Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer
File: JzqIxXgWaYhQbhNkKtsS9jHgo8I.cer (raw, json)
Hash identifier: raibKHSr97YwEt6s14SnuvYAb+OVrHqzbV6a7VGBmdE=
Subject key identifier: 27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3493CC3BC642BBB890890FC9F61B0E4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/JzqIxXgWaYhQbhNkKtsS9jHgo8I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:06 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.234.202.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3c:c3:bc:64:2b:bb:89:08:90:fc:9f:61:b0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=273a88c578166988506e13642adb12f631e0a3c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8b:dd:fa:a5:0f:c7:2a:6c:1d:18:da:91:e2:
be:51:74:d0:71:75:bd:b6:ea:4d:ef:b5:2c:40:dc:
7f:4d:2c:22:36:75:0a:6d:7c:92:fc:d1:c1:32:c6:
cf:41:de:9e:12:32:f5:33:34:e0:c6:c0:f9:84:5d:
da:be:48:29:98:a8:12:be:d9:d5:8c:44:15:6c:d5:
dc:17:93:d0:e4:f8:42:a9:cf:87:3e:27:08:82:76:
6b:a4:8b:8a:1b:4a:28:03:8d:4d:74:f3:59:2b:ff:
c6:51:ac:68:26:79:fd:86:e1:95:f9:ef:85:75:63:
a4:9b:17:0f:74:ee:f5:00:9a:2e:1a:2a:d6:80:e6:
9b:70:c6:78:79:12:69:a4:0e:74:59:ce:6c:fb:28:
99:8e:5d:ba:31:03:82:b1:97:cc:52:ea:ad:4e:7a:
c6:bd:76:e9:9b:da:a1:27:4c:dd:ad:3e:17:0e:53:
15:4a:a2:e3:a9:62:7b:06:c8:b3:62:7e:b8:28:ba:
02:29:28:1b:5a:46:23:20:a1:cc:57:50:65:7d:d4:
09:d3:02:0e:2a:8c:a4:85:5e:7c:67:69:de:fe:18:
1f:f5:53:24:f7:de:42:7d:8b:7c:90:e8:77:e3:c2:
b7:ff:c6:b8:ce:04:5b:9d:16:d0:83:6f:f1:5d:5e:
7d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:3A:88:C5:78:16:69:88:50:6E:13:64:2A:DB:12:F6:31:E0:A3:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9b4b96-2bdd-4bf5-a022-ee7896e5cc95/1/JzqIxXgWaYhQbhNkKtsS9jHgo8I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.202.0/24
Signature Algorithm: sha256WithRSAEncryption
75:53:de:7b:c8:a2:5b:1f:2f:1e:d6:12:95:26:9b:0f:fe:5f:
47:a8:4c:2b:e7:6e:a7:43:32:87:2c:64:3a:50:48:da:1f:ba:
d0:3a:d8:7a:61:c8:1a:7d:a1:0f:b5:6b:41:b8:2d:9d:74:e1:
0d:c8:1e:d6:8f:8d:8c:26:50:25:0c:d4:aa:6f:2a:b4:f8:7e:
56:b7:4f:36:ab:54:1e:33:85:2c:3a:60:64:b2:a3:46:63:8a:
2b:a0:13:00:79:44:81:b1:fa:35:30:7e:62:fb:ca:32:a4:63:
33:6e:2b:06:2d:4e:a9:d1:38:18:b4:7c:e4:20:93:db:4f:47:
1b:81:ed:0a:54:1f:8a:1b:d8:95:7d:28:36:a6:bc:73:b1:e8:
e2:fc:cb:e3:ff:50:cc:55:b0:7a:bb:ac:ad:d8:59:6c:2b:7d:
b4:63:1e:69:e0:4e:aa:f2:3b:ad:07:d3:ef:e7:3f:b7:a3:71:
9b:9a:dd:62:63:b0:de:5f:f3:46:24:1c:e5:a0:96:fd:28:b5:
6b:59:56:26:0b:73:b0:5e:62:6d:68:af:4c:c4:41:db:7c:44:
ea:e8:9a:30:ea:4f:f3:00:fe:e6:81:b6:10:32:e7:14:9b:2f:
bf:40:09:a0:4c:28:7d:11:fc:ca:06:f2:a2:5a:02:59:d5:d5:
31:27:a2:d7
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzDSTzDvGQru4kIkPyfYbDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzNhODhjNTc4MTY2OTg4NTA2ZTEzNjQyYWRiMTJmNjMxZTBhM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4vd+qUPxypsHRjakeK+UXTQcXW9
tupN77UsQNx/TSwiNnUKbXyS/NHBMsbPQd6eEjL1MzTgxsD5hF3avkgpmKgSvtnV
jEQVbNXcF5PQ5PhCqc+HPicIgnZrpIuKG0ooA41NdPNZK//GUaxoJnn9huGV+e+F
dWOkmxcPdO71AJouGirWgOabcMZ4eRJppA50Wc5s+yiZjl26MQOCsZfMUuqtTnrG
vXbpm9qhJ0zdrT4XDlMVSqLjqWJ7BsizYn64KLoCKSgbWkYjIKHMV1BlfdQJ0wIO
KoykhV58Z2ne/hgf9VMk995CfYt8kOh348K3/8a4zgRbnRbQg2/xXV59/QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFCc6iMV4FmmIUG4TZCrbEvYx4KPCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4LzliNGI5
Ni0yYmRkLTRiZjUtYTAyMi1lZTc4OTZlNWNjOTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvOWI0Yjk2
LTJiZGQtNGJmNS1hMDIyLWVlNzg5NmU1Y2M5NS8xL0p6cUl4WGdXYVloUWJoTmtL
dHNTOWpIZ284SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW+rKMA0GCSqGSIb3DQEBCwUAA4IBAQB1U957
yKJbHy8e1hKVJpsP/l9HqEwr526nQzKHLGQ6UEjaH7rQOth6YcgafaEPtWtBuC2d
dOENyB7Wj42MJlAlDNSqbyq0+H5Wt082q1QeM4UsOmBksqNGY4oroBMAeUSBsfo1
MH5i+8oypGMzbisGLU6p0TgYtHzkIJPbT0cbge0KVB+KG9iVfSg2prxzseji/Mvj
/1DMVbB6u6yt2FlsK320Yx5p4E6q8jutB9Pv5z+3o3Gbmt1iY7DeX/NGJBzloJb9
KLVrWVYmC3OwXmJtaK9MxEHbfETq6Jow6k/zAP7mgbYQMucUmy+/QAmgTCh9EfzK
BvKiWgJZ1dUxJ6LX
-----END CERTIFICATE-----
Generated at Fri May 3 07:27:57 2024 by rpki-client on console-fra.rpki-client.org