Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KTbYQje3g8aiQFErjKckFhwNYds.cer
File: KTbYQje3g8aiQFErjKckFhwNYds.cer (raw, json)
Hash identifier: ql8zbkAHflobKwlbTMcPhNAVuQQ/SnOCoWWDNC3naXc=
Subject key identifier: 29:36:D8:42:37:B7:83:C6:A2:40:51:2B:8C:A7:24:16:1C:0D:61:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3492BCA539CD77F1BF2D6C784FC5309
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/KTbYQje3g8aiQFErjKckFhwNYds.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:01 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 41246
IP: 178.237.52.0/22
IP: 195.74.68.0/24
IP: 2a0d:54c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2b:ca:53:9c:d7:7f:1b:f2:d6:c7:84:fc:53:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2936d84237b783c6a240512b8ca724161c0d61db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:7c:e0:35:02:7a:74:21:39:87:3d:87:cb:
48:bf:b4:b8:7f:06:8f:3b:b1:21:e7:d8:65:44:ff:
7e:2a:d4:98:5b:ce:9b:8d:2b:75:7c:b1:8a:6b:74:
2b:9a:a4:c6:d6:ce:bf:aa:1d:57:43:87:71:2b:32:
f6:27:61:26:35:9b:e0:05:2e:be:11:6a:f1:21:db:
31:43:4b:0e:89:7d:6c:15:72:5b:29:3f:62:58:7d:
fd:c9:9b:43:5a:de:81:4a:a3:3f:39:90:c2:f6:30:
f2:54:1b:08:5d:f4:1c:7c:d5:62:46:bc:db:18:94:
39:f9:01:2a:8d:81:cb:c6:79:3f:00:32:5a:99:01:
b6:f2:0d:1e:fe:19:50:46:38:dc:82:f2:5c:c2:07:
d2:b4:2e:99:90:49:b2:24:c2:78:a4:92:01:e1:44:
ce:dc:c7:4c:2d:c2:44:8d:b6:0c:10:8d:11:a9:da:
ec:c8:8f:d4:77:a3:53:bf:19:c1:63:5b:a8:34:57:
56:ce:1c:d6:0e:0f:b6:41:2a:de:27:92:05:82:65:
30:29:54:27:17:ce:80:98:1e:13:26:bc:a3:49:ff:
b9:59:d4:6e:d4:3d:12:44:32:ee:34:53:03:f5:ff:
8b:d8:46:34:27:77:a3:97:84:29:86:8f:7d:86:74:
42:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:36:D8:42:37:B7:83:C6:A2:40:51:2B:8C:A7:24:16:1C:0D:61:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/KTbYQje3g8aiQFErjKckFhwNYds.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.52.0/22
195.74.68.0/24
IPv6:
2a0d:54c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41246
Signature Algorithm: sha256WithRSAEncryption
80:a7:74:6a:76:c4:84:98:d9:fb:26:74:fc:86:6c:a2:cf:00:
b6:f4:8c:82:cb:ff:83:66:e1:19:4e:51:b1:cc:5c:76:20:a8:
cf:c9:29:04:66:5a:6b:ec:97:49:77:bf:08:a1:a3:25:ab:bb:
3b:bf:2e:10:a1:ae:bb:bc:d1:0e:f8:5f:c3:8d:41:f9:2c:b4:
d7:db:26:2d:70:e0:9c:96:89:46:2c:bc:44:da:d1:bf:c1:c1:
3e:3c:03:39:3c:f2:8b:9c:1d:b2:3e:47:e0:18:f2:46:74:7f:
4c:99:cb:5c:4e:a6:e9:bb:03:91:02:bd:80:d4:16:bf:35:00:
90:80:7f:06:a6:15:fa:05:46:80:96:f4:ba:18:1e:2c:14:cb:
8a:84:02:8f:65:5f:95:67:d5:30:d0:db:f4:9d:2b:c6:7c:0f:
9b:8f:95:dd:98:2f:22:16:b0:82:32:9c:b3:0a:7e:ec:e3:f6:
26:8c:23:8f:d4:a3:fd:d8:66:29:57:48:4f:22:36:db:b2:1a:
a7:50:7b:8f:19:90:89:ec:7b:0c:b0:56:55:f0:18:ef:23:89:
f5:75:40:c2:8b:ce:51:d7:da:f7:d4:1e:03:01:60:22:1e:13:
b5:1f:61:95:ee:47:e3:ff:69:3b:19:cb:d2:52:10:d4:67:ff:
d9:a9:ce:2e
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDSSvKU5zXfxvy1seE/FMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM2ZDg0MjM3Yjc4M2M2YTI0MDUxMmI4Y2E3MjQxNjFjMGQ2MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bV84DUCenQhOYc9h8tIv7S4fwaP
O7Eh59hlRP9+KtSYW86bjSt1fLGKa3QrmqTG1s6/qh1XQ4dxKzL2J2EmNZvgBS6+
EWrxIdsxQ0sOiX1sFXJbKT9iWH39yZtDWt6BSqM/OZDC9jDyVBsIXfQcfNViRrzb
GJQ5+QEqjYHLxnk/ADJamQG28g0e/hlQRjjcgvJcwgfStC6ZkEmyJMJ4pJIB4UTO
3MdMLcJEjbYMEI0RqdrsyI/Ud6NTvxnBY1uoNFdWzhzWDg+2QSreJ5IFgmUwKVQn
F86AmB4TJryjSf+5WdRu1D0SRDLuNFMD9f+L2EY0J3ejl4Qpho99hnRCzQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCk22EI3t4PGokBRK4ynJBYcDWHbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhLzU0Mzdh
ZC04MGFmLTRmZGQtODcyNC1hZjdlMTdhZDhmYjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvNTQzN2Fk
LTgwYWYtNGZkZC04NzI0LWFmN2UxN2FkOGZiMy8xL0tUYllRamUzZzhhaVFGRXJq
S2NrRmh3Tllkcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCsu00AwQAw0pEMA0EAgACMAcDBQAqDVTAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwChHjANBgkqhkiG9w0BAQsFAAOCAQEAgKd0
anbEhJjZ+yZ0/IZsos8AtvSMgsv/g2bhGU5RscxcdiCoz8kpBGZaa+yXSXe/CKGj
Jau7O78uEKGuu7zRDvhfw41B+Sy019smLXDgnJaJRiy8RNrRv8HBPjwDOTzyi5wd
sj5H4BjyRnR/TJnLXE6m6bsDkQK9gNQWvzUAkIB/BqYV+gVGgJb0uhgeLBTLioQC
j2VflWfVMNDb9J0rxnwPm4+V3ZgvIhawgjKcswp+7OP2Jowjj9Sj/dhmKVdITyI2
27Iap1B7jxmQiex7DLBWVfAY7yOJ9XVAwovOUdfa99QeAwFgIh4TtR9hle5H4/9p
OxnL0lIQ1Gf/2anOLg==
-----END CERTIFICATE-----
Generated at Fri May 3 13:10:47 2024 by rpki-client on console-fra.rpki-client.org