Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8WsoQW3b85-ySwmWaGrPrOdsmNU.cer
File: 8WsoQW3b85-ySwmWaGrPrOdsmNU.cer (raw, json)
Hash identifier: 76CQ7MoaSqBzaByN2KbTRrvB30h4TkgIx4rmYdGOBDw=
Subject key identifier: F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC801BCE050C432234FAA8168ADC18FB5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:30:06 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 85.119.104.0/21
IP: 185.85.112.0/22
IP: 2a01:9780::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:bc:e0:50:c4:32:23:4f:aa:81:68:ad:c1:8f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f16b28416ddbf39fb24b0996686acface76c98d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:59:69:55:1d:8e:6d:9d:88:b2:f1:84:31:d6:
d4:18:93:70:1b:27:82:f8:ff:91:96:99:3d:33:78:
2d:c7:ec:dc:ff:6d:9a:c4:0d:78:6a:97:a5:a2:17:
35:15:01:3f:c3:0d:ff:51:29:4d:a8:af:c6:31:87:
f2:84:d7:fe:bb:2b:8b:e7:0c:b5:20:bc:e7:45:57:
ab:97:15:07:a5:69:dd:52:f3:f0:ab:01:66:64:83:
b6:cd:26:a3:2a:c5:55:af:74:f7:9f:47:f9:e3:50:
56:6f:3c:ef:b5:ad:54:8d:51:82:4b:8b:c2:5f:9b:
30:0c:46:9d:04:23:b9:d2:24:8c:ec:b0:d5:03:24:
b7:a0:f8:f6:f3:c7:71:f4:a1:92:85:2e:78:7d:12:
da:d6:b7:41:91:fd:c2:75:6f:66:47:8f:cb:4a:38:
a5:89:8f:27:92:fc:52:d4:3c:8f:74:81:cb:8a:5d:
cb:4a:da:08:74:d9:d2:dc:68:db:0b:07:85:d6:92:
69:1e:62:bc:5a:e1:fa:e2:ad:b5:19:1a:11:ca:c2:
70:0f:03:af:8c:59:e5:43:6d:4c:32:d0:91:80:85:
fc:f2:37:5f:42:9c:72:b8:f3:ad:90:24:35:00:96:
5b:ce:c9:f0:04:9d:ae:cc:01:0e:95:6f:c3:3f:51:
05:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6B:28:41:6D:DB:F3:9F:B2:4B:09:96:68:6A:CF:AC:E7:6C:98:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b165ca-2f33-4e8e-a896-cdaa581518f3/1/8WsoQW3b85-ySwmWaGrPrOdsmNU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.104.0/21
185.85.112.0/22
IPv6:
2a01:9780::/32
Signature Algorithm: sha256WithRSAEncryption
2f:87:0d:a0:24:1b:15:21:06:b0:45:dd:39:35:b1:b7:a4:ec:
99:53:78:d2:e2:8b:25:1c:bc:9b:42:c6:c9:18:4e:59:bb:e7:
e1:91:fa:d4:af:8c:aa:74:f6:aa:7d:60:d6:4e:2c:4a:ed:bf:
d4:dd:cb:0d:73:ff:1c:19:fa:5c:22:f8:e3:be:da:7f:8b:fe:
52:26:f2:f7:3f:c4:80:6f:01:5e:77:12:73:3c:b7:10:89:4e:
86:7f:6b:19:90:c6:ed:8e:7b:c9:0f:de:2f:e4:16:06:b5:55:
5d:f6:3e:ed:09:4a:02:de:3b:73:33:15:f8:9e:20:f3:ba:3c:
49:77:8a:71:fa:b4:da:78:ad:ca:40:64:21:4e:00:6b:ab:d0:
68:34:51:43:28:4f:92:fc:44:d0:40:75:54:91:d7:dd:20:a9:
e3:7d:14:c6:27:2e:f9:14:25:eb:b0:ea:10:35:59:95:c4:8a:
b6:52:cb:5e:14:b4:57:66:58:01:c7:70:d8:7a:d8:50:a0:09:
34:d3:76:25:9d:44:8e:c8:19:17:31:f8:f3:39:6c:49:ca:2e:
61:0b:13:d5:b9:e5:8e:b7:a2:3d:da:e3:13:35:9e:bb:db:47:
1a:eb:81:b7:57:67:eb:2b:50:28:13:bc:26:8b:9e:d6:6e:b0:
b5:80:d7:24
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzIAbzgUMQyI0+qgWitwY+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZiMjg0MTZkZGJmMzlmYjI0YjA5OTY2ODZhY2ZhY2U3NmM5OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzllpVR2ObZ2IsvGEMdbUGJNwGyeC
+P+Rlpk9M3gtx+zc/22axA14apelohc1FQE/ww3/USlNqK/GMYfyhNf+uyuL5wy1
ILznRVerlxUHpWndUvPwqwFmZIO2zSajKsVVr3T3n0f541BWbzzvta1UjVGCS4vC
X5swDEadBCO50iSM7LDVAyS3oPj288dx9KGShS54fRLa1rdBkf3CdW9mR4/LSjil
iY8nkvxS1DyPdIHLil3LStoIdNnS3GjbCweF1pJpHmK8WuH64q21GRoRysJwDwOv
jFnlQ21MMtCRgIX88jdfQpxyuPOtkCQ1AJZbzsnwBJ2uzAEOlW/DP1EFmQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFPFrKEFt2/OfsksJlmhqz6znbJjVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5L2IxNjVj
YS0yZjMzLTRlOGUtYTg5Ni1jZGFhNTgxNTE4ZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvYjE2NWNh
LTJmMzMtNGU4ZS1hODk2LWNkYWE1ODE1MThmMy8xLzhXc29RVzNiODUteVN3bVdh
R3JQck9kc21OVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDVXdoAwQCuVVwMA0EAgACMAcDBQAqAZeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAvhw2gJBsVIQawRd05NbG3pOyZU3jS4oslHLybQsbJ
GE5Zu+fhkfrUr4yqdPaqfWDWTixK7b/U3csNc/8cGfpcIvjjvtp/i/5SJvL3P8SA
bwFedxJzPLcQiU6Gf2sZkMbtjnvJD94v5BYGtVVd9j7tCUoC3jtzMxX4niDzujxJ
d4px+rTaeK3KQGQhTgBrq9BoNFFDKE+S/ETQQHVUkdfdIKnjfRTGJy75FCXrsOoQ
NVmVxIq2UsteFLRXZlgBx3DYethQoAk003YlnUSOyBkXMfjzOWxJyi5hCxPVueWO
t6I92uMTNZ6720ca64G3V2frK1AoE7wmi57WbrC1gNck
-----END CERTIFICATE-----
Generated at Thu Dec 26 17:26:57 2024 by rpki-client on console-ams.rpki-client.org