Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer
File: MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer (raw, json)
Hash identifier: llRCnW2yKHtCkzN7lveUNjIKv2P6KMYtJW1YJDLE+24=
Subject key identifier: 30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5005AA1EAA7AB7F47975C049E40E282
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:29:43 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 197770
IP: 194.9.58.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5a:a1:ea:a7:ab:7f:47:97:5c:04:9e:40:e2:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d66b66a3982d20a81ef201dc755ed3353b16a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:68:cd:35:a9:19:62:28:8e:34:b5:48:b4:03:
ff:f8:01:3d:c6:a7:73:f3:ed:c7:d9:69:32:ef:77:
b6:9c:e2:a1:14:b0:af:a4:4f:fb:57:d0:d8:03:0c:
9c:8e:5b:7c:70:f7:c9:c2:fb:10:04:01:9b:e3:d6:
67:8f:0a:1b:13:be:21:e8:91:6c:12:34:ba:32:a2:
64:37:20:60:90:73:b6:55:3b:f6:06:4d:72:1c:23:
04:23:1c:24:62:87:af:ff:52:de:49:5f:4c:09:e2:
63:03:1e:2e:46:00:b4:97:c4:c8:c7:87:ee:b7:9b:
6a:d0:0d:f2:02:d3:df:92:64:93:1a:11:71:bb:d1:
c6:3d:2c:30:c7:e4:b9:42:10:6b:2d:20:bc:44:27:
e3:c4:8c:86:18:84:94:c1:96:be:b1:80:be:ec:13:
fd:e7:2a:d1:fa:f9:0c:38:20:6d:84:57:7c:c5:ee:
fd:89:8a:77:86:a9:4c:99:d6:63:e1:67:77:d3:2e:
1f:98:31:cf:3f:44:8f:f0:44:75:43:cc:fc:2f:b2:
71:07:cc:41:c2:e3:0c:e6:e6:05:79:7b:dc:0d:bd:
46:a3:33:fe:0f:2e:3f:8c:da:78:b2:7e:61:ec:5a:
3e:e2:10:40:25:17:f3:fe:00:18:fd:7a:e6:21:11:
cf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.58.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197770
Signature Algorithm: sha256WithRSAEncryption
49:b0:26:ae:af:11:7e:ec:2c:e9:cb:51:33:cc:01:6d:70:ad:
7c:d8:c0:47:e3:11:85:d2:4a:14:b2:4e:33:19:db:5b:0e:7e:
2d:74:35:99:7a:8f:d4:60:7e:8d:e3:47:96:00:63:01:a6:68:
11:b8:28:5b:79:28:18:b8:47:8d:b9:c4:e3:73:60:47:cb:cd:
02:ed:e8:87:c6:81:fc:38:a8:1f:cb:68:ad:00:db:37:da:92:
5b:d1:af:fb:3b:68:e1:88:aa:9d:df:d2:30:a8:61:a3:6a:4c:
70:fd:fe:02:4d:c5:cf:70:dc:67:27:aa:35:d0:12:3d:79:ab:
a0:38:ea:eb:4a:48:ce:88:3e:63:98:1a:6d:d4:6d:74:13:7f:
b5:1a:70:36:45:1d:1d:9f:04:c5:99:3a:61:ec:a4:fe:0c:37:
4b:37:fd:a7:88:94:d2:1b:51:cf:fc:06:4a:4e:8d:31:f9:04:
d5:78:10:8f:92:93:53:4d:a4:5f:20:cf:8f:f0:bd:1e:94:fd:
22:8a:e1:44:4a:be:a6:98:01:4c:17:84:08:71:af:95:13:8f:
ef:e5:2a:33:cb:32:4c:c5:ad:f0:48:f2:f4:43:9d:c2:dc:15:
40:fb:5b:bb:93:d9:10:cf:19:87:91:69:ed:9d:6c:73:16:d9:
72:90:0a:1a
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzFAFqh6qerf0eXXASeQOKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ2NmI2NmEzOTgyZDIwYTgxZWYyMDFkYzc1NWVkMzM1M2IxNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2jNNakZYiiONLVItAP/+AE9xqdz
8+3H2Wky73e2nOKhFLCvpE/7V9DYAwycjlt8cPfJwvsQBAGb49ZnjwobE74h6JFs
EjS6MqJkNyBgkHO2VTv2Bk1yHCMEIxwkYoev/1LeSV9MCeJjAx4uRgC0l8TIx4fu
t5tq0A3yAtPfkmSTGhFxu9HGPSwwx+S5QhBrLSC8RCfjxIyGGISUwZa+sYC+7BP9
5yrR+vkMOCBthFd8xe79iYp3hqlMmdZj4Wd30y4fmDHPP0SP8ER1Q8z8L7JxB8xB
wuMM5uYFeXvcDb1GozP+Dy4/jNp4sn5h7Fo+4hBAJRfz/gAY/XrmIRHPyQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDDWa2ajmC0gqB7yAdx1XtM1OxakMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0Lzg4ZTQ4
Mi04Mjc3LTQyODAtOWY1Yi04MTQ0YjE0MGVkZjkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvODhlNDgy
LTgyNzctNDI4MC05ZjViLTgxNDRiMTQwZWRmOS8xL01OWnJacU9ZTFNDb0h2SUIz
SFZlMHpVN0ZxUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBwgk6MBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMEijANBgkqhkiG9w0BAQsFAAOCAQEASbAmrq8Rfuws6ctRM8wBbXCtfNjAR+MR
hdJKFLJOMxnbWw5+LXQ1mXqP1GB+jeNHlgBjAaZoEbgoW3koGLhHjbnE43NgR8vN
Au3oh8aB/DioH8torQDbN9qSW9Gv+zto4Yiqnd/SMKhho2pMcP3+Ak3Fz3DcZyeq
NdASPXmroDjq60pIzog+Y5gabdRtdBN/tRpwNkUdHZ8ExZk6Yeyk/gw3Szf9p4iU
0htRz/wGSk6NMfkE1XgQj5KTU02kXyDPj/C9HpT9IorhREq+ppgBTBeECHGvlROP
7+UqM8syTMWt8Ejy9EOdwtwVQPtbu5PZEM8Zh5Fp7Z1scxbZcpAKGg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:48:58 2024 by rpki-client on console-ams.rpki-client.org