Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
File: 8qJTzfUHoD4fV50gLY3xHWj1w9c.cer (raw, json)
Hash identifier: oEHWXDZQpsLon7dD+T9TWsrwXqB165Aa3xyI/LC72+Q=
Subject key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019121802A8FCE9EDD93E626C7B42AE58A84
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 05 Aug 2024 07:45:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 45.88.228.0/22
IP: 2001:3500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:80:2a:8f:ce:9e:dd:93:e6:26:c7:b4:2a:e5:8a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 5 07:45:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:f5:bf:14:df:fd:19:cb:36:a8:b7:15:c1:
c4:42:7d:b6:f5:ba:76:0c:a0:c3:1d:d7:ec:e8:62:
38:19:81:1a:f7:25:3b:3c:bc:20:02:27:d5:91:bf:
6b:26:ef:76:e4:00:58:7d:45:a4:4e:fd:b2:61:2a:
d9:0b:b1:b4:ca:9e:b6:03:2c:65:96:e8:00:7c:3f:
fb:1f:a3:72:10:db:1e:bb:18:45:43:66:7a:e9:bf:
d0:e5:33:fc:b7:64:2d:3c:9b:00:86:5d:11:14:e3:
52:1d:fe:02:e4:6f:b4:86:05:5f:f4:0e:76:37:ab:
b0:8f:70:3c:df:60:09:74:da:98:0e:ff:1a:1d:f9:
93:f5:92:29:c4:0b:d0:ee:65:42:43:18:e0:da:f1:
ff:de:81:80:fd:26:3f:4d:90:9c:6c:f0:d3:cc:f1:
7a:3c:f2:f6:28:58:46:72:ae:e5:3d:1f:02:d9:ee:
e6:ca:8c:5a:41:a2:ee:ae:1f:46:b7:bf:03:9c:4b:
cc:91:d6:32:75:55:48:b1:12:d8:69:f8:93:66:e1:
53:1d:a4:32:32:ab:c4:6e:32:92:c2:b6:a2:61:ff:
f8:50:fd:ba:23:94:ca:19:ea:c3:85:c1:b3:8d:8a:
cb:76:99:69:5f:b5:71:93:fa:7a:d5:ba:e9:00:9a:
67:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.228.0/22
IPv6:
2001:3500::/29
Signature Algorithm: sha256WithRSAEncryption
1c:3a:7f:d9:d0:62:66:4a:a3:4c:e5:de:f8:9f:a8:f9:bf:7e:
84:25:40:2b:cb:6f:98:68:f8:d7:ca:d7:8e:b7:7b:d2:d9:6d:
cd:02:ae:ff:f4:a2:a4:69:c0:e0:b1:ed:9c:cd:31:ae:19:66:
8c:ec:05:08:22:bc:2d:74:1c:45:b3:ed:f6:62:22:fc:6d:70:
5c:d7:57:ee:6f:e8:b5:1a:75:66:e4:e9:60:50:c5:c7:e5:56:
d4:9d:ff:bd:16:5d:71:59:e0:de:98:35:45:44:76:8b:9f:8e:
aa:ea:8d:7d:9d:90:b6:ea:5f:c8:1e:ff:c1:34:4f:ab:b1:81:
b7:62:09:08:05:4b:a9:07:aa:1b:08:16:4b:8d:4e:b6:b4:83:
dd:2f:ed:c1:e5:cd:4a:d0:e5:c3:b2:30:63:ea:4f:73:3d:2f:
84:e0:5a:78:5a:7c:50:3d:d1:5c:ce:e8:01:d5:ed:52:6e:58:
07:19:b4:24:ea:da:a9:5f:49:2f:2a:48:53:d8:ef:00:db:17:
e8:f4:6d:6a:bc:a7:eb:e8:ed:16:57:ee:7a:c7:ae:36:d6:a3:
63:02:99:69:f5:ba:6c:00:2d:8b:07:ae:60:47:61:d9:0d:13:
9d:37:54:58:24:ca:10:bf:ad:09:5e:47:94:f1:0e:96:0b:e9:
12:d4:a4:0b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZEhgCqPzp7dk+Ymx7Qq5YqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODA1MDc0NTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmEyNTNjZGY1MDdhMDNlMWY1NzlkMjAyZDhkZjExZDY4ZjVjM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGD1vxTf/RnLNqi3FcHEQn229bp2
DKDDHdfs6GI4GYEa9yU7PLwgAifVkb9rJu925ABYfUWkTv2yYSrZC7G0yp62Ayxl
lugAfD/7H6NyENseuxhFQ2Z66b/Q5TP8t2QtPJsAhl0RFONSHf4C5G+0hgVf9A52
N6uwj3A832AJdNqYDv8aHfmT9ZIpxAvQ7mVCQxjg2vH/3oGA/SY/TZCcbPDTzPF6
PPL2KFhGcq7lPR8C2e7myoxaQaLurh9Gt78DnEvMkdYydVVIsRLYafiTZuFTHaQy
MqvEbjKSwraiYf/4UP26I5TKGerDhcGzjYrLdplpX7Vxk/p61brpAJpnKQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFPKiU831B6A+H1edIC2N8R1o9cPXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzEwZWJl
Yy0yNzg0LTRkYWEtOGRmNy1iZTRkNWQwOWQ3MTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvMTBlYmVj
LTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8xLzhxSlR6ZlVIb0Q0ZlY1MGdM
WTN4SFdqMXc5Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVjkMA0EAgACMAcDBQMgATUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAcOn/Z0GJmSqNM5d74n6j5v36EJUAry2+YaPjXyteOt3vS2W3N
Aq7/9KKkacDgse2czTGuGWaM7AUIIrwtdBxFs+32YiL8bXBc11fub+i1GnVm5Olg
UMXH5VbUnf+9Fl1xWeDemDVFRHaLn46q6o19nZC26l/IHv/BNE+rsYG3YgkIBUup
B6obCBZLjU62tIPdL+3B5c1K0OXDsjBj6k9zPS+E4Fp4WnxQPdFczugB1e1SblgH
GbQk6tqpX0kvKkhT2O8A2xfo9G1qvKfr6O0WV+56x6421qNjAplp9bpsAC2LB65g
R2HZDROdN1RYJMoQv60JXkeU8Q6WC+kS1KQL
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:01 2024 by rpki-client on console-ams.rpki-client.org