Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
File: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer (raw, json)
Hash identifier: NU0RMtInn6koYFvv+5IANspF678LkIdNfj+S8jMtUGA=
Subject key identifier: D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC726F69450FE5F0017FCBFE6DCB63520
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47668
IP: 91.208.39.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 00:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f6:94:50:fe:5f:00:17:fc:bf:e6:dc:b6:35:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:5c:eb:af:bf:35:6e:13:f9:c1:ad:5e:a7:
24:be:66:ee:3d:7a:b5:e7:62:12:9e:be:f7:6c:38:
c5:75:0e:4b:03:5e:3f:6a:93:d9:c0:be:27:20:26:
ff:fc:8b:20:58:c0:75:c6:52:eb:ff:cf:a3:fa:d3:
d0:77:74:c9:13:bd:b0:60:7c:02:63:26:8b:93:e9:
54:98:c9:49:10:63:85:24:36:0c:9b:bd:eb:89:d0:
22:94:9f:1f:b7:fe:e4:83:0b:17:be:fd:ca:12:7e:
08:5c:19:c1:e6:a0:9e:b7:8c:de:63:7b:be:53:cb:
f7:10:5e:2d:34:1d:1c:b9:00:cb:1f:a6:f2:05:81:
fc:ce:68:72:ed:db:83:5c:32:2a:22:1f:c8:6e:c6:
6e:00:e4:94:f3:72:3e:22:f3:f8:71:81:80:27:e4:
59:cb:b6:c8:04:bc:95:22:7f:26:01:af:1a:c8:8a:
f4:9a:7d:a8:68:dd:04:44:f8:eb:e0:ee:13:13:1b:
76:a1:fa:43:40:33:c9:7e:11:a7:52:8c:eb:31:e2:
74:da:0a:b2:aa:c3:38:fb:33:c5:81:0f:51:e0:f6:
3a:97:43:4f:4e:e3:f8:a5:9d:61:76:e4:87:e9:3a:
a2:8a:d2:ff:fc:8d:68:79:a2:d2:b9:9c:a7:f4:81:
82:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.39.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47668
Signature Algorithm: sha256WithRSAEncryption
0c:ab:bd:9a:80:bb:ce:e0:ad:49:3b:86:eb:2f:11:f2:fc:6c:
8a:d5:7a:a7:19:e9:33:13:a2:28:f3:4d:d2:6c:ae:bf:ca:29:
86:2f:cd:8f:6d:c8:d4:49:23:a9:a1:c3:98:6f:3b:65:18:81:
48:bb:fa:dc:d0:ec:95:7d:7f:00:e9:b3:75:33:8f:1d:63:34:
0d:56:4d:63:25:a1:59:26:e6:c4:dd:71:0f:a4:7b:bc:52:2e:
33:5c:a2:9a:41:17:4f:2f:fc:e0:ef:2c:dc:1a:29:80:e5:44:
52:f9:b7:03:50:1b:93:90:22:0b:05:f1:f0:c9:53:c5:64:05:
b4:99:d4:69:22:02:47:85:77:c3:67:bc:d4:33:22:ff:4e:13:
24:2a:58:1b:22:3b:56:df:d6:b7:a9:a0:fb:b0:d2:d4:d1:5c:
9b:46:0f:5f:56:e2:2f:44:36:33:44:b1:77:97:81:42:7d:4c:
aa:df:35:c9:d1:48:4a:35:05:72:e7:eb:fa:b2:ad:8e:b0:15:
23:c2:c7:87:e9:5b:5a:ca:4e:bc:20:2e:49:01:84:fe:7c:3b:
4f:97:38:03:14:fa:58:78:91:09:8a:9b:26:ab:58:c0:54:c3:
92:87:ef:9c:ba:f1:22:13:ed:14:a9:3d:9f:26:a8:70:29:f6:
06:b9:ac:75
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzHJvaUUP5fABf8v+bctjUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE4N2M5YWMxMGYyMDUxNTJiMTI4ZWNkYzIxNTdjOTAyNDkxNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVVc66+/NW4T+cGtXqckvmbuPXq1
52ISnr73bDjFdQ5LA14/apPZwL4nICb//IsgWMB1xlLr/8+j+tPQd3TJE72wYHwC
YyaLk+lUmMlJEGOFJDYMm73ridAilJ8ft/7kgwsXvv3KEn4IXBnB5qCet4zeY3u+
U8v3EF4tNB0cuQDLH6byBYH8zmhy7duDXDIqIh/IbsZuAOSU83I+IvP4cYGAJ+RZ
y7bIBLyVIn8mAa8ayIr0mn2oaN0ERPjr4O4TExt2ofpDQDPJfhGnUozrMeJ02gqy
qsM4+zPFgQ9R4PY6l0NPTuP4pZ1hduSH6TqiitL//I1oeaLSuZyn9IGCMwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNkYfJrBDyBRUrEo7NwhV8kCSRakMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzRhZDQ1
NC0wMDQ4LTQxMWEtYjFlYS0yNGIzMDYwNmUyMTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMvNGFkNDU0
LTAwNDgtNDExYS1iMWVhLTI0YjMwNjA2ZTIxOS8xLzJSaDhtc0VQSUZGU3NTanMz
Q0ZYeVFKSkZxUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW9AnMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwC6NDANBgkqhkiG9w0BAQsFAAOCAQEADKu9moC7zuCtSTuG6y8R8vxsitV6pxnp
MxOiKPNN0myuv8ophi/Nj23I1EkjqaHDmG87ZRiBSLv63NDslX1/AOmzdTOPHWM0
DVZNYyWhWSbmxN1xD6R7vFIuM1yimkEXTy/84O8s3BopgOVEUvm3A1Abk5AiCwXx
8MlTxWQFtJnUaSICR4V3w2e81DMi/04TJCpYGyI7Vt/Wt6mg+7DS1NFcm0YPX1bi
L0Q2M0Sxd5eBQn1Mqt81ydFISjUFcufr+rKtjrAVI8LHh+lbWspOvCAuSQGE/nw7
T5c4AxT6WHiRCYqbJqtYwFTDkofvnLrxIhPtFKk9nyaocCn2BrmsdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 20 03:07:44 2024 by rpki-client on console-ams.rpki-client.org