Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BAxkI-mAsol2Wq2SQjX0bS4gwBw.cer
File: BAxkI-mAsol2Wq2SQjX0bS4gwBw.cer (raw, json)
Hash identifier: lq2L+NHDYs0iCge0bIQJr+9il5Qm/RrlU8wdpBcYMig=
Subject key identifier: 04:0C:64:23:E9:80:B2:89:76:5A:AD:92:42:35:F4:6D:2E:20:C0:1C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC49253F5F8F9BF7D94B2F6AC6B67C658
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/de/642ab3-9c72-4b6f-8772-d52f4228f8b3/1/BAxkI-mAsol2Wq2SQjX0bS4gwBw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/de/642ab3-9c72-4b6f-8772-d52f4228f8b3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 84.38.250.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:53:f5:f8:f9:bf:7d:94:b2:f6:ac:6b:67:c6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=040c6423e980b289765aad924235f46d2e20c01c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:2b:59:47:7f:ce:27:97:e4:1f:2b:60:ec:
30:78:be:ca:58:ab:1b:f9:70:ee:c1:31:1f:9e:bf:
f7:81:ff:f4:55:1d:24:44:da:61:0f:af:d0:86:87:
4e:68:43:89:ba:84:d1:5e:39:c0:09:f9:25:ed:4a:
dd:f1:07:20:6c:e2:23:07:7f:e6:84:14:8c:04:92:
ef:c4:28:03:4a:02:4e:3c:fb:97:f3:f4:a1:8e:19:
96:0f:83:2b:21:ad:53:31:db:90:5c:e6:a1:c6:ee:
bb:3f:da:1b:fa:30:ee:24:88:24:27:6e:6a:5a:56:
e7:ba:fb:d6:66:61:33:8d:b6:f1:ab:b2:69:bd:5b:
35:22:6f:e2:c1:08:73:c1:61:98:22:0a:3b:78:ee:
5a:a8:8a:bc:f3:af:98:32:1b:cd:35:98:df:97:3b:
fa:93:e3:69:f6:39:87:4d:01:ee:1b:f5:69:fb:44:
5f:fe:90:bd:c6:f9:08:db:31:cf:0a:c5:f8:f5:12:
8b:66:e7:a5:9c:0f:ea:cd:37:99:2a:d1:c7:b1:17:
93:a7:17:78:1c:12:51:f0:ea:ce:0e:7b:f1:e1:45:
03:22:a8:f2:cf:d5:d5:96:a6:1c:86:34:4b:2d:4c:
7a:53:a0:3f:44:46:90:54:12:33:69:68:e0:8b:78:
28:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0C:64:23:E9:80:B2:89:76:5A:AD:92:42:35:F4:6D:2E:20:C0:1C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/642ab3-9c72-4b6f-8772-d52f4228f8b3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/642ab3-9c72-4b6f-8772-d52f4228f8b3/1/BAxkI-mAsol2Wq2SQjX0bS4gwBw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.250.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:0f:21:f7:38:29:5c:7c:1c:74:db:62:3e:ac:a5:03:f7:9a:
03:91:47:91:56:7c:de:3c:48:4b:d5:13:87:51:7b:a9:01:f3:
24:5f:b7:1c:68:de:4c:54:ff:c8:64:0c:d1:ea:df:ba:62:d4:
79:27:e2:87:74:ab:0e:a0:fd:b0:0d:65:47:c0:2c:27:47:c6:
74:2f:62:bb:09:ac:f3:52:e2:6a:2e:73:1f:10:f3:f4:a5:72:
fa:dc:3f:2f:79:1e:e7:55:50:0e:29:e4:83:14:37:97:b0:e6:
5b:f7:36:17:7a:3a:4c:07:42:cf:47:7e:21:66:21:0f:9e:35:
8a:f4:3f:9b:1e:b6:1d:00:37:b8:0c:11:90:b2:c7:b3:98:05:
c5:c8:fc:2e:14:c0:e2:dd:84:84:15:ab:74:ad:03:1d:26:b8:
ef:65:d2:b4:60:ec:81:62:0a:3e:c1:ed:08:b3:57:4f:6d:6d:
97:83:60:5a:4a:a6:00:a7:c5:7d:ce:59:ff:74:67:b3:9e:e2:
72:a5:da:af:75:e8:87:9f:c1:0e:c5:67:b7:c8:d9:17:24:08:
07:ae:64:ab:78:64:6c:7b:d4:9e:e0:38:70:e9:62:b2:cc:e8:
13:95:c9:7c:1e:67:97:34:d0:34:e9:75:03:79:f0:9a:da:ac:
5f:d1:c0:2d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzEklP1+Pm/fZSy9qxrZ8ZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBjNjQyM2U5ODBiMjg5NzY1YWFkOTI0MjM1ZjQ2ZDJlMjBjMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVArWUd/zieX5B8rYOwweL7KWKsb
+XDuwTEfnr/3gf/0VR0kRNphD6/QhodOaEOJuoTRXjnACfkl7Urd8QcgbOIjB3/m
hBSMBJLvxCgDSgJOPPuX8/ShjhmWD4MrIa1TMduQXOahxu67P9ob+jDuJIgkJ25q
WlbnuvvWZmEzjbbxq7JpvVs1Im/iwQhzwWGYIgo7eO5aqIq886+YMhvNNZjflzv6
k+Np9jmHTQHuG/Vp+0Rf/pC9xvkI2zHPCsX49RKLZuelnA/qzTeZKtHHsReTpxd4
HBJR8OrODnvx4UUDIqjyz9XVlqYchjRLLUx6U6A/REaQVBIzaWjgi3gopwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFAQMZCPpgLKJdlqtkkI19G0uIMAcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RlLzY0MmFi
My05YzcyLTRiNmYtODc3Mi1kNTJmNDIyOGY4YjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUvNjQyYWIz
LTljNzItNGI2Zi04NzcyLWQ1MmY0MjI4ZjhiMy8xL0JBeGtJLW1Bc29sMldxMlNR
algwYlM0Z3dCdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAVCb6MA0GCSqGSIb3DQEBCwUAA4IBAQAuDyH3
OClcfBx022I+rKUD95oDkUeRVnzePEhL1ROHUXupAfMkX7ccaN5MVP/IZAzR6t+6
YtR5J+KHdKsOoP2wDWVHwCwnR8Z0L2K7CazzUuJqLnMfEPP0pXL63D8veR7nVVAO
KeSDFDeXsOZb9zYXejpMB0LPR34hZiEPnjWK9D+bHrYdADe4DBGQssezmAXFyPwu
FMDi3YSEFat0rQMdJrjvZdK0YOyBYgo+we0Is1dPbW2Xg2BaSqYAp8V9zln/dGez
nuJypdqvdeiHn8EOxWe3yNkXJAgHrmSreGRse9Se4Dhw6WKyzOgTlcl8HmeXNNA0
6XUDefCa2qxf0cAt
-----END CERTIFICATE-----
Generated at Fri May 3 01:35:19 2024 by rpki-client on console-ams.rpki-client.org