Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/F9LMnguBhrYLJwMTzZaCECLQS5U.cer
File: F9LMnguBhrYLJwMTzZaCECLQS5U.cer (raw, json)
Hash identifier: cbyR+uTB2m7Iz/2fZy3XdyU5ERN4BJXlI85ZPpEHJ00=
Subject key identifier: 17:D2:CC:9E:0B:81:86:B6:0B:27:03:13:CD:96:82:10:22:D0:4B:95
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E83E074EBFBA5D73BFD27B6C1670873FE
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/F9LMnguBhrYLJwMTzZaCECLQS5U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 28 Mar 2024 07:05:09 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 212.125.140.0/23
IP: 2a14:2940::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:83:e0:74:eb:fb:a5:d7:3b:fd:27:b6:c1:67:08:73:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 28 07:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17d2cc9e0b8186b60b270313cd96821022d04b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:92:75:d5:30:fe:2a:5c:61:38:b6:e1:5c:6b:
7b:f5:63:e7:37:ed:aa:1d:c6:a0:65:2e:32:81:f6:
e8:d1:1d:01:ab:c1:6e:4f:10:02:c8:15:95:86:5e:
c3:60:41:72:12:18:c7:db:03:8d:4f:9e:71:90:14:
23:e1:54:21:1d:f6:4f:29:af:89:60:93:74:aa:8e:
d4:ac:12:2e:f4:d0:12:16:e4:80:49:c3:62:25:bb:
a4:50:9a:3c:a9:03:8c:1a:3d:2f:2a:3f:44:59:fa:
fe:20:9d:0c:57:c4:bf:2c:33:3a:b6:13:42:37:e1:
47:e8:2e:31:0e:e2:cc:01:23:70:85:5c:3b:e7:e1:
ef:f3:0c:3e:4b:35:da:8a:dc:b5:b8:f7:6b:b7:23:
f8:46:39:57:9f:3c:09:1f:e4:dd:fd:6a:18:35:c5:
8e:14:c8:7b:11:d7:10:c3:d4:22:c8:20:80:91:3d:
7d:78:59:16:da:e5:28:a3:06:0d:32:5a:c1:2b:95:
5b:1c:eb:fd:ad:01:cb:39:ab:23:57:48:06:2f:62:
5c:0d:da:c8:a3:2a:ab:ce:4b:ca:7e:f5:cd:2a:80:
72:72:f7:f0:3c:42:0d:17:83:97:40:4d:2d:30:6a:
77:35:df:31:5a:19:0e:4c:b3:08:7d:47:1a:fe:6e:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D2:CC:9E:0B:81:86:B6:0B:27:03:13:CD:96:82:10:22:D0:4B:95
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/0d38f9-e0c1-46cc-9a22-dfbb6ec3430e/1/F9LMnguBhrYLJwMTzZaCECLQS5U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.140.0/23
IPv6:
2a14:2940::/29
Signature Algorithm: sha256WithRSAEncryption
21:e4:cb:42:2c:bd:5f:6e:98:84:bf:e0:05:18:06:07:69:3c:
cb:6a:45:c5:e8:b5:4d:a4:91:dd:29:95:58:ef:98:78:a8:cf:
33:d4:04:46:25:42:90:9f:74:3a:cc:64:cd:03:5a:8a:cc:7e:
31:25:0f:a6:e2:47:51:be:0b:30:27:a6:c8:88:46:61:9e:1e:
79:fe:5b:cf:26:56:5b:1e:aa:8d:1d:23:ab:7d:2c:0f:46:b2:
02:1d:48:93:ba:d2:d1:a9:58:35:9a:f7:65:fc:9a:b5:9f:da:
f3:78:31:a5:b2:ab:16:af:23:94:be:95:19:f2:68:ee:b8:31:
c2:b5:65:13:7b:76:66:34:cd:9d:59:9f:e5:8f:01:94:b8:a2:
16:26:72:07:2b:af:f6:76:6f:eb:1f:4f:d4:8f:04:76:4a:01:
9f:3e:64:7a:04:8f:7d:26:a3:02:ac:7f:3b:dc:b5:ce:f8:f2:
c9:fd:40:bc:f8:2b:21:fc:f1:71:5e:31:0e:96:77:3b:5d:60:
45:28:82:2e:92:93:c5:d2:ea:bd:8c:7e:e7:dd:06:cb:5f:a8:
ae:d0:95:74:27:94:79:fa:ae:f8:bc:58:72:a4:67:c8:90:08:
46:cf:63:c9:70:0c:fe:a1:d8:aa:5c:42:bf:47:70:2c:f2:82:
99:23:64:ee
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAY6D4HTr+6XXO/0ntsFnCHP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzI4MDcwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2QyY2M5ZTBiODE4NmI2MGIyNzAzMTNjZDk2ODIxMDIyZDA0Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5J11TD+KlxhOLbhXGt79WPnN+2q
HcagZS4ygfbo0R0Bq8FuTxACyBWVhl7DYEFyEhjH2wONT55xkBQj4VQhHfZPKa+J
YJN0qo7UrBIu9NASFuSAScNiJbukUJo8qQOMGj0vKj9EWfr+IJ0MV8S/LDM6thNC
N+FH6C4xDuLMASNwhVw75+Hv8ww+SzXaity1uPdrtyP4RjlXnzwJH+Td/WoYNcWO
FMh7EdcQw9QiyCCAkT19eFkW2uUoowYNMlrBK5VbHOv9rQHLOasjV0gGL2JcDdrI
oyqrzkvKfvXNKoBycvfwPEINF4OXQE0tMGp3Nd8xWhkOTLMIfUca/m4iWwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFBfSzJ4LgYa2CycDE82WghAi0EuVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzBkMzhm
OS1lMGMxLTQ2Y2MtOWEyMi1kZmJiNmVjMzQzMGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvMGQzOGY5
LWUwYzEtNDZjYy05YTIyLWRmYmI2ZWMzNDMwZS8xL0Y5TE1uZ3VCaHJZTEp3TVR6
WmFDRUNMUVM1VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQB1H2MMA0EAgACMAcDBQMqFClAMA0GCSqGSIb3
DQEBCwUAA4IBAQAh5MtCLL1fbpiEv+AFGAYHaTzLakXF6LVNpJHdKZVY75h4qM8z
1ARGJUKQn3Q6zGTNA1qKzH4xJQ+m4kdRvgswJ6bIiEZhnh55/lvPJlZbHqqNHSOr
fSwPRrICHUiTutLRqVg1mvdl/Jq1n9rzeDGlsqsWryOUvpUZ8mjuuDHCtWUTe3Zm
NM2dWZ/ljwGUuKIWJnIHK6/2dm/rH0/UjwR2SgGfPmR6BI99JqMCrH873LXO+PLJ
/UC8+Csh/PFxXjEOlnc7XWBFKIIukpPF0uq9jH7n3QbLX6iu0JV0J5R5+q74vFhy
pGfIkAhGz2PJcAz+odiqXEK/R3As8oKZI2Tu
-----END CERTIFICATE-----
Generated at Fri May 3 10:04:01 2024 by rpki-client on console-fra.rpki-client.org