Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KcFw2YteNdfVFTdnHGBApRUYhLw.cer
File: KcFw2YteNdfVFTdnHGBApRUYhLw.cer (raw, json)
Hash identifier: HpX7Dx9P7euzTdMWB/iXwHLjhIYpVoRrjCeJuFerpDs=
Subject key identifier: 29:C1:70:D9:8B:5E:35:D7:D5:15:37:67:1C:60:40:A5:15:18:84:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8015C00BBEF602017D7C2ECF4EBF169
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/KcFw2YteNdfVFTdnHGBApRUYhLw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 193.168.156.0/22
IP: 212.72.224.0/21
IP: 2a02:968::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5c:00:bb:ef:60:20:17:d7:c2:ec:f4:eb:f1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c170d98b5e35d7d51537671c6040a5151884bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d3:22:fe:23:e1:68:3e:1a:44:f8:54:e9:6d:
83:7f:6e:33:a1:48:32:7d:7f:97:3a:bc:9c:ef:89:
ee:4a:c9:3d:e8:06:5c:78:78:6a:a2:4b:d3:d0:d9:
6c:fb:56:e4:f4:d1:ca:22:6a:ad:2a:71:3c:07:db:
0f:ca:a2:dc:09:1d:d3:88:06:a6:bf:a9:0a:c5:c8:
43:75:66:52:89:32:5d:d0:ed:5b:48:77:1f:fc:7e:
86:24:a9:4d:ee:03:7b:ce:28:29:38:76:c6:27:4c:
c7:e9:90:d0:8c:24:84:43:54:e2:c8:10:cc:f0:f9:
aa:0d:a0:1d:01:41:68:cd:f7:ab:b2:4b:4b:cf:f7:
64:21:b8:89:a1:e3:e1:35:4a:72:48:1e:3c:54:f1:
5b:88:98:d3:86:5f:a3:ca:56:7e:9f:ce:c1:3b:d9:
7b:28:ff:36:4b:05:2d:52:00:d5:f6:10:8d:8c:51:
f2:a3:03:78:66:ea:19:81:92:e7:83:61:17:b4:7c:
a1:cb:6b:22:15:21:88:54:45:11:3e:90:cf:78:f7:
36:89:b6:df:13:44:af:82:91:22:17:74:d5:a2:36:
b6:b0:dd:d5:81:41:cb:5d:c4:29:d5:fc:42:4b:23:
98:d5:77:80:c9:1b:52:38:98:74:c5:79:df:d1:b6:
9f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C1:70:D9:8B:5E:35:D7:D5:15:37:67:1C:60:40:A5:15:18:84:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/e25a3c-def6-4228-a10b-c45e949e9cd6/1/KcFw2YteNdfVFTdnHGBApRUYhLw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.156.0/22
212.72.224.0/21
IPv6:
2a02:968::/32
Signature Algorithm: sha256WithRSAEncryption
59:4b:d3:1c:14:83:6c:14:22:fc:c0:07:4e:7e:e2:f5:d0:25:
c2:46:c3:6c:02:2e:4a:95:72:a3:43:fc:c2:ac:a2:00:ab:6d:
94:7e:4b:0c:21:d3:db:20:4f:72:46:1f:44:25:9c:95:5e:32:
6e:ee:ca:cb:07:1c:91:8f:6e:45:dc:8a:2d:a2:87:f7:12:0c:
4a:4a:01:9d:f2:15:1c:da:50:63:ff:a0:06:09:d3:19:e2:36:
29:97:00:a3:fb:a8:63:89:2d:be:3b:10:5f:47:58:f7:6c:50:
24:a5:77:81:ab:e4:70:58:d2:a2:12:2a:39:ce:f4:13:fa:ac:
cd:1a:74:6b:b6:b3:8d:eb:e4:e3:6b:70:28:61:01:d5:cd:e4:
7a:ad:34:c3:32:a7:01:e3:6b:4d:f0:c0:42:72:f2:1e:98:7d:
2d:94:dc:61:98:a9:c7:f0:96:a9:12:c1:0c:b3:23:ab:10:06:
22:23:fa:7d:4f:c6:c4:c0:bb:48:3c:29:da:61:1d:17:ab:b2:
c4:fa:aa:35:f7:c7:5e:2a:20:be:bc:2c:82:67:45:19:13:ff:
5f:c0:fc:32:9f:4f:31:28:5a:09:91:c8:32:1b:99:3d:73:b8:
c0:61:c4:88:06:a4:b1:fe:ff:66:7b:3e:b0:b3:05:d1:ec:99:
81:dd:78:3a
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzIAVwAu+9gIBfXwuz06/FpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMxNzBkOThiNWUzNWQ3ZDUxNTM3NjcxYzYwNDBhNTE1MTg4NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttMi/iPhaD4aRPhU6W2Df24zoUgy
fX+XOryc74nuSsk96AZceHhqokvT0Nls+1bk9NHKImqtKnE8B9sPyqLcCR3TiAam
v6kKxchDdWZSiTJd0O1bSHcf/H6GJKlN7gN7zigpOHbGJ0zH6ZDQjCSEQ1TiyBDM
8PmqDaAdAUFozfersktLz/dkIbiJoePhNUpySB48VPFbiJjThl+jylZ+n87BO9l7
KP82SwUtUgDV9hCNjFHyowN4ZuoZgZLng2EXtHyhy2siFSGIVEURPpDPePc2ibbf
E0SvgpEiF3TVoja2sN3VgUHLXcQp1fxCSyOY1XeAyRtSOJh0xXnf0bafRQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFCnBcNmLXjXX1RU3ZxxgQKUVGIS8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZiL2UyNWEz
Yy1kZWY2LTQyMjgtYTEwYi1jNDVlOTQ5ZTljZDYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIvZTI1YTNj
LWRlZjYtNDIyOC1hMTBiLWM0NWU5NDllOWNkNi8xL0tjRncyWXRlTmRmVkZUZG5I
R0JBcFJVWWhMdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCwaicAwQD1EjgMA0EAgACMAcDBQAqAgloMA0G
CSqGSIb3DQEBCwUAA4IBAQBZS9McFINsFCL8wAdOfuL10CXCRsNsAi5KlXKjQ/zC
rKIAq22UfksMIdPbIE9yRh9EJZyVXjJu7srLBxyRj25F3Iotoof3EgxKSgGd8hUc
2lBj/6AGCdMZ4jYplwCj+6hjiS2+OxBfR1j3bFAkpXeBq+RwWNKiEio5zvQT+qzN
GnRrtrON6+Tja3AoYQHVzeR6rTTDMqcB42tN8MBCcvIemH0tlNxhmKnH8JapEsEM
syOrEAYiI/p9T8bEwLtIPCnaYR0Xq7LE+qo198deKiC+vCyCZ0UZE/9fwPwyn08x
KFoJkcgyG5k9c7jAYcSIBqSx/v9mez6wswXR7JmB3Xg6
-----END CERTIFICATE-----
Generated at Fri May 3 11:28:36 2024 by rpki-client on console-ams.rpki-client.org