Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
File: A2hHspcjX68HFob-0sHpEL9gBIY.cer (raw, json)
Hash identifier: oxifWOKcynS1CLLWRABs7tUz2QUsnCx9i6UuO6QJlWA=
Subject key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B8856285FF0DBC919059770E5659B5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:30:30 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.240.192.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:85:62:85:ff:0d:bc:91:90:59:77:0e:56:59:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=036847b297235faf071686fed2c1e910bf600486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:28:06:2a:e7:c6:68:18:51:05:5c:01:29:
6d:42:86:7f:79:8f:17:00:ec:fc:1c:05:af:df:cf:
fc:e5:6e:23:04:13:77:6e:95:6d:4e:30:8e:91:35:
9a:e8:e4:e0:63:e9:b2:b1:1f:33:72:60:8c:42:2a:
87:db:98:b9:16:1a:bf:35:4b:9f:7e:07:c6:61:d2:
ab:d3:f4:ee:77:a2:2e:62:b3:fc:4d:01:1c:84:e3:
c4:01:7a:81:6e:40:29:81:73:c7:cc:bf:ae:34:74:
ce:8d:c6:7f:fa:0a:fb:6c:24:33:7f:63:7b:13:f0:
c1:fc:7b:10:fb:49:9b:ce:3b:fb:73:59:6b:f7:c8:
fe:38:87:2a:34:99:81:ec:52:58:d8:5d:68:a7:7c:
8d:4f:a6:a2:d2:c0:9a:40:d6:b0:97:97:fb:94:ff:
aa:03:a2:d9:88:3e:b3:01:a4:3a:e7:72:68:a6:bc:
9f:08:5c:d3:42:74:bc:0d:c3:be:37:a8:c9:7d:8a:
b6:bf:fa:19:06:9c:79:16:87:4c:c1:f6:ce:66:72:
26:da:bf:9e:55:e7:fa:75:e4:02:87:67:47:1b:26:
6c:a1:6f:54:be:de:72:78:8b:c0:46:8a:47:87:88:
f0:7a:75:30:db:19:54:d5:1c:23:70:ca:09:7f:b6:
96:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.192.0/24
Signature Algorithm: sha256WithRSAEncryption
72:db:21:2c:40:8f:4a:49:46:d0:93:49:c3:50:9e:30:64:5e:
f1:51:d3:cb:da:83:3a:d3:bf:a4:12:37:e7:e8:41:01:f2:ab:
96:e9:63:1b:dc:e3:10:f6:be:d8:e6:93:53:a1:66:f3:f6:46:
d2:b2:74:a7:61:43:62:62:cb:3e:2d:41:8a:48:db:1d:37:13:
ca:4d:71:ab:1d:1c:58:ea:74:79:a7:a6:bf:a0:79:49:f0:b4:
e8:c8:10:57:98:54:4a:87:9f:34:30:8a:7e:b6:dc:4d:01:76:
5c:58:c9:83:dd:43:aa:71:7a:3f:7f:2e:49:02:8a:91:a5:1c:
64:61:a4:5e:99:61:6a:96:63:dd:06:c6:50:4f:de:3c:e8:cc:
84:24:46:b1:2f:5a:da:85:99:34:20:cf:c8:04:27:95:a3:9c:
20:a8:9d:16:47:0e:a9:ea:07:21:74:d2:7b:64:88:d8:66:4d:
b0:f0:eb:a2:2f:c2:87:ce:b9:2a:64:66:20:d9:9a:49:a1:29:
a7:3c:c6:fc:36:44:cf:2b:01:30:4a:96:1c:8f:4d:0c:1e:fc:
04:fe:88:21:33:e3:6d:e2:83:2d:43:0b:a4:24:f3:0f:a1:91:
38:ab:3f:e3:93:ab:e9:11:5c:77:5e:c4:e5:a1:20:f5:cf:20:
b8:77:27:79
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzGuIVihf8NvJGQWXcOVlm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY4NDdiMjk3MjM1ZmFmMDcxNjg2ZmVkMmMxZTkxMGJmNjAwNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlMoBirnxmgYUQVcASltQoZ/eY8X
AOz8HAWv38/85W4jBBN3bpVtTjCOkTWa6OTgY+mysR8zcmCMQiqH25i5Fhq/NUuf
fgfGYdKr0/Tud6IuYrP8TQEchOPEAXqBbkApgXPHzL+uNHTOjcZ/+gr7bCQzf2N7
E/DB/HsQ+0mbzjv7c1lr98j+OIcqNJmB7FJY2F1op3yNT6ai0sCaQNawl5f7lP+q
A6LZiD6zAaQ653JopryfCFzTQnS8DcO+N6jJfYq2v/oZBpx5FodMwfbOZnIm2r+e
Vef6deQCh2dHGyZsoW9Uvt5yeIvARopHh4jwenUw2xlU1RwjcMoJf7aWXQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFANoR7KXI1+vBxaG/tLB6RC/YASGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFlLzQ0Yjc5
Ny1jZDViLTRkZWQtYTU2Mi1iZGQ3MzI4ZTk0Y2IvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUvNDRiNzk3
LWNkNWItNGRlZC1hNTYyLWJkZDczMjhlOTRjYi8xL0EyaEhzcGNqWDY4SEZvYi0w
c0hwRUw5Z0JJWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW/DAMA0GCSqGSIb3DQEBCwUAA4IBAQBy2yEs
QI9KSUbQk0nDUJ4wZF7xUdPL2oM607+kEjfn6EEB8quW6WMb3OMQ9r7Y5pNToWbz
9kbSsnSnYUNiYss+LUGKSNsdNxPKTXGrHRxY6nR5p6a/oHlJ8LToyBBXmFRKh580
MIp+ttxNAXZcWMmD3UOqcXo/fy5JAoqRpRxkYaRemWFqlmPdBsZQT9486MyEJEax
L1rahZk0IM/IBCeVo5wgqJ0WRw6p6gchdNJ7ZIjYZk2w8OuiL8KHzrkqZGYg2ZpJ
oSmnPMb8NkTPKwEwSpYcj00MHvwE/oghM+Nt4oMtQwukJPMPoZE4qz/jk6vpEVx3
XsTloSD1zyC4dyd5
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:38 2024 by rpki-client on console-fra.rpki-client.org