Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zZY90B7IDenhOMneRKNtSPBrk_0.cer
File: zZY90B7IDenhOMneRKNtSPBrk_0.cer (raw, json)
Hash identifier: Lifsby2nGJ6rRfUTsXRIu58UZ6eM+PrKw2HLlpnSvkQ=
Subject key identifier: CD:96:3D:D0:1E:C8:0D:E9:E1:38:C9:DE:44:A3:6D:48:F0:6B:93:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC94E604BDF592D03F8D0535AA7BB4F4A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/zZY90B7IDenhOMneRKNtSPBrk_0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 08:33:26 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 141.98.209.0/24
IP: 2a12:96c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:60:4b:df:59:2d:03:f8:d0:53:5a:a7:bb:4f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd963dd01ec80de9e138c9de44a36d48f06b93fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:a7:d5:dc:07:22:50:24:2d:a6:6d:7b:c2:
b4:8c:e1:89:9f:44:05:d7:cc:5e:22:70:8c:de:3c:
55:a5:16:d8:bd:c8:cd:24:fe:00:3c:d8:83:32:ec:
2b:7a:6a:31:df:3b:c0:cf:6c:03:db:83:39:9a:8c:
c1:bc:c9:4e:c6:5d:ad:da:e8:b8:73:21:ab:fa:d2:
e6:c5:f8:b0:58:ed:73:6b:64:80:b8:3a:ab:99:47:
30:6f:41:5d:c2:e4:d0:58:58:27:49:c5:61:37:39:
22:b9:07:94:76:fa:39:75:31:8c:51:6c:80:ef:70:
77:b9:96:c8:7e:f8:34:f3:c4:9c:e1:79:82:3f:b5:
26:99:5c:1a:e6:f4:fe:13:f8:97:e8:80:28:51:5f:
60:ee:92:91:a3:38:df:f3:5c:42:d0:9b:55:7d:99:
dc:16:b7:1d:7e:69:b6:95:ce:e4:46:56:b2:ce:cb:
33:3b:5f:cb:b8:4a:41:df:09:a9:3c:84:85:ed:9b:
eb:b8:7e:8f:37:8c:5d:b5:53:94:f7:0d:84:a5:34:
17:22:05:b2:d3:df:34:56:3f:fe:bf:3d:7e:28:e0:
24:56:4a:e6:8e:76:85:af:63:d7:af:f1:4e:de:cf:
6d:a6:8d:f0:3e:b1:25:65:59:fe:05:4c:23:14:41:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:96:3D:D0:1E:C8:0D:E9:E1:38:C9:DE:44:A3:6D:48:F0:6B:93:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e403aa-7fa5-4d96-b49f-6cf165239bd9/1/zZY90B7IDenhOMneRKNtSPBrk_0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.209.0/24
IPv6:
2a12:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:6c:e6:57:1a:e3:54:49:92:15:93:07:ef:79:b7:89:71:a7:
ff:8f:af:55:19:2d:21:10:f2:18:e1:4a:b8:14:be:46:00:77:
58:f5:72:a8:58:b6:fd:5b:70:d9:d3:e0:df:6f:7a:94:58:34:
b0:51:3f:91:67:cb:59:1f:51:51:fa:41:5c:4c:f4:17:b9:35:
a8:3f:4d:46:c6:68:12:3b:10:5c:dd:a3:d5:4f:69:fd:c5:45:
68:2b:54:bb:bd:6f:92:f5:75:55:36:3d:a6:71:86:98:3e:51:
b8:8d:a2:db:a9:4b:d9:d9:7c:e9:93:68:c0:26:49:ec:91:4c:
a0:ae:da:75:14:0e:b5:43:4f:b4:00:a6:7b:e7:ee:27:67:48:
aa:5b:18:4a:c2:f8:eb:61:0e:ff:b2:cf:6d:61:45:19:58:61:
6c:cb:2e:56:fe:99:f8:12:4f:b2:3f:37:a3:b1:41:9b:1d:02:
1b:5c:05:ff:4c:12:66:d8:6b:7a:72:1f:92:e8:75:97:d6:12:
9a:a8:62:97:77:84:b6:53:69:63:cf:d3:18:62:cf:6a:87:d3:
3c:7e:ba:98:ac:f2:69:e7:a2:78:63:2c:28:aa:c3:db:0c:9a:
59:33:54:d9:87:dc:65:50:14:94:86:16:07:03:27:10:c1:ac:
22:bd:b0:b1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzJTmBL31ktA/jQU1qnu09KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDk2M2RkMDFlYzgwZGU5ZTEzOGM5ZGU0NGEzNmQ0OGYwNmI5M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNWn1dwHIlAkLaZte8K0jOGJn0QF
18xeInCM3jxVpRbYvcjNJP4APNiDMuwremox3zvAz2wD24M5mozBvMlOxl2t2ui4
cyGr+tLmxfiwWO1za2SAuDqrmUcwb0FdwuTQWFgnScVhNzkiuQeUdvo5dTGMUWyA
73B3uZbIfvg088Sc4XmCP7UmmVwa5vT+E/iX6IAoUV9g7pKRozjf81xC0JtVfZnc
Frcdfmm2lc7kRlayzsszO1/LuEpB3wmpPISF7ZvruH6PN4xdtVOU9w2EpTQXIgWy
0980Vj/+vz1+KOAkVkrmjnaFr2PXr/FO3s9tpo3wPrElZVn+BUwjFEET/wIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFM2WPdAeyA3p4TjJ3kSjbUjwa5P9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhiL2U0MDNh
YS03ZmE1LTRkOTYtYjQ5Zi02Y2YxNjUyMzliZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIvZTQwM2Fh
LTdmYTUtNGQ5Ni1iNDlmLTZjZjE2NTIzOWJkOS8xL3paWTkwQjdJRGVuaE9NbmVS
S050U1BCcmtfMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAjWLRMA0EAgACMAcDBQMqEpbAMA0GCSqGSIb3
DQEBCwUAA4IBAQAnbOZXGuNUSZIVkwfvebeJcaf/j69VGS0hEPIY4Uq4FL5GAHdY
9XKoWLb9W3DZ0+Dfb3qUWDSwUT+RZ8tZH1FR+kFcTPQXuTWoP01GxmgSOxBc3aPV
T2n9xUVoK1S7vW+S9XVVNj2mcYaYPlG4jaLbqUvZ2Xzpk2jAJknskUygrtp1FA61
Q0+0AKZ75+4nZ0iqWxhKwvjrYQ7/ss9tYUUZWGFsyy5W/pn4Ek+yPzejsUGbHQIb
XAX/TBJm2Gt6ch+S6HWX1hKaqGKXd4S2U2ljz9MYYs9qh9M8frqYrPJp56J4Yywo
qsPbDJpZM1TZh9xlUBSUhhYHAycQwawivbCx
-----END CERTIFICATE-----
Generated at Tue Nov 26 01:04:09 2024 by rpki-client on console-ams.rpki-client.org