Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/EceeiifN6ZEb19pjhzxcxVjb1TE.cer
File: EceeiifN6ZEb19pjhzxcxVjb1TE.cer (raw, json)
Hash identifier: oE3Tg03h3raPeqyNX0x4Q6CGeG7vTlE6uJQqn11XcDs=
Subject key identifier: 11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B688DBCE9249AECFE8716528CD3F13
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:29:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 212684
IP: 91.192.9.0/24
IP: 107.150.165.0/24
IP: 2a06:39c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 13:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:88:db:ce:92:49:ae:cf:e8:71:65:28:cd:3f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11c79e8a27cde9911bd7da63873c5cc558dbd531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:87:d1:18:95:c9:61:85:ab:dd:f5:da:7e:
81:32:04:09:d3:ff:73:cb:44:5e:79:da:9f:d1:5d:
25:77:82:9e:19:c8:ce:b6:97:79:b6:f1:93:f5:c1:
12:cb:5f:bb:ec:3c:57:21:67:c5:ec:67:19:26:07:
27:18:4a:02:5a:81:74:c6:76:bb:2b:5e:bc:a1:2e:
db:b1:7e:1d:64:0d:50:02:4a:23:b7:85:06:8c:a3:
a8:78:b9:59:0d:a9:c7:c8:46:42:d5:49:b8:43:0f:
eb:7d:5d:d0:d7:65:b5:75:2b:2b:b5:50:64:fd:b3:
f8:dc:9f:99:ef:ff:2f:c8:ad:09:b5:b8:1a:90:9b:
4d:d3:75:8a:e0:00:01:a4:20:d7:73:9f:a3:89:dd:
91:2b:ae:a8:05:42:7a:f7:90:2f:6d:f9:c6:36:32:
58:e1:69:32:63:c9:21:5f:0b:29:54:a4:9e:e4:01:
18:c3:70:71:cc:28:5c:90:11:03:37:47:16:c8:2a:
e2:de:7d:b9:e6:9a:2e:69:9e:26:0d:aa:84:d3:f5:
36:ea:78:57:a4:f2:1e:bb:b4:37:34:04:16:42:9e:
92:ff:c3:92:9d:5e:94:41:6c:24:76:8d:6d:e0:1a:
bf:73:e2:ab:a0:8a:cd:cd:10:67:98:03:c2:67:e1:
c1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.9.0/24
107.150.165.0/24
IPv6:
2a06:39c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212684
Signature Algorithm: sha256WithRSAEncryption
67:ae:51:ef:b4:03:f7:86:cf:35:84:f3:77:93:93:9e:5f:32:
96:81:6a:67:da:59:14:a7:31:a2:72:48:fe:e1:17:22:4f:83:
24:b5:0f:17:c5:13:be:19:74:34:8a:99:65:38:01:30:8d:94:
89:85:3d:61:42:da:52:36:2d:8a:6c:dd:61:a9:11:4d:f6:8d:
a0:2b:6f:31:bd:18:77:52:d5:f0:90:6b:55:19:9c:f7:25:ca:
ae:85:fa:18:65:ba:83:e6:e3:1f:b2:e3:a3:8e:74:5c:4a:3f:
1a:c3:51:1c:9f:c8:5d:47:b8:e9:60:e2:0d:08:d6:99:c5:d9:
b3:75:74:a4:1c:7c:ac:b1:59:dc:a6:70:b0:31:bc:09:09:c0:
cd:df:da:0d:e4:35:20:45:68:7a:5d:90:65:07:e0:38:5a:6c:
50:63:3e:73:7e:13:a5:41:89:fe:63:25:78:cb:4e:8e:bc:0a:
5d:b5:89:01:4f:0b:08:2b:7f:7a:be:91:5c:74:eb:90:17:6a:
67:6b:b1:86:7b:cf:9d:43:06:97:30:b0:c0:6a:93:31:03:ca:
cb:a8:68:14:73:2e:be:50:08:f6:c5:bd:3c:3c:a3:a6:55:6a:
e3:74:a0:0f:74:e1:70:d9:01:73:ea:9d:02:e3:97:c2:32:a0:
a0:82:96:50
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDtojbzpJJrs/ocWUozT8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM3OWU4YTI3Y2RlOTkxMWJkN2RhNjM4NzNjNWNjNTU4ZGJkNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz+H0RiVyWGFq9312n6BMgQJ0/9z
y0Reedqf0V0ld4KeGcjOtpd5tvGT9cESy1+77DxXIWfF7GcZJgcnGEoCWoF0xna7
K168oS7bsX4dZA1QAkojt4UGjKOoeLlZDanHyEZC1Um4Qw/rfV3Q12W1dSsrtVBk
/bP43J+Z7/8vyK0JtbgakJtN03WK4AABpCDXc5+jid2RK66oBUJ695AvbfnGNjJY
4WkyY8khXwspVKSe5AEYw3BxzChckBEDN0cWyCri3n255pouaZ4mDaqE0/U26nhX
pPIeu7Q3NAQWQp6S/8OSnV6UQWwkdo1t4Bq/c+KroIrNzRBnmAPCZ+HBQQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFBHHnoonzemRG9faY4c8XMVY29UxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NhLzQxNGU1
YS01MmY4LTQ4NDUtYjFiYi1iOTkzMDUxMGQwYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvNDE0ZTVh
LTUyZjgtNDg0NS1iMWJiLWI5OTMwNTEwZDBhMC8xL0VjZWVpaWZONlpFYjE5cGpo
enhjeFZqYjFURS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAW8AJAwQAa5alMA0EAgACMAcDBQMqBjnAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwM+zDANBgkqhkiG9w0BAQsFAAOCAQEAZ65R
77QD94bPNYTzd5OTnl8yloFqZ9pZFKcxonJI/uEXIk+DJLUPF8UTvhl0NIqZZTgB
MI2UiYU9YULaUjYtimzdYakRTfaNoCtvMb0Yd1LV8JBrVRmc9yXKroX6GGW6g+bj
H7Ljo450XEo/GsNRHJ/IXUe46WDiDQjWmcXZs3V0pBx8rLFZ3KZwsDG8CQnAzd/a
DeQ1IEVoel2QZQfgOFpsUGM+c34TpUGJ/mMleMtOjrwKXbWJAU8LCCt/er6RXHTr
kBdqZ2uxhnvPnUMGlzCwwGqTMQPKy6hoFHMuvlAI9sW9PDyjplVq43SgD3ThcNkB
c+qdAuOXwjKgoIKWUA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 14:51:26 2024 by rpki-client on console-ams.rpki-client.org