Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
File: 7gZE9wYh3Uokp4tntGApSFc3WMA.cer (raw, json)
Hash identifier: Ak2wm/vTOw5QJzOl/ZV50/b5pqTQLIPUgNMnBCkH4VM=
Subject key identifier: EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BC050259854E0770D63C0A54EE03C3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:33:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 50749
IP: 185.134.96.0/22
IP: 185.202.56.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:05:02:59:85:4e:07:70:d6:3c:0a:54:ee:03:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee0644f70621dd4a24a78b67b4602948573758c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:93:32:06:40:84:6e:f8:d2:a4:1a:6b:d3:
b8:38:30:fa:15:e2:d6:44:0d:1b:4f:66:72:b5:dd:
c9:a9:51:88:ef:e5:23:c4:39:94:9e:87:2c:e0:35:
69:0a:fd:76:c5:7f:c9:0d:a8:7a:fa:77:67:63:91:
9c:c2:15:3c:46:08:2e:61:c7:57:01:78:8b:05:97:
07:91:1e:a2:7d:40:14:19:84:fc:d4:2b:8e:7c:cd:
fc:d5:3e:51:f7:f1:71:d9:27:98:6d:bd:5a:12:52:
de:bd:57:50:85:a9:ce:75:eb:f5:5a:be:11:e4:95:
e2:1a:63:3f:16:aa:f2:f4:28:95:4e:dd:40:e4:b0:
81:a7:43:48:68:47:52:12:cd:35:4d:7c:c1:aa:0a:
cf:71:87:ea:65:25:34:c4:b7:6f:57:67:f6:08:83:
30:df:88:55:bc:9e:10:bc:c3:0a:03:15:9b:f2:fc:
73:e4:f7:dc:dc:f7:09:12:b3:48:7a:8a:44:91:d8:
df:05:b8:68:0b:9b:85:61:07:9b:2a:2b:f2:cd:9b:
53:6b:1b:25:d4:6b:d0:70:2f:dd:4d:31:22:3b:5e:
bc:ca:56:1f:08:f7:69:6e:7a:dc:86:47:fb:e7:f1:
ad:6f:0a:b2:97:43:53:6a:e7:8d:77:99:07:1f:4d:
32:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.96.0/22
185.202.56.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
50749
Signature Algorithm: sha256WithRSAEncryption
a0:8d:51:9d:06:2a:4d:79:4c:92:90:47:fd:9c:5a:6d:e7:5a:
79:ca:cf:0d:13:62:3b:e9:50:65:01:4b:57:5c:74:9e:12:e3:
72:72:69:77:ab:b3:ad:30:6b:fc:11:ea:9d:66:00:5d:54:1e:
eb:0f:ee:8f:29:63:50:95:f3:97:15:48:41:e7:e0:82:d6:73:
ef:31:2a:9a:0b:16:bf:e2:05:31:0b:ee:96:4e:e4:88:a5:88:
b7:58:c0:65:ca:f5:71:49:f4:9f:ae:86:68:a0:62:d3:8f:8d:
f7:fc:e0:97:07:5a:92:3f:7f:ce:7e:f3:04:1d:22:76:0b:64:
43:4c:97:63:15:a2:e9:fe:55:db:13:7a:d9:d7:ef:85:35:14:
56:cd:50:65:55:41:8d:90:dc:94:88:47:75:da:40:dc:bb:23:
67:43:ac:58:af:05:f6:ef:b5:63:79:67:8a:f0:62:01:36:fa:
2c:6d:e4:ec:9a:9a:e3:ec:ef:df:75:b6:53:f0:09:11:8a:04:
d9:03:b8:28:c5:34:14:45:27:59:40:b0:27:97:ce:74:69:44:
a8:02:80:2f:b9:11:83:59:c2:1b:4d:59:0a:52:f7:b6:c3:72:
d4:ae:81:3d:9a:e0:b2:bf:fa:04:0d:be:a6:4a:52:8f:85:fb:
0d:a9:71:e5
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzJvAUCWYVOB3DWPApU7gPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTA2NDRmNzA2MjFkZDRhMjRhNzhiNjdiNDYwMjk0ODU3Mzc1OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8iTMgZAhG740qQaa9O4ODD6FeLW
RA0bT2Zytd3JqVGI7+UjxDmUnocs4DVpCv12xX/JDah6+ndnY5GcwhU8RgguYcdX
AXiLBZcHkR6ifUAUGYT81CuOfM381T5R9/Fx2SeYbb1aElLevVdQhanOdev1Wr4R
5JXiGmM/Fqry9CiVTt1A5LCBp0NIaEdSEs01TXzBqgrPcYfqZSU0xLdvV2f2CIMw
34hVvJ4QvMMKAxWb8vxz5Pfc3PcJErNIeopEkdjfBbhoC5uFYQebKivyzZtTaxsl
1GvQcC/dTTEiO168ylYfCPdpbnrchkf75/Gtbwqyl0NTaueNd5kHH00y/wIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFO4GRPcGId1KJKeLZ7RgKUhXN1jAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NkLzAyZGFj
My0zOWViLTQ2OWMtYWNjOS0wMGNkNWVjMDBkMTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2QvMDJkYWMz
LTM5ZWItNDY5Yy1hY2M5LTAwY2Q1ZWMwMGQxMS8xLzdnWkU5d1loM1Vva3A0dG50
R0FwU0ZjM1dNQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQCuYZgAwQCuco4MBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDGPTANBgkqhkiG9w0BAQsFAAOCAQEAoI1RnQYqTXlMkpBH/Zxabeda
ecrPDRNiO+lQZQFLV1x0nhLjcnJpd6uzrTBr/BHqnWYAXVQe6w/ujyljUJXzlxVI
QefggtZz7zEqmgsWv+IFMQvulk7kiKWIt1jAZcr1cUn0n66GaKBi04+N9/zglwda
kj9/zn7zBB0idgtkQ0yXYxWi6f5V2xN62dfvhTUUVs1QZVVBjZDclIhHddpA3Lsj
Z0OsWK8F9u+1Y3lnivBiATb6LG3k7Jqa4+zv33W2U/AJEYoE2QO4KMU0FEUnWUCw
J5fOdGlEqAKAL7kRg1nCG01ZClL3tsNy1K6BPZrgsr/6BA2+pkpSj4X7Dalx5Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:28 2024 by rpki-client on console-ams.rpki-client.org