Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
File: E2a5YKbx8EQ58JGG-ez1ManOJkg.cer (raw, json)
Hash identifier: 2Fm8SWL1zaJMaPI4HSpb8aaCCt8gEmkjjLFP98Sxe+Y=
Subject key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC80145AB9813E1B36888ABD5FF4E6A13
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:35 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12890
IP: 193.109.168.0/22
IP: 194.150.220.0/23
IP: 2a0f:1ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 23:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:45:ab:98:13:e1:b3:68:88:ab:d5:ff:4e:6a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f2:f4:49:9d:5a:e8:18:86:7f:a1:b9:e8:16:
ea:fa:f9:36:2e:3e:89:bb:df:7a:a1:3f:d6:c0:cd:
15:e4:82:34:0e:6a:c1:4b:76:55:cf:e9:a4:21:44:
e1:b0:2a:ca:26:c9:7e:f9:5b:85:e0:64:cb:1c:5a:
54:cb:39:4c:c8:7d:1d:98:a8:b2:fb:f3:2b:43:ec:
87:82:e2:2d:0e:03:10:1e:aa:c7:5b:83:af:f2:2a:
3b:a6:b9:a0:4f:09:df:1b:a9:d2:0b:5c:72:1b:40:
1b:95:38:fa:f8:8f:84:0e:a2:6e:3d:d8:45:cc:23:
ae:22:25:b4:91:f3:6f:45:46:1d:e5:58:46:d2:a2:
80:53:ab:e0:a2:92:e1:dd:2d:2c:ea:b9:e1:32:af:
b5:1f:df:22:48:84:89:72:93:79:b1:eb:3f:2a:22:
b4:02:25:e1:84:68:60:ce:9b:a9:14:6b:9a:37:ac:
5d:7d:22:43:44:a5:1d:6d:0f:a7:4f:13:47:51:53:
f3:21:eb:d6:43:ac:ab:d4:01:83:67:93:bb:48:66:
89:a3:eb:d8:16:1c:26:7c:59:51:7f:24:fa:a7:1e:
fc:30:05:76:0c:a7:a6:87:32:ab:1b:c3:de:e5:eb:
89:35:80:29:87:0b:ab:2c:03:57:bf:ae:9a:8e:df:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.168.0/22
194.150.220.0/23
IPv6:
2a0f:1ec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12890
Signature Algorithm: sha256WithRSAEncryption
31:30:9d:f2:53:bf:e9:06:6e:f5:84:3d:d8:9a:cc:96:71:c7:
d8:11:14:59:a6:0e:84:65:c7:3e:58:79:27:f7:eb:c5:7c:80:
46:16:ef:01:5d:e3:9e:67:29:76:87:b3:c6:1f:52:df:df:20:
ce:f7:af:cb:68:26:15:9b:a6:2c:0e:27:3c:b1:11:9f:00:e0:
eb:bf:5b:19:3b:9e:ed:f6:e3:4b:5f:ae:ea:3e:43:65:f3:a6:
5d:61:3a:72:3a:03:25:8e:9c:07:e9:35:8b:d8:e2:80:b6:1d:
d4:f5:6b:88:6c:aa:1a:43:f0:46:e7:2c:60:e8:23:7a:b9:7e:
4a:a0:48:36:ef:aa:3f:22:c6:cb:48:c2:66:6a:06:47:95:eb:
70:93:5c:f4:fd:7e:93:2e:c0:64:f4:ab:61:d2:1f:20:ee:f7:
44:39:f4:00:cc:87:b2:71:04:d2:a1:ab:a5:00:18:ea:8f:90:
24:ee:ce:ce:14:39:f4:15:aa:99:f0:cc:c5:ce:18:b2:db:c6:
53:91:e5:ff:56:26:6d:5d:7c:4e:71:30:12:c1:70:ac:85:45:
00:62:31:72:54:ab:6b:a6:42:48:7b:b7:d2:7c:ae:50:c8:85:
33:9e:b8:b0:7f:3f:17:1a:c9:44:d8:24:0d:60:97:1e:d2:27:
f0:7e:c4:85
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYzIAUWrmBPhs2iIq9X/TmoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzY2Yjk2MGE2ZjFmMDQ0MzlmMDkxODZmOWVjZjUzMWE5Y2UyNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vL0SZ1a6BiGf6G56Bbq+vk2Lj6J
u996oT/WwM0V5II0DmrBS3ZVz+mkIUThsCrKJsl++VuF4GTLHFpUyzlMyH0dmKiy
+/MrQ+yHguItDgMQHqrHW4Ov8io7prmgTwnfG6nSC1xyG0AblTj6+I+EDqJuPdhF
zCOuIiW0kfNvRUYd5VhG0qKAU6vgopLh3S0s6rnhMq+1H98iSISJcpN5ses/KiK0
AiXhhGhgzpupFGuaN6xdfSJDRKUdbQ+nTxNHUVPzIevWQ6yr1AGDZ5O7SGaJo+vY
FhwmfFlRfyT6px78MAV2DKemhzKrG8Pe5euJNYAphwurLANXv66ajt9sAQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFBNmuWCm8fBEOfCRhvns9TGpziZIMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg2LzQ0MDJi
MC0yZWNhLTQ4MzYtYmYyMi1hOTY3MTU5Zjg4N2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYvNDQwMmIw
LTJlY2EtNDgzNi1iZjIyLWE5NjcxNTlmODg3ZC8xL0UyYTVZS2J4OEVRNThKR0ct
ZXoxTWFuT0prZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCwW2oAwQBwpbcMA0EAgACMAcDBQMqDx7AMBkG
CCsGAQUFBwEIAQH/BAowCKAGMAQCAjJaMA0GCSqGSIb3DQEBCwUAA4IBAQAxMJ3y
U7/pBm71hD3YmsyWccfYERRZpg6EZcc+WHkn9+vFfIBGFu8BXeOeZyl2h7PGH1Lf
3yDO96/LaCYVm6YsDic8sRGfAODrv1sZO57t9uNLX67qPkNl86ZdYTpyOgMljpwH
6TWL2OKAth3U9WuIbKoaQ/BG5yxg6CN6uX5KoEg276o/IsbLSMJmagZHletwk1z0
/X6TLsBk9Kth0h8g7vdEOfQAzIeycQTSoaulABjqj5Ak7s7OFDn0FaqZ8MzFzhiy
28ZTkeX/ViZtXXxOcTASwXCshUUAYjFyVKtrpkJIe7fSfK5QyIUznriwfz8XGslE
2CQNYJce0ifwfsSF
-----END CERTIFICATE-----
Generated at Thu Apr 25 04:26:41 2024 by rpki-client on console-fra.rpki-client.org