Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4OkqeIpBBX0ndk8W87HSo-9jRdY.cer
File: 4OkqeIpBBX0ndk8W87HSo-9jRdY.cer (raw, json)
Hash identifier: c+Wn9iPL9rd4+xSw5pPikhvondQoIjFTqvOtyeagr64=
Subject key identifier: E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC94CEA3D52621B2676AF61312C12D27D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 08:31:50 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35157
IP: 85.119.136.0/21
IP: 185.59.236.0/22
IP: 2a01:8d80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ea:3d:52:62:1b:26:76:af:61:31:2c:12:d2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0e92a788a41057d27764f16f3b1d2a3ef6345d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:d4:a6:08:ae:b5:de:09:9a:eb:de:c6:60:
87:27:b4:40:30:e6:f9:06:fa:68:ae:4b:a5:1c:e0:
ae:9a:50:a3:96:f3:cb:c1:c5:fc:5f:2f:1f:53:17:
7b:20:ee:c2:96:5d:01:b7:ab:cf:3a:b9:2c:da:21:
ad:94:b0:2b:7f:a4:1a:59:eb:ce:ce:7f:23:a0:bc:
89:4e:18:ca:a7:4e:64:37:d2:f3:28:17:c0:5b:5c:
5b:fa:fb:97:5e:10:35:22:22:c9:22:c3:c4:03:3c:
37:15:2b:e9:ac:77:2b:20:e0:4c:0b:87:37:6b:dc:
38:b5:34:ef:1b:71:ae:8d:ee:3b:d9:bc:92:22:cc:
2b:8d:0c:46:37:57:83:2a:b3:72:60:fb:43:08:6d:
8d:8d:48:63:7c:8d:9a:67:a9:c8:c4:b5:f0:7a:3b:
50:71:3d:06:de:a7:9d:b5:e7:2c:f6:57:52:0a:4d:
54:59:3c:b0:a2:90:ff:46:43:21:7d:19:41:ef:92:
bc:49:61:e6:00:f4:2d:98:57:67:b7:2d:37:b6:79:
83:5e:85:ae:21:26:fc:eb:a0:af:a4:d5:aa:d5:e1:
b6:1d:a6:02:4e:23:8f:e1:6e:a4:9b:1f:54:ce:dc:
32:a2:da:5b:7f:ad:21:08:b9:64:61:b5:54:54:f2:
27:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.136.0/21
185.59.236.0/22
IPv6:
2a01:8d80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35157
Signature Algorithm: sha256WithRSAEncryption
67:b7:80:da:d7:0d:86:c6:3d:82:85:a5:73:f2:f4:07:44:01:
3a:96:3d:20:5a:5f:68:8f:06:ab:33:c0:81:c9:be:00:49:92:
69:39:20:5b:a5:d4:a6:5f:ee:48:71:c9:32:f4:fa:2b:0c:4a:
80:4f:b2:1e:fa:fc:c7:e7:fa:ae:c8:76:98:d6:6b:1a:6e:b2:
5b:d2:b1:79:13:a0:f6:00:f8:46:2c:bb:b4:fb:c9:80:eb:0a:
a5:8e:0a:70:c6:f9:aa:a9:f5:3a:fb:4f:d8:e4:7e:e0:e0:75:
16:6b:ce:86:4a:e2:f6:ee:9a:87:7f:6d:b2:24:e9:73:ad:a1:
71:69:96:ad:91:21:8a:12:1d:33:39:4c:28:fa:5a:b9:0f:09:
30:b3:cd:7d:e6:5d:62:2d:49:cd:67:6f:0e:48:fc:de:1d:ca:
e7:1d:b1:f3:f6:da:93:09:10:52:1c:a0:d9:4d:ef:35:25:4b:
65:66:c0:a7:d5:4f:90:e8:40:9e:e9:98:c5:a5:d8:a7:ff:e0:
a6:b0:c3:4b:3f:4c:83:8d:9a:6d:20:10:3c:54:1c:57:98:f1:
e6:4e:ba:9b:26:f0:e7:ea:93:0f:85:72:ba:2a:2e:53:7e:23:
22:1f:73:5c:e1:be:ce:ee:aa:aa:43:7c:29:5b:b3:1a:59:ed:
80:8d:5a:77
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzJTOo9UmIbJnavYTEsEtJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU5MmE3ODhhNDEwNTdkMjc3NjRmMTZmM2IxZDJhM2VmNjM0NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/Upgiutd4JmuvexmCHJ7RAMOb5
BvporkulHOCumlCjlvPLwcX8Xy8fUxd7IO7Cll0Bt6vPOrks2iGtlLArf6QaWevO
zn8joLyJThjKp05kN9LzKBfAW1xb+vuXXhA1IiLJIsPEAzw3FSvprHcrIOBMC4c3
a9w4tTTvG3Guje472bySIswrjQxGN1eDKrNyYPtDCG2NjUhjfI2aZ6nIxLXwejtQ
cT0G3qedtecs9ldSCk1UWTywopD/RkMhfRlB75K8SWHmAPQtmFdnty03tnmDXoWu
ISb866CvpNWq1eG2HaYCTiOP4W6kmx9Uztwyotpbf60hCLlkYbVUVPInHQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFODpKniKQQV9J3ZPFvOx0qPvY0XWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwL2Q0NjQ4
Ny00M2ZmLTQ1ZWUtODIyOC1iYTU5ZmIyYzQ2MTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvZDQ2NDg3
LTQzZmYtNDVlZS04MjI4LWJhNTlmYjJjNDYxMC8xLzRPa3FlSXBCQlgwbmRrOFc4
N0hTby05alJkWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDVXeIAwQCuTvsMA0EAgACMAcDBQAqAY2AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJVTANBgkqhkiG9w0BAQsFAAOCAQEAZ7eA
2tcNhsY9goWlc/L0B0QBOpY9IFpfaI8GqzPAgcm+AEmSaTkgW6XUpl/uSHHJMvT6
KwxKgE+yHvr8x+f6rsh2mNZrGm6yW9KxeROg9gD4Riy7tPvJgOsKpY4KcMb5qqn1
OvtP2OR+4OB1FmvOhkri9u6ah39tsiTpc62hcWmWrZEhihIdMzlMKPpauQ8JMLPN
feZdYi1JzWdvDkj83h3K5x2x8/bakwkQUhyg2U3vNSVLZWbAp9VPkOhAnumYxaXY
p//gprDDSz9Mg42abSAQPFQcV5jx5k66mybw5+qTD4VyuiouU34jIh9zXOG+zu6q
qkN8KVuzGlntgI1adw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:35:31 2024 by rpki-client on console-ams.rpki-client.org