Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
File: zrhpg1RxEzWbreHz84EECR46ZDk.cer (raw, json)
Hash identifier: e1TK+ThyNanSp655K+TG1LPbLN9X1nXM6RFMLohmrZU=
Subject key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0192286D8496AD8D656F58C23FE5C9BA7981
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 25 Sep 2024 09:05:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8612
IP: 82.84.0.0/15
IP: 84.220.0.0/15
IP: 94.32.0.0/14
IP: 94.199.8.0/21
IP: 185.38.136.0/22
IP: 193.43.2.0/24
IP: 193.43.3.180 -- 193.43.3.255
IP: 193.207.24.0 -- 193.207.255.255
IP: 195.130.224.0/19
IP: 212.123.64.0/19
IP: 213.205.0.0/18
IP: 217.73.208.0/21
IP: 217.133.0.0/16
IP: 2a00:c680::/32
IP: 2a01:7d0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:6d:84:96:ad:8d:65:6f:58:c2:3f:e5:c9:ba:79:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Sep 25 09:05:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceb86983547113359bade1f3f38104091e3a6439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:dc:ad:fe:2d:3c:69:16:83:a6:63:91:cb:
86:73:56:ad:36:a8:81:3c:0c:55:23:d2:5c:93:0d:
f4:f8:f6:f7:ce:b1:fc:99:79:8f:93:eb:ba:d4:fd:
64:16:c3:b5:b2:11:97:0e:cf:4a:f0:27:41:89:a3:
2f:e5:85:3b:ea:97:4d:f6:8d:fb:f7:f5:ba:e5:dd:
54:89:8f:40:bf:f7:55:18:f6:0e:20:3f:dc:53:e4:
bd:0d:f8:33:33:1c:b6:62:d6:eb:96:56:4a:c2:db:
a6:6c:b7:77:cd:d8:57:8a:eb:b9:4c:d4:a5:bc:54:
dd:6f:df:7f:59:89:e1:41:03:1a:69:94:46:75:7a:
45:68:44:59:a4:99:2b:e6:08:c9:bf:a9:00:c5:a7:
c6:27:46:b9:97:3e:b2:49:e7:82:5f:3a:b3:dc:a6:
1b:3f:95:be:68:0f:8e:8f:58:88:85:45:7f:5d:c2:
c1:f3:3e:4a:96:d7:d4:3d:9d:cb:0e:bb:08:0d:cf:
aa:4c:15:05:e5:9a:a2:df:78:8c:05:ac:eb:38:97:
eb:31:f4:8f:81:b9:4a:6c:85:3f:b8:96:09:34:0f:
09:f5:48:cd:8a:31:a5:71:26:dc:0d:2c:18:3c:f2:
0a:82:c6:24:04:3b:f9:07:bb:a2:60:ce:73:e9:a4:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/14
94.199.8.0/21
185.38.136.0/22
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/21
217.133.0.0/16
IPv6:
2a00:c680::/32
2a01:7d0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8612
Signature Algorithm: sha256WithRSAEncryption
13:66:22:4c:a5:92:ff:79:44:e0:ea:48:07:4f:70:f1:98:0a:
c9:c3:00:2d:8c:92:c4:65:1d:e3:b2:19:4b:19:72:55:a7:fd:
9f:9b:8d:f0:aa:d9:43:99:d3:ca:99:12:0d:08:6c:77:fc:61:
59:dd:32:74:56:42:92:24:59:15:bd:4b:9c:68:36:63:e9:9f:
36:3a:d6:6c:93:0b:d3:5c:4a:49:11:75:9b:6b:ec:01:c1:e6:
e7:90:0b:6c:1f:38:5b:10:01:d1:15:ce:5f:76:31:e9:48:fd:
72:4a:2d:d5:c4:2b:c7:b5:8a:93:08:19:21:26:fd:2a:bc:11:
04:c8:ae:32:8c:37:19:0c:77:44:9d:dc:3f:3a:23:44:c3:57:
a2:e9:d7:4c:ae:3e:2a:43:32:dd:dd:2f:3a:3d:b0:c6:a1:f8:
0f:88:eb:a8:45:c1:79:d3:db:eb:de:80:51:b7:34:96:ee:06:
16:5c:25:b9:4f:10:69:91:5e:8a:46:0e:d5:d7:51:48:02:d1:
4d:40:86:89:0a:51:9b:5d:89:aa:95:51:88:c6:b4:f9:3f:39:
22:13:26:f6:17:34:07:5c:70:6b:54:c9:89:81:f7:7a:60:1f:
a3:99:aa:69:0c:64:c1:ea:70:df:35:1f:6e:25:77:97:95:e6:
67:26:30:6e
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZIobYSWrY1lb1jCP+XJunmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwOTI1MDkwNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqDcrf4tPGkWg6ZjkcuGc1atNqiB
PAxVI9Jckw30+Pb3zrH8mXmPk+u61P1kFsO1shGXDs9K8CdBiaMv5YU76pdN9o37
9/W65d1UiY9Av/dVGPYOID/cU+S9DfgzMxy2YtbrllZKwtumbLd3zdhXiuu5TNSl
vFTdb99/WYnhQQMaaZRGdXpFaERZpJkr5gjJv6kAxafGJ0a5lz6ySeeCXzqz3KYb
P5W+aA+Oj1iIhUV/XcLB8z5KltfUPZ3LDrsIDc+qTBUF5Zqi33iMBazrOJfrMfSP
gblKbIU/uJYJNA8J9UjNijGlcSbcDSwYPPIKgsYkBDv5B7uiYM5z6aRx6QIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFM64aYNUcRM1m63h8/OBBAkeOmQ5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxL2YzNTM5
ZC0zOGNkLTQ2NWUtYTU3ZC1kZWUyZjY1MGRkODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvZjM1Mzlk
LTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpXYnJlSHo4
NEVFQ1I0NlpEay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGJBggrBgEF
BQcBBwEB/wR6MHgwYAQCAAEwWgMDAVJUAwMBVNwDAwJeIAMEA17HCAMEArkmiAME
AMErAjANAwUCwSsDtAMEAsErADALAwQDwc8YAwMEwcADBAXDguADBAXUe0ADBAbV
zQADBAPZSdADAwDZhTAUBAIAAjAOAwUAKgDGgAMFACoBB9AwGQYIKwYBBQUHAQgB
Af8ECjAIoAYwBAICIaQwDQYJKoZIhvcNAQELBQADggEBABNmIkylkv95RODqSAdP
cPGYCsnDAC2MksRlHeOyGUsZclWn/Z+bjfCq2UOZ08qZEg0IbHf8YVndMnRWQpIk
WRW9S5xoNmPpnzY61myTC9NcSkkRdZtr7AHB5ueQC2wfOFsQAdEVzl92MelI/XJK
LdXEK8e1ipMIGSEm/Sq8EQTIrjKMNxkMd0Sd3D86I0TDV6Lp10yuPipDMt3dLzo9
sMah+A+I66hFwXnT2+vegFG3NJbuBhZcJblPEGmRXopGDtXXUUgC0U1AhokKUZtd
iaqVUYjGtPk/OSITJvYXNAdccGtUyYmB93pgH6OZqmkMZMHqcN81H24ld5eV5mcm
MG4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:49:36 2024 by rpki-client on console-fra.rpki-client.org