Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
File: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer (raw, json)
Hash identifier: ubFiDCTwE4zUmLZvppi5FQno0Sbpe6JI5oMJ1M8RPjo=
Subject key identifier: 28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CED4D0FCC11614133C781A3FFDBFBBFF8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 09 Jan 2024 08:18:19 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 52221
IP: 188.92.26.0/24
IP: 194.117.224.0/23
IP: 2a07:7ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:4d:0f:cc:11:61:41:33:c7:81:a3:ff:db:fb:bf:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 9 08:18:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2858d2f131715cbaf3cdd920645924f53508e067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:ea:d5:df:de:69:e2:09:e7:1d:59:b0:cc:
16:6b:24:c3:ad:c2:65:03:47:91:92:c9:f4:a2:62:
f8:32:3d:c9:af:7d:76:90:89:db:7f:2e:1a:ba:8f:
5c:de:00:ca:49:ef:43:19:da:b9:c3:84:24:1b:9d:
17:47:b5:e5:c4:26:fa:1c:95:a1:6e:a3:2a:6e:38:
15:52:d7:9d:2c:35:47:d6:d1:e3:68:8c:df:ce:47:
fd:b7:e5:50:64:fd:12:d1:40:06:8e:9e:69:6e:26:
c4:11:7c:12:4e:e3:6a:c6:01:f1:c0:89:04:1b:1f:
65:e4:5d:0a:1b:69:65:17:b1:3c:70:68:c5:5a:9c:
07:fb:6d:1b:bc:cb:be:90:7c:d4:30:57:a2:2e:5b:
ff:95:6f:02:b1:48:c8:41:cc:52:19:43:4e:72:a2:
03:19:bc:4c:65:c4:81:75:09:e3:54:c3:1e:46:67:
5c:fa:5d:59:71:3a:29:9b:77:1e:a8:f8:82:1a:4f:
86:b5:ae:b5:97:3d:25:2f:d4:58:60:9a:84:42:b9:
39:0b:f2:c5:a5:4c:62:41:0c:8d:22:e3:a0:29:57:
47:92:0a:5a:6f:bf:47:f9:ca:a4:60:00:da:36:5f:
71:9f:dd:7e:e8:86:5a:aa:8f:f7:82:74:91:26:8a:
f8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.26.0/24
194.117.224.0/23
IPv6:
2a07:7ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
52221
Signature Algorithm: sha256WithRSAEncryption
3f:1e:70:4f:ab:6c:4f:e8:47:73:40:02:81:75:79:3c:6b:4b:
17:80:67:c7:f6:01:68:b4:59:a2:52:68:40:75:ad:3b:97:c2:
41:80:73:8f:51:f2:63:58:37:ad:fd:29:2d:cb:66:2c:b4:bd:
b3:99:59:ae:08:43:86:c5:e5:9a:ea:30:7d:38:b9:c4:12:52:
f4:58:e9:1e:a0:ba:66:7e:b0:ec:88:22:77:de:ca:49:9f:16:
0c:9a:c2:1a:7e:3e:9e:c4:2b:48:af:69:67:eb:ca:6a:26:d3:
23:3f:6e:05:db:2c:0d:2e:49:d8:66:76:07:e4:3c:03:05:0a:
4b:02:b9:a9:5c:81:4c:0a:6c:fe:93:62:36:50:80:78:9f:43:
7c:27:96:b9:e3:5c:76:81:e8:87:c3:c8:61:ae:22:8a:75:9b:
54:cc:eb:df:bd:db:68:1b:cb:32:29:44:a2:87:97:02:66:9c:
3a:0a:11:f8:bf:ed:9c:a0:1e:6e:20:ff:e0:5d:ce:1a:1b:93:
b8:8c:f6:d5:b5:71:15:6e:1e:af:95:2d:84:97:24:15:1f:b0:
b1:b7:db:96:09:a2:f9:df:41:e9:d6:b0:ff:8d:af:1d:06:55:
f6:cb:7e:b6:a7:ed:83:39:45:5e:ad:ce:d3:48:04:a8:5f:c6:
11:4d:55:4d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYztTQ/MEWFBM8eBo//b+7/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTA5MDgxODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU4ZDJmMTMxNzE1Y2JhZjNjZGQ5MjA2NDU5MjRmNTM1MDhlMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63q1d/eaeIJ5x1ZsMwWayTDrcJl
A0eRksn0omL4Mj3Jr312kInbfy4auo9c3gDKSe9DGdq5w4QkG50XR7XlxCb6HJWh
bqMqbjgVUtedLDVH1tHjaIzfzkf9t+VQZP0S0UAGjp5pbibEEXwSTuNqxgHxwIkE
Gx9l5F0KG2llF7E8cGjFWpwH+20bvMu+kHzUMFeiLlv/lW8CsUjIQcxSGUNOcqID
GbxMZcSBdQnjVMMeRmdc+l1ZcTopm3ceqPiCGk+Gta61lz0lL9RYYJqEQrk5C/LF
pUxiQQyNIuOgKVdHkgpab79H+cqkYADaNl9xn91+6IZaqo/3gnSRJor4WwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFChY0vExcVy6883ZIGRZJPU1COBnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyLzc1ZGJj
NC1hZTIyLTQ5NzEtOWVmNS1hM2YzNTViZWVlZGQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvNzVkYmM0
LWFlMjItNDk3MS05ZWY1LWEzZjM1NWJlZWVkZC8xL0tGalM4VEZ4WExyenpka2da
RmtrOVRVSTRHYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQAvFwaAwQBwnXgMA0EAgACMAcDBQMqB3rAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDL/TANBgkqhkiG9w0BAQsFAAOCAQEAPx5w
T6tsT+hHc0ACgXV5PGtLF4Bnx/YBaLRZolJoQHWtO5fCQYBzj1HyY1g3rf0pLctm
LLS9s5lZrghDhsXlmuowfTi5xBJS9FjpHqC6Zn6w7Igid97KSZ8WDJrCGn4+nsQr
SK9pZ+vKaibTIz9uBdssDS5J2GZ2B+Q8AwUKSwK5qVyBTAps/pNiNlCAeJ9DfCeW
ueNcdoHoh8PIYa4iinWbVMzr373baBvLMilEooeXAmacOgoR+L/tnKAebiD/4F3O
GhuTuIz21bVxFW4er5UthJckFR+wsbfblgmi+d9B6daw/42vHQZV9st+tqftgzlF
Xq3O00gEqF/GEU1VTQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:07:08 2024 by rpki-client on console-fra.rpki-client.org