Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/s5HsSXtk1hEkn95Zel7ofpM31e4.cer
File: s5HsSXtk1hEkn95Zel7ofpM31e4.cer (raw, json)
Hash identifier: QB1FPeX1XKUKmBVhumP+Whp2IatDN/wbQrZLmykBLM4=
Subject key identifier: B3:91:EC:49:7B:64:D6:11:24:9F:DE:59:7A:5E:E8:7E:93:37:D5:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D6C4BA5A7DCCE3D27E606E8AF8100E5C1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/s5HsSXtk1hEkn95Zel7ofpM31e4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 03 Feb 2024 00:08:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 210893
IP: 31.41.250.0/24
IP: 2a11:2c80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6c:4b:a5:a7:dc:ce:3d:27:e6:06:e8:af:81:00:e5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 3 00:08:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b391ec497b64d611249fde597a5ee87e9337d5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:97:83:d9:31:1e:a0:8b:14:28:17:c6:25:
40:08:75:1c:8e:c3:29:5a:29:f9:37:c1:2d:01:1f:
4a:d1:7c:91:4d:27:c9:96:20:43:e7:14:32:03:44:
ed:81:21:9d:35:0a:4f:79:ff:6a:0a:b4:04:39:b3:
a3:3f:24:73:91:7a:e6:4b:a4:4f:8f:1f:19:f7:76:
c5:db:3d:84:f8:f8:89:89:f1:30:01:58:25:b7:90:
81:16:a5:50:36:5f:6a:e9:47:cd:71:61:e3:70:9c:
bc:95:cc:18:6e:06:df:f3:f5:24:d0:99:61:21:e3:
9a:a7:79:ab:5c:e4:45:3e:10:d9:70:9c:60:68:c7:
4d:ac:ac:ea:13:43:cd:bd:46:19:46:93:75:00:36:
08:ad:ac:71:13:73:0d:07:e1:55:5b:19:2a:8e:ef:
fd:41:b1:eb:43:6b:91:46:91:11:e2:ab:0d:47:4f:
c6:6b:c7:7f:db:8c:e2:aa:cd:9f:83:12:16:60:4a:
c0:4b:23:ca:c8:23:b1:f9:47:2f:77:45:41:d2:da:
93:e0:f9:df:77:0c:f6:db:ec:ed:4f:1e:ad:26:25:
58:7c:c1:47:d4:84:ef:11:cc:77:82:14:2a:9f:31:
72:5b:d3:62:49:74:7c:75:d1:31:09:58:7f:ea:b9:
b9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:91:EC:49:7B:64:D6:11:24:9F:DE:59:7A:5E:E8:7E:93:37:D5:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/s5HsSXtk1hEkn95Zel7ofpM31e4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.250.0/24
IPv6:
2a11:2c80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
210893
Signature Algorithm: sha256WithRSAEncryption
04:23:26:0f:72:f8:5d:ad:ff:a4:f7:8a:d3:ae:fb:0c:36:83:
9d:eb:4d:fe:3c:4e:bf:64:38:fb:72:ac:ba:7b:07:97:48:b5:
8c:4f:43:82:3e:00:59:e5:96:66:9b:40:78:21:b5:8f:2e:60:
9d:b3:09:e0:40:9c:aa:74:c4:bd:b6:ce:6a:d6:d9:1a:33:d2:
4d:b3:11:bf:44:84:b2:f6:96:e8:f0:f8:09:5c:89:a0:9d:76:
62:21:3d:b8:77:91:4f:f9:bc:45:4b:d9:57:b7:5e:79:c7:26:
59:40:03:f9:a2:e4:9a:d3:a6:03:8b:bd:92:4d:07:52:2e:93:
2a:f3:3a:dc:e5:9e:00:2f:7c:8d:dd:8a:8f:d6:6f:4e:a7:75:
e5:ec:46:7d:f1:54:93:07:95:9f:0c:d0:c3:c7:5b:d8:4d:42:
89:bf:f0:16:c9:ab:c4:de:fe:0e:65:5a:e2:0b:3c:0f:5f:35:
ee:0a:9f:da:d2:15:46:59:06:47:a2:6f:6b:a3:40:2f:cf:8f:
57:39:ef:72:db:19:da:d2:e1:10:47:61:56:c1:0a:26:78:e1:
7c:df:f3:83:08:55:a0:0f:23:54:c6:7f:fd:b6:1a:5a:95:a6:
09:80:ed:2e:87:52:dd:47:70:bd:61:21:46:4e:02:4b:92:ef:
64:75:ce:81
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY1sS6Wn3M49J+YG6K+BAOXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjAzMDAwODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkxZWM0OTdiNjRkNjExMjQ5ZmRlNTk3YTVlZTg3ZTkzMzdkNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfKXg9kxHqCLFCgXxiVACHUcjsMp
Win5N8EtAR9K0XyRTSfJliBD5xQyA0TtgSGdNQpPef9qCrQEObOjPyRzkXrmS6RP
jx8Z93bF2z2E+PiJifEwAVglt5CBFqVQNl9q6UfNcWHjcJy8lcwYbgbf8/Uk0Jlh
IeOap3mrXORFPhDZcJxgaMdNrKzqE0PNvUYZRpN1ADYIraxxE3MNB+FVWxkqju/9
QbHrQ2uRRpER4qsNR0/Ga8d/24ziqs2fgxIWYErASyPKyCOx+Ucvd0VB0tqT4Pnf
dwz22+ztTx6tJiVYfMFH1ITvEcx3ghQqnzFyW9NiSXR8ddExCVh/6rm5sQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFLOR7El7ZNYRJJ/eWXpe6H6TN9XuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlmLzZkYzEy
MS0wYTZmLTQ1YWQtOGFmOS1lMWE0MjkzNTIwYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvNmRjMTIx
LTBhNmYtNDVhZC04YWY5LWUxYTQyOTM1MjBiZS8xL3M1SHNTWHRrMWhFa245NVpl
bDdvZnBNMzFlNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAHyn6MA0EAgACMAcDBQMqESyAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM3zTANBgkqhkiG9w0BAQsFAAOCAQEABCMmD3L4Xa3/
pPeK0677DDaDnetN/jxOv2Q4+3KsunsHl0i1jE9Dgj4AWeWWZptAeCG1jy5gnbMJ
4ECcqnTEvbbOatbZGjPSTbMRv0SEsvaW6PD4CVyJoJ12YiE9uHeRT/m8RUvZV7de
eccmWUAD+aLkmtOmA4u9kk0HUi6TKvM63OWeAC98jd2Kj9ZvTqd15exGffFUkweV
nwzQw8db2E1Cib/wFsmrxN7+DmVa4gs8D1817gqf2tIVRlkGR6Jva6NAL8+PVznv
ctsZ2tLhEEdhVsEKJnjhfN/zgwhVoA8jVMZ//bYaWpWmCYDtLodS3UdwvWEhRk4C
S5LvZHXOgQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:47:13 2024 by rpki-client on console-fra.rpki-client.org