Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
File: MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer (raw, json)
Hash identifier: 4k+QSW8zQY+I9fMHU1Cr4WAHroCu5F9yFjCZJvFj6mE=
Subject key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC727286A68405C7CFBB9D80A8C0879E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 12481
IP: 5.100.232.0/21
IP: 94.142.144.0/21
IP: 212.103.192.0/19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:28:6a:68:40:5c:7c:fb:b9:d8:0a:8c:08:79:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:03:84:ac:2e:4c:28:de:cc:ee:22:4e:e0:
72:26:cb:27:71:62:eb:e8:ae:2f:50:0c:18:ec:ca:
0e:ac:0c:91:11:4c:f4:18:d5:50:27:98:9a:c4:99:
1b:42:61:09:00:51:0e:f6:00:f5:e2:b9:b9:76:89:
e6:a5:5f:21:ae:44:00:50:e2:68:4b:bd:ce:74:fe:
9f:68:8c:76:c1:15:f9:dd:b6:a2:cf:a8:fd:28:44:
26:76:4a:9a:4e:06:7f:7b:99:27:5d:65:f3:fe:f4:
65:48:22:11:89:1b:2a:1f:9c:78:e0:02:47:9d:19:
6a:ed:6b:1a:a7:e9:30:bb:df:02:89:7d:b3:18:89:
48:08:03:33:d9:cf:27:1b:36:83:c5:d1:63:8f:d1:
32:11:5d:b9:ec:5d:7c:82:01:48:f6:9a:c3:e6:b3:
79:2f:13:9f:0d:77:74:fc:f8:ba:50:44:b2:61:b5:
b9:1a:9c:26:07:61:cb:19:a6:b8:6b:c5:85:0b:60:
42:bc:25:20:7c:95:17:ea:f7:31:1a:f5:ae:e8:1b:
11:5d:be:b5:c3:77:ff:c8:d0:3c:87:87:c3:b0:4d:
d1:62:fd:fa:2d:76:b4:ce:e0:1e:53:e9:d4:cd:7f:
b9:37:53:00:d0:f4:7d:b4:56:96:cd:ca:bc:67:d2:
2c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
12481
Signature Algorithm: sha256WithRSAEncryption
25:24:cf:d8:8d:dc:8f:40:13:32:0e:a1:63:79:c9:fb:4a:a9:
dc:91:52:91:0c:f3:b4:69:26:d7:f8:84:82:c2:6d:cb:75:32:
33:97:87:80:b8:e7:63:92:11:61:e8:a7:43:20:3a:c9:99:1e:
4b:3f:42:ce:cc:09:08:2d:48:3a:44:86:02:c2:bb:5e:b0:bc:
12:aa:cf:ba:97:12:ab:1d:e8:99:71:45:15:c4:8b:a9:b4:45:
eb:4d:2d:f8:07:93:f6:6a:67:b4:9a:14:3d:ea:ff:92:47:65:
f5:a2:71:9b:77:2f:71:43:86:9a:6c:54:e3:17:d6:44:2b:3e:
b1:72:db:5c:98:a5:50:c6:40:f7:2f:e8:c2:ab:b9:90:df:1f:
1c:95:b0:58:1d:04:f7:0e:b6:c6:87:7a:44:64:43:0e:93:dd:
00:7d:d9:f8:a3:97:d8:e9:92:48:d7:30:bc:fb:60:4a:2a:7b:
5c:5c:f6:95:f9:78:81:c2:71:5b:e8:e9:20:2b:84:b0:b6:f1:
70:b7:17:a2:f1:38:37:e7:42:66:02:dd:aa:1f:a9:74:91:a0:
cf:2c:41:b2:7e:bb:74:b5:81:11:af:39:56:93:7f:9a:6b:c6:
72:b6:70:40:ec:44:b2:48:14:23:2f:41:81:12:7a:2e:b2:9c:
07:62:8e:93
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzHJyhqaEBcfPu52AqMCHniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWIwZjY0YzY5ZDMzMGI2NmViY2QwM2E5YmYwZmRjMTlmMzE0N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquYDhKwuTCjezO4iTuByJssncWLr
6K4vUAwY7MoOrAyREUz0GNVQJ5iaxJkbQmEJAFEO9gD14rm5donmpV8hrkQAUOJo
S73OdP6faIx2wRX53baiz6j9KEQmdkqaTgZ/e5knXWXz/vRlSCIRiRsqH5x44AJH
nRlq7Wsap+kwu98CiX2zGIlICAMz2c8nGzaDxdFjj9EyEV257F18ggFI9prD5rN5
LxOfDXd0/Pi6UESyYbW5GpwmB2HLGaa4a8WFC2BCvCUgfJUX6vcxGvWu6BsRXb61
w3f/yNA8h4fDsE3RYv36LXa0zuAeU+nUzX+5N1MA0PR9tFaWzcq8Z9Is6QIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFDGw9kxp0zC2brzQOpvw/cGfMUfYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBmLzJmYjQ3
My04ZTZiLTRmMGQtYWQzMC1kNDkzNDQ5M2E2NzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYvMmZiNDcz
LThlNmItNGYwZC1hZDMwLWQ0OTM0NDkzYTY3OS8xL01iRDJUR25UTUxadXZOQTZt
X0Q5d1o4eFI5Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUF
BwEHAQH/BBwwGjAYBAIAATASAwQDBWToAwQDXo6QAwQF1GfAMBkGCCsGAQUFBwEI
AQH/BAowCKAGMAQCAjDBMA0GCSqGSIb3DQEBCwUAA4IBAQAlJM/YjdyPQBMyDqFj
ecn7SqnckVKRDPO0aSbX+ISCwm3LdTIzl4eAuOdjkhFh6KdDIDrJmR5LP0LOzAkI
LUg6RIYCwrtesLwSqs+6lxKrHeiZcUUVxIuptEXrTS34B5P2ame0mhQ96v+SR2X1
onGbdy9xQ4aabFTjF9ZEKz6xcttcmKVQxkD3L+jCq7mQ3x8clbBYHQT3DrbGh3pE
ZEMOk90Afdn4o5fY6ZJI1zC8+2BKKntcXPaV+XiBwnFb6OkgK4SwtvFwtxei8Tg3
50JmAt2qH6l0kaDPLEGyfrt0tYERrzlWk3+aa8ZytnBA7ESySBQjL0GBEnouspwH
Yo6T
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:07:43 2024 by rpki-client on console-fra.rpki-client.org