Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
File: 9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer (raw, json)
Hash identifier: HG37bwgZzRXEq8iBuZCCk6rLwT07umBJBvx9rBKX5fQ=
Subject key identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F4278D08877D69141E03AD76AFC39
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:29:43 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43467
IP: 45.9.80.0/22
IP: 2a0e:de00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:42:78:d0:88:77:d6:91:41:e0:3a:d7:6a:fc:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:a6:b6:38:a1:8e:bb:cf:ed:ed:ab:17:c8:
b2:d7:0e:5c:d9:5e:90:7a:7b:f9:96:57:ad:25:9a:
50:c8:47:8a:f9:97:f6:57:a8:f5:4f:b9:f1:c5:68:
23:25:b9:6e:b4:77:ce:2b:4d:08:7b:b4:cb:dd:6f:
ae:9a:6f:2b:d3:df:64:43:07:1d:02:5b:ea:43:0f:
fa:08:da:7a:78:ee:f7:81:82:83:d2:33:91:ab:d4:
37:68:71:35:a2:b3:63:fc:e8:23:3b:5a:56:c0:ce:
94:52:d2:08:17:64:65:4c:31:f9:e3:a5:e8:7c:48:
ce:16:b9:3c:21:38:3a:e0:3e:23:eb:ac:86:18:86:
3b:50:59:38:22:82:f5:f9:f8:5b:ac:f7:8a:06:22:
e4:89:7d:56:79:59:52:01:72:18:72:cc:58:c8:26:
3a:69:c5:82:4c:f0:0a:39:3a:cd:38:8b:75:04:43:
00:2a:66:23:45:cc:e5:f0:9f:6d:86:69:18:29:50:
76:25:11:e1:16:9c:d3:f1:b4:77:24:85:0a:a7:d9:
1c:9c:6d:74:60:d9:0e:19:7c:5c:93:b1:9e:d4:92:
e3:d1:6a:12:83:f6:ff:2d:9c:e8:78:ed:54:f8:79:
79:dd:53:ce:36:6f:ef:92:89:2c:84:de:83:d8:79:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.80.0/22
IPv6:
2a0e:de00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43467
Signature Algorithm: sha256WithRSAEncryption
45:0e:46:6c:50:b7:69:ee:21:21:94:55:b9:d4:25:6a:7e:63:
92:b2:fe:e9:07:8f:4f:43:cc:ed:aa:c4:db:0a:7d:73:77:37:
79:5f:2f:9d:ee:72:32:0f:fa:38:2a:de:e3:8b:71:c7:3b:b5:
e8:80:74:61:ba:4d:8c:a6:31:89:14:cf:fa:57:80:0a:ff:73:
41:fe:da:08:60:23:7f:64:27:74:ad:0e:cc:41:6c:b1:28:c9:
f3:a9:fb:e8:92:f8:06:d3:d5:49:fa:b0:98:a2:ab:2b:d5:7d:
fc:12:b6:63:3b:11:c0:b2:66:6e:ac:21:bb:f3:8a:ac:2b:81:
3e:1f:cc:a7:6f:0b:6a:32:b6:ee:fe:36:53:f2:45:07:f5:38:
6e:a9:89:12:95:25:7e:3b:70:c7:1b:57:24:e9:39:32:97:95:
7b:59:6e:40:97:43:b2:2e:f5:c0:3d:76:ad:1f:4e:f9:ff:81:
8d:3f:af:9e:6e:e8:dc:e2:5b:e5:86:3e:1b:38:e9:fa:05:00:
16:05:67:62:37:f6:57:b4:55:6f:eb:41:88:e9:7d:73:8e:6c:
51:25:f7:e5:91:d9:f9:36:b4:b5:9b:e5:99:85:21:fe:a6:dd:
f2:b9:e3:e6:63:01:ec:8b:1f:c2:53:73:ca:94:aa:ba:c1:ee:
14:83:4a:40
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIb0J40Ih31pFB4DrXavw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY2N2E0MGNmNWU4NWMyZDJiNjU1OGI0MDk5YWYxMjVkMTA1MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPqmtjihjrvP7e2rF8iy1w5c2V6Q
env5lletJZpQyEeK+Zf2V6j1T7nxxWgjJblutHfOK00Ie7TL3W+umm8r099kQwcd
AlvqQw/6CNp6eO73gYKD0jORq9Q3aHE1orNj/OgjO1pWwM6UUtIIF2RlTDH546Xo
fEjOFrk8ITg64D4j66yGGIY7UFk4IoL1+fhbrPeKBiLkiX1WeVlSAXIYcsxYyCY6
acWCTPAKOTrNOIt1BEMAKmYjRczl8J9thmkYKVB2JRHhFpzT8bR3JIUKp9kcnG10
YNkOGXxck7Ge1JLj0WoSg/b/LZzoeO1U+Hl53VPONm/vkokshN6D2HkSGQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPT2ekDPXoXC0rZVi0CZrxJdEFDuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzcwN2I0
Zi02Y2Q2LTQ4OGEtOGRlZi0zYTVjNzFmODY4MjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvNzA3YjRm
LTZjZDYtNDg4YS04ZGVmLTNhNWM3MWY4NjgyMS8xLzlQWjZRTTllaGNMU3RsV0xR
Sm12RWwwUVVPNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLQlQMA0EAgACMAcDBQMqDt4AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCpyzANBgkqhkiG9w0BAQsFAAOCAQEARQ5GbFC3ae4h
IZRVudQlan5jkrL+6QePT0PM7arE2wp9c3c3eV8vne5yMg/6OCre44txxzu16IB0
YbpNjKYxiRTP+leACv9zQf7aCGAjf2QndK0OzEFssSjJ86n76JL4BtPVSfqwmKKr
K9V9/BK2YzsRwLJmbqwhu/OKrCuBPh/Mp28LajK27v42U/JFB/U4bqmJEpUlfjtw
xxtXJOk5MpeVe1luQJdDsi71wD12rR9O+f+BjT+vnm7o3OJb5YY+Gzjp+gUAFgVn
Yjf2V7RVb+tBiOl9c45sUSX35ZHZ+Ta0tZvlmYUh/qbd8rnj5mMB7IsfwlNzypSq
usHuFINKQA==
-----END CERTIFICATE-----
Generated at Fri May 3 07:17:06 2024 by rpki-client on console-fra.rpki-client.org