Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer
File: 1PkhKd96qnFX4VlzwkdT4RjJBX0.cer (raw, json)
Hash identifier: oqk2WEhqHxo6+XwXWF4QN3DOjNQ8+UI5YZWGWU38lSw=
Subject key identifier: D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801D3227B730FB15098A5F6525DD3A3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204631
IP: 185.136.120.0/22
IP: 193.27.218.0/23
IP: 2001:67c:2c08::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d3:22:7b:73:0f:b1:50:98:a5:f6:52:5d:d3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4f92129df7aaa7157e15973c24753e118c9057d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:be:b9:99:c9:b5:f1:29:88:38:e4:b2:98:
15:11:6d:79:8d:cb:91:ef:ac:8f:8e:1c:0f:e8:8c:
62:a6:87:ea:89:00:a7:c1:fa:14:bf:7f:5c:d8:3e:
5f:57:1a:2c:21:c1:a6:e0:4d:67:69:7a:1d:9e:ea:
c1:dd:18:dd:77:34:d6:89:02:b2:26:d8:fb:5a:a2:
8f:48:b8:e7:a6:ab:c3:fa:61:fe:ba:55:f7:f0:f4:
cd:00:4a:cf:71:46:06:5f:ce:6d:ba:26:3c:56:0f:
cd:8f:10:00:cc:15:b2:7f:e0:81:5f:88:d8:75:05:
06:fe:56:b8:bd:81:d2:98:1e:42:a5:ff:e8:a2:b0:
73:87:66:bd:7f:20:3c:04:35:92:a9:09:87:42:7a:
f7:1d:b0:66:5d:b5:34:be:cd:fb:83:cd:86:68:e2:
2e:07:d5:f8:21:3e:45:14:9a:7f:fb:10:b2:b9:8d:
e2:51:5d:3e:fe:3d:fb:b0:2c:98:e0:23:f3:4d:e7:
80:a2:42:f3:08:1e:70:18:df:48:9d:ad:94:4b:3c:
97:cf:4c:9d:60:98:75:56:9a:9d:ee:d6:50:62:ff:
87:66:85:74:5d:fc:15:91:8a:66:0c:55:1c:50:cb:
80:e6:7c:c5:2a:97:22:5d:3f:ae:bf:04:77:12:a6:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.120.0/22
193.27.218.0/23
IPv6:
2001:67c:2c08::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204631
Signature Algorithm: sha256WithRSAEncryption
b0:74:23:f1:09:63:15:a2:5b:03:1b:f9:90:7b:bc:7c:df:c3:
2c:6f:2d:ff:0b:ef:0c:ef:e1:7b:97:60:96:15:ce:b1:ca:22:
c6:8b:5f:df:9b:17:4b:78:76:bd:dd:85:2c:05:32:44:45:cf:
bd:a7:f8:22:81:ca:44:dc:80:87:f0:88:0e:0a:04:8c:4a:1b:
e1:00:a6:ab:87:2d:a8:52:89:58:61:1d:2c:62:46:9e:d5:30:
47:44:c7:84:7e:db:cd:a7:36:0f:45:f0:d9:1a:9d:7d:a1:61:
4f:f4:b9:91:53:4a:2e:2a:d0:55:0d:f1:f8:0d:5b:b9:c5:c1:
e8:90:58:06:3f:89:58:9d:2c:af:cb:ee:62:8b:68:e9:78:8b:
f7:90:00:a6:58:49:af:7a:f3:bd:c7:cf:0d:d3:08:1f:67:aa:
ab:b9:75:ab:b4:66:86:4a:fa:6e:91:3b:b4:c4:54:78:76:21:
af:db:f8:a6:e9:3b:d7:42:6a:31:45:02:36:27:43:81:7f:1e:
43:b3:fa:91:d7:8b:f0:92:48:cf:ea:38:46:11:e4:5e:ff:6e:
43:92:cb:82:42:44:8d:a7:85:3b:36:c5:a9:17:c5:7c:c8:b9:
7f:27:c8:05:54:50:08:07:14:5c:bb:70:a3:52:34:7f:ca:2f:
3b:7f:be:8c
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYzIAdMie3MPsVCYpfZSXdOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY5MjEyOWRmN2FhYTcxNTdlMTU5NzNjMjQ3NTNlMTE4YzkwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJi+uZnJtfEpiDjkspgVEW15jcuR
76yPjhwP6IxipofqiQCnwfoUv39c2D5fVxosIcGm4E1naXodnurB3RjddzTWiQKy
Jtj7WqKPSLjnpqvD+mH+ulX38PTNAErPcUYGX85tuiY8Vg/NjxAAzBWyf+CBX4jY
dQUG/la4vYHSmB5Cpf/oorBzh2a9fyA8BDWSqQmHQnr3HbBmXbU0vs37g82GaOIu
B9X4IT5FFJp/+xCyuY3iUV0+/j37sCyY4CPzTeeAokLzCB5wGN9Ina2USzyXz0yd
YJh1Vpqd7tZQYv+HZoV0XfwVkYpmDFUcUMuA5nzFKpciXT+uvwR3EqbYpQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFNT5ISnfeqpxV+FZc8JHU+EYyQV9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4LzljZmU1
ZC01NzcwLTRiNWQtODkzNS05ZjM4YzhiOGE5MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvOWNmZTVk
LTU3NzAtNGI1ZC04OTM1LTlmMzhjOGI4YTkyOC8xLzFQa2hLZDk2cW5GWDRWbHp3
a2RUNFJqSkJYMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQCuYh4AwQBwRvaMA8EAgACMAkDBwAgAQZ8LAgw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAx9XMA0GCSqGSIb3DQEBCwUAA4IBAQCw
dCPxCWMVolsDG/mQe7x838Msby3/C+8M7+F7l2CWFc6xyiLGi1/fmxdLeHa93YUs
BTJERc+9p/gigcpE3ICH8IgOCgSMShvhAKarhy2oUolYYR0sYkae1TBHRMeEftvN
pzYPRfDZGp19oWFP9LmRU0ouKtBVDfH4DVu5xcHokFgGP4lYnSyvy+5ii2jpeIv3
kACmWEmvevO9x88N0wgfZ6qruXWrtGaGSvpukTu0xFR4diGv2/im6TvXQmoxRQI2
J0OBfx5Ds/qR14vwkkjP6jhGEeRe/25DksuCQkSNp4U7NsWpF8V8yLl/J8gFVFAI
BxRcu3CjUjR/yi87f76M
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:26 2024 by rpki-client on console-ams.rpki-client.org