Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer
File: 8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.cer (raw, json)
Hash identifier: +39ysUaLisgLBHeofFpu1XSx7i3+2x/ebi+VAoj5RlE=
Subject key identifier: F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC42481998F88A0F35F59E5CBA5C23E2F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:29:36 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 197615
IP: 91.223.167.0/24
IP: 91.224.180.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:81:99:8f:88:a0:f3:5f:59:e5:cb:a5:c2:3e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2a959dc16715c8a54c8094267b8e491fe321d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:b5:f4:f1:52:68:c9:a9:e8:56:7c:56:8e:
a7:f1:f9:4e:28:56:4a:ee:9b:aa:f0:ff:8b:42:54:
f7:6c:a8:83:5b:71:f7:56:a2:60:5f:12:22:20:fb:
68:5b:a8:89:f8:9b:5b:56:a1:bd:f2:89:90:ab:55:
34:b4:3c:a8:36:44:4d:50:f5:7f:d5:01:1e:f9:86:
cb:75:08:11:38:03:56:43:b9:8f:81:5a:00:fa:96:
0c:33:8b:ea:88:22:b1:4c:45:b2:2f:3b:50:15:91:
73:61:df:cf:69:40:a6:4b:32:6a:64:34:b8:d1:1a:
2c:87:83:48:84:a5:08:c7:52:ab:87:e7:14:2b:4d:
0b:ea:e5:a9:df:b6:1d:78:bd:a9:b3:9a:af:2c:6f:
67:3a:5d:9b:77:a6:2a:40:24:c4:a7:c2:e5:9c:16:
be:e8:1a:99:86:c9:24:71:e9:8a:42:97:66:26:9d:
07:8b:df:56:9a:a1:05:1c:e4:b5:e3:8b:df:55:7f:
f3:c5:35:dd:25:2e:db:91:8d:98:5e:68:8b:5e:6c:
86:a1:76:60:c9:db:e4:66:46:a7:ea:3d:08:9a:ba:
0d:34:f9:b1:91:3f:87:0a:43:57:de:df:4a:51:50:
af:2c:e1:44:c2:30:aa:02:12:6e:30:f3:2e:b8:6b:
03:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A9:59:DC:16:71:5C:8A:54:C8:09:42:67:B8:E4:91:FE:32:1D:2C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/88a383-030c-4545-9e9c-4ebeec7e8275/1/8qlZ3BZxXIpUyAlCZ7jkkf4yHSw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.167.0/24
91.224.180.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197615
Signature Algorithm: sha256WithRSAEncryption
94:41:86:cf:8b:a5:27:7a:0e:3f:37:23:86:36:aa:0f:5f:90:
40:3f:bb:ed:ad:e2:20:2b:9f:9d:c3:d7:82:61:78:94:cc:0e:
90:90:34:a8:79:3b:00:ee:e8:c8:c8:03:95:7a:08:12:7e:21:
ec:30:77:bd:27:23:6b:ad:8c:c8:03:91:5b:f4:1e:88:c7:ce:
26:a3:fa:1d:5b:f5:5c:08:b9:cc:1d:b4:79:f4:ca:44:45:6c:
66:04:1f:f4:78:4c:1b:7e:e9:8b:32:3b:96:5e:3f:83:6d:b1:
7b:34:06:24:d6:18:a7:9f:25:16:f0:8d:12:20:da:00:d8:05:
6b:2b:93:24:b7:39:b6:dc:d9:cd:41:1d:40:5e:30:65:b1:d8:
c5:a5:0c:21:a8:cd:8b:7e:bc:cd:8b:24:8c:1b:1c:05:c4:62:
20:bf:9e:ad:01:90:28:9b:b4:49:b0:31:ca:20:40:59:bf:45:
1f:cb:35:f3:35:71:b8:20:29:8c:dd:f1:02:a6:fa:24:0c:0a:
05:93:36:be:2e:02:d0:e1:7c:31:58:ff:52:9a:31:0d:00:97:
f0:52:aa:81:76:54:89:24:8a:e9:2e:fb:3a:55:a8:44:37:87:
de:12:ff:c1:c4:56:3f:3d:3b:cb:84:4e:7f:d4:d9:8f:6d:d7:
82:c7:a9:8d
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzEJIGZj4ig819Z5culwj4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE5NTlkYzE2NzE1YzhhNTRjODA5NDI2N2I4ZTQ5MWZlMzIxZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Mq19PFSaMmp6FZ8Vo6n8flOKFZK
7puq8P+LQlT3bKiDW3H3VqJgXxIiIPtoW6iJ+JtbVqG98omQq1U0tDyoNkRNUPV/
1QEe+YbLdQgROANWQ7mPgVoA+pYMM4vqiCKxTEWyLztQFZFzYd/PaUCmSzJqZDS4
0Rosh4NIhKUIx1Krh+cUK00L6uWp37YdeL2ps5qvLG9nOl2bd6YqQCTEp8LlnBa+
6BqZhskkcemKQpdmJp0Hi99WmqEFHOS144vfVX/zxTXdJS7bkY2YXmiLXmyGoXZg
ydvkZkan6j0ImroNNPmxkT+HCkNX3t9KUVCvLOFEwjCqAhJuMPMuuGsDCwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPKpWdwWcVyKVMgJQme45JH+Mh0sMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFmLzg4YTM4
My0wMzBjLTQ1NDUtOWU5Yy00ZWJlZWM3ZTgyNzUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYvODhhMzgz
LTAzMGMtNDU0NS05ZTljLTRlYmVlYzdlODI3NS8xLzhxbFozQlp4WElwVXlBbENa
N2pra2Y0eUhTdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW9+nAwQBW+C0MBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwMD7zANBgkqhkiG9w0BAQsFAAOCAQEAlEGGz4ulJ3oOPzcjhjaqD1+Q
QD+77a3iICufncPXgmF4lMwOkJA0qHk7AO7oyMgDlXoIEn4h7DB3vScja62MyAOR
W/QeiMfOJqP6HVv1XAi5zB20efTKREVsZgQf9HhMG37pizI7ll4/g22xezQGJNYY
p58lFvCNEiDaANgFayuTJLc5ttzZzUEdQF4wZbHYxaUMIajNi368zYskjBscBcRi
IL+erQGQKJu0SbAxyiBAWb9FH8s18zVxuCApjN3xAqb6JAwKBZM2vi4C0OF8MVj/
UpoxDQCX8FKqgXZUiSSK6S77OlWoRDeH3hL/wcRWPz07y4ROf9TZj23XgsepjQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:26 2024 by rpki-client on console-ams.rpki-client.org