Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/335xZknay_bqmGAjUU3-QN8afPA.cer
File: 335xZknay_bqmGAjUU3-QN8afPA.cer (raw, json)
Hash identifier: Jq3Kp/NmY7M6+9sobm2KSE/gJmG04vYmzwXD80NsvQ0=
Subject key identifier: DF:7E:71:66:49:DA:CB:F6:EA:98:60:23:51:4D:FE:40:DF:1A:7C:F0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC348CAEC8CFB725C18D107DD38642B17
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/335xZknay_bqmGAjUU3-QN8afPA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:36 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 207399
AS: 209281
IP: 185.74.223.0/24
IP: 2a04:7480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ca:ec:8c:fb:72:5c:18:d1:07:dd:38:64:2b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df7e716649dacbf6ea986023514dfe40df1a7cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:47:0e:04:76:b5:bf:31:32:38:f0:19:6b:
fb:d0:bc:84:7c:c6:d0:eb:67:70:d8:2c:e9:cd:b2:
a9:fd:16:ec:2c:13:85:c2:39:ef:e8:ff:45:63:be:
90:4f:96:94:3e:65:98:04:68:fc:76:50:f8:77:cf:
df:de:94:5f:40:7e:fe:fa:83:4a:70:18:79:73:08:
c7:cb:81:75:d9:7f:e9:20:f2:b6:d4:23:61:47:6b:
42:ac:15:e3:ff:14:74:b7:ce:a0:39:6b:b4:41:87:
71:5f:c6:5d:e3:71:0b:4b:1e:07:ed:5c:b0:ef:a3:
67:ee:a3:c9:67:45:b6:1b:18:95:ba:85:97:13:4f:
78:96:9a:01:4f:f1:e3:fc:6b:cd:70:73:10:50:6c:
0a:8f:6e:86:5d:a6:a8:cc:07:dc:1f:e7:48:e1:ce:
a9:7c:6c:d7:33:bc:c4:d8:2d:87:03:f7:4e:a4:17:
c4:73:93:a3:cc:74:cf:75:9b:ec:0f:01:e1:6f:99:
44:86:f0:4c:02:40:60:bc:7f:82:a5:6f:7c:18:5e:
6f:1a:4e:10:d0:36:6d:53:bb:cd:a0:24:c2:54:0f:
e3:43:b8:00:51:50:e8:47:33:37:d6:c3:e6:34:e9:
fb:23:d7:72:66:18:c7:f0:57:f2:15:c7:42:a0:89:
01:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7E:71:66:49:DA:CB:F6:EA:98:60:23:51:4D:FE:40:DF:1A:7C:F0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/eeb757-5040-4bfb-a35d-a66289851cd9/1/335xZknay_bqmGAjUU3-QN8afPA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.223.0/24
IPv6:
2a04:7480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
207399
209281
Signature Algorithm: sha256WithRSAEncryption
6b:47:aa:af:38:86:0f:0a:36:d5:08:f1:fd:4e:d3:b3:3d:c4:
64:5f:46:f8:06:ba:68:6f:47:ff:05:ca:2c:8b:5b:39:ba:b4:
e4:b6:08:95:3d:cc:fd:d2:6e:1a:e5:06:eb:bd:10:95:d9:5b:
d0:7e:8c:f5:1e:22:21:8b:6d:71:dd:1c:01:47:93:0e:7e:d7:
1f:7c:7c:53:7a:92:4c:64:2e:a8:eb:42:60:e8:61:02:68:87:
8e:fa:21:d3:58:ee:a1:82:f7:79:61:8e:6a:d6:ee:82:b1:1c:
94:b8:35:78:76:97:73:a1:14:f0:19:ae:4e:89:f6:d3:f3:35:
be:e8:6e:95:f6:93:b3:73:40:1a:cf:fd:b2:c7:70:31:cf:92:
25:1e:34:70:99:d4:19:39:51:2e:4f:65:96:ac:3f:05:bd:54:
38:f4:86:a8:a2:a0:47:9e:97:e1:77:d2:3d:ef:5d:c7:90:4b:
f0:59:b7:85:0d:d3:a3:78:09:48:c7:d9:4e:68:4d:82:f5:41:
72:48:16:b1:8e:f1:b4:52:3c:9b:d4:98:2f:86:78:a4:b5:04:
16:42:2d:6e:49:6a:df:d6:6d:70:50:8e:0e:f4:cd:1b:fa:3e:
34:e2:ba:7c:e8:40:13:43:75:06:b1:02:2d:a0:0d:38:c3:31:
5f:b5:ee:52
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYzDSMrsjPtyXBjRB904ZCsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdlNzE2NjQ5ZGFjYmY2ZWE5ODYwMjM1MTRkZmU0MGRmMWE3Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh5HDgR2tb8xMjjwGWv70LyEfMbQ
62dw2CzpzbKp/RbsLBOFwjnv6P9FY76QT5aUPmWYBGj8dlD4d8/f3pRfQH7++oNK
cBh5cwjHy4F12X/pIPK21CNhR2tCrBXj/xR0t86gOWu0QYdxX8Zd43ELSx4H7Vyw
76Nn7qPJZ0W2GxiVuoWXE094lpoBT/Hj/GvNcHMQUGwKj26GXaaozAfcH+dI4c6p
fGzXM7zE2C2HA/dOpBfEc5OjzHTPdZvsDwHhb5lEhvBMAkBgvH+CpW98GF5vGk4Q
0DZtU7vNoCTCVA/jQ7gAUVDoRzM31sPmNOn7I9dyZhjH8FfyFcdCoIkBUQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFN9+cWZJ2sv26phgI1FN/kDfGnzwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IyL2VlYjc1
Ny01MDQwLTRiZmItYTM1ZC1hNjYyODk4NTFjZDkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvZWViNzU3
LTUwNDAtNGJmYi1hMzVkLWE2NjI4OTg1MWNkOS8xLzMzNXhaa25heV9icW1HQWpV
VTMtUU44YWZQQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAuUrfMA0EAgACMAcDBQMqBHSAMB8GCCsGAQUF
BwEIAQH/BBAwDqAMMAoCAwMqJwIDAzGBMA0GCSqGSIb3DQEBCwUAA4IBAQBrR6qv
OIYPCjbVCPH9TtOzPcRkX0b4Brpob0f/Bcosi1s5urTktgiVPcz90m4a5QbrvRCV
2VvQfoz1HiIhi21x3RwBR5MOftcffHxTepJMZC6o60Jg6GECaIeO+iHTWO6hgvd5
YY5q1u6CsRyUuDV4dpdzoRTwGa5OifbT8zW+6G6V9pOzc0Aaz/2yx3Axz5IlHjRw
mdQZOVEuT2WWrD8FvVQ49IaooqBHnpfhd9I9713HkEvwWbeFDdOjeAlIx9lOaE2C
9UFySBaxjvG0Ujyb1JgvhniktQQWQi1uSWrf1m1wUI4O9M0b+j404rp86EATQ3UG
sQItoA04wzFfte5S
-----END CERTIFICATE-----
Generated at Wed May 22 23:41:55 2024 by rpki-client on console-ams.rpki-client.org