Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MAVTeLXXzAy3lDvIAzeQFbNIUpY.cer
File: MAVTeLXXzAy3lDvIAzeQFbNIUpY.cer (raw, json)
Hash identifier: kDfyx51mIQf8wUNIrjqqQ3f5o+e31NFG2yERexGBsVY=
Subject key identifier: 30:05:53:78:B5:D7:CC:0C:B7:94:3B:C8:03:37:90:15:B3:48:52:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA9947F267FFF0020D16A927EFA2BD4A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/MAVTeLXXzAy3lDvIAzeQFbNIUpY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 14:34:52 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 45.67.8.0/22
IP: 2a09:6f40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:47:f2:67:ff:f0:02:0d:16:a9:27:ef:a2:bd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30055378b5d7cc0cb7943bc803379015b3485296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:98:e4:fe:0e:6f:ac:ab:d1:d5:80:33:12:
2b:2f:49:53:b2:45:6a:4f:1d:ef:d9:9b:c7:c4:71:
cd:39:74:84:e8:31:1d:9b:fe:a7:e1:7d:c3:36:5e:
bf:ba:1f:ac:5e:59:fd:de:69:7d:dc:7d:59:02:21:
02:f9:d8:1a:c8:24:4a:ac:1e:04:96:e8:a2:bf:b6:
fd:44:ea:ec:f7:d9:bc:0f:a6:2b:d0:0a:4a:af:d3:
30:52:8c:42:81:80:f0:3c:c4:65:27:6e:81:c6:61:
45:ca:a0:82:ab:d2:a9:a3:e0:6c:f9:f3:47:82:cb:
7d:f0:5a:4b:50:76:40:78:dd:91:11:20:5e:98:40:
26:b0:4a:29:35:0c:0e:40:83:91:55:6b:dc:c1:90:
b0:56:3a:b0:80:af:7f:dd:dc:35:ff:f4:ac:49:d0:
8b:22:b2:64:03:1a:e2:b6:fa:d1:40:d0:99:5d:e1:
c8:32:6d:25:39:b1:87:5d:21:8c:75:d1:e7:cb:2a:
10:56:93:a8:a8:c2:b8:a4:be:01:e5:40:a0:df:77:
92:c5:a6:22:47:b6:ad:e2:24:94:45:ea:8e:43:83:
5d:df:05:b1:17:d9:24:35:d0:11:1d:75:d2:60:e8:
81:39:60:e3:da:63:0a:a1:f9:07:e3:d6:df:e8:41:
28:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:05:53:78:B5:D7:CC:0C:B7:94:3B:C8:03:37:90:15:B3:48:52:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/MAVTeLXXzAy3lDvIAzeQFbNIUpY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.8.0/22
IPv6:
2a09:6f40::/29
Signature Algorithm: sha256WithRSAEncryption
aa:cc:aa:b5:f7:53:1a:44:34:18:d0:a1:91:10:d4:c6:26:67:
a1:38:ff:64:09:23:e9:34:7e:ac:81:84:70:99:46:d6:65:2d:
55:c2:6e:83:82:ac:e7:09:2d:66:2c:21:a8:38:7c:40:c4:d5:
b0:56:f8:f6:8b:35:bd:15:71:af:ec:49:8a:00:42:c6:65:66:
0e:c4:02:ce:65:ce:02:ca:b3:48:0c:a7:ed:07:8f:04:38:99:
cb:56:b1:ef:45:27:74:db:97:59:e0:8a:aa:41:a2:2d:d8:df:
30:15:58:e8:0d:45:cd:66:7b:4a:d7:3b:48:6e:65:d6:dc:19:
1b:2d:c9:64:e9:21:49:16:f1:cc:cb:1e:94:e9:92:6e:23:01:
ae:c4:41:f7:ab:fd:34:0a:75:79:27:d6:4a:ce:f7:60:bc:72:
fe:37:33:8d:e4:d5:32:32:42:a2:7d:71:4d:e4:95:47:09:4e:
37:de:9a:aa:1f:67:89:c5:10:a7:1e:c7:e9:42:f0:71:5b:69:
3b:c5:6c:65:60:8d:be:e5:02:d6:82:e6:06:57:9e:87:36:8c:
3a:d2:84:d5:8e:9c:98:8a:ba:06:eb:d0:c4:3d:46:78:cc:24:
87:fd:4d:b1:3f:8c:91:7b:ec:98:0a:f4:d4:ca:c0:0d:fb:b1:
66:39:12:e6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzKmUfyZ//wAg0WqSfvor1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA1NTM3OGI1ZDdjYzBjYjc5NDNiYzgwMzM3OTAxNWIzNDg1Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq76Y5P4Ob6yr0dWAMxIrL0lTskVq
Tx3v2ZvHxHHNOXSE6DEdm/6n4X3DNl6/uh+sXln93ml93H1ZAiEC+dgayCRKrB4E
luiiv7b9ROrs99m8D6Yr0ApKr9MwUoxCgYDwPMRlJ26BxmFFyqCCq9Kpo+Bs+fNH
gst98FpLUHZAeN2RESBemEAmsEopNQwOQIORVWvcwZCwVjqwgK9/3dw1//SsSdCL
IrJkAxritvrRQNCZXeHIMm0lObGHXSGMddHnyyoQVpOoqMK4pL4B5UCg33eSxaYi
R7at4iSUReqOQ4Nd3wWxF9kkNdARHXXSYOiBOWDj2mMKofkH49bf6EEoSQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFDAFU3i118wMt5Q7yAM3kBWzSFKWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRhLzA4Y2Rh
Mi1iZWJlLTQ5YTctYjQ2Yy0wYTUwODAzYjBmYmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvMDhjZGEy
LWJlYmUtNDlhNy1iNDZjLTBhNTA4MDNiMGZiYy8xL01BVlRlTFhYekF5M2xEdklB
emVRRmJOSVVwWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLUMIMA0EAgACMAcDBQMqCW9AMA0GCSqGSIb3
DQEBCwUAA4IBAQCqzKq191MaRDQY0KGRENTGJmehOP9kCSPpNH6sgYRwmUbWZS1V
wm6DgqznCS1mLCGoOHxAxNWwVvj2izW9FXGv7EmKAELGZWYOxALOZc4CyrNIDKft
B48EOJnLVrHvRSd025dZ4IqqQaIt2N8wFVjoDUXNZntK1ztIbmXW3BkbLclk6SFJ
FvHMyx6U6ZJuIwGuxEH3q/00CnV5J9ZKzvdgvHL+NzON5NUyMkKifXFN5JVHCU43
3pqqH2eJxRCnHsfpQvBxW2k7xWxlYI2+5QLWguYGV56HNow60oTVjpyYiroG69DE
PUZ4zCSH/U2xP4yRe+yYCvTUysAN+7FmORLm
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:07:36 2024 by rpki-client on console-fra.rpki-client.org