Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
File: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer (raw, json)
Hash identifier: o3uLkXj08ZiOcyhX4hk1AUmRsiMc3Q5pygFPu5PFRsI=
Subject key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CF8F43124FFB6A659C8FC5A83CE065D40
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 11 Jan 2024 14:36:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.47.165.0/24
IP: 193.168.130.0/24
IP: 193.176.233.0/24
IP: 194.104.225.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:f4:31:24:ff:b6:a6:59:c8:fc:5a:83:ce:06:5d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 11 14:36:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:e3:31:e5:b7:d9:f9:4e:fb:c1:e1:07:13:
94:16:08:0c:c4:db:d0:61:80:50:7b:f9:2a:4f:67:
88:47:3c:bf:82:5e:42:45:74:75:38:b9:16:71:e4:
88:05:d7:3b:60:ae:da:46:7b:a9:cd:b9:b4:a8:8f:
8b:3f:65:40:7b:aa:96:dc:e9:07:e1:8d:ba:8c:1a:
8d:50:d5:19:f0:56:08:cc:c0:b0:06:59:00:e8:7a:
9d:78:48:0e:4d:66:95:14:54:ab:e5:d1:b5:c6:a7:
ac:07:b3:30:a2:d5:2a:ca:f2:c2:2d:ce:8c:99:d9:
1b:fa:b5:a8:28:53:bc:b9:1c:ae:81:bd:b5:24:72:
47:4a:5d:f2:fa:05:18:f9:9c:73:77:f0:a9:59:e5:
2a:fb:37:87:dd:18:66:14:0d:30:b3:13:01:16:57:
1f:a6:7d:04:2a:a2:2f:c9:be:39:ee:ee:0d:62:66:
b1:0a:bf:c8:a0:d7:27:e8:34:73:a3:1b:1d:76:cd:
b2:3f:ac:63:13:a7:67:b4:4b:c0:d2:12:48:96:47:
bb:7b:bf:57:d8:92:71:66:ae:71:fc:d7:59:4b:d1:
42:14:2b:71:81:fb:2e:05:14:9a:29:8d:d7:3d:9a:
fe:05:28:5a:4f:44:8b:f1:40:cb:ab:8f:c2:83:3a:
d4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.165.0/24
193.168.130.0/24
193.176.233.0/24
194.104.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9d:4e:03:ca:c9:fd:25:b8:64:41:1f:11:27:18:e7:74:2b:
80:48:72:52:4e:07:f3:d1:e3:60:60:e9:68:46:79:da:e6:60:
cc:f2:4b:a5:b8:dc:73:c0:23:26:f3:1e:7c:b1:7e:f1:33:d2:
81:42:9f:59:8f:d8:cb:1f:dc:1f:5e:ac:c9:7a:24:df:23:f8:
66:dd:c5:56:d3:82:f0:a7:5f:a2:10:65:d7:78:eb:d5:53:31:
07:29:0d:8a:fc:eb:9c:47:d7:bc:17:63:01:be:23:34:37:15:
54:86:62:75:6e:3e:ab:42:ab:95:22:a8:4b:c0:4e:d4:f5:8e:
72:c9:a5:85:53:f1:bc:0e:46:cb:ac:a3:5c:0d:05:92:d9:21:
54:2f:44:1d:cc:c7:f1:c1:86:b3:07:ba:a1:f8:da:08:eb:fa:
5d:df:df:90:f5:d8:37:ce:f5:c4:05:a3:12:02:f1:00:62:24:
2d:d5:48:e6:98:0a:76:a1:75:81:53:07:c5:cb:6d:61:fc:d7:
2d:97:a6:15:1e:85:14:51:06:ff:01:aa:18:a9:be:0f:2e:a0:
ad:32:bc:6f:6e:f9:f6:53:05:cd:0e:d5:54:e8:bd:4b:fe:67:
e5:5a:31:8d:8e:81:3e:f3:92:be:c4:8c:f6:e2:c1:8e:7b:cf:
83:39:21:4c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYz49DEk/7amWcj8WoPOBl1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTExMTQzNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZlMGNjMzE0M2Y5OWM1ZTU1ODM2YTNmZjZjMGI2NmZjMjBjNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskvjMeW32flO+8HhBxOUFggMxNvQ
YYBQe/kqT2eIRzy/gl5CRXR1OLkWceSIBdc7YK7aRnupzbm0qI+LP2VAe6qW3OkH
4Y26jBqNUNUZ8FYIzMCwBlkA6HqdeEgOTWaVFFSr5dG1xqesB7MwotUqyvLCLc6M
mdkb+rWoKFO8uRyugb21JHJHSl3y+gUY+Zxzd/CpWeUq+zeH3RhmFA0wsxMBFlcf
pn0EKqIvyb457u4NYmaxCr/IoNcn6DRzoxsdds2yP6xjE6dntEvA0hJIlke7e79X
2JJxZq5x/NdZS9FCFCtxgfsuBRSaKY3XPZr+BShaT0SL8UDLq4/CgzrUjwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U2L2M0MGRi
NS04YzdiLTQwYjItYjE0MC0yNjMxOTQ5NmQ3ZGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYvYzQwZGI1
LThjN2ItNDBiMi1iMTQwLTI2MzE5NDk2ZDdkZS8xLzJmNE13eFFfbWNYbFdEYWpf
MndMWnZ3Z3hOVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQAuS+lAwQAwaiCAwQAwbDpAwQAwmjhMA0GCSqG
SIb3DQEBCwUAA4IBAQB6nU4Dysn9JbhkQR8RJxjndCuASHJSTgfz0eNgYOloRnna
5mDM8kuluNxzwCMm8x58sX7xM9KBQp9Zj9jLH9wfXqzJeiTfI/hm3cVW04Lwp1+i
EGXXeOvVUzEHKQ2K/OucR9e8F2MBviM0NxVUhmJ1bj6rQquVIqhLwE7U9Y5yyaWF
U/G8DkbLrKNcDQWS2SFUL0QdzMfxwYazB7qh+NoI6/pd39+Q9dg3zvXEBaMSAvEA
YiQt1UjmmAp2oXWBUwfFy21h/Nctl6YVHoUUUQb/AaoYqb4PLqCtMrxvbvn2UwXN
DtVU6L1L/mflWjGNjoE+85K+xIz24sGOe8+DOSFM
-----END CERTIFICATE-----
Generated at Mon Jun 3 20:01:02 2024 by rpki-client on console-fra.rpki-client.org