Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
File: KPev7E0_BvgNaHKm1iRs0B5z1qY.cer (raw, json)
Hash identifier: YZbbCqf75nFK19byCMMby4CC+gihsEBaKw6tUvHlc+w=
Subject key identifier: 28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56EF7CAB2DAD016EA18DFEC5F0B18F0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:30:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12431
IP: 213.147.0.0/19
IP: 2a02:5280::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f7:ca:b2:da:d0:16:ea:18:df:ec:5f:0b:18:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28f7afec4d3f06f80d6872a6d6246cd01e73d6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:53:48:26:69:a3:2d:d0:f5:c8:d2:58:8a:a8:
67:1a:c4:2e:8b:56:d2:a4:24:f2:47:f1:52:49:de:
06:9e:b1:e5:c9:44:e5:c9:f1:e1:5c:c6:d7:49:b5:
9b:48:49:09:de:dc:d6:72:1f:da:7d:8a:e1:a0:1c:
14:ee:5a:08:de:0b:ff:33:31:01:b1:2f:ff:da:64:
65:3d:4d:00:dc:e6:8a:84:69:ca:9a:91:4e:1c:5b:
fc:44:ee:a1:45:25:20:6c:09:b8:b9:34:47:a5:b5:
1c:0d:43:13:df:c1:f8:f2:e1:c1:f2:a8:32:17:48:
fc:d2:ba:4d:97:b9:ff:e8:47:42:11:ff:90:cb:75:
fa:08:59:ea:87:93:f1:58:40:41:85:42:1a:38:d2:
cc:64:b1:be:8b:c0:ad:d6:4c:98:a7:bd:bd:69:bc:
24:5e:80:21:2f:e0:7f:fa:7a:c7:de:15:fe:ea:0f:
c8:0d:6e:48:e3:6e:5c:09:5b:2a:0a:50:4e:ac:db:
0e:74:46:cf:ba:bd:78:23:ce:a9:3a:6d:0a:4c:28:
a8:59:5e:c5:bf:6f:85:58:47:02:44:c9:08:3c:60:
09:a0:86:09:f8:6e:21:28:86:72:11:e9:e7:c8:61:
36:50:13:13:52:30:af:c3:57:eb:56:61:1c:63:f5:
1f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.147.0.0/19
IPv6:
2a02:5280::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12431
Signature Algorithm: sha256WithRSAEncryption
a7:52:bf:c1:fc:88:e8:61:d2:ed:da:e2:ee:f6:12:a4:15:5e:
dc:42:3b:6e:a4:fd:9c:a6:35:45:f4:11:75:0d:d8:ca:5b:c6:
77:1e:c0:05:1a:46:43:34:39:86:23:10:9f:ae:37:f9:06:19:
7b:02:ae:cb:e7:37:01:2f:e2:a2:86:67:e7:f5:d7:66:7b:d2:
f0:6d:88:65:9f:2f:c7:82:7b:a9:cd:c1:53:c2:a3:df:fe:61:
3c:29:c7:20:b7:89:65:33:3c:30:4c:d1:b6:2f:ce:69:f7:94:
f8:78:08:ff:58:e1:1e:f2:64:4e:e8:e2:7a:b5:32:0b:0a:50:
74:38:38:53:8a:d7:e1:02:ee:14:1a:d5:a6:56:a2:1d:a8:f2:
bf:a6:b0:54:ca:ef:cc:d9:d6:cd:48:47:99:ac:fd:17:3b:ce:
e2:f5:ff:07:e6:ba:0c:36:b3:4f:8d:e1:1e:7f:d2:63:3e:1b:
f3:f8:ba:a5:cf:f8:8b:87:88:02:e1:26:c4:94:de:c5:7d:de:
7d:05:d8:03:dc:2f:ee:56:37:5e:44:fa:46:d5:b9:6e:96:fe:
c6:10:72:17:83:02:9e:09:f8:43:c5:25:19:bd:b1:2d:f4:bc:
d6:9f:c9:70:23:ef:02:cf:f3:18:2e:4a:a3:bd:c5:a4:be:02:
3c:7a:c5:be
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzFbvfKstrQFuoY3+xfCxjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY3YWZlYzRkM2YwNmY4MGQ2ODcyYTZkNjI0NmNkMDFlNzNkNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FNIJmmjLdD1yNJYiqhnGsQui1bS
pCTyR/FSSd4GnrHlyUTlyfHhXMbXSbWbSEkJ3tzWch/afYrhoBwU7loI3gv/MzEB
sS//2mRlPU0A3OaKhGnKmpFOHFv8RO6hRSUgbAm4uTRHpbUcDUMT38H48uHB8qgy
F0j80rpNl7n/6EdCEf+Qy3X6CFnqh5PxWEBBhUIaONLMZLG+i8Ct1kyYp729abwk
XoAhL+B/+nrH3hX+6g/IDW5I425cCVsqClBOrNsOdEbPur14I86pOm0KTCioWV7F
v2+FWEcCRMkIPGAJoIYJ+G4hKIZyEennyGE2UBMTUjCvw1frVmEcY/Uf5wIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFCj3r+xNPwb4DWhyptYkbNAec9amMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlLzIxN2Ez
MC04ZWUxLTQ5MTMtYTEyNy01NzZkNDAzYzkxOGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvMjE3YTMw
LThlZTEtNDkxMy1hMTI3LTU3NmQ0MDNjOTE4Zi8xL0tQZXY3RTBfQnZnTmFIS20x
aVJzMEI1ejFxWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQF1ZMAMA0EAgACMAcDBQAqAlKAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAjCPMA0GCSqGSIb3DQEBCwUAA4IBAQCnUr/B/IjoYdLt
2uLu9hKkFV7cQjtupP2cpjVF9BF1DdjKW8Z3HsAFGkZDNDmGIxCfrjf5Bhl7Aq7L
5zcBL+Kihmfn9ddme9LwbYhlny/HgnupzcFTwqPf/mE8Kccgt4llMzwwTNG2L85p
95T4eAj/WOEe8mRO6OJ6tTILClB0ODhTitfhAu4UGtWmVqIdqPK/prBUyu/M2dbN
SEeZrP0XO87i9f8H5roMNrNPjeEef9JjPhvz+Lqlz/iLh4gC4SbElN7Ffd59BdgD
3C/uVjdeRPpG1blulv7GEHIXgwKeCfhDxSUZvbEt9LzWn8lwI+8Cz/MYLkqjvcWk
vgI8esW+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:27:11 2024 by rpki-client on console-ams.rpki-client.org