Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02SD5mfJ_Oj4D1qqWsbpFrxU5lQ.cer
File: 02SD5mfJ_Oj4D1qqWsbpFrxU5lQ.cer (raw, json)
Hash identifier: 8+XUzDZS4Tz4mV19UOfcfVGCTC1lGaTtYCkonHo2ZrI=
Subject key identifier: D3:64:83:E6:67:C9:FC:E8:F8:0F:5A:AA:5A:C6:E9:16:BC:54:E6:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801F4262B64EE774241A206CA592D51
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/92/9e6996-2e89-4829-a37b-0734ffba8ca6/1/02SD5mfJ_Oj4D1qqWsbpFrxU5lQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/92/9e6996-2e89-4829-a37b-0734ffba8ca6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:20 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 51367
IP: 195.191.72.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f4:26:2b:64:ee:77:42:41:a2:06:ca:59:2d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d36483e667c9fce8f80f5aaa5ac6e916bc54e654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:8e:9e:dc:58:7c:2a:b7:11:c5:46:86:8b:
61:49:c8:8f:65:84:7b:b6:c8:4f:8e:6d:44:c2:c9:
28:ea:35:5e:82:53:84:7a:01:95:7d:34:79:16:a3:
c8:3c:e7:0b:27:b9:5e:ad:5f:10:3a:dd:4a:b1:43:
4a:82:de:6d:0f:a4:4d:ea:84:39:94:72:07:af:3d:
c0:28:0c:29:01:4e:a1:30:4c:3d:0d:f3:b2:b3:60:
10:ca:3f:b4:47:7c:a5:49:28:3d:0d:cf:e7:21:89:
e4:83:e8:30:d8:49:f2:f4:43:32:83:a3:20:86:9b:
1f:39:db:93:a3:13:69:4f:cd:23:b9:80:18:1f:de:
48:85:d5:63:94:62:ea:53:f9:5d:1b:41:d4:b3:38:
18:12:9b:0a:a8:21:a5:12:bb:22:60:d5:e0:5a:93:
d9:d6:b5:16:9e:27:ca:28:53:5c:a1:00:41:ed:af:
09:fc:ec:d7:a0:6c:64:7c:0f:fe:06:fa:4a:50:a4:
f5:8e:13:9c:63:75:b8:b2:24:06:fb:62:b2:bd:fa:
c6:4d:d0:aa:e6:af:54:e2:23:be:f6:12:09:d8:7c:
5f:56:d7:22:fb:d7:e6:23:ec:c2:94:05:df:49:3e:
27:c9:20:25:f8:18:dd:04:14:9a:eb:5a:09:f6:ad:
92:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:64:83:E6:67:C9:FC:E8:F8:0F:5A:AA:5A:C6:E9:16:BC:54:E6:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9e6996-2e89-4829-a37b-0734ffba8ca6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9e6996-2e89-4829-a37b-0734ffba8ca6/1/02SD5mfJ_Oj4D1qqWsbpFrxU5lQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.72.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
51367
Signature Algorithm: sha256WithRSAEncryption
0f:04:40:56:76:fd:29:e1:d8:a2:0e:34:36:19:b1:2b:ed:58:
b6:64:ec:27:1b:1f:8d:fe:90:a0:e2:07:e2:f5:a9:f0:a5:d7:
6c:29:c3:0b:2a:a7:46:fd:b3:63:51:e3:2d:17:e2:0f:63:76:
24:1f:7e:b0:6e:e1:53:b5:ea:e1:17:ba:74:d6:2f:a8:93:37:
ca:52:36:46:c9:d4:f6:ef:23:6a:d6:8c:78:dc:53:b7:42:1f:
e4:ad:0b:ab:26:fc:bd:88:5c:0a:47:07:9b:af:20:3a:ad:fd:
62:7b:15:63:47:4f:7b:e8:fe:fc:36:64:52:c7:60:4b:57:0e:
f6:de:91:21:bb:35:8d:07:70:9c:26:0f:b7:ff:03:16:c3:29:
bf:3f:de:96:dc:10:62:6c:b4:c5:f4:03:06:fc:9c:10:fc:21:
ea:65:1b:3b:00:5a:12:f7:9d:7a:d8:4d:a4:b7:73:3e:d3:65:
c1:84:a6:16:d9:91:7e:75:5e:5f:16:f5:87:f4:57:64:62:e4:
9a:0a:cc:76:76:25:b9:04:60:a1:ce:69:c2:19:34:12:b8:bb:
fe:a6:38:e7:fc:0a:4a:5e:bb:e1:31:a6:9f:f3:84:c3:d6:d0:
f3:ef:b6:dd:64:6d:b2:63:39:a7:3e:cc:c8:08:f7:b8:4b:65:
ea:82:bf:14
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzIAfQmK2Tud0JBogbKWS1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY0ODNlNjY3YzlmY2U4ZjgwZjVhYWE1YWM2ZTkxNmJjNTRlNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj6OntxYfCq3EcVGhothSciPZYR7
tshPjm1Ewsko6jVeglOEegGVfTR5FqPIPOcLJ7lerV8QOt1KsUNKgt5tD6RN6oQ5
lHIHrz3AKAwpAU6hMEw9DfOys2AQyj+0R3ylSSg9Dc/nIYnkg+gw2Eny9EMyg6Mg
hpsfOduToxNpT80juYAYH95IhdVjlGLqU/ldG0HUszgYEpsKqCGlErsiYNXgWpPZ
1rUWnifKKFNcoQBB7a8J/OzXoGxkfA/+BvpKUKT1jhOcY3W4siQG+2KyvfrGTdCq
5q9U4iO+9hIJ2HxfVtci+9fmI+zClAXfST4nySAl+BjdBBSa61oJ9q2SkQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNNkg+Znyfzo+A9aqlrG6Ra8VOZUMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzllNjk5
Ni0yZTg5LTQ4MjktYTM3Yi0wNzM0ZmZiYThjYTYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvOWU2OTk2
LTJlODktNDgyOS1hMzdiLTA3MzRmZmJhOGNhNi8xLzAyU0Q1bWZKX09qNEQxcXFX
c2JwRnJ4VTVsUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBw79IMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDIpzANBgkqhkiG9w0BAQsFAAOCAQEADwRAVnb9KeHYog40NhmxK+1YtmTsJxsf
jf6QoOIH4vWp8KXXbCnDCyqnRv2zY1HjLRfiD2N2JB9+sG7hU7Xq4Re6dNYvqJM3
ylI2RsnU9u8jataMeNxTt0If5K0Lqyb8vYhcCkcHm68gOq39YnsVY0dPe+j+/DZk
UsdgS1cO9t6RIbs1jQdwnCYPt/8DFsMpvz/eltwQYmy0xfQDBvycEPwh6mUbOwBa
EvedethNpLdzPtNlwYSmFtmRfnVeXxb1h/RXZGLkmgrMdnYluQRgoc5pwhk0Eri7
/qY45/wKSl674TGmn/OEw9bQ8++23WRtsmM5pz7MyAj3uEtl6oK/FA==
-----END CERTIFICATE-----
Generated at Fri May 3 09:13:44 2024 by rpki-client on console-fra.rpki-client.org