Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer
File: N3vRD32QbBMcjJ4vxzFkFt9K4iQ.cer (raw, json)
Hash identifier: Gd87x50p06cWiommOTXRKJ1XoatyWza/owBdquEJuu8=
Subject key identifier: 37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA29FDF4055D6E2D043C3565B886A1B7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:18 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47271
IP: 91.198.11.0/24
IP: 91.209.3.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:fd:f4:05:5d:6e:2d:04:3c:35:65:b8:86:a1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=377bd10f7d906c131c8c9e2fc7316416df4ae224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:51:e2:87:77:25:e7:c3:aa:0c:b4:bf:f7:
ce:ee:16:d6:9a:59:b8:49:59:9e:0c:cf:3f:e6:43:
01:16:a0:4d:9a:41:13:40:db:ed:e2:f6:0c:ca:48:
65:93:20:b9:6f:29:70:3f:34:49:dc:e5:fd:b0:3c:
1e:9e:df:19:a5:c7:03:5a:f9:c9:9e:64:f3:97:92:
90:e8:6e:10:7c:74:7a:2c:c8:53:07:93:89:ca:6a:
ae:df:3c:1d:fd:0b:48:c5:fe:27:f6:a6:6c:88:5f:
34:7e:67:3e:ec:db:fa:39:ed:81:59:63:9a:a1:43:
9f:a6:df:43:de:d9:d5:ad:74:55:9e:e9:ab:c5:8a:
f3:5a:64:77:a7:10:0c:32:b1:f9:71:84:cd:d9:96:
c9:eb:ab:4d:36:f1:d5:57:c4:1b:11:d2:61:25:35:
54:33:2a:62:e4:b4:25:ac:42:e2:dd:e1:8b:15:2e:
4f:8c:b1:7d:bb:42:71:6d:7a:3c:03:10:ca:b3:fa:
18:d6:54:2a:25:63:27:f9:f7:98:07:bc:c9:c7:4c:
33:f6:86:e9:36:34:e2:48:74:b7:dd:90:23:bc:ea:
1a:bc:06:27:b8:b2:87:fd:df:ae:5a:e0:22:13:f1:
3e:40:05:71:2d:0d:84:33:23:1d:81:82:8c:63:d4:
80:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7B:D1:0F:7D:90:6C:13:1C:8C:9E:2F:C7:31:64:16:DF:4A:E2:24
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/208129-d086-49d4-9dc7-5a9ac7f39023/1/N3vRD32QbBMcjJ4vxzFkFt9K4iQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.11.0/24
91.209.3.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47271
Signature Algorithm: sha256WithRSAEncryption
67:fd:95:15:eb:16:5d:b0:41:23:5c:58:cc:6c:48:f4:c6:fd:
ac:3e:6e:ec:c9:3e:49:62:ab:72:9c:6d:18:3e:db:8f:e9:5d:
af:1f:a7:99:0f:29:c2:9f:f3:cd:b6:fa:86:7f:f3:78:5b:f0:
4b:b8:dd:ee:82:4d:5f:4a:da:a9:cc:0c:36:e8:1a:dc:b7:e0:
65:70:55:30:34:06:85:f2:88:ac:42:21:03:3c:ae:5e:d5:0b:
78:d6:f8:6d:37:3e:80:fe:35:18:6d:49:94:00:2f:1c:20:11:
a0:6a:f0:68:29:ee:2c:59:ff:d6:9d:4b:f0:e0:f2:ca:7a:56:
16:df:ba:c4:31:f9:c8:5c:5f:d6:bb:01:54:95:e6:4f:b2:1f:
87:30:02:cd:2f:9b:fc:41:6e:a3:7d:1a:bc:04:85:e4:6d:c8:
11:09:38:89:80:93:b2:2e:3d:f5:82:d9:61:1e:ff:43:bd:d6:
aa:ff:8e:52:54:13:cf:ed:f4:54:df:96:39:b4:46:80:22:c7:
56:75:80:b2:47:5a:66:5d:e6:3a:7d:f9:75:46:39:d2:ed:98:
63:d1:75:43:37:b7:96:7f:8e:0c:55:2d:9e:63:06:ae:36:42:
85:07:bf:94:6c:2f:15:f3:28:1a:2c:8f:2f:f6:49:ae:a0:b2:
75:c1:b5:ce
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzKKf30BV1uLQQ8NWW4hqG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzdiZDEwZjdkOTA2YzEzMWM4YzllMmZjNzMxNjQxNmRmNGFlMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJdR4od3JefDqgy0v/fO7hbWmlm4
SVmeDM8/5kMBFqBNmkETQNvt4vYMykhlkyC5bylwPzRJ3OX9sDwent8ZpccDWvnJ
nmTzl5KQ6G4QfHR6LMhTB5OJymqu3zwd/QtIxf4n9qZsiF80fmc+7Nv6Oe2BWWOa
oUOfpt9D3tnVrXRVnumrxYrzWmR3pxAMMrH5cYTN2ZbJ66tNNvHVV8QbEdJhJTVU
Mypi5LQlrELi3eGLFS5PjLF9u0JxbXo8AxDKs/oY1lQqJWMn+feYB7zJx0wz9obp
NjTiSHS33ZAjvOoavAYnuLKH/d+uWuAiE/E+QAVxLQ2EMyMdgYKMY9SAhwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFDd70Q99kGwTHIyeL8cxZBbfSuIkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzIwODEy
OS1kMDg2LTQ5ZDQtOWRjNy01YTlhYzdmMzkwMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvMjA4MTI5
LWQwODYtNDlkNC05ZGM3LTVhOWFjN2YzOTAyMy8xL04zdlJEMzJRYkJNY2pKNHZ4
ekZrRnQ5SzRpUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW8YLAwQAW9EDMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwC4pzANBgkqhkiG9w0BAQsFAAOCAQEAZ/2VFesWXbBBI1xYzGxI9Mb9
rD5u7Mk+SWKrcpxtGD7bj+ldrx+nmQ8pwp/zzbb6hn/zeFvwS7jd7oJNX0raqcwM
Nuga3LfgZXBVMDQGhfKIrEIhAzyuXtULeNb4bTc+gP41GG1JlAAvHCARoGrwaCnu
LFn/1p1L8ODyynpWFt+6xDH5yFxf1rsBVJXmT7IfhzACzS+b/EFuo30avASF5G3I
EQk4iYCTsi499YLZYR7/Q73Wqv+OUlQTz+30VN+WObRGgCLHVnWAskdaZl3mOn35
dUY50u2YY9F1Qze3ln+ODFUtnmMGrjZChQe/lGwvFfMoGiyPL/ZJrqCydcG1zg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:19:27 2024 by rpki-client on console-ams.rpki-client.org