Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer
File: 5CAqP8Go6Fyd_S1l0xmoDdH7kX0.cer (raw, json)
Hash identifier: tRtRuCVPKcA+iG8LuiW6p4E9ORIvN/lTqZXRIGPnmFs=
Subject key identifier: E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DFA28B705CCEFFD7248BAF97E3D06C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:32:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 208348
IP: 45.142.160.0/22
IP: 193.3.241.0/24
IP: 2a0e:f240::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a2:8b:70:5c:ce:ff:d7:24:8b:af:97:e3:d0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4202a3fc1a8e85c9dfd2d65d319a80dd1fb917d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d7:d5:25:96:41:39:69:eb:77:e5:e0:9f:c8:
c6:2a:86:5d:4f:c3:32:19:c6:fa:8d:48:ce:5b:8d:
0b:34:53:40:91:9a:29:63:5e:60:ad:ec:2e:2b:56:
38:48:1d:b7:02:0b:11:bd:7b:51:3f:e5:bb:d3:e7:
fe:85:56:2a:7f:1f:e8:2d:0c:13:76:66:ca:68:d6:
6d:18:2b:12:9d:6b:10:7e:ff:fc:15:df:fc:9b:1c:
38:a4:4c:3b:45:e7:b8:d8:96:eb:b3:75:80:c6:8d:
6d:23:47:66:43:1b:15:6c:c0:3b:ef:5c:7b:67:98:
da:3f:be:9f:5b:64:61:13:0c:c1:23:ae:0c:e8:57:
e3:39:bc:a3:60:88:b9:dd:61:ff:81:4a:d3:38:4c:
db:eb:17:b0:c7:f5:5f:13:e0:15:86:bd:62:17:58:
27:ed:05:ea:4d:fa:dc:24:00:a4:c3:79:4b:22:d8:
e3:27:10:06:c1:70:6c:9c:28:1a:49:5a:c2:bd:eb:
31:db:79:d7:40:2e:80:3d:78:e9:0b:bf:ec:e0:15:
e8:6b:8a:c2:92:c7:06:a9:6a:7f:59:2c:88:0a:c9:
36:f8:49:4c:cc:21:0f:dc:0b:1d:29:5b:7c:4e:61:
92:78:17:a9:be:af:8d:e2:ae:20:a8:cb:f1:17:32:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:20:2A:3F:C1:A8:E8:5C:9D:FD:2D:65:D3:19:A8:0D:D1:FB:91:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/0cf7b9-938f-4c17-8ec7-d18d1ea568f5/1/5CAqP8Go6Fyd_S1l0xmoDdH7kX0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.160.0/22
193.3.241.0/24
IPv6:
2a0e:f240::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208348
Signature Algorithm: sha256WithRSAEncryption
4b:35:6f:51:06:9b:d6:31:5c:a4:09:88:3a:6d:85:24:a0:63:
88:0b:0a:df:77:1a:f2:a1:c8:bb:e7:0b:d4:fc:9a:83:35:48:
d3:d3:e4:bd:12:76:f9:dc:ad:6c:f1:07:c6:4a:be:eb:23:01:
e8:03:0f:9b:f2:72:93:39:19:88:2a:2c:ca:4a:52:69:d8:0a:
5f:88:4c:82:d9:57:6c:cd:1c:54:5f:08:6c:41:00:04:d1:6d:
f8:68:31:7e:be:73:88:e2:3f:14:b5:fb:f9:2a:af:af:13:1b:
f2:17:1e:d7:bc:4d:7a:2e:bb:b3:b4:96:f0:33:ac:9b:2a:bb:
fa:67:eb:7e:11:d4:a2:75:11:a8:37:9e:8b:85:10:6e:97:ba:
26:7e:a1:7f:c1:66:18:b8:c0:6b:e9:f2:53:e4:bd:62:75:20:
2e:8d:7f:3c:d9:11:d3:87:14:50:24:cd:be:18:1d:42:a5:44:
98:43:c7:1b:e3:0f:1a:69:fd:58:ac:38:92:10:b5:47:ef:f6:
fe:9c:71:e6:22:f5:df:97:b8:c7:15:1e:27:e0:b6:21:75:39:
81:92:fe:e5:0c:cf:89:75:27:bb:01:0d:f3:1f:9a:1f:dd:eb:
76:bb:80:b8:23:ae:0d:dc:36:3f:e9:4d:e1:e7:ab:5e:ef:ca:
f6:36:47:4b
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzI36KLcFzO/9cki6+X49BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIwMmEzZmMxYThlODVjOWRmZDJkNjVkMzE5YTgwZGQxZmI5MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdfVJZZBOWnrd+Xgn8jGKoZdT8My
Gcb6jUjOW40LNFNAkZopY15grewuK1Y4SB23AgsRvXtRP+W70+f+hVYqfx/oLQwT
dmbKaNZtGCsSnWsQfv/8Fd/8mxw4pEw7Ree42Jbrs3WAxo1tI0dmQxsVbMA771x7
Z5jaP76fW2RhEwzBI64M6FfjObyjYIi53WH/gUrTOEzb6xewx/VfE+AVhr1iF1gn
7QXqTfrcJACkw3lLItjjJxAGwXBsnCgaSVrCvesx23nXQC6APXjpC7/s4BXoa4rC
kscGqWp/WSyICsk2+ElMzCEP3AsdKVt8TmGSeBepvq+N4q4gqMvxFzIBRwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFOQgKj/BqOhcnf0tZdMZqA3R+5F9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg4LzBjZjdi
OS05MzhmLTRjMTctOGVjNy1kMThkMWVhNTY4ZjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvMGNmN2I5
LTkzOGYtNGMxNy04ZWM3LWQxOGQxZWE1NjhmNS8xLzVDQXFQOEdvNkZ5ZF9TMWww
eG1vRGRIN2tYMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCLY6gAwQAwQPxMA0EAgACMAcDBQMqDvJAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMt3DANBgkqhkiG9w0BAQsFAAOCAQEASzVv
UQab1jFcpAmIOm2FJKBjiAsK33ca8qHIu+cL1PyagzVI09PkvRJ2+dytbPEHxkq+
6yMB6AMPm/JykzkZiCosykpSadgKX4hMgtlXbM0cVF8IbEEABNFt+Ggxfr5ziOI/
FLX7+SqvrxMb8hce17xNei67s7SW8DOsmyq7+mfrfhHUonURqDeei4UQbpe6Jn6h
f8FmGLjAa+nyU+S9YnUgLo1/PNkR04cUUCTNvhgdQqVEmEPHG+MPGmn9WKw4khC1
R+/2/pxx5iL135e4xxUeJ+C2IXU5gZL+5QzPiXUnuwEN8x+aH93rdruAuCOuDdw2
P+lN4eerXu/K9jZHSw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:37 2024 by rpki-client on console-fra.rpki-client.org