Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
File: 3XGhKciwiZWUIZnqbRsigmU1DQs.cer (raw, json)
Hash identifier: Xh4+F390AvtNmoXPPkZORJEAeslHxIFFp4oKz8qDptI=
Subject key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B6F9C051F6FDA9CA697DC87DF72A78
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:29:57 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200127
IP: 185.36.236.0/22
IP: 185.76.244.0/22
IP: 2a04:6700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 23:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f9:c0:51:f6:fd:a9:ca:69:7d:c8:7d:f7:2a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd71a129c8b08995942199ea6d1b228265350d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:3a:ba:be:57:88:02:e2:0a:54:61:d5:24:
03:be:e3:80:c3:30:e4:f3:40:9e:42:4e:d3:64:dd:
4d:98:6c:78:fd:b1:20:ce:fc:20:b1:c1:77:cb:0b:
21:2b:59:dd:c8:12:18:1b:98:e5:57:1c:74:2a:99:
3d:fa:44:80:9b:b2:03:fc:4b:78:34:e3:e0:29:9a:
d9:56:6e:ac:59:a2:01:5e:60:ed:56:d0:85:ea:6a:
c2:83:87:a8:33:d1:f8:d8:da:3d:a7:2c:e6:5e:26:
b1:38:4f:0a:db:ca:6b:a9:fb:f1:49:6d:89:93:ba:
4c:a1:92:20:67:29:a6:5a:58:fc:c7:c5:9f:c4:90:
d3:96:9e:e8:99:21:62:4e:1c:4b:b9:f5:f9:e8:39:
bd:d5:9e:b2:9b:a4:d3:75:a3:ca:00:43:2f:35:d4:
93:b5:93:a3:11:39:8e:bc:e9:37:78:d4:54:ee:86:
ff:fa:55:4a:87:08:8c:05:7e:a7:5f:4b:e0:dc:e4:
f0:db:a4:8e:63:df:ba:3b:fc:97:f8:2b:b9:06:e8:
4e:c6:ed:38:ec:22:16:18:f4:f8:95:29:43:3b:bf:
4e:ef:1a:e4:2a:dd:d9:54:ba:db:49:e5:a6:e3:e0:
31:17:e5:f2:5e:fa:ee:84:ab:bf:67:7a:45:27:ad:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.236.0/22
185.76.244.0/22
IPv6:
2a04:6700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200127
Signature Algorithm: sha256WithRSAEncryption
6e:b8:44:82:56:04:2e:e5:6e:ff:70:a8:40:78:fd:a9:d5:b4:
9a:9e:f8:f1:df:25:1b:4d:55:e8:45:f9:21:5d:33:4f:8c:61:
bd:b6:7d:2a:19:e2:38:c4:4a:8b:16:43:1c:b1:10:85:91:18:
5f:a4:6d:18:ed:78:e4:95:0d:ea:8e:4f:da:38:b3:4f:80:a5:
9e:7c:e7:6a:2b:d5:68:46:d2:55:63:04:e2:e4:69:df:2b:38:
9b:b9:16:e1:ca:86:16:b5:26:5d:84:d7:bc:76:2f:1e:fe:cb:
a1:87:ec:90:e9:59:be:61:6f:f6:a9:d8:52:a7:c6:04:ae:12:
6d:0f:9d:06:68:c8:6e:36:54:75:0c:18:aa:33:e2:9f:9e:5e:
b6:ee:d0:a0:bc:89:3d:8b:3f:ea:64:bf:9a:fc:4d:ee:ff:5e:
9f:21:01:3b:86:9c:c3:e1:3b:36:23:6e:2a:21:a4:e8:b9:de:
47:c5:ed:2f:67:ad:62:35:be:e6:8d:94:2b:3a:c9:08:92:6b:
41:40:fa:e7:97:f4:35:94:bd:ff:c3:30:ec:8a:56:96:cc:fa:
67:e8:6c:04:f0:10:37:ff:f7:4b:80:ad:65:20:48:8c:ed:2a:
cf:0d:3e:b5:3b:59:3a:d4:fc:92:d5:ca:e3:19:98:2c:c9:33:
55:98:13:34
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDtvnAUfb9qcppfch99yp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcxYTEyOWM4YjA4OTk1OTQyMTk5ZWE2ZDFiMjI4MjY1MzUwZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwc6ur5XiALiClRh1SQDvuOAwzDk
80CeQk7TZN1NmGx4/bEgzvwgscF3ywshK1ndyBIYG5jlVxx0Kpk9+kSAm7ID/Et4
NOPgKZrZVm6sWaIBXmDtVtCF6mrCg4eoM9H42No9pyzmXiaxOE8K28prqfvxSW2J
k7pMoZIgZymmWlj8x8WfxJDTlp7omSFiThxLufX56Dm91Z6ym6TTdaPKAEMvNdST
tZOjETmOvOk3eNRU7ob/+lVKhwiMBX6nX0vg3OTw26SOY9+6O/yX+Cu5BuhOxu04
7CIWGPT4lSlDO79O7xrkKt3ZVLrbSeWm4+AxF+XyXvruhKu/Z3pFJ63rjwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2I0OTli
Ni0wMWY0LTQ0MmMtYmU3Ni1jMGQ4Yzg2Njg5M2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYjQ5OWI2
LTAxZjQtNDQyYy1iZTc2LWMwZDhjODY2ODkzZi8xLzNYR2hLY2l3aVpXVUlabnFi
UnNpZ21VMURRcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuSTsAwQCuUz0MA0EAgACMAcDBQMqBGcAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMNvzANBgkqhkiG9w0BAQsFAAOCAQEAbrhE
glYELuVu/3CoQHj9qdW0mp748d8lG01V6EX5IV0zT4xhvbZ9KhniOMRKixZDHLEQ
hZEYX6RtGO145JUN6o5P2jizT4ClnnznaivVaEbSVWME4uRp3ys4m7kW4cqGFrUm
XYTXvHYvHv7LoYfskOlZvmFv9qnYUqfGBK4SbQ+dBmjIbjZUdQwYqjPin55etu7Q
oLyJPYs/6mS/mvxN7v9enyEBO4acw+E7NiNuKiGk6LneR8XtL2etYjW+5o2UKzrJ
CJJrQUD655f0NZS9/8Mw7IpWlsz6Z+hsBPAQN//3S4CtZSBIjO0qzw0+tTtZOtT8
ktXK4xmYLMkzVZgTNA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 04:05:25 2024 by rpki-client on console-fra.rpki-client.org