Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer
File: BmuiCcUMAqhYtUMIyCrlvzAu-qQ.cer (raw, json)
Hash identifier: duM+qRIRm7n0d8R7GhAy5UvEligxyngsCJIoNXE/SCM=
Subject key identifier: 06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DB54C2704C2FAC22D9E189CBA928BC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:30:03 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 208965
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:54:c2:70:4c:2f:ac:22:d9:e1:89:cb:a9:28:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=066ba209c50c02a858b54308c82ae5bf302efaa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0f:3a:f3:68:b5:7a:8b:dd:8d:24:85:64:bd:
54:8b:2b:21:6a:cb:e2:50:07:4f:82:12:86:e2:63:
3c:39:1e:e9:a2:62:8f:e7:57:07:4e:84:4e:8e:e5:
95:9c:74:12:b1:1e:e5:33:bd:a6:bb:4e:8d:2c:4b:
71:8a:bf:bb:1a:58:0b:8e:1d:ce:83:3f:0f:8a:6c:
00:fc:bd:ad:4b:f1:31:be:09:98:c7:0c:17:cd:f2:
e4:ac:e1:2e:a5:33:4f:9a:7d:42:7d:29:07:80:d6:
55:18:ed:63:12:0f:ae:7f:c5:5d:ec:f7:34:ef:cb:
1d:df:f3:51:ae:0b:80:57:a3:97:98:46:11:27:16:
1b:3e:1a:70:85:95:53:7a:cb:1d:b8:d9:e3:fc:aa:
71:95:e9:4d:03:7f:df:88:ef:88:6a:cd:62:94:ec:
7e:c0:2a:c5:f8:10:05:34:2a:9d:b9:55:74:12:57:
c7:24:c0:ff:9d:f3:8d:10:59:9e:64:88:d9:98:0a:
1e:0e:12:87:69:74:ab:5b:65:21:96:d3:bb:1c:3d:
a5:c7:46:7f:42:9c:76:fd:a6:e1:67:4c:75:57:45:
79:e2:79:1a:1b:c5:7a:ce:d0:c7:3f:ac:d6:d4:b6:
c1:e4:6a:5f:c4:fb:18:d4:cc:aa:53:32:a6:30:96:
c0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6B:A2:09:C5:0C:02:A8:58:B5:43:08:C8:2A:E5:BF:30:2E:FA:A4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3151b8-d8f1-4102-936f-93ffec5c3c81/1/BmuiCcUMAqhYtUMIyCrlvzAu-qQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208965
Signature Algorithm: sha256WithRSAEncryption
77:72:f6:b3:94:fd:9f:49:9d:79:5c:5e:4c:86:56:a1:24:f9:
20:13:59:04:d5:3c:25:e3:cb:fd:05:2e:7b:55:1d:e6:8e:d7:
a7:41:b1:59:1e:c6:d0:d6:1a:7b:c5:c8:10:4b:fc:2a:c2:1a:
77:3a:80:59:be:a4:e9:24:a8:2e:bd:72:5d:07:9c:21:7b:43:
fa:e8:34:92:65:39:70:9a:00:d6:3f:5d:52:1d:ac:5f:e8:5f:
cc:1d:c2:05:68:1d:42:28:85:5b:78:3c:6a:7e:65:f4:27:e5:
7f:a7:13:c1:45:3e:93:81:95:e0:3a:1d:9a:37:02:7a:fa:f1:
39:17:aa:59:19:8a:4b:c2:eb:55:93:fb:6b:53:8b:ba:1d:c4:
f0:f9:b8:7f:e9:7d:17:ee:33:2d:85:f2:0f:1b:7d:fa:d8:c2:
af:71:65:83:c0:03:79:16:f7:88:cf:25:f2:df:d9:65:07:f4:
e2:6f:71:bd:b8:b9:44:82:84:1d:b1:3c:d9:f6:55:b4:12:ca:
64:ba:af:3e:1e:2f:14:bc:bc:2d:d2:cb:3d:9d:5b:26:52:7a:
b9:49:33:68:08:d6:e1:28:14:6b:17:69:c1:d9:8d:39:a5:a1:
07:b7:fd:2c:91:ee:54:7a:bf:70:92:8f:50:cb:c3:fd:9e:e4:
db:6b:bb:d1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzC21TCcEwvrCLZ4YnLqSi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZiYTIwOWM1MGMwMmE4NThiNTQzMDhjODJhZTViZjMwMmVmYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4g8682i1eovdjSSFZL1Uiyshasvi
UAdPghKG4mM8OR7pomKP51cHToROjuWVnHQSsR7lM72mu06NLEtxir+7GlgLjh3O
gz8PimwA/L2tS/ExvgmYxwwXzfLkrOEupTNPmn1CfSkHgNZVGO1jEg+uf8Vd7Pc0
78sd3/NRrguAV6OXmEYRJxYbPhpwhZVTessduNnj/KpxlelNA3/fiO+Ias1ilOx+
wCrF+BAFNCqduVV0ElfHJMD/nfONEFmeZIjZmAoeDhKHaXSrW2UhltO7HD2lx0Z/
Qpx2/abhZ0x1V0V54nkaG8V6ztDHP6zW1LbB5GpfxPsY1MyqUzKmMJbAWQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAZrognFDAKoWLVDCMgq5b8wLvqkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIxLzMxNTFi
OC1kOGYxLTQxMDItOTM2Zi05M2ZmZWM1YzNjODEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEvMzE1MWI4
LWQ4ZjEtNDEwMi05MzZmLTkzZmZlYzVjM2M4MS8xL0JtdWlDY1VNQXFoWXRVTUl5
Q3JsdnpBdS1xUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMwRTANBgkqhkiG9w0BAQsFAAOCAQEAd3L2s5T9n0md
eVxeTIZWoST5IBNZBNU8JePL/QUue1Ud5o7Xp0GxWR7G0NYae8XIEEv8KsIadzqA
Wb6k6SSoLr1yXQecIXtD+ug0kmU5cJoA1j9dUh2sX+hfzB3CBWgdQiiFW3g8an5l
9Cflf6cTwUU+k4GV4DodmjcCevrxOReqWRmKS8LrVZP7a1OLuh3E8Pm4f+l9F+4z
LYXyDxt9+tjCr3Flg8ADeRb3iM8l8t/ZZQf04m9xvbi5RIKEHbE82fZVtBLKZLqv
Ph4vFLy8LdLLPZ1bJlJ6uUkzaAjW4SgUaxdpwdmNOaWhB7f9LJHuVHq/cJKPUMvD
/Z7k22u70Q==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:25:14 2024 by rpki-client on console-ams.rpki-client.org