1:97:87:34:0e:01:be:de:94:cc:
bc:65:16:cd:8c:dc:35:f1:52:c7:49:c2:51:f2:54:
64:0b:51:94:6f:13:28:61:47:27:7f:e7:00:c2:98:
6f:09:66:d1:5e:d8:b0:07:cb:b4:9f:c0:81:c3:37:
5c:af:c9:6d:a5:d1:38:4a:15:f3:67:97:85:b8:56:
6f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.224.0/22
45.142.152.0/22
91.204.224.0/22
185.202.100.0/22
193.239.150.0/23
193.239.154.0/23
194.126.202.0/24
194.126.215.0/24
194.126.219.0/24
194.126.227.0/24
IPv6:
2a0e:1840::/29
2a0e:a0c0::/29
2a0f:aec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205960
212921
Signature Algorithm: sha256WithRSAEncryption
37:01:5c:11:27:35:19:5a:c1:63:30:48:1c:45:f5:e0:2c:5f:
ae:77:86:05:03:e6:90:0a:78:f3:15:73:66:44:4f:36:3f:5d:
db:5e:36:1d:17:79:6c:41:94:72:3b:62:93:2e:7d:2b:3f:6d:
97:d2:01:ef:09:4a:b0:69:af:64:17:46:be:31:f4:34:b3:33:
cf:51:c1:37:b0:18:11:f4:56:e5:c0:17:e6:c8:e2:1a:f6:23:
45:19:bd:9f:44:ef:56:70:3c:19:b7:8e:d6:6b:b8:13:bd:2d:
9a:0a:21:93:6e:9b:47:2b:a9:00:ba:8a:1b:73:05:a9:54:ff:
a1:8c:13:f4:49:ac:f3:ea:3c:3f:9b:8a:c4:f8:60:ca:3a:ec:
16:43:a6:7f:1d:f9:6e:e0:3d:55:c3:fc:d9:83:aa:bc:b3:51:
fc:6b:e9:af:3d:a6:b4:98:58:26:03:10:3e:2f:d5:dc:d4:06:
a1:da:df:91:ea:0a:3b:9b:69:9a:03:b8:1e:e7:f8:74:63:ad:
2e:72:4a:a2:0d:4f:e1:c7:fa:b8:69:70:d2:65:d1:dd:cc:8e:
a6:02:7f:91:e2:38:94:93:1e:c7:82:51:b4:e9:f8:bb:a9:26:
a5:a6:f4:75:5b:e5:e3:b5:71:8e:1a:6c:76:3e:3d:6b:d7:01:
15:b6:4a:b9
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYzIb/1Vi6qAY0sNMooDt/rQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEwOGMyMjVmMjQ3OGNkNDIzMDE3OTg5MGQwNzI4NGJlMTYzNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiaA4q4rMP06EK6RqPLlbeJ6xzTa
fDx1o3/6HSE+4cv2nZ3MOU2uOQcNoQVdw6xM8MO3lulWOwUpGeaBsofaPiVaMxaG
v3f6W35AnGIEnsp1trmlN6wEmNw0YEH+vTH2B3u8DijPJ/Q3S4DfZ0aK/MlIRbZV
NfJV33tf7yW+TZn10JVtBPEw2eCgMyV7zbms2UeZkbgM1NCY+4727Cbltxx+p4Wf
gBdB7oPtImCJB88twugwLPBa3MGXhzQOAb7elMy8ZRbNjNw18VLHScJR8lRkC1GU
bxMoYUcnf+cAwphvCWbRXtiwB8u0n8CBwzdcr8ltpdE4ShXzZ5eFuFZv5wIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFM0QjCJfJHjNQjAXmJDQcoS+FjbNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3LzM0OGNl
NS1jYTIwLTQ4NDgtODg0NC1hZTUwMjczNjgxYTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvMzQ4Y2U1
LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFhNy8xL3pSQ01JbDhrZU0xQ01CZVlr
TkJ5aEw0V05zMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHgGCCsGAQUF
BwEHAQH/BGkwZzBIBAIAATBCAwQCAjuYAwQCLVvgAwQCLY6YAwQCW8zgAwQCucpk
AwQBwe+WAwQBwe+aAwQAwn7KAwQAwn7XAwQAwn7bAwQAwn7jMBsEAgACMBUDBQMq
DhhAAwUDKg6gwAMFAyoPrsAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAySIAgMD
P7kwDQYJKoZIhvcNAQELBQADggEBADcBXBEnNRlawWMwSBxF9eAsX653hgUD5pAK
ePMVc2ZETzY/XdteNh0XeWxBlHI7YpMufSs/bZfSAe8JSrBpr2QXRr4x9DSzM89R
wTewGBH0VuXAF+bI4hr2I0UZvZ9E71ZwPBm3jtZruBO9LZoKIZNum0crqQC6ihtz
BalU/6GME/RJrPPqPD+bisT4YMo67BZDpn8d+W7gPVXD/NmDqryzUfxr6a89prSY
WCYDED4v1dzUBqHa35HqCjubaZoDuB7n+HRjrS5ySqINT+HH+rhpcNJl0d3MjqYC
f5HiOJSTHseCUbTp+LupJqWm9HVb5eO1cY4abHY+PWvXARW2Srk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:51 2024 by rpki-client on console-ams.rpki-client.org