Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3Cc-HiGEHOLDNf4clhznaAF-7ik.cer
File: 3Cc-HiGEHOLDNf4clhznaAF-7ik.cer (raw, json)
Hash identifier: davfO93LAeNq8ixbfNio4LRHkIaKzFBQuRx+GBsgES8=
Subject key identifier: DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4935DAB9CC609C17E86FF12796A1E31
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.232.212.0/22
IP: 2a0c:c100::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5d:ab:9c:c6:09:c1:7e:86:ff:12:79:6a:1e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc273e1e21841ce2c335fe1c961ce768017eee29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:94:1f:59:7f:79:02:ba:a8:fd:45:db:c2:
88:d3:36:c6:68:d8:23:fa:ca:c4:cb:3c:85:dc:6b:
ba:8f:82:ed:b7:18:1f:86:a7:7e:3c:e6:85:be:3a:
e1:eb:21:fd:82:c9:04:45:d0:c8:f0:af:4f:31:25:
da:fc:25:37:bd:1d:57:f7:b7:45:4f:22:a3:10:d3:
9b:58:ee:d3:28:97:97:99:00:cc:69:c4:65:0e:d4:
43:98:00:07:84:e7:6b:1f:84:77:62:90:73:69:60:
c7:3d:be:4b:01:52:de:f3:cb:60:13:02:2c:70:de:
1b:54:35:8a:23:02:10:d8:d0:6d:e3:da:40:b4:fe:
b0:bd:75:dd:31:83:e9:c0:b2:02:09:79:c2:1b:b0:
c6:6d:7a:6c:9a:2f:64:41:eb:9b:96:3a:eb:33:c2:
7e:aa:a3:c2:6d:11:35:3e:f6:d9:ad:76:7d:33:64:
1f:63:57:38:d8:d2:27:f9:6b:74:c6:99:72:9c:dc:
59:c3:9e:34:6c:30:ed:fd:a5:11:0a:66:99:2f:33:
f9:27:c8:14:fb:ee:4f:f4:d6:72:84:8b:36:31:69:
73:ae:97:84:8a:b4:11:ad:d8:95:34:a7:b7:d3:69:
c3:50:33:d7:24:cc:4c:5b:21:7e:72:b2:b0:37:60:
2e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.212.0/22
IPv6:
2a0c:c100::/29
Signature Algorithm: sha256WithRSAEncryption
0a:2e:62:68:c6:d9:30:9d:86:b6:28:d6:a5:26:21:ba:5f:75:
0a:cc:5f:c3:8a:6d:63:54:2d:76:f8:a7:13:e8:13:6c:ca:e7:
24:f3:92:de:8c:50:8a:b7:5f:06:57:b1:cd:9c:63:f6:9b:88:
61:19:c2:80:90:8c:0f:09:d6:56:b0:24:cb:11:f1:42:4f:8e:
fe:5d:d4:59:7c:9c:78:3c:7b:7f:69:02:61:94:59:bf:b7:91:
19:84:89:47:00:15:b2:13:99:a0:0f:87:6f:43:fe:54:bf:50:
4b:57:46:f6:4a:b7:89:67:87:f9:ee:92:33:09:ce:f6:3a:a0:
f7:10:d2:1f:08:e1:8e:e0:a4:ef:0d:b2:cd:5f:41:d7:2b:72:
b4:55:35:a6:07:bf:2e:a6:7d:7a:9d:1f:ca:89:df:42:9e:86:
4f:a5:ff:c4:a8:93:de:ce:a5:16:95:af:b0:84:36:db:1d:61:
53:ed:69:1f:0c:5b:7d:d3:71:74:36:ee:d1:c9:e7:d9:3e:50:
98:eb:e7:ba:f5:1d:f8:36:e2:2f:54:67:d2:1c:6b:24:00:19:
59:d9:a3:9f:25:17:fb:9e:6e:af:64:e4:33:1a:ee:0f:b6:73:
c7:0e:91:05:ab:56:d9:48:5b:c6:6c:f8:7f:96:44:d5:7c:a2:
bc:15:6c:bb
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzEk12rnMYJwX6G/xJ5ah4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzI3M2UxZTIxODQxY2UyYzMzNWZlMWM5NjFjZTc2ODAxN2VlZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVCUH1l/eQK6qP1F28KI0zbGaNgj
+srEyzyF3Gu6j4Lttxgfhqd+POaFvjrh6yH9gskERdDI8K9PMSXa/CU3vR1X97dF
TyKjENObWO7TKJeXmQDMacRlDtRDmAAHhOdrH4R3YpBzaWDHPb5LAVLe88tgEwIs
cN4bVDWKIwIQ2NBt49pAtP6wvXXdMYPpwLICCXnCG7DGbXpsmi9kQeubljrrM8J+
qqPCbRE1PvbZrXZ9M2QfY1c42NIn+Wt0xplynNxZw540bDDt/aURCmaZLzP5J8gU
++5P9NZyhIs2MWlzrpeEirQRrdiVNKe302nDUDPXJMxMWyF+crKwN2AucwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNwnPh4hhBziwzX+HJYc52gBfu4pMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YwL2I0YTcx
YS1lYjM3LTQ2OWEtOGJiNS0yNzg0MWY1MDc3MzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAvYjRhNzFh
LWViMzctNDY5YS04YmI1LTI3ODQxZjUwNzczNS8xLzNDYy1IaUdFSE9MRE5mNGNs
aHpuYUFGLTdpay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuejUMA0EAgACMAcDBQMqDMEAMA0GCSqGSIb3
DQEBCwUAA4IBAQAKLmJoxtkwnYa2KNalJiG6X3UKzF/Dim1jVC12+KcT6BNsyuck
85LejFCKt18GV7HNnGP2m4hhGcKAkIwPCdZWsCTLEfFCT47+XdRZfJx4PHt/aQJh
lFm/t5EZhIlHABWyE5mgD4dvQ/5Uv1BLV0b2SreJZ4f57pIzCc72OqD3ENIfCOGO
4KTvDbLNX0HXK3K0VTWmB78upn16nR/Kid9CnoZPpf/EqJPezqUWla+whDbbHWFT
7WkfDFt903F0Nu7RyefZPlCY6+e69R34NuIvVGfSHGskABlZ2aOfJRf7nm6vZOQz
Gu4PtnPHDpEFq1bZSFvGbPh/lkTVfKK8FWy7
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:55 2024 by rpki-client on console-fra.rpki-client.org