Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.cer
File: KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.cer (raw, json)
Hash identifier: NTfwgeUCYrF9pfu9VubVuVO8BM8Vce5lEUnDGfJLEQc=
Subject key identifier: 28:CB:66:1A:64:39:68:F3:F8:1E:7B:11:9E:EB:96:C5:0D:2D:39:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DECBEB947B9ED92DB746F05F46D84F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44545
IP: 91.202.48.0/22
IP: 185.212.92.0/22
IP: 2a0b:75c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cb:eb:94:7b:9e:d9:2d:b7:46:f0:5f:46:d8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28cb661a643968f3f81e7b119eeb96c50d2d39c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:54:47:80:13:c0:88:53:c6:73:cb:7e:dc:1f:
2a:af:49:79:ab:85:29:d1:b6:1e:d9:b8:60:c4:89:
46:16:be:e1:a9:50:ec:43:2e:39:f8:9d:c3:45:68:
70:1c:62:90:0e:c1:3d:71:cc:30:04:ca:92:7b:28:
9f:b6:72:20:60:f4:0b:00:4e:d4:35:40:f7:0d:f8:
7d:ef:bd:e9:3e:37:81:9b:4e:b9:fe:97:de:6e:fb:
b2:d5:65:b9:b1:fe:43:e9:ca:5c:ce:67:e5:fd:e1:
80:27:11:3d:0c:e4:b8:a1:46:cd:59:7a:a7:ea:6e:
20:dc:2f:bc:1e:d4:eb:88:2a:ca:41:8c:45:82:e8:
ae:86:cd:d3:92:ce:eb:db:6a:84:8d:6c:26:61:ca:
3b:c9:25:be:07:f8:d1:5f:ea:e0:4e:f4:7b:91:8f:
a9:63:1d:b2:0c:7c:44:39:ce:5c:14:13:cb:23:ad:
3b:16:70:f2:89:c7:47:1e:71:17:3f:31:df:10:75:
6d:ee:48:04:f4:e7:71:b0:4e:6b:07:a0:85:5b:24:
59:60:e8:40:25:22:ce:fc:de:e8:93:4d:6c:15:28:
46:19:bd:c3:df:1c:6b:b7:8a:22:c2:c6:72:a3:09:
05:e1:7a:1a:31:f3:e0:6e:ce:9c:01:f7:bb:91:36:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:66:1A:64:39:68:F3:F8:1E:7B:11:9E:EB:96:C5:0D:2D:39:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.48.0/22
185.212.92.0/22
IPv6:
2a0b:75c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44545
Signature Algorithm: sha256WithRSAEncryption
9f:75:a7:bb:e3:ea:3c:f5:2b:37:72:c6:5a:f4:7a:55:73:c6:
eb:05:b8:2e:a5:ec:a7:b9:f1:b4:76:b7:45:45:cf:74:66:eb:
4f:d8:3d:94:63:40:5d:35:c5:3d:47:9e:da:d7:cc:f6:dd:a0:
1e:34:35:f2:cf:83:3b:26:67:06:26:41:3f:18:76:45:ff:8e:
ff:1d:0c:8f:3d:f8:67:9e:61:1f:21:cc:1e:f2:85:54:6d:7e:
2f:bb:e1:c6:7f:3e:46:ee:20:5b:ea:7d:ea:8f:b1:b0:60:01:
f6:d8:ed:fe:8d:6b:7f:ab:55:9d:f2:54:2a:76:5c:86:9e:22:
83:49:24:40:13:29:68:6c:0f:15:02:18:6c:e5:57:10:5b:a9:
b9:5d:3c:96:8b:73:75:8a:25:09:f3:73:66:74:71:4f:04:ef:
dc:c7:e8:48:d0:a0:1b:39:45:7a:b8:e2:b8:bb:89:49:0f:dd:
65:9f:c8:94:80:dd:54:7e:06:97:5c:3c:8a:3b:50:71:0d:4f:
06:42:1a:ae:cb:ac:91:48:4d:c6:70:9e:0a:74:73:95:00:cf:
13:ea:ca:03:62:5b:45:07:42:52:80:b3:52:c6:13:dd:3f:7b:
c9:78:95:49:ae:a4:d5:18:52:36:b1:53:5d:48:98:fb:d6:ee:
e9:6e:38:ec
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzI3svrlHue2S23RvBfRthPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiNjYxYTY0Mzk2OGYzZjgxZTdiMTE5ZWViOTZjNTBkMmQzOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01RHgBPAiFPGc8t+3B8qr0l5q4Up
0bYe2bhgxIlGFr7hqVDsQy45+J3DRWhwHGKQDsE9ccwwBMqSeyiftnIgYPQLAE7U
NUD3Dfh9773pPjeBm065/pfebvuy1WW5sf5D6cpczmfl/eGAJxE9DOS4oUbNWXqn
6m4g3C+8HtTriCrKQYxFguiuhs3Tks7r22qEjWwmYco7ySW+B/jRX+rgTvR7kY+p
Yx2yDHxEOc5cFBPLI607FnDyicdHHnEXPzHfEHVt7kgE9OdxsE5rB6CFWyRZYOhA
JSLO/N7ok01sFShGGb3D3xxrt4oiwsZyowkF4XoaMfPgbs6cAfe7kTaowQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCjLZhpkOWjz+B57EZ7rlsUNLTnHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzI3NmJm
Ny03YTE1LTRjNTYtYWM1Ni03ZDRlNjhkZDRjY2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvMjc2YmY3
LTdhMTUtNGM1Ni1hYzU2LTdkNGU2OGRkNGNjZS8xL0tNdG1HbVE1YVBQNEhuc1Ju
dXVXeFEwdE9jYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW8owAwQCudRcMA0EAgACMAcDBQMqC3XAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCuATANBgkqhkiG9w0BAQsFAAOCAQEAn3Wn
u+PqPPUrN3LGWvR6VXPG6wW4LqXsp7nxtHa3RUXPdGbrT9g9lGNAXTXFPUee2tfM
9t2gHjQ18s+DOyZnBiZBPxh2Rf+O/x0Mjz34Z55hHyHMHvKFVG1+L7vhxn8+Ru4g
W+p96o+xsGAB9tjt/o1rf6tVnfJUKnZchp4ig0kkQBMpaGwPFQIYbOVXEFupuV08
lotzdYolCfNzZnRxTwTv3MfoSNCgGzlFerjiuLuJSQ/dZZ/IlIDdVH4Gl1w8ijtQ
cQ1PBkIarsuskUhNxnCeCnRzlQDPE+rKA2JbRQdCUoCzUsYT3T97yXiVSa6k1RhS
NrFTXUiY+9bu6W447A==
-----END CERTIFICATE-----
Generated at Fri May 3 06:55:58 2024 by rpki-client on console-ams.rpki-client.org