Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0vcAvspCZT5kq0NaLwpPPZpQFLA.cer
File: 0vcAvspCZT5kq0NaLwpPPZpQFLA.cer (raw, json)
Hash identifier: mKlMIfNmnUKpiU6JOogv+MeMXd2FZYTZFpPMSPpu68g=
Subject key identifier: D2:F7:00:BE:CA:42:65:3E:64:AB:43:5A:2F:0A:4F:3D:9A:50:14:B0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC34956C9DA963A1AEA3D256FC0B5AE12
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/91/07512a-12c8-4895-b32f-75c7ba1c073f/1/0vcAvspCZT5kq0NaLwpPPZpQFLA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/91/07512a-12c8-4895-b32f-75c7ba1c073f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:12 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.195.208.0/22
IP: 193.57.98.0/23
IP: 193.57.142.0/23
IP: 2a0f:c380::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:56:c9:da:96:3a:1a:ea:3d:25:6f:c0:b5:ae:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f700beca42653e64ab435a2f0a4f3d9a5014b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e5:18:9f:af:b9:23:6a:bd:0f:cf:6e:50:cb:
a6:8f:56:97:f8:0d:87:c8:72:af:e4:4c:fd:99:b7:
02:bd:b8:65:d1:f8:07:26:6f:d9:7a:0a:72:3d:8c:
ad:6b:95:d4:67:f1:80:ce:23:8f:fe:1a:65:cd:0b:
0c:cb:d3:da:cd:32:21:12:76:e9:46:4d:26:a2:95:
ee:90:cc:62:4b:c0:30:a7:1a:b8:d1:ab:7e:da:80:
ae:7f:8f:94:e7:e1:92:5e:43:05:38:4e:2a:10:2b:
04:19:96:c5:31:9c:b9:0a:d4:5c:34:de:be:4e:4e:
46:66:58:ab:bd:82:9c:93:0e:f4:ac:3e:e9:1f:af:
a7:63:d6:d2:a5:4b:48:c6:9d:fe:b9:45:25:2a:d3:
51:76:16:19:81:b8:37:85:4c:79:12:88:4f:f2:43:
aa:d1:a1:a3:6f:dc:3d:ed:56:da:d8:8d:49:a9:59:
ae:87:ba:1c:77:95:85:2a:43:69:a2:b2:f3:aa:fc:
f6:cf:97:22:2c:c0:e3:40:93:0d:28:0c:1d:99:12:
90:bc:a8:a6:f4:3e:91:6a:ce:56:1f:10:b4:21:76:
53:f7:f6:20:bd:b7:0d:08:10:76:e9:a6:e6:06:8f:
ba:b5:20:e4:75:ab:11:33:e1:a6:06:a7:41:3c:0b:
47:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F7:00:BE:CA:42:65:3E:64:AB:43:5A:2F:0A:4F:3D:9A:50:14:B0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/07512a-12c8-4895-b32f-75c7ba1c073f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/07512a-12c8-4895-b32f-75c7ba1c073f/1/0vcAvspCZT5kq0NaLwpPPZpQFLA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.208.0/22
193.57.98.0/23
193.57.142.0/23
IPv6:
2a0f:c380::/29
Signature Algorithm: sha256WithRSAEncryption
47:03:10:a7:be:e9:66:ab:22:a3:ce:30:93:40:09:e2:7d:5e:
cc:d0:c7:de:ec:94:bb:4b:ee:46:bf:41:5a:7d:c5:3e:2c:d7:
9f:99:77:7d:c9:d3:a3:a6:ae:f5:b7:05:14:79:b4:c0:33:f9:
05:d8:7b:a5:81:80:a3:95:3f:e6:85:28:6d:41:c7:ea:c7:47:
86:93:0e:85:46:79:82:ba:76:b2:73:3d:7c:56:12:d1:f3:24:
f6:a9:19:87:d2:4f:cc:92:cf:5c:0d:82:99:d2:b7:92:60:19:
e1:82:72:d4:14:1c:13:a5:9e:50:7e:2f:b4:ce:de:ad:00:63:
1d:d8:c9:80:f8:41:29:4b:3c:32:97:58:8d:27:fc:84:ad:86:
89:e8:3a:d0:75:15:2b:78:bb:19:82:f5:3b:a5:38:69:3d:b1:
fd:9e:b5:67:4c:f8:8a:6e:83:17:c0:52:90:44:e3:c3:71:2f:
7d:cf:50:66:a8:87:27:af:74:2f:2e:05:44:0d:d4:d5:a5:cf:
34:0b:f8:c8:48:5a:7f:2a:b0:c2:49:f3:32:95:b4:a7:02:d5:
40:89:d1:c3:fb:0f:8a:11:0d:1c:d5:de:5c:d9:cd:b6:7b:f4:
5a:4a:42:eb:ef:1a:c6:f5:96:3d:45:2e:3f:3a:b8:76:e0:e9:
4f:93:72:fe
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzDSVbJ2pY6Guo9JW/Ata4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY3MDBiZWNhNDI2NTNlNjRhYjQzNWEyZjBhNGYzZDlhNTAxNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+UYn6+5I2q9D89uUMumj1aX+A2H
yHKv5Ez9mbcCvbhl0fgHJm/ZegpyPYyta5XUZ/GAziOP/hplzQsMy9PazTIhEnbp
Rk0mopXukMxiS8Awpxq40at+2oCuf4+U5+GSXkMFOE4qECsEGZbFMZy5CtRcNN6+
Tk5GZlirvYKckw70rD7pH6+nY9bSpUtIxp3+uUUlKtNRdhYZgbg3hUx5EohP8kOq
0aGjb9w97Vba2I1JqVmuh7ocd5WFKkNporLzqvz2z5ciLMDjQJMNKAwdmRKQvKim
9D6Ras5WHxC0IXZT9/YgvbcNCBB26abmBo+6tSDkdasRM+GmBqdBPAtHfQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFNL3AL7KQmU+ZKtDWi8KTz2aUBSwMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkxLzA3NTEy
YS0xMmM4LTQ4OTUtYjMyZi03NWM3YmExYzA3M2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEvMDc1MTJh
LTEyYzgtNDg5NS1iMzJmLTc1YzdiYTFjMDczZi8xLzB2Y0F2c3BDWlQ1a3EwTmFM
d3BQUFpwUUZMQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCucPQAwQBwTliAwQBwTmOMA0EAgACMAcDBQMq
D8OAMA0GCSqGSIb3DQEBCwUAA4IBAQBHAxCnvulmqyKjzjCTQAnifV7M0Mfe7JS7
S+5Gv0FafcU+LNefmXd9ydOjpq71twUUebTAM/kF2HulgYCjlT/mhShtQcfqx0eG
kw6FRnmCunaycz18VhLR8yT2qRmH0k/Mks9cDYKZ0reSYBnhgnLUFBwTpZ5Qfi+0
zt6tAGMd2MmA+EEpSzwyl1iNJ/yErYaJ6DrQdRUreLsZgvU7pThpPbH9nrVnTPiK
boMXwFKQROPDcS99z1BmqIcnr3QvLgVEDdTVpc80C/jISFp/KrDCSfMylbSnAtVA
idHD+w+KEQ0c1d5c2c22e/RaSkLr7xrG9ZY9RS4/Orh24OlPk3L+
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:21:50 2024 by rpki-client on console-ams.rpki-client.org