Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N0MfG-n9wkGQmEec3kV7v3lXF1k.cer
File: N0MfG-n9wkGQmEec3kV7v3lXF1k.cer (raw, json)
Hash identifier: xx7MuKnFiQzfysd0A5BTfP9dIyuNi/Sfwi+TMlbZt9M=
Subject key identifier: 37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DCC23247BAF64C1E743FFB5E4E8CCB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:30:28 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 41717
IP: 185.211.132.0/22
IP: 2a0b:65c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c2:32:47:ba:f6:4c:1e:74:3f:fb:5e:4e:8c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37431f1be9fdc2419098479cde457bbf79571759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:24:eb:48:f5:17:fe:c2:44:8b:6a:13:d4:
9b:7f:ef:37:43:8f:ed:2f:23:48:dc:8e:f3:fe:4c:
bb:12:8a:7f:da:86:d2:ac:90:82:3f:37:13:f8:7d:
73:e6:43:c2:e7:6d:29:4d:f1:6a:e1:53:df:60:0c:
d5:40:2a:67:97:93:12:fa:a9:b0:16:a2:e7:12:70:
f2:d5:f9:91:62:d3:62:6f:b1:b0:0b:8e:6f:22:47:
d9:39:f3:01:78:4b:0a:3e:2f:ad:fe:94:b8:ea:78:
4a:6f:0d:93:65:e6:71:fc:3c:9b:87:ed:e1:1d:fd:
0b:84:00:62:a4:2f:88:e8:f4:6f:4d:e3:e1:c7:59:
ba:dd:ed:f5:e7:21:17:d0:6c:61:af:b3:d9:ea:0f:
0b:9e:ff:14:4d:10:f2:db:b8:1f:5a:15:60:01:ce:
4a:dc:1b:6a:a4:71:d0:24:02:36:d1:03:07:9b:06:
87:61:29:45:35:f3:c5:a8:94:97:07:e6:64:7c:55:
92:a7:8e:a0:fe:50:6c:8f:d9:b3:40:77:27:ac:7c:
de:d4:7f:7b:7b:4a:d8:5c:aa:03:69:4a:51:c7:ed:
9a:b1:9b:16:04:af:99:5c:09:66:d4:e1:1c:1b:07:
68:c1:dd:a8:0f:39:8a:f8:2f:a5:3c:91:95:f8:82:
7d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:43:1F:1B:E9:FD:C2:41:90:98:47:9C:DE:45:7B:BF:79:57:17:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b53547-d340-4392-af46-615961312b52/1/N0MfG-n9wkGQmEec3kV7v3lXF1k.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.132.0/22
IPv6:
2a0b:65c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41717
Signature Algorithm: sha256WithRSAEncryption
7e:9b:94:f0:07:ee:7b:87:20:a3:71:ea:71:98:2c:13:3f:e0:
b1:fb:ce:75:f7:80:5c:88:e3:cd:b5:48:41:ee:5c:cd:26:b7:
0d:10:7b:48:e2:c2:f4:46:89:ea:7c:de:17:62:c6:9a:51:6f:
2d:b7:86:ae:1b:a3:60:b5:72:ee:da:45:f5:ff:5e:bc:f7:28:
ea:a9:69:e6:52:b1:02:7d:fb:19:01:a6:72:b5:4e:fe:38:6d:
e0:81:00:fa:50:70:64:84:bd:c2:78:78:03:eb:10:2d:b2:ff:
4a:e4:f0:d2:33:df:5e:d1:86:e3:bf:aa:f5:fc:14:80:e7:91:
52:bc:f0:db:1b:56:6c:2d:0f:be:d2:b0:6c:19:1b:99:4b:9b:
f1:38:c8:cd:fc:64:b0:e6:5b:f9:8b:d3:c3:2b:1f:70:c1:96:
27:76:c6:94:47:1e:eb:16:54:1f:ab:ac:db:f0:10:bb:83:13:
84:8e:16:89:b8:65:f6:8a:ff:b7:66:49:15:26:ef:29:92:f8:
39:1c:b8:08:37:e2:56:ae:3a:e0:42:94:11:df:78:e9:4d:dd:
f6:f7:bd:25:72:c4:cf:5c:03:98:a2:d9:e8:3b:5e:dc:04:7a:
d7:67:31:58:92:d3:bf:c3:1f:94:0b:f7:7c:fe:b3:59:bd:73:
56:0b:69:4b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzF3MIyR7r2TB50P/teTozLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQzMWYxYmU5ZmRjMjQxOTA5ODQ3OWNkZTQ1N2JiZjc5NTcxNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2gk60j1F/7CRItqE9Sbf+83Q4/t
LyNI3I7z/ky7Eop/2obSrJCCPzcT+H1z5kPC520pTfFq4VPfYAzVQCpnl5MS+qmw
FqLnEnDy1fmRYtNib7GwC45vIkfZOfMBeEsKPi+t/pS46nhKbw2TZeZx/Dybh+3h
Hf0LhABipC+I6PRvTePhx1m63e315yEX0Gxhr7PZ6g8Lnv8UTRDy27gfWhVgAc5K
3BtqpHHQJAI20QMHmwaHYSlFNfPFqJSXB+ZkfFWSp46g/lBsj9mzQHcnrHze1H97
e0rYXKoDaUpRx+2asZsWBK+ZXAlm1OEcGwdowd2oDzmK+C+lPJGV+IJ93QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDdDHxvp/cJBkJhHnN5Fe795VxdZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FkL2I1MzU0
Ny1kMzQwLTQzOTItYWY0Ni02MTU5NjEzMTJiNTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQvYjUzNTQ3
LWQzNDAtNDM5Mi1hZjQ2LTYxNTk2MTMxMmI1Mi8xL04wTWZHLW45d2tHUW1FZWMz
a1Y3djNsWEYxay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCudOEMA0EAgACMAcDBQMqC2XAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCi9TANBgkqhkiG9w0BAQsFAAOCAQEAfpuU8Afue4cg
o3HqcZgsEz/gsfvOdfeAXIjjzbVIQe5czSa3DRB7SOLC9EaJ6nzeF2LGmlFvLbeG
rhujYLVy7tpF9f9evPco6qlp5lKxAn37GQGmcrVO/jht4IEA+lBwZIS9wnh4A+sQ
LbL/SuTw0jPfXtGG47+q9fwUgOeRUrzw2xtWbC0PvtKwbBkbmUub8TjIzfxksOZb
+YvTwysfcMGWJ3bGlEce6xZUH6us2/AQu4MThI4Wibhl9or/t2ZJFSbvKZL4ORy4
CDfiVq464EKUEd946U3d9ve9JXLEz1wDmKLZ6Dte3AR612cxWJLTv8MflAv3fP6z
Wb1zVgtpSw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:07:23 2024 by rpki-client on console-fra.rpki-client.org