Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28rKr4rBOpZKs9Rhk1hByOHJO4A.cer
File: 28rKr4rBOpZKs9Rhk1hByOHJO4A.cer (raw, json)
Hash identifier: /jUUKH6l5XOTv3171o7BitTNMRzkWM3tJGUZWfziLO4=
Subject key identifier: DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64AE584256701E54AA8D3CEB6683086
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:30:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 141.79.0.0/16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e5:84:25:67:01:e5:4a:a8:d3:ce:b6:68:30:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbcacaaf8ac13a964ab3d461935841c8e1c93b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:f0:7f:27:47:2d:68:84:d0:4b:23:fd:ff:
ce:45:04:41:8a:0d:9d:70:02:85:1d:b7:2b:e1:ee:
f4:c6:20:30:0e:1f:f9:99:26:82:38:6b:8c:73:0d:
21:46:ef:cd:9b:67:e7:0f:6c:d9:84:85:aa:e0:05:
11:b7:cd:bd:73:cd:42:c2:a6:19:a4:1b:af:0e:53:
2b:f6:74:af:61:f3:87:23:ff:14:49:18:aa:be:7d:
f8:45:3f:d4:fe:5c:4a:14:b2:67:16:00:c7:64:a9:
67:65:63:92:ca:4e:52:99:ca:ce:33:29:58:3b:ae:
61:76:ae:c3:51:a7:6a:51:7a:f1:09:8c:f5:94:60:
da:72:43:08:95:01:f7:62:97:f9:81:de:16:fa:2c:
0e:9d:dc:09:4a:22:be:97:d9:31:49:8f:6d:fb:3a:
3d:7c:74:3d:96:61:c6:3b:a2:29:78:77:6c:24:f6:
f0:93:9b:94:4b:0c:88:cb:8e:45:62:26:36:6c:88:
a4:79:3b:15:b6:aa:3b:ed:3a:e5:85:71:ea:4e:92:
ec:fd:ad:06:c4:97:8c:b5:3d:1d:b5:3f:a8:0d:e2:
24:84:6b:44:dc:0b:33:cf:40:0a:58:45:1e:9b:ab:
54:08:88:dd:ea:4f:04:41:74:60:70:f3:4c:73:32:
72:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CA:CA:AF:8A:C1:3A:96:4A:B3:D4:61:93:58:41:C8:E1:C9:3B:80
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5737b0-bb24-4e92-b19d-5e65c7d61b9e/1/28rKr4rBOpZKs9Rhk1hByOHJO4A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:ae:6d:e0:f6:6d:c3:81:6e:ba:9a:c3:bf:48:fb:a7:9f:5a:
15:85:27:dd:e0:42:c4:ce:50:7a:94:94:83:96:25:43:4e:83:
06:bf:4c:a3:d4:29:c0:7f:d1:af:05:7e:a9:b4:1a:3e:39:d0:
d3:ad:47:a7:bc:d2:2a:2c:bf:d5:3b:5d:9e:47:9a:d5:75:ec:
74:d0:b3:ec:9b:e6:e0:56:fa:89:f7:90:76:a0:7c:69:d8:46:
45:e1:13:3d:2e:25:c3:85:bf:78:97:6f:6e:cb:1f:2f:c1:98:
88:98:98:07:e4:74:5a:72:eb:79:f7:f6:c3:96:c0:57:98:1f:
dd:3a:74:a3:06:b1:97:f9:f1:fe:64:ae:87:6b:cc:c8:57:1e:
76:19:5c:2b:ad:a8:90:b0:44:27:0b:dc:20:57:dc:ad:a1:be:
c8:03:8a:09:be:4a:03:9c:7e:a2:85:d7:e1:72:e7:dc:4c:7c:
89:14:68:d3:95:7d:8a:10:c2:6c:42:bd:80:ff:fe:76:8b:77:
8c:73:58:fa:b9:52:02:1e:64:52:a7:05:f4:af:0b:ea:fe:3b:
59:77:f6:b6:c3:44:57:b7:e0:a8:ca:df:16:0c:e1:f7:6b:72:
88:cb:b9:1e:80:ba:7c:12:2d:1e:a6:64:37:e8:0c:8e:2b:f1:
d8:04:62:3a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzGSuWEJWcB5Uqo0862aDCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNhY2FhZjhhYzEzYTk2NGFiM2Q0NjE5MzU4NDFjOGUxYzkzYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTDwfydHLWiE0Esj/f/ORQRBig2d
cAKFHbcr4e70xiAwDh/5mSaCOGuMcw0hRu/Nm2fnD2zZhIWq4AURt829c81CwqYZ
pBuvDlMr9nSvYfOHI/8USRiqvn34RT/U/lxKFLJnFgDHZKlnZWOSyk5SmcrOMylY
O65hdq7DUadqUXrxCYz1lGDackMIlQH3Ypf5gd4W+iwOndwJSiK+l9kxSY9t+zo9
fHQ9lmHGO6IpeHdsJPbwk5uUSwyIy45FYiY2bIikeTsVtqo77TrlhXHqTpLs/a0G
xJeMtT0dtT+oDeIkhGtE3Aszz0AKWEUem6tUCIjd6k8EQXRgcPNMczJyBwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNvKyq+KwTqWSrPUYZNYQcjhyTuAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjLzU3Mzdi
MC1iYjI0LTRlOTItYjE5ZC01ZTY1YzdkNjFiOWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNTczN2Iw
LWJiMjQtNGU5Mi1iMTlkLTVlNjVjN2Q2MWI5ZS8xLzI4cktyNHJCT3BaS3M5Umhr
MWhCeU9ISk80QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUF
BwEHAQH/BA8wDTALBAIAATAFAwMAjU8wDQYJKoZIhvcNAQELBQADggEBAECubeD2
bcOBbrqaw79I+6efWhWFJ93gQsTOUHqUlIOWJUNOgwa/TKPUKcB/0a8Ffqm0Gj45
0NOtR6e80iosv9U7XZ5HmtV17HTQs+yb5uBW+on3kHagfGnYRkXhEz0uJcOFv3iX
b27LHy/BmIiYmAfkdFpy63n39sOWwFeYH906dKMGsZf58f5krodrzMhXHnYZXCut
qJCwRCcL3CBX3K2hvsgDigm+SgOcfqKF1+Fy59xMfIkUaNOVfYoQwmxCvYD//naL
d4xzWPq5UgIeZFKnBfSvC+r+O1l39rbDRFe34KjK3xYM4fdrcojLuR6AunwSLR6m
ZDfoDI4r8dgEYjo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:13 2024 by rpki-client on console-ams.rpki-client.org