Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer
File: 3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.cer (raw, json)
Hash identifier: TMppa4v20BbOGvcSzK7ad+pA2RIVAz+BTRwUoLwzozY=
Subject key identifier: DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DCEE00B59A47F5B25B669BD2B1D8EE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:30:39 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204661
IP: 185.172.224.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ee:00:b5:9a:47:f5:b2:5b:66:9b:d2:b1:d8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc6917645d9d220435f91c7e46c8110cf89acbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4a:66:90:5d:a7:e0:7f:80:c1:c0:c7:23:af:
c4:5b:12:39:05:38:bb:e8:b8:29:29:b5:4b:5f:8f:
2a:59:bd:38:52:26:4c:19:12:d9:8c:c9:d2:84:0a:
96:60:6a:e3:51:b9:2b:a3:5b:ac:92:2a:78:89:b1:
1f:0e:16:6c:37:cd:91:a9:88:82:6e:46:d2:1f:92:
a6:71:f4:16:cd:21:51:e5:78:7a:25:a0:09:24:af:
a6:3c:b5:8b:86:2b:90:2c:f8:ed:e0:2f:ca:a1:99:
9a:72:f4:68:2d:b7:f5:4d:7d:d8:ec:7e:3d:e1:2f:
c3:2d:16:00:2a:20:d4:d6:7d:75:e3:ce:45:78:b9:
ae:0b:ac:96:ae:b7:50:23:1b:82:54:28:26:0e:f3:
85:5d:b3:41:a4:47:90:43:07:c4:dd:08:f4:da:bb:
7b:90:48:49:1a:c3:92:4d:d8:b7:ea:fe:3f:16:a1:
0a:24:ef:e1:0b:07:83:08:a8:ba:cd:06:39:1c:ad:
e9:aa:c3:83:fa:05:a6:a3:a7:0d:1f:28:f5:35:f5:
d4:1d:cb:bd:d7:05:20:08:62:c8:5a:03:a0:69:f6:
1e:a8:b6:4a:23:a1:06:6b:fc:d5:0c:af:54:98:f6:
0d:74:b5:83:4d:30:db:34:78:c2:d8:26:e1:b1:d0:
31:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:69:17:64:5D:9D:22:04:35:F9:1C:7E:46:C8:11:0C:F8:9A:CB:E4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/3544a7-d556-4701-957a-428be9008fba/1/3GkXZF2dIgQ1-Rx-RsgRDPiay-Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.224.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204661
Signature Algorithm: sha256WithRSAEncryption
26:ab:b3:70:c7:4a:9e:39:e5:47:2b:55:df:33:8d:bd:4d:3e:
1d:31:c2:73:3a:fc:44:4c:09:2b:f6:79:f0:d6:1c:5c:bc:1b:
ab:43:66:09:84:8c:73:1c:31:fe:74:4a:98:95:1b:d6:c3:ae:
81:1f:b0:56:89:10:6d:84:f5:34:0f:62:81:90:5f:5e:93:14:
06:ba:1e:e5:e6:8f:15:87:d7:4b:2d:cc:89:66:cd:3c:b1:c4:
4c:f0:ed:6d:fc:66:57:c6:a2:78:4c:15:77:ba:fb:ef:c8:7d:
fd:43:ec:b1:65:da:9b:64:28:c5:54:b2:9f:9d:99:e3:81:7a:
01:32:ab:d0:7e:47:00:73:55:33:86:db:a9:3a:85:0b:ca:86:
b2:12:0c:08:64:7b:58:b3:e5:c7:eb:1e:20:77:33:9a:8e:d6:
ae:2b:31:e3:56:19:2b:8c:24:eb:de:d5:9d:12:6c:62:e7:f9:
49:30:ab:16:01:7d:51:ba:37:f5:cf:58:aa:46:d6:33:1d:68:
5b:08:58:05:e8:4c:87:d2:37:70:9b:14:30:70:c8:3a:00:58:
2f:aa:f4:1f:c1:6b:b9:21:0e:67:1e:fa:77:71:72:65:67:e8:
e5:90:83:1f:87:45:a8:f7:01:85:41:7e:fc:bc:11:d6:9a:12:
88:8b:8c:d1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzF3O4AtZpH9bJbZpvSsdjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY5MTc2NDVkOWQyMjA0MzVmOTFjN2U0NmM4MTEwY2Y4OWFjYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0pmkF2n4H+AwcDHI6/EWxI5BTi7
6LgpKbVLX48qWb04UiZMGRLZjMnShAqWYGrjUbkro1uskip4ibEfDhZsN82RqYiC
bkbSH5KmcfQWzSFR5Xh6JaAJJK+mPLWLhiuQLPjt4C/KoZmacvRoLbf1TX3Y7H49
4S/DLRYAKiDU1n11485FeLmuC6yWrrdQIxuCVCgmDvOFXbNBpEeQQwfE3Qj02rt7
kEhJGsOSTdi36v4/FqEKJO/hCweDCKi6zQY5HK3pqsOD+gWmo6cNHyj1NfXUHcu9
1wUgCGLIWgOgafYeqLZKI6EGa/zVDK9UmPYNdLWDTTDbNHjC2CbhsdAxvwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNxpF2RdnSIENfkcfkbIEQz4msvkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY1LzM1NDRh
Ny1kNTU2LTQ3MDEtOTU3YS00MjhiZTkwMDhmYmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUvMzU0NGE3
LWQ1NTYtNDcwMS05NTdhLTQyOGJlOTAwOGZiYS8xLzNHa1haRjJkSWdRMS1SeC1S
c2dSRFBpYXktUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuazgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMfdTANBgkqhkiG9w0BAQsFAAOCAQEAJquzcMdKnjnlRytV3zONvU0+HTHCczr8
REwJK/Z58NYcXLwbq0NmCYSMcxwx/nRKmJUb1sOugR+wVokQbYT1NA9igZBfXpMU
Broe5eaPFYfXSy3MiWbNPLHETPDtbfxmV8aieEwVd7r778h9/UPssWXam2QoxVSy
n52Z44F6ATKr0H5HAHNVM4bbqTqFC8qGshIMCGR7WLPlx+seIHczmo7Wrisx41YZ
K4wk697VnRJsYuf5STCrFgF9Ubo39c9YqkbWMx1oWwhYBehMh9I3cJsUMHDIOgBY
L6r0H8FruSEOZx76d3FyZWfo5ZCDH4dFqPcBhUF+/LwR1poSiIuM0Q==
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:17:48 2024 by rpki-client on console-ams.rpki-client.org