Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
File: 3QtmPEXXvCck0WhIUIdYHhREj7Y.cer (raw, json)
Hash identifier: MqUXIhHoWEG52zXzyPkPPNUnpwPnpUMBPBXePtKUxd8=
Subject key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801AEE9A53E1409AEC1CCC619D7FB19
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 37.209.248.0/21
IP: 82.112.160.0/21
IP: 185.124.212.0/22
IP: 193.227.160.0/19
IP: 213.175.160.0/19
IP: 2a06:b540::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ae:e9:a5:3e:14:09:ae:c1:cc:c6:19:d7:fb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:7e:3a:4c:91:86:0d:c1:ba:d1:ce:0f:8f:
57:ab:df:ea:ba:37:63:4b:ba:81:b4:21:97:19:c9:
31:fd:17:2e:c1:94:36:86:c0:b3:7a:87:d8:53:95:
22:23:db:85:9a:06:c3:1d:d3:de:f4:62:c9:8b:f6:
79:91:99:be:a8:a5:10:8d:d8:97:f6:f9:fd:79:d7:
66:35:d6:eb:be:4d:44:db:6e:99:5b:a6:44:12:1d:
0e:56:ac:40:1f:fe:79:43:77:8c:87:0e:e9:15:35:
e9:8d:db:c0:a6:db:4f:19:dd:ee:19:0c:a0:7c:c9:
9d:42:e2:76:28:58:54:61:6e:96:e7:68:00:cb:37:
d9:30:31:a1:d0:fa:15:7d:7b:fd:81:20:cb:08:55:
6b:90:30:2d:61:ba:f9:ab:94:6d:82:d7:6c:cb:fb:
e9:ba:a0:35:1e:dc:2e:95:7d:0d:e5:aa:1f:18:1f:
12:12:aa:e1:8a:51:30:34:6a:c7:47:6a:91:7c:0f:
c0:9e:bb:04:6f:03:81:e0:6a:18:30:20:a2:dd:40:
3f:d3:e2:41:83:4b:aa:9c:96:ad:d2:2e:77:17:44:
c4:3e:b6:cf:f6:f4:7a:4b:79:34:31:67:01:b7:5b:
5d:11:74:76:79:78:aa:af:5d:6f:12:f8:f0:01:5d:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
9d:db:8d:42:56:e6:7a:31:d3:5a:9c:20:1b:b6:1a:4d:80:fd:
b0:c1:84:31:6b:88:22:84:97:73:b5:4d:0d:0f:cb:82:4d:a1:
51:bd:60:86:2a:d0:62:35:b5:68:33:5d:b9:8c:9e:e7:51:c8:
33:5f:c4:03:5f:07:c8:90:77:7c:c0:97:df:8c:db:81:fb:9c:
12:d8:8c:e7:c4:19:6e:a2:be:80:c8:5c:6e:b6:a7:c1:87:9e:
99:6a:15:ec:fd:c4:8c:2c:1e:55:d6:b4:86:d4:73:05:3c:3c:
40:6e:eb:27:25:43:14:46:4c:bf:1f:ba:2a:ba:58:6a:e6:53:
f2:82:a2:80:4f:f3:b8:cc:71:9d:e2:9c:43:51:27:0f:06:8e:
53:5d:8b:45:a9:70:37:49:ad:c6:e3:3a:f7:27:cf:80:49:e9:
24:f2:98:c7:30:25:b3:a4:13:a2:59:0d:f7:c2:ea:18:8f:ca:
81:7a:d8:19:7d:68:f9:26:ce:1c:e5:61:84:54:d2:1f:cf:57:
ac:44:56:59:39:b7:a5:9a:89:4c:ba:66:2c:cf:35:b2:31:4c:
8c:c2:e4:2a:c4:8d:78:e1:66:e2:44:13:d5:8d:05:1e:c9:f9:
9e:ad:66:01:c1:4a:1b:1a:04:74:ea:e2:a9:71:90:12:f7:68:
e6:3a:f1:a0
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzIAa7ppT4UCa7BzMYZ1/sZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBiNjYzYzQ1ZDdiYzI3MjRkMTY4NDg1MDg3NTgxZTE0NDQ4ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhF+OkyRhg3ButHOD49Xq9/qujdj
S7qBtCGXGckx/RcuwZQ2hsCzeofYU5UiI9uFmgbDHdPe9GLJi/Z5kZm+qKUQjdiX
9vn9eddmNdbrvk1E226ZW6ZEEh0OVqxAH/55Q3eMhw7pFTXpjdvApttPGd3uGQyg
fMmdQuJ2KFhUYW6W52gAyzfZMDGh0PoVfXv9gSDLCFVrkDAtYbr5q5Rtgtdsy/vp
uqA1HtwulX0N5aofGB8SEqrhilEwNGrHR2qRfA/AnrsEbwOB4GoYMCCi3UA/0+JB
g0uqnJat0i53F0TEPrbP9vR6S3k0MWcBt1tdEXR2eXiqr11vEvjwAV1YXQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFN0LZjxF17wnJNFoSFCHWB4URI+2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4L2VkYzIz
OC00YzBhLTQ2ZWQtYmMyNC0zYjllM2M4YTJmY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZWRjMjM4
LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8xLzNRdG1QRVhYdkNjazBXaElV
SWRZSGhSRWo3WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQDUnCgAwQCuXzUAwQFweOgAwQF1a+g
MA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEBCwUAA4IBAQCd241CVuZ6MdNanCAb
thpNgP2wwYQxa4gihJdztU0ND8uCTaFRvWCGKtBiNbVoM125jJ7nUcgzX8QDXwfI
kHd8wJffjNuB+5wS2IznxBluor6AyFxutqfBh56ZahXs/cSMLB5V1rSG1HMFPDxA
busnJUMURky/H7oqulhq5lPygqKAT/O4zHGd4pxDUScPBo5TXYtFqXA3Sa3G4zr3
J8+ASekk8pjHMCWzpBOiWQ33wuoYj8qBetgZfWj5Js4c5WGEVNIfz1esRFZZObel
molMumYszzWyMUyMwuQqxI144WbiRBPVjQUeyfmerWYBwUobGgR06uKpcZAS92jm
OvGg
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:58:41 2024 by rpki-client on console-fra.rpki-client.org