Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
File: JOU3iL1O-iOxqCB7fnSo4cxnewA.cer (raw, json)
Hash identifier: wR8BbNel/fUENcJOkoo3H3mcT5fMhZbTQxDGLj7dF9Q=
Subject key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4268CF7CDAA2F7F15A59A9B516C55FD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:31:49 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44838
IP: 46.183.24.0/21
IP: 91.203.40.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:26:8c:f7:cd:aa:2f:7f:15:a5:9a:9b:51:6c:55:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:bc:72:7c:8b:16:47:fe:62:30:c8:4c:26:
04:f7:cf:83:16:08:b1:f0:14:53:b7:7c:5c:d4:15:
97:51:d2:74:29:b5:68:b3:51:0a:c7:e7:f8:66:a0:
33:84:72:aa:f0:3f:36:f6:6d:ac:7f:bc:a2:23:c4:
da:a5:d5:27:68:24:e4:af:43:6a:78:76:a6:7b:f3:
09:7f:d1:ea:45:4a:cf:54:9b:39:8f:54:16:0f:7a:
53:04:81:a0:42:48:29:6e:ac:02:f3:07:2b:59:30:
6d:b9:f5:45:83:eb:ce:b1:73:c2:b8:33:8a:0f:56:
4e:d7:38:25:a2:1c:13:fc:83:0a:b1:28:ce:7c:b9:
ea:5c:ef:dc:fa:5c:9d:01:90:c5:b9:13:a2:b3:d0:
38:2f:ec:ef:7a:bb:dc:d3:64:fa:ee:3e:3b:1f:cd:
69:87:7c:cf:38:bc:d4:76:46:08:8c:3b:0c:4b:0b:
e9:7e:12:3a:7a:f5:28:94:9e:57:fd:e0:13:e0:88:
d2:7a:3f:de:ce:0a:15:12:a6:02:a9:af:5f:16:e8:
09:6a:73:06:a9:ca:01:20:33:4e:31:5b:f3:6f:0c:
a7:44:0a:66:f0:98:9a:62:eb:9c:45:0d:77:10:01:
8a:1a:3e:46:22:df:de:4e:aa:df:ff:cd:5b:19:70:
d1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.24.0/21
91.203.40.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44838
Signature Algorithm: sha256WithRSAEncryption
0b:70:a8:7c:37:ed:0b:c5:93:cb:dc:57:91:f5:1c:8b:53:1e:
f6:c3:89:ec:36:58:0f:2f:4b:2a:f3:1c:5f:b6:9c:ea:ed:72:
9f:f6:d7:13:62:6b:59:59:22:cb:7f:4d:3a:5c:a7:21:4a:b3:
77:c5:e4:43:dc:60:30:df:28:f5:7c:2c:02:91:29:e5:67:6d:
55:c4:8b:0f:04:f6:aa:19:d6:41:c3:2d:68:a9:31:f1:fa:74:
76:28:cc:d6:5a:fe:b4:c0:19:b9:5b:a3:9e:a8:43:33:28:5a:
24:67:75:e2:1d:b7:f8:3d:2f:10:2c:20:71:a0:4f:32:99:15:
5d:6a:d6:8d:90:8f:54:8b:1f:32:ff:eb:58:43:04:8e:43:26:
78:a6:b4:60:09:60:06:12:a9:de:25:b2:28:cb:11:e3:f3:d1:
b4:2c:77:30:4c:02:9c:46:26:1b:2e:4a:9a:9d:40:aa:39:82:
f5:e2:57:ec:94:1e:a4:71:e5:72:90:bd:c7:0c:43:b1:00:c2:
3e:03:a0:0e:35:64:cd:f6:d9:a2:2d:03:dc:b9:fc:4b:bc:47:
5c:2f:85:27:40:51:86:6b:a3:b1:57:33:2d:1c:1c:0f:53:8a:
99:1c:ec:cd:83:fe:72:f8:0e:01:4d:c6:bc:d2:ab:44:9d:3e:
30:9b:99:23
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYzEJoz3zaovfxWlmptRbFX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU1Mzc4OGJkNGVmYTIzYjFhODIwN2I3ZTc0YThlMWNjNjc3YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/u8cnyLFkf+YjDITCYE98+DFgix
8BRTt3xc1BWXUdJ0KbVos1EKx+f4ZqAzhHKq8D829m2sf7yiI8TapdUnaCTkr0Nq
eHame/MJf9HqRUrPVJs5j1QWD3pTBIGgQkgpbqwC8wcrWTBtufVFg+vOsXPCuDOK
D1ZO1zglohwT/IMKsSjOfLnqXO/c+lydAZDFuROis9A4L+zvervc02T67j47H81p
h3zPOLzUdkYIjDsMSwvpfhI6evUolJ5X/eAT4IjSej/ezgoVEqYCqa9fFugJanMG
qcoBIDNOMVvzbwynRApm8JiaYuucRQ13EAGKGj5GIt/eTqrf/81bGXDR7wIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFCTlN4i9Tvojsagge350qOHMZ3sAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzE2YWNi
OWEwLTZkMWUtNGFlNC05MTc3LWQ5MzhlOTgwNDM5NS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZh
Y2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMjRFNTM3ODhCRDRF
RkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAME
Ay63GAMEAlvLKDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAryYwDQYJKoZIhvcN
AQELBQADggEBAAtwqHw37QvFk8vcV5H1HItTHvbDiew2WA8vSyrzHF+2nOrtcp/2
1xNia1lZIst/TTpcpyFKs3fF5EPcYDDfKPV8LAKRKeVnbVXEiw8E9qoZ1kHDLWip
MfH6dHYozNZa/rTAGblbo56oQzMoWiRndeIdt/g9LxAsIHGgTzKZFV1q1o2Qj1SL
HzL/61hDBI5DJnimtGAJYAYSqd4lsijLEePz0bQsdzBMApxGJhsuSpqdQKo5gvXi
V+yUHqRx5XKQvccMQ7EAwj4DoA41ZM322aItA9y5/Eu8R1wvhSdAUYZro7FXMy0c
HA9Tipkc7M2D/nL4DgFNxrzSq0SdPjCbmSM=
-----END CERTIFICATE-----
Generated at Fri May 3 02:51:45 2024 by rpki-client on console-fra.rpki-client.org