Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
File: IwNA0n5LJPkSSXcyLts2lC4tFgw.cer (raw, json)
Hash identifier: 8+pjl8KbjnvGfWDCWB0FHtiED87f7DB0EavqcgAv8Sw=
Subject key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7942BB18762057D54900FAF02B9AA9E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:25 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 24848
AS: 30778
IP: 81.6.128.0/18
IP: 81.26.0.0/19
IP: 2a00:cd80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:2b:b1:87:62:05:7d:54:90:0f:af:02:b9:aa:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=230340d27e4b24f9124977322edb36942e2d160c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:19:75:29:da:ee:a5:8d:0f:39:fb:b9:70:17:
60:79:95:54:79:e3:22:05:a8:2b:0c:50:71:df:2b:
f1:aa:c7:6c:a3:ea:22:3b:0c:94:8a:d3:c3:6d:e5:
c2:8f:5c:1b:6d:92:78:28:c7:3b:2a:af:c1:63:25:
e8:ae:2b:69:37:2a:c2:01:e5:2a:1d:04:6b:00:46:
1a:1e:a7:7c:e1:ed:82:74:9d:a6:39:94:7d:77:12:
19:0a:39:0c:3e:80:33:91:b8:f7:41:b7:67:56:51:
54:a7:39:78:ed:a4:76:46:c9:5a:99:bd:13:6a:9e:
a9:62:88:7a:e9:46:94:da:23:eb:15:0f:40:2f:d7:
63:ce:9c:d1:e5:4a:8b:9b:69:1c:d9:ce:c2:0d:6b:
4b:ac:fd:a8:4d:41:41:15:61:ba:c9:8d:4c:fe:2d:
bd:42:db:18:ab:f3:e6:aa:83:3d:04:27:bb:a3:17:
b4:16:42:ca:b8:26:ec:79:af:88:82:0a:90:23:c1:
15:f2:ff:54:c2:f7:17:71:b7:63:4a:a7:b1:34:52:
07:02:42:13:16:10:5e:f7:16:00:fe:69:60:63:68:
7f:c7:85:63:41:a6:cd:d8:27:19:8e:38:c6:4a:ad:
a7:47:fd:9b:a7:a9:3c:29:3c:c7:ac:5b:9a:d6:c3:
55:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.6.128.0/18
81.26.0.0/19
IPv6:
2a00:cd80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24848
30778
Signature Algorithm: sha256WithRSAEncryption
5d:9e:cd:54:1e:b2:bf:d1:b6:d5:c0:7f:5b:80:fa:6f:c4:fc:
c6:ad:a5:ba:4b:e2:30:08:07:0c:ee:52:17:45:ee:96:0f:05:
d7:1d:e9:c9:41:f0:8e:3b:92:57:40:a8:2b:03:33:b3:2d:2c:
02:b3:4e:24:14:c7:e9:07:2d:8a:10:bb:5e:4d:ff:94:67:fb:
c8:6b:47:f9:b6:09:f3:73:b4:ec:3d:e1:47:e3:13:d1:7e:81:
ec:3d:fc:81:10:16:b4:d6:4d:93:8c:82:86:e6:0f:e6:4f:cb:
43:b9:e1:fc:05:69:37:53:7b:e2:87:fa:38:7a:1e:fa:2d:0e:
b6:6e:42:9d:ca:f1:db:e6:02:ce:44:7e:e5:18:14:27:77:d0:
29:ad:0d:89:fc:51:5e:05:d2:42:a4:1d:8f:66:2f:21:ff:30:
2a:1e:1e:bc:bd:8d:fa:23:ef:6b:61:26:24:86:39:81:31:f3:
42:fe:51:f3:dc:fb:0b:e0:06:d3:6b:96:7d:cb:2a:ab:19:da:
f1:9f:07:8f:c8:2f:e3:ce:3d:73:60:48:6f:21:0a:59:9c:96:
e1:e5:58:f8:26:be:c5:49:53:f1:93:69:e7:be:5b:73:2c:64:
1e:92:cf:dd:14:a5:37:ee:d3:09:22:6b:09:aa:16:11:0a:f3:
50:b6:e2:58
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYzHlCuxh2IFfVSQD68CuaqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAzNDBkMjdlNGIyNGY5MTI0OTc3MzIyZWRiMzY5NDJlMmQxNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bl1KdrupY0POfu5cBdgeZVUeeMi
BagrDFBx3yvxqsdso+oiOwyUitPDbeXCj1wbbZJ4KMc7Kq/BYyXoritpNyrCAeUq
HQRrAEYaHqd84e2CdJ2mOZR9dxIZCjkMPoAzkbj3QbdnVlFUpzl47aR2Rslamb0T
ap6pYoh66UaU2iPrFQ9AL9djzpzR5UqLm2kc2c7CDWtLrP2oTUFBFWG6yY1M/i29
QtsYq/PmqoM9BCe7oxe0FkLKuCbsea+IggqQI8EV8v9UwvcXcbdjSqexNFIHAkIT
FhBe9xYA/mlgY2h/x4VjQabN2CcZjjjGSq2nR/2bp6k8KTzHrFua1sNVLwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFCMDQNJ+SyT5Ekl3Mi7bNpQuLRYMMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzdiZGY1
Mi02YWM1LTRjMjQtYmZkMC1iNTcwOTA3YjU5ZWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvN2JkZjUy
LTZhYzUtNGMyNC1iZmQwLWI1NzA5MDdiNTllYi8xL0l3TkEwbjVMSlBrU1NYY3lM
dHMybEM0dEZndy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQGUQaAAwQFURoAMA0EAgACMAcDBQAqAM2AMB0G
CCsGAQUFBwEIAQH/BA4wDKAKMAgCAmEQAgJ4OjANBgkqhkiG9w0BAQsFAAOCAQEA
XZ7NVB6yv9G21cB/W4D6b8T8xq2lukviMAgHDO5SF0Xulg8F1x3pyUHwjjuSV0Co
KwMzsy0sArNOJBTH6QctihC7Xk3/lGf7yGtH+bYJ83O07D3hR+MT0X6B7D38gRAW
tNZNk4yChuYP5k/LQ7nh/AVpN1N74of6OHoe+i0Otm5Cncrx2+YCzkR+5RgUJ3fQ
Ka0NifxRXgXSQqQdj2YvIf8wKh4evL2N+iPva2EmJIY5gTHzQv5R89z7C+AG02uW
fcsqqxna8Z8Hj8gv4849c2BIbyEKWZyW4eVY+Ca+xUlT8ZNp575bcyxkHpLP3RSl
N+7TCSJrCaoWEQrzULbiWA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 09:09:10 2024 by rpki-client on console-fra.rpki-client.org