Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
File: CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer (raw, json)
Hash identifier: JEgZYgl6/IHJ8UxW+GMY40F8px/guj7kSKZEHWHTc9Q=
Subject key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56DFAFABDB8BE44BD0E16B72715B206
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47294
IP: 199.244.100.0/22
IP: 2a13:e5c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fa:fa:bd:b8:be:44:bd:0e:16:b7:27:15:b2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3d:4d:69:cb:32:6c:0f:34:2c:33:76:bf:1c:
fc:9a:2e:7d:67:ca:f7:f6:78:7a:3d:99:61:fb:bf:
dd:10:60:89:8f:fe:a7:5b:8e:0f:11:5b:a6:83:af:
10:a2:29:50:71:22:cb:ff:ec:bf:31:9c:0b:36:be:
b2:04:71:b8:8f:fb:ff:05:3f:ee:6b:78:36:54:c3:
74:43:05:6a:65:2c:4a:ef:f0:50:8b:ff:68:39:ca:
0b:44:5d:e6:e9:18:71:9e:c6:5c:77:c7:4f:a7:fe:
1f:05:a7:c3:e9:8e:67:6b:31:a3:7f:7d:27:c8:99:
b3:de:16:00:9f:e8:56:da:a1:a9:12:de:99:2d:ed:
c3:06:1f:2d:96:2b:be:65:c6:9b:47:39:c7:65:28:
ce:ed:3e:4b:ec:a9:54:69:a3:af:21:20:4a:a1:1e:
1b:27:e3:9c:ec:d2:7a:66:04:17:f9:d6:6b:54:39:
02:e9:ca:b6:b3:a2:01:7c:96:a5:93:48:ba:b3:80:
a0:3b:ad:ff:32:22:26:d3:9a:0e:7e:98:35:e0:aa:
60:a1:b8:42:c9:d5:ba:a1:6e:e2:1f:68:66:25:6b:
a8:70:a8:fd:da:2f:10:5b:81:b6:f2:27:5d:b8:ab:
0f:2a:cd:ca:21:46:a4:bc:2f:4f:f3:2b:fd:18:aa:
40:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.244.100.0/22
IPv6:
2a13:e5c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47294
Signature Algorithm: sha256WithRSAEncryption
5d:79:a8:5d:4a:8f:0f:0d:e9:d5:18:07:b9:7d:c8:d3:e5:ed:
cd:64:7a:b5:6c:68:9d:75:12:e6:f6:e6:1b:2f:e0:22:ad:d7:
bf:7b:6d:54:32:26:e5:5c:c4:45:c4:a4:f0:e4:d7:61:01:fb:
da:7d:2c:5f:43:f2:cf:d0:f3:27:9b:c2:87:3f:7c:74:b4:b1:
21:f8:ea:6a:9d:1f:cc:7f:97:26:8e:cf:26:a7:7c:0d:62:f3:
8b:b1:92:0f:e8:4a:72:88:c7:8c:ba:71:2f:c6:cc:c3:3d:0b:
86:fa:78:05:06:d7:c3:3f:4c:d5:90:3c:a3:19:d0:7b:8c:1d:
67:1c:8e:f2:af:61:78:dd:1c:ff:09:e9:e4:f3:e3:e8:8b:cb:
69:d2:49:69:29:f1:e5:71:21:c7:62:76:ad:2a:b6:bd:60:c6:
a0:98:2f:cf:e5:7d:32:19:b4:21:c9:c3:ac:7b:c6:1e:ac:e6:
47:22:08:42:3c:52:3a:26:9d:16:2e:a9:78:cc:09:0e:bd:76:
a7:8a:11:f5:b5:ce:65:3c:37:da:b7:3b:71:8a:03:c6:82:31:
ff:8d:18:dc:18:68:e3:96:79:4a:3b:81:a8:bc:19:e2:d2:f9:
02:b1:b6:9c:80:82:f5:b7:aa:eb:d3:f7:05:62:ca:85:01:7b:
e1:42:60:b3
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzFbfr6vbi+RL0OFrcnFbIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBlNTkyYTJlMGQ0MjdhMDlhYTJkZTFiOWJhZjA4Y2NkMTRmMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj1NacsybA80LDN2vxz8mi59Z8r3
9nh6PZlh+7/dEGCJj/6nW44PEVumg68QoilQcSLL/+y/MZwLNr6yBHG4j/v/BT/u
a3g2VMN0QwVqZSxK7/BQi/9oOcoLRF3m6RhxnsZcd8dPp/4fBafD6Y5nazGjf30n
yJmz3hYAn+hW2qGpEt6ZLe3DBh8tliu+ZcabRznHZSjO7T5L7KlUaaOvISBKoR4b
J+Oc7NJ6ZgQX+dZrVDkC6cq2s6IBfJalk0i6s4CgO63/MiIm05oOfpg14KpgobhC
ydW6oW7iH2hmJWuocKj92i8QW4G28idduKsPKs3KIUakvC9P8yv9GKpAXwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAkOWSouDUJ6Caot4bm68IzNFPCgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1LzE1ZjY5
MC01YWRkLTQ3MGQtYTI4Ni0zM2JkYzczZWQwZWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUvMTVmNjkw
LTVhZGQtNDcwZC1hMjg2LTMzYmRjNzNlZDBlYS8xL0NRNVpLaTROUW5vSnFpM2h1
YnJ3ak0wVThLQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCx/RkMA0EAgACMAcDBQAqE+XAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC4vjANBgkqhkiG9w0BAQsFAAOCAQEAXXmoXUqPDw3p
1RgHuX3I0+XtzWR6tWxonXUS5vbmGy/gIq3Xv3ttVDIm5VzERcSk8OTXYQH72n0s
X0Pyz9DzJ5vChz98dLSxIfjqap0fzH+XJo7PJqd8DWLzi7GSD+hKcojHjLpxL8bM
wz0Lhvp4BQbXwz9M1ZA8oxnQe4wdZxyO8q9heN0c/wnp5PPj6IvLadJJaSnx5XEh
x2J2rSq2vWDGoJgvz+V9Mhm0IcnDrHvGHqzmRyIIQjxSOiadFi6peMwJDr12p4oR
9bXOZTw32rc7cYoDxoIx/40Y3Bho45Z5SjuBqLwZ4tL5ArG2nICC9beq69P3BWLK
hQF74UJgsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:29 2024 by rpki-client on console-fra.rpki-client.org