Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.cer (raw, json)
Hash identifier: VYR3zk7hcQG08g6AWXuWM8uBKVdt9ayblp+mCn5Pf3A=
Subject key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC348F7AAED3BF1AA03958DE195A1B016
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:48 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 49639
IP: 91.213.61.0/24
IP: 2001:67c:52c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 02:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f7:aa:ed:3b:f1:aa:03:95:8d:e1:95:a1:b0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c3:aa:4f:b1:25:c0:ed:52:ef:3a:8e:f4:65:
8c:b5:21:2b:2f:cb:41:d4:7b:f3:34:7f:cd:2e:f1:
f8:56:2d:84:68:7b:a8:e8:71:f1:50:31:1a:72:c8:
0b:76:91:9f:1d:0f:51:ea:44:0b:1b:6b:6a:31:1a:
85:0b:f3:0d:b5:2f:72:9b:8b:0b:3e:02:64:79:b7:
99:fa:85:a8:d5:23:43:4a:1b:e3:1c:d2:4c:d1:3d:
fb:b4:48:3f:58:a8:92:e0:98:b9:fd:57:27:88:f3:
96:95:8f:19:bd:fb:37:8f:cb:ec:d5:1b:15:09:b6:
91:55:05:10:ae:ee:f3:89:f4:af:f2:44:5e:be:74:
aa:74:19:e7:b5:2b:b0:d2:33:9f:4c:13:c6:0d:12:
2e:56:c0:34:0c:0b:33:24:21:e9:18:43:f5:02:99:
09:f2:15:5d:71:ae:a6:d6:15:ac:57:78:cf:33:00:
5a:21:25:0d:67:da:f9:12:2d:82:76:87:ff:54:77:
65:ef:44:28:88:5f:cf:61:f0:59:9b:4c:c9:05:f3:
70:9b:0c:a3:6c:cd:6b:74:80:c9:cd:31:87:6a:f0:
39:6d:a4:8c:f4:59:1c:2c:c4:2b:b6:7a:b0:31:47:
e4:24:f4:f0:85:a8:8c:f7:c2:5a:be:e2:dd:af:d6:
49:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.61.0/24
IPv6:
2001:67c:52c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49639
Signature Algorithm: sha256WithRSAEncryption
7f:82:b4:70:af:d4:ae:ce:66:82:80:ba:63:64:52:76:16:c2:
e1:c8:30:98:af:38:33:b9:d4:e5:fe:5d:44:df:fc:0f:5b:ba:
ee:10:52:59:e8:e9:8a:c9:07:1e:08:1c:58:91:98:cb:19:05:
1f:b4:b1:90:9c:a6:ef:ee:d2:c3:b4:ef:38:f8:0b:7a:cc:ac:
06:a2:2b:18:87:06:d9:5a:64:05:d1:f2:a3:e9:a3:ed:b8:66:
db:98:6f:72:37:28:c8:14:00:bf:3a:15:10:ed:e9:aa:e5:72:
1a:c7:5d:97:d5:e9:bb:8d:69:3e:13:88:86:27:09:df:9d:ad:
87:06:42:82:cb:9e:ed:7f:5d:59:3b:aa:d3:d9:48:6d:2f:36:
c8:90:f8:ff:9c:f6:e4:93:f1:ff:a7:28:c8:67:b3:87:ec:f7:
9d:45:be:2a:e5:2d:59:c3:c9:24:60:04:d5:90:22:f2:2c:9c:
71:e5:ef:94:c8:26:e8:ee:6e:b3:61:30:d9:08:ff:1a:46:90:
8c:3e:b5:5b:c6:43:69:8f:0d:91:9d:11:64:5f:31:07:86:25:
d6:b5:b2:9e:11:bf:5f:44:4a:03:62:d7:9c:8e:3a:de:35:77:
e0:27:1b:22:3d:35:4f:b7:62:62:e8:f9:33:fb:fb:e3:e0:ea:
7b:18:33:4e
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYzDSPeq7TvxqgOVjeGVobAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODcxOTk4YWExNDBhYjdjMWZmMjQwZWFiMGM5MjM1OTEzYzk2ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsOqT7ElwO1S7zqO9GWMtSErL8tB
1HvzNH/NLvH4Vi2EaHuo6HHxUDEacsgLdpGfHQ9R6kQLG2tqMRqFC/MNtS9ym4sL
PgJkebeZ+oWo1SNDShvjHNJM0T37tEg/WKiS4Ji5/VcniPOWlY8Zvfs3j8vs1RsV
CbaRVQUQru7zifSv8kRevnSqdBnntSuw0jOfTBPGDRIuVsA0DAszJCHpGEP1ApkJ
8hVdca6m1hWsV3jPMwBaISUNZ9r5Ei2Cdof/VHdl70QoiF/PYfBZm0zJBfNwmwyj
bM1rdIDJzTGHavA5baSM9FkcLMQrtnqwMUfkJPTwhaiM98JavuLdr9ZJJQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFNhxmYqhQKt8H/JA6rDJI1kTyW6KMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzMzYWEy
NC0zNWVhLTRhZGMtOGMwNS01YTM0ZTUyYjBiMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMzNhYTI0
LTM1ZWEtNGFkYy04YzA1LTVhMzRlNTJiMGIxMC8xLzJIR1ppcUZBcTN3ZjhrRHFz
TWtqV1JQSmJvby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW9U9MA8EAgACMAkDBwAgAQZ8BSwwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAMHnMA0GCSqGSIb3DQEBCwUAA4IBAQB/grRwr9Su
zmaCgLpjZFJ2FsLhyDCYrzgzudTl/l1E3/wPW7ruEFJZ6OmKyQceCBxYkZjLGQUf
tLGQnKbv7tLDtO84+At6zKwGoisYhwbZWmQF0fKj6aPtuGbbmG9yNyjIFAC/OhUQ
7emq5XIax12X1em7jWk+E4iGJwnfna2HBkKCy57tf11ZO6rT2UhtLzbIkPj/nPbk
k/H/pyjIZ7OH7PedRb4q5S1Zw8kkYATVkCLyLJxx5e+UyCbo7m6zYTDZCP8aRpCM
PrVbxkNpjw2RnRFkXzEHhiXWtbKeEb9fREoDYtecjjreNXfgJxsiPTVPt2Ji6Pkz
+/vj4Op7GDNO
-----END CERTIFICATE-----
Generated at Sat Apr 20 09:33:03 2024 by rpki-client on console-fra.rpki-client.org