Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer
File: KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer (raw, json)
Hash identifier: cwogzz7V87c5w1w0+3NXgVqDlrBbgUCCY/KdQceKYjs=
Subject key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC794F8A5F6A1F695C1D12048E172AC0D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:31:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 212037
IP: 2001:67c:1680::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f8:a5:f6:a1:f6:95:c1:d1:20:48:e1:72:ac:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2901d76431c6e873d3c44730571e1e50d602057c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9c:48:73:ed:d8:5d:11:02:12:e7:0e:b7:bc:
79:d2:56:40:f4:b2:48:b6:06:0c:0e:7d:a3:f4:57:
79:88:01:b2:83:6d:9c:cb:1a:ad:9e:e2:93:b0:75:
7d:a4:b3:a6:82:ca:60:0c:a0:fa:6b:25:46:99:58:
ef:0c:d9:01:ff:de:82:88:fc:e8:b8:c0:fd:fd:f5:
0c:09:64:1f:cd:cb:03:13:a9:60:f7:b4:08:d6:0b:
67:e6:ad:4b:9d:78:46:d4:e7:f0:6b:1d:3f:b2:d8:
da:c1:a4:36:a0:af:4a:a1:47:4d:95:8a:7d:54:91:
8b:76:44:b3:6d:6c:79:75:13:e4:9d:7c:2e:90:1a:
7b:c6:9f:0f:1a:6e:46:2d:a6:ad:33:b1:12:f2:11:
13:67:6b:61:4c:61:b7:66:8c:a8:ea:fd:d6:83:76:
4a:48:48:37:03:92:f0:d6:9f:71:9b:ad:3c:ab:0f:
4f:86:87:81:ad:93:de:7e:1b:4d:88:c9:5a:4b:6b:
48:4d:4f:ef:e9:d2:e2:19:87:69:a8:40:73:9c:91:
f4:ef:d9:37:cb:76:59:e4:30:bf:bb:83:9a:92:9e:
e4:c2:88:5b:c6:74:bf:48:71:e4:c0:46:24:1a:71:
f3:21:d6:da:dd:17:22:e9:75:5e:38:dd:c7:58:b4:
12:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1680::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212037
Signature Algorithm: sha256WithRSAEncryption
5c:76:39:7b:33:e9:4e:19:f6:48:27:cd:0b:df:d2:4c:cc:f0:
17:05:9e:b6:37:87:1a:80:91:f0:7e:48:39:73:67:d8:e8:08:
fe:b8:fc:5a:51:50:9d:5f:dc:56:c8:f2:9c:a8:b2:b2:93:98:
2b:85:e3:46:e9:c8:cf:53:e1:bb:85:fb:ca:a5:ed:f1:37:ef:
f6:91:e6:57:d7:30:6d:45:9f:98:99:e4:b9:ec:60:46:05:06:
25:58:32:0b:63:8e:68:53:ba:cc:33:9c:cb:1f:61:b8:0d:e4:
50:fb:77:fd:65:62:5e:b9:f5:78:3e:52:96:60:22:50:4d:3c:
32:6b:bd:3f:88:2f:a2:e5:c9:a6:d2:fa:8b:e8:c6:d4:9d:5e:
19:9f:dc:94:00:19:89:3c:63:fd:5c:82:23:bc:65:ea:8b:09:
f4:d8:51:55:83:0b:ac:47:57:d2:d6:c4:ce:15:e2:49:16:fd:
ce:56:0c:bb:ed:80:c6:94:d8:20:ac:ac:83:2f:94:75:65:a5:
1c:bf:68:92:64:3f:48:4c:22:eb:07:40:88:55:33:21:4b:1f:
ae:7d:d1:b1:a5:19:20:b1:98:02:01:d9:dd:fa:88:5d:93:c9:
4f:fa:87:ef:3f:24:92:57:c9:72:21:f2:9d:56:f0:85:f7:b2:
a8:27:fc:62
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzHlPil9qH2lcHRIEjhcqwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAxZDc2NDMxYzZlODczZDNjNDQ3MzA1NzFlMWU1MGQ2MDIwNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JxIc+3YXRECEucOt7x50lZA9LJI
tgYMDn2j9Fd5iAGyg22cyxqtnuKTsHV9pLOmgspgDKD6ayVGmVjvDNkB/96CiPzo
uMD9/fUMCWQfzcsDE6lg97QI1gtn5q1LnXhG1Ofwax0/stjawaQ2oK9KoUdNlYp9
VJGLdkSzbWx5dRPknXwukBp7xp8PGm5GLaatM7ES8hETZ2thTGG3Zoyo6v3Wg3ZK
SEg3A5Lw1p9xm608qw9PhoeBrZPefhtNiMlaS2tITU/v6dLiGYdpqEBznJH079k3
y3ZZ5DC/u4Oakp7kwohbxnS/SHHkwEYkGnHzIdba3Rci6XVeON3HWLQSiwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFCkB12Qxxuhz08RHMFceHlDWAgV8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5LzA1YzNh
MS1jOGZlLTQwZmYtOWM1Mi0zZTZmMDMyNDQxMGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvMDVjM2Ex
LWM4ZmUtNDBmZi05YzUyLTNlNmYwMzI0NDEwYS8xL0tRSFhaREhHNkhQVHhFY3dW
eDRlVU5ZQ0JYdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBaAMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM8RTANBgkqhkiG9w0BAQsFAAOCAQEAXHY5ezPpThn2SCfNC9/STMzwFwWe
tjeHGoCR8H5IOXNn2OgI/rj8WlFQnV/cVsjynKiyspOYK4XjRunIz1Phu4X7yqXt
8Tfv9pHmV9cwbUWfmJnkuexgRgUGJVgyC2OOaFO6zDOcyx9huA3kUPt3/WViXrn1
eD5SlmAiUE08Mmu9P4gvouXJptL6i+jG1J1eGZ/clAAZiTxj/VyCI7xl6osJ9NhR
VYMLrEdX0tbEzhXiSRb9zlYMu+2AxpTYIKysgy+UdWWlHL9okmQ/SEwi6wdAiFUz
IUsfrn3RsaUZILGYAgHZ3fqIXZPJT/qH7z8kklfJciHynVbwhfeyqCf8Yg==
-----END CERTIFICATE-----
Generated at Fri May 3 02:52:38 2024 by rpki-client on console-fra.rpki-client.org