Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0AEr-PVySEpvYGhWLKmRnG2lRG8.cer
File: 0AEr-PVySEpvYGhWLKmRnG2lRG8.cer (raw, json)
Hash identifier: QXfEm8GDwAFC1hNe2bL3/vg/yB2uHRnGrLfqGlOmMr4=
Subject key identifier: D0:01:2B:F8:F5:72:48:4A:6F:60:68:56:2C:A9:91:9C:6D:A5:44:6F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8011B7705FB9DF71DA78A0FB939E2FC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/0AEr-PVySEpvYGhWLKmRnG2lRG8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 194.24.230.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Mar 2024 11:40:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1b:77:05:fb:9d:f7:1d:a7:8a:0f:b9:39:e2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0012bf8f572484a6f6068562ca9919c6da5446f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:a8:e9:e1:3d:4f:40:da:cc:95:00:9b:4f:
6d:7c:2d:39:66:99:d0:35:48:b5:32:1d:a6:0a:ba:
1d:77:85:14:99:39:7e:79:06:dd:27:4b:a4:ea:7a:
e2:a9:c8:b3:af:60:4f:92:0b:9b:15:19:fb:62:ca:
9a:ed:21:68:2c:0d:73:b6:e7:26:02:26:5f:bc:0f:
2b:63:55:c1:07:7e:60:0a:e6:e7:ff:c5:88:b9:39:
f3:fa:6d:5e:fb:fb:2a:08:1b:45:06:07:c7:b7:99:
87:65:64:6d:40:77:d7:46:40:da:99:04:cf:23:b5:
e2:1e:2e:00:19:81:9b:a3:d1:af:45:a1:ac:5c:d2:
ad:ec:81:6d:90:f9:d1:9b:84:2c:a6:6a:19:02:b7:
31:a9:6b:01:2d:a3:25:ba:1a:81:4f:d9:e1:45:c9:
26:a7:3c:5c:f3:d1:8c:94:a2:42:7e:8a:7c:04:87:
36:02:07:ee:82:90:fd:61:c8:6d:39:36:00:50:46:
46:21:55:ed:b9:2a:c3:64:5e:c7:1b:43:5b:92:e6:
fa:63:f2:71:69:0f:c4:20:4f:11:30:7b:23:96:eb:
98:88:22:7f:e3:c7:29:8a:a3:0e:d5:ca:e5:84:3f:
5f:d3:bc:52:97:1a:4a:de:c9:c0:9e:72:8f:62:49:
ee:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:01:2B:F8:F5:72:48:4A:6F:60:68:56:2C:A9:91:9C:6D:A5:44:6F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/55eb96-f121-4cf4-ac94-8477b6638f31/1/0AEr-PVySEpvYGhWLKmRnG2lRG8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.230.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:36:bf:fc:c8:9e:28:b9:fc:55:f3:22:75:91:b0:cf:b7:e1:
d2:f7:bb:72:28:ff:ef:af:69:af:ae:5e:9b:02:f8:52:06:a6:
20:ac:a1:70:c6:7d:c7:7d:42:02:8c:b6:67:e3:59:54:36:09:
a8:60:81:a8:53:9c:3a:9e:00:bf:ca:d2:20:44:55:0d:74:73:
6f:a9:58:ea:5a:0d:83:4c:d0:ba:54:59:96:85:49:c6:1b:4c:
6c:39:60:a7:83:d2:75:46:d8:e9:fd:ca:41:29:e6:1f:ff:27:
d7:d5:9f:33:cb:75:40:af:39:74:7f:2c:8e:f2:f8:3d:f9:48:
f4:5f:49:a6:62:6e:3b:63:d5:5e:cc:c2:6b:4a:33:10:77:8e:
e5:72:bc:37:bc:a0:5d:2c:2e:cf:75:00:32:a1:47:f6:c6:e5:
58:95:3b:4e:e0:1c:ac:05:8a:9f:c1:76:2b:40:7e:69:cb:ac:
5d:da:ee:96:60:c7:b4:8b:3a:ef:dc:44:d1:a9:8d:9a:f3:95:
d5:89:49:16:00:f1:86:3f:9a:50:63:a8:e4:ae:8e:9d:3d:00:
02:f2:71:6e:f3:43:3d:05:30:18:f9:cc:52:c1:2d:70:12:f6:
d8:4b:a8:ce:d6:60:f7:d4:f2:d4:a4:9b:42:e9:78:1e:0d:c2:
f8:0f:5a:47
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzIARt3Bfud9x2nig+5OeL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAxMmJmOGY1NzI0ODRhNmY2MDY4NTYyY2E5OTE5YzZkYTU0NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c6o6eE9T0DazJUAm09tfC05ZpnQ
NUi1Mh2mCrodd4UUmTl+eQbdJ0uk6nriqcizr2BPkgubFRn7Ysqa7SFoLA1ztucm
AiZfvA8rY1XBB35gCubn/8WIuTnz+m1e+/sqCBtFBgfHt5mHZWRtQHfXRkDamQTP
I7XiHi4AGYGbo9GvRaGsXNKt7IFtkPnRm4QspmoZArcxqWsBLaMluhqBT9nhRckm
pzxc89GMlKJCfop8BIc2AgfugpD9YchtOTYAUEZGIVXtuSrDZF7HG0Nbkub6Y/Jx
aQ/EIE8RMHsjluuYiCJ/48cpiqMO1crlhD9f07xSlxpK3snAnnKPYknuwQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNABK/j1ckhKb2BoViypkZxtpURvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0LzU1ZWI5
Ni1mMTIxLTRjZjQtYWM5NC04NDc3YjY2MzhmMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvNTVlYjk2
LWYxMjEtNGNmNC1hYzk0LTg0NzdiNjYzOGYzMS8xLzBBRXItUFZ5U0VwdllHaFdM
S21SbkcybFJHOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwhjmMA0GCSqGSIb3DQEBCwUAA4IBAQAMNr/8
yJ4oufxV8yJ1kbDPt+HS97tyKP/vr2mvrl6bAvhSBqYgrKFwxn3HfUICjLZn41lU
NgmoYIGoU5w6ngC/ytIgRFUNdHNvqVjqWg2DTNC6VFmWhUnGG0xsOWCng9J1Rtjp
/cpBKeYf/yfX1Z8zy3VArzl0fyyO8vg9+Uj0X0mmYm47Y9VezMJrSjMQd47lcrw3
vKBdLC7PdQAyoUf2xuVYlTtO4BysBYqfwXYrQH5py6xd2u6WYMe0izrv3ETRqY2a
85XViUkWAPGGP5pQY6jkro6dPQAC8nFu80M9BTAY+cxSwS1wEvbYS6jO1mD31PLU
pJtC6XgeDcL4D1pH
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:39:07 2024 by rpki-client on console-ams.rpki-client.org