Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
File: 3g2da2l8ochlcMJWhi5oWLR5nIU.cer (raw, json)
Hash identifier: Ic020pS/V8dbeziQb7yPLtwHBw9BMKEZ+qu3Acu/tX8=
Subject key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC50025BECF673E8F623CA882B87CF519
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:29:30 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.34.168.0/21
IP: 95.142.112.0/20
IP: 159.242.224.0/20
IP: 185.28.24.0/22
IP: 185.54.140.0/22
IP: 185.54.228.0/22
IP: 194.99.28.0/22
IP: 2a0d:8ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:25:be:cf:67:3e:8f:62:3c:a8:82:b8:7c:f5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:98:20:82:a7:b6:ae:6a:53:f7:7a:bd:92:25:
9a:3d:03:37:10:36:27:a7:0e:a0:32:3b:b0:d6:5a:
ac:10:3f:40:ff:a0:67:ac:6b:e1:03:ea:bd:4d:a0:
40:9b:7e:a1:90:a6:43:94:eb:00:3c:5b:14:0b:c5:
26:01:4a:31:05:cc:d2:56:30:3c:47:64:0d:19:66:
89:d4:17:80:4a:28:8f:2b:e9:ab:b6:85:f1:e9:11:
c4:0c:6e:4f:a1:a1:8e:a9:54:79:f3:9a:8f:58:68:
f3:bf:03:bc:c2:cd:22:b1:aa:2b:49:67:e0:4a:c3:
26:4a:5b:eb:3d:91:8b:35:ff:76:48:72:f5:f1:1c:
1c:c6:63:9f:bd:22:ff:f8:fa:05:94:69:b7:76:e9:
e9:31:0e:a1:aa:73:1f:14:b7:45:a6:4b:12:87:4c:
61:22:bb:0f:09:41:a9:34:3f:1f:9e:56:45:48:a3:
22:1d:17:dc:90:34:59:6c:0e:24:c2:7f:ad:47:18:
95:65:dc:5e:d9:06:a2:6b:c7:15:6b:0c:52:27:cb:
f6:af:a0:93:09:84:b8:5b:fc:ce:49:e2:c0:0b:c4:
4a:2b:99:27:b2:6b:84:57:09:b0:c1:c2:4f:11:4c:
64:6f:a5:f4:f9:ff:50:f4:d5:cc:ee:88:49:d8:7f:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.168.0/21
95.142.112.0/20
159.242.224.0/20
185.28.24.0/22
185.54.140.0/22
185.54.228.0/22
194.99.28.0/22
IPv6:
2a0d:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:e2:c1:d8:27:3c:9d:21:ba:66:c4:9f:18:10:69:80:92:98:
b7:ba:0d:df:fb:e8:89:f2:59:89:fc:22:df:d1:d8:ea:8e:45:
bc:18:7b:5b:38:6c:bd:2e:e0:30:12:2a:91:15:5a:4b:41:d6:
28:e3:5b:12:b4:10:1a:57:b9:08:e8:22:7c:34:c7:45:16:08:
1f:da:bb:02:4a:57:56:20:dc:77:bd:0e:7f:59:e2:9c:91:a8:
ce:30:42:a9:58:48:97:30:7a:c1:07:3b:29:9d:a7:c7:34:ac:
23:3b:5e:e7:20:08:d7:f9:c0:c6:72:ef:68:6e:bc:72:4d:97:
fb:ef:ac:08:f3:29:5b:b9:89:a2:1b:7c:1e:6a:33:06:a2:49:
8c:89:39:9b:ed:77:53:b8:46:b2:8b:b2:15:24:14:4c:10:0e:
e8:fa:d4:ae:f0:d8:6f:8f:1e:2e:af:3d:0a:0a:37:83:8b:d0:
de:00:9a:20:9c:0d:36:52:a8:b5:0f:de:0f:ed:2b:f5:34:e4:
e1:af:2b:61:d7:a8:d4:8e:dc:aa:69:02:88:82:ab:2e:71:ff:
88:ed:26:8e:fa:d5:0b:3d:a5:08:74:cf:f9:c4:55:66:7d:75:
6c:89:b4:ac:c3:76:b8:07:47:53:77:1a:39:bc:56:95:dd:de:
7a:03:07:b4
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYzFACW+z2c+j2I8qIK4fPUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBkOWQ2YjY5N2NhMWM4NjU3MGMyNTY4NjJlNjg1OGI0Nzk5Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJgggqe2rmpT93q9kiWaPQM3EDYn
pw6gMjuw1lqsED9A/6BnrGvhA+q9TaBAm36hkKZDlOsAPFsUC8UmAUoxBczSVjA8
R2QNGWaJ1BeASiiPK+mrtoXx6RHEDG5PoaGOqVR585qPWGjzvwO8ws0isaorSWfg
SsMmSlvrPZGLNf92SHL18RwcxmOfvSL/+PoFlGm3dunpMQ6hqnMfFLdFpksSh0xh
IrsPCUGpND8fnlZFSKMiHRfckDRZbA4kwn+tRxiVZdxe2Qaia8cVawxSJ8v2r6CT
CYS4W/zOSeLAC8RKK5knsmuEVwmwwcJPEUxkb6X0+f9Q9NXM7ohJ2H/V4wIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFN4NnWtpfKHIZXDCVoYuaFi0eZyFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzLzY4ZGMz
Yy1kZjJlLTQ0NjEtYjdhNi0wMWNiZmMwZTk0ZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvNjhkYzNj
LWRmMmUtNDQ2MS1iN2E2LTAxY2JmYzBlOTRlNy8xLzNnMmRhMmw4b2NobGNNSldo
aTVvV0xSNW5JVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQDBSKoAwQEX45wAwQEn/LgAwQCuRwYAwQCuTaM
AwQCuTbkAwQCwmMcMA0EAgACMAcDBQMqDY7AMA0GCSqGSIb3DQEBCwUAA4IBAQBa
4sHYJzydIbpmxJ8YEGmAkpi3ug3f++iJ8lmJ/CLf0djqjkW8GHtbOGy9LuAwEiqR
FVpLQdYo41sStBAaV7kI6CJ8NMdFFggf2rsCSldWINx3vQ5/WeKckajOMEKpWEiX
MHrBBzspnafHNKwjO17nIAjX+cDGcu9obrxyTZf776wI8ylbuYmiG3weajMGokmM
iTmb7XdTuEayi7IVJBRMEA7o+tSu8Nhvjx4urz0KCjeDi9DeAJognA02Uqi1D94P
7Sv1NOThryth16jUjtyqaQKIgqsucf+I7SaO+tULPaUIdM/5xFVmfXVsibSsw3a4
B0dTdxo5vFaV3d56Awe0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:08 2024 by rpki-client on console-fra.rpki-client.org