Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer
File: CnN3j7G-woyZgmUq7ehqAEwmgvE.cer (raw, json)
Hash identifier: PglPW5vU8FOMUEtDoFcI0hBDByuXCbw6q5HzF0f4eq8=
Subject key identifier: 0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E2CAD9BC4FDC4938EB1FFFE31E66AC4A1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 11 Mar 2024 08:42:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.30.28.0/22
IP: 185.38.196.0/22
IP: 2a00:ae60::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:ad:9b:c4:fd:c4:93:8e:b1:ff:fe:31:e6:6a:c4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 11 08:42:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a73778fb1bec28c9982652aede86a004c2682f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:5d:75:ec:c3:94:fd:c2:ec:d3:2e:6b:11:
94:32:20:52:33:e6:f4:a2:70:c9:de:ea:a9:34:4f:
c5:75:5b:89:6a:d3:68:91:1a:42:31:9d:e7:1e:24:
ae:8f:8f:93:58:2a:a1:66:47:90:39:7a:15:64:29:
d7:da:8d:17:fd:21:3c:c5:b2:f6:5c:6c:43:03:fb:
19:85:41:a2:df:f1:e6:7f:fc:ca:c3:12:8d:24:87:
6a:03:a2:1e:13:48:30:da:55:d2:89:52:5c:72:7c:
c7:51:14:4a:c7:2d:31:48:87:8f:13:81:66:58:6e:
cf:3a:dc:d2:dc:70:33:5d:44:b6:86:75:c1:12:17:
47:0c:41:1b:01:dd:76:b9:45:0d:c5:14:20:0f:22:
30:3a:42:d2:de:b2:0a:8c:d3:58:c5:4b:a8:88:b4:
74:a2:1e:a1:26:b0:12:86:3d:ac:a0:5c:b5:ff:46:
e5:3c:87:eb:63:8f:50:c5:26:57:e9:7a:d4:b8:ac:
a8:e8:36:05:bb:c4:1e:ce:19:05:fc:79:86:b5:d0:
01:f0:c4:d9:c7:c5:85:ae:90:f6:9c:74:aa:1e:ba:
b8:56:68:bf:9a:2f:60:8b:7c:9b:8a:c8:cf:bc:f7:
66:52:71:32:ef:97:fc:74:2d:89:16:87:45:d5:42:
de:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.28.0/22
185.38.196.0/22
IPv6:
2a00:ae60::/32
Signature Algorithm: sha256WithRSAEncryption
57:c7:07:77:c5:15:50:a2:76:3a:07:cb:0c:a3:05:10:e4:0b:
ea:26:2b:27:f3:ba:11:f8:d0:e9:5f:eb:29:c2:a1:81:58:e3:
4c:11:b9:09:5f:68:38:ac:0a:2c:d6:a2:95:f7:8f:fe:02:69:
70:13:c7:40:0f:3c:25:3a:d2:8c:6b:a3:e8:f4:4e:f3:a7:b1:
bb:aa:6d:22:38:0e:c4:87:18:11:f7:e5:52:4f:29:0d:fa:39:
92:08:cf:06:db:7f:46:9b:8c:47:9e:53:c7:d6:41:b7:55:79:
19:59:8d:ac:f6:c7:d6:27:be:f7:48:43:1d:9b:40:5e:31:90:
12:2c:3a:1c:f6:92:bf:d2:c8:76:ba:bf:b9:b1:8d:7c:57:39:
ce:44:25:3e:d2:22:97:07:21:3a:45:04:e8:cc:22:68:d4:73:
63:1a:dd:77:e3:c0:13:16:05:6a:80:78:88:9c:6e:8f:6d:64:
13:dc:22:a9:b6:88:aa:67:4e:a1:a9:e1:0f:88:45:c2:8c:fa:
99:0e:76:07:83:5a:8f:aa:df:6f:64:56:48:f5:fa:48:f3:d3:
30:fd:a5:83:66:fb:16:8e:08:ea:3e:63:f2:ed:4e:ea:ae:fe:
f9:bc:9c:9c:8c:54:22:d1:a4:c4:53:84:e4:46:0c:eb:b4:a0:
83:c6:15:ff
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAY4srZvE/cSTjrH//jHmasShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzExMDg0MjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTczNzc4ZmIxYmVjMjhjOTk4MjY1MmFlZGU4NmEwMDRjMjY4MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjZddezDlP3C7NMuaxGUMiBSM+b0
onDJ3uqpNE/FdVuJatNokRpCMZ3nHiSuj4+TWCqhZkeQOXoVZCnX2o0X/SE8xbL2
XGxDA/sZhUGi3/Hmf/zKwxKNJIdqA6IeE0gw2lXSiVJccnzHURRKxy0xSIePE4Fm
WG7POtzS3HAzXUS2hnXBEhdHDEEbAd12uUUNxRQgDyIwOkLS3rIKjNNYxUuoiLR0
oh6hJrAShj2soFy1/0blPIfrY49QxSZX6XrUuKyo6DYFu8QezhkF/HmGtdAB8MTZ
x8WFrpD2nHSqHrq4Vmi/mi9gi3ybisjPvPdmUnEy75f8dC2JFodF1ULeEwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFApzd4+xvsKMmYJlKu3oagBMJoLxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc2L2U2ZTE1
Yy0xMmIwLTQwYmUtOGJjMS01NzA4ZjU4MGUzNmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvZTZlMTVj
LTEyYjAtNDBiZS04YmMxLTU3MDhmNTgwZTM2YS8xL0NuTjNqN0ctd295WmdtVXE3
ZWhxQUV3bWd2RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuR4cAwQCuSbEMA0EAgACMAcDBQAqAK5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBXxwd3xRVQonY6B8sMowUQ5AvqJisn87oR+NDpX+sp
wqGBWONMEbkJX2g4rAos1qKV94/+AmlwE8dADzwlOtKMa6Po9E7zp7G7qm0iOA7E
hxgR9+VSTykN+jmSCM8G239Gm4xHnlPH1kG3VXkZWY2s9sfWJ773SEMdm0BeMZAS
LDoc9pK/0sh2ur+5sY18VznORCU+0iKXByE6RQTozCJo1HNjGt1348ATFgVqgHiI
nG6PbWQT3CKptoiqZ06hqeEPiEXCjPqZDnYHg1qPqt9vZFZI9fpI89Mw/aWDZvsW
jgjqPmPy7U7qrv75vJycjFQi0aTEU4TkRgzrtKCDxhX/
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:19:36 2024 by rpki-client on console-fra.rpki-client.org