Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
File: NztHo87nmYKtsXA0HQICYCczICM.cer (raw, json)
Hash identifier: AxTsKUD9tcG3xBFVEKcZPej0CP5ni+TVanQI5A7LkNk=
Subject key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC49232CC51673DDF573C6B4AFD249E21
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:29:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 59503
AS: 61167
AS: 200568
IP: 5.159.16.0/21
IP: 2a03:45e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:32:cc:51:67:3d:df:57:3c:6b:4a:fd:24:9e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=373b47a3cee79982adb170341d02026027332023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:2c:c8:39:db:4d:a8:bc:69:bb:b3:39:b1:
03:b0:02:c5:69:12:05:ab:85:33:61:c7:a9:7e:04:
79:50:bf:4a:59:17:f1:0a:d6:65:e5:8f:5e:e1:3a:
78:de:b2:59:10:a8:6f:e0:06:82:13:ab:1c:21:62:
6b:b8:ce:9d:d3:b2:4b:70:21:b3:4e:20:0d:d4:f1:
5c:35:53:48:69:0e:19:49:c3:f9:b1:fd:27:ad:55:
1f:77:7d:77:5a:67:7d:d5:fd:ec:d8:6b:e7:10:bc:
a5:90:38:71:0f:be:9f:4f:de:36:58:75:dd:67:37:
18:4c:6f:e5:02:ad:f1:63:e3:49:f2:77:f7:8c:d2:
a6:5b:5b:bf:c5:d8:8d:35:d5:28:ae:3e:ff:57:4c:
81:8c:d7:69:3f:ed:7c:41:0d:46:e1:2a:2d:8f:30:
1c:15:43:3d:c5:73:85:42:ed:35:c8:91:86:e2:4e:
b9:36:f3:38:06:c0:29:05:94:78:49:f1:54:4c:90:
53:47:a3:f8:31:c7:65:5f:6a:7f:fa:a5:72:a6:a4:
43:46:7c:60:2e:52:97:bd:d7:84:53:23:2d:d8:70:
12:50:c6:75:d5:e3:bd:a1:92:da:e1:64:ba:e2:f3:
b6:ec:5b:ec:52:6b:75:71:49:0a:5c:49:db:31:36:
57:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.16.0/21
IPv6:
2a03:45e0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59503
61167
200568
Signature Algorithm: sha256WithRSAEncryption
7f:e9:f0:e6:a6:7d:b5:82:89:69:7e:02:46:a3:f4:a5:72:ed:
34:bd:12:bd:d0:06:44:fc:b2:db:d6:2e:f7:a2:be:47:3a:12:
40:ac:d4:69:48:79:46:08:67:3a:ea:49:6e:21:9e:63:ec:10:
84:52:6a:01:a5:18:0e:ed:25:e3:1e:4d:43:51:44:2c:df:b2:
33:d7:26:ae:eb:ed:62:f8:7c:77:49:d5:d3:34:47:c9:df:c4:
06:0b:aa:10:ab:49:17:ee:3c:f2:d2:7b:27:b7:eb:66:f5:28:
0e:eb:e9:b7:1e:45:48:90:64:1c:67:c4:53:1c:fa:10:64:b4:
f2:ef:8d:cf:39:3f:e9:58:00:68:27:4e:8d:f1:16:af:9a:b1:
9d:fb:38:44:a8:91:08:be:a6:b8:e5:4d:95:fa:e8:56:46:50:
21:5a:9c:78:65:a7:fc:42:1d:fb:e8:51:ec:19:d8:4e:07:56:
80:30:1a:de:e5:92:37:6c:0b:8d:d5:2a:9e:30:bc:99:dc:dc:
83:a0:e6:90:73:24:57:ee:99:05:e4:2a:8f:7d:89:24:d8:80:
2c:77:32:41:9d:1c:25:33:44:f6:f7:aa:ec:75:56:c5:51:d3:
c2:17:99:81:24:06:db:c2:52:1e:35:6a:19:1f:84:32:96:7f:
f8:98:bc:51
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYzEkjLMUWc931c8a0r9JJ4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzNiNDdhM2NlZTc5OTgyYWRiMTcwMzQxZDAyMDI2MDI3MzMyMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneYsyDnbTai8abuzObEDsALFaRIF
q4UzYcepfgR5UL9KWRfxCtZl5Y9e4Tp43rJZEKhv4AaCE6scIWJruM6d07JLcCGz
TiAN1PFcNVNIaQ4ZScP5sf0nrVUfd313Wmd91f3s2GvnELylkDhxD76fT942WHXd
ZzcYTG/lAq3xY+NJ8nf3jNKmW1u/xdiNNdUorj7/V0yBjNdpP+18QQ1G4SotjzAc
FUM9xXOFQu01yJGG4k65NvM4BsApBZR4SfFUTJBTR6P4McdlX2p/+qVypqRDRnxg
LlKXvdeEUyMt2HASUMZ11eO9oZLa4WS64vO27FvsUmt1cUkKXEnbMTZXgwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFDc7R6PO55mCrbFwNB0CAmAnMyAjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0LzdjMmEx
NS1hYzRkLTQ2NGEtYTc3ZS0zMmY5YTI4MmY1NmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQvN2MyYTE1
LWFjNGQtNDY0YS1hNzdlLTMyZjlhMjgyZjU2Yy8xL056dEhvODdubVlLdHNYQTBI
UUlDWUNjeklDTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDBZ8QMA0EAgACMAcDBQAqA0XgMCQGCCsGAQUF
BwEIAQH/BBUwE6ARMA8CAwDobwIDAO7vAgMDD3gwDQYJKoZIhvcNAQELBQADggEB
AH/p8OamfbWCiWl+Akaj9KVy7TS9Er3QBkT8stvWLveivkc6EkCs1GlIeUYIZzrq
SW4hnmPsEIRSagGlGA7tJeMeTUNRRCzfsjPXJq7r7WL4fHdJ1dM0R8nfxAYLqhCr
SRfuPPLSeye362b1KA7r6bceRUiQZBxnxFMc+hBktPLvjc85P+lYAGgnTo3xFq+a
sZ37OESokQi+prjlTZX66FZGUCFanHhlp/xCHfvoUewZ2E4HVoAwGt7lkjdsC43V
Kp4wvJnc3IOg5pBzJFfumQXkKo99iSTYgCx3MkGdHCUzRPb3qux1VsVR08IXmYEk
BtvCUh41ahkfhDKWf/iYvFE=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:28:01 2024 by rpki-client on console-ams.rpki-client.org