Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
File: zrhpg1RxEzWbreHz84EECR46ZDk.cer (raw, json)
Hash identifier: Fje/kKatls9ei8J5P9gz4U0bjVrKXABY/0f4Ap5c/+8=
Subject key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D7D6B6F89176E869F3F5741C57063DC27
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 06 Feb 2024 07:56:49 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 8612
AS: 48291
IP: 82.84.0.0/15
IP: 84.220.0.0/15
IP: 94.32.0.0/14
IP: 94.199.8.0/21
IP: 185.38.136.0/22
IP: 193.43.2.0/24
IP: 193.43.3.180 -- 193.43.3.255
IP: 193.207.24.0 -- 193.207.255.255
IP: 195.130.224.0/19
IP: 212.123.64.0/19
IP: 213.205.0.0/18
IP: 217.73.208.0/21
IP: 217.133.0.0/16
IP: 2a00:c680::/32
IP: 2a01:7d0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:6b:6f:89:17:6e:86:9f:3f:57:41:c5:70:63:dc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 6 07:56:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceb86983547113359bade1f3f38104091e3a6439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:dc:ad:fe:2d:3c:69:16:83:a6:63:91:cb:
86:73:56:ad:36:a8:81:3c:0c:55:23:d2:5c:93:0d:
f4:f8:f6:f7:ce:b1:fc:99:79:8f:93:eb:ba:d4:fd:
64:16:c3:b5:b2:11:97:0e:cf:4a:f0:27:41:89:a3:
2f:e5:85:3b:ea:97:4d:f6:8d:fb:f7:f5:ba:e5:dd:
54:89:8f:40:bf:f7:55:18:f6:0e:20:3f:dc:53:e4:
bd:0d:f8:33:33:1c:b6:62:d6:eb:96:56:4a:c2:db:
a6:6c:b7:77:cd:d8:57:8a:eb:b9:4c:d4:a5:bc:54:
dd:6f:df:7f:59:89:e1:41:03:1a:69:94:46:75:7a:
45:68:44:59:a4:99:2b:e6:08:c9:bf:a9:00:c5:a7:
c6:27:46:b9:97:3e:b2:49:e7:82:5f:3a:b3:dc:a6:
1b:3f:95:be:68:0f:8e:8f:58:88:85:45:7f:5d:c2:
c1:f3:3e:4a:96:d7:d4:3d:9d:cb:0e:bb:08:0d:cf:
aa:4c:15:05:e5:9a:a2:df:78:8c:05:ac:eb:38:97:
eb:31:f4:8f:81:b9:4a:6c:85:3f:b8:96:09:34:0f:
09:f5:48:cd:8a:31:a5:71:26:dc:0d:2c:18:3c:f2:
0a:82:c6:24:04:3b:f9:07:bb:a2:60:ce:73:e9:a4:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/14
94.199.8.0/21
185.38.136.0/22
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/21
217.133.0.0/16
IPv6:
2a00:c680::/32
2a01:7d0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
8612
48291
Signature Algorithm: sha256WithRSAEncryption
5a:d3:fa:a4:e8:1e:6d:25:bc:7e:ab:84:c8:ec:ac:9b:17:53:
c1:c1:94:5b:70:47:10:22:a9:bd:a7:bc:78:c3:2d:d7:60:de:
ab:99:79:b0:82:48:47:9b:16:fa:42:b7:c9:87:35:26:a2:ad:
16:07:af:53:13:73:ff:3f:54:88:c8:bc:7e:8c:06:34:7c:b3:
31:34:64:44:76:46:f4:df:a0:10:7f:78:92:35:9c:d9:1e:b7:
27:d6:cc:7b:9b:19:8f:2c:13:ca:f5:36:66:3f:90:c1:b2:ce:
73:a6:0e:ad:dd:24:65:9a:ae:87:45:da:b2:4c:b1:9d:7d:35:
ee:38:88:97:33:0d:9d:47:a8:7c:4b:88:70:ba:7a:e2:28:ab:
c9:1a:86:f1:81:30:62:bf:ca:99:c7:97:22:bd:ee:d4:c7:c6:
60:78:43:0b:4d:5e:c6:73:52:49:45:96:de:7f:e2:71:3b:18:
5d:86:90:2d:b6:81:5f:81:bc:aa:6f:83:bd:2d:02:cf:56:4a:
b6:ba:70:43:21:a7:eb:82:92:ce:83:3f:6b:61:89:03:87:7d:
ad:35:af:83:94:aa:62:d2:27:00:53:97:fd:1c:58:ce:17:9a:
7a:7e:e0:28:41:e8:0b:7e:27:a5:86:77:f1:c1:91:e3:b1:1d:
39:e5:1a:2e
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAY19a2+JF26Gnz9XQcVwY9wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjA2MDc1NjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqDcrf4tPGkWg6ZjkcuGc1atNqiB
PAxVI9Jckw30+Pb3zrH8mXmPk+u61P1kFsO1shGXDs9K8CdBiaMv5YU76pdN9o37
9/W65d1UiY9Av/dVGPYOID/cU+S9DfgzMxy2YtbrllZKwtumbLd3zdhXiuu5TNSl
vFTdb99/WYnhQQMaaZRGdXpFaERZpJkr5gjJv6kAxafGJ0a5lz6ySeeCXzqz3KYb
P5W+aA+Oj1iIhUV/XcLB8z5KltfUPZ3LDrsIDc+qTBUF5Zqi33iMBazrOJfrMfSP
gblKbIU/uJYJNA8J9UjNijGlcSbcDSwYPPIKgsYkBDv5B7uiYM5z6aRx6QIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFM64aYNUcRM1m63h8/OBBAkeOmQ5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxL2YzNTM5
ZC0zOGNkLTQ2NWUtYTU3ZC1kZWUyZjY1MGRkODYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvZjM1Mzlk
LTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpXYnJlSHo4
NEVFQ1I0NlpEay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGJBggrBgEF
BQcBBwEB/wR6MHgwYAQCAAEwWgMDAVJUAwMBVNwDAwJeIAMEA17HCAMEArkmiAME
AMErAjANAwUCwSsDtAMEAsErADALAwQDwc8YAwMEwcADBAXDguADBAXUe0ADBAbV
zQADBAPZSdADAwDZhTAUBAIAAjAOAwUAKgDGgAMFACoBB9AwHgYIKwYBBQUHAQgB
Af8EDzANoAswCQICIaQCAwC8ozANBgkqhkiG9w0BAQsFAAOCAQEAWtP6pOgebSW8
fquEyOysmxdTwcGUW3BHECKpvae8eMMt12Deq5l5sIJIR5sW+kK3yYc1JqKtFgev
UxNz/z9UiMi8fowGNHyzMTRkRHZG9N+gEH94kjWc2R63J9bMe5sZjywTyvU2Zj+Q
wbLOc6YOrd0kZZquh0XaskyxnX017jiIlzMNnUeofEuIcLp64iiryRqG8YEwYr/K
mceXIr3u1MfGYHhDC01exnNSSUWW3n/icTsYXYaQLbaBX4G8qm+DvS0Cz1ZKtrpw
QyGn64KSzoM/a2GJA4d9rTWvg5SqYtInAFOX/RxYzheaen7gKEHoC34npYZ38cGR
47EdOeUaLg==
-----END CERTIFICATE-----
Generated at Fri May 3 03:52:23 2024 by rpki-client on console-fra.rpki-client.org