Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
File: NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer (raw, json)
Hash identifier: X7XsOwezFXLxni5rL283e2f4ZMcQdxP43awWlqOsP8g=
Subject key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56DE933131149C473032CCEAE6434F2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:23 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 203639
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e9:33:13:11:49:c4:73:03:2c:ce:ae:64:34:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5e:ce:38:ba:cf:d9:79:eb:83:d8:52:0e:e2:
be:d6:ad:d3:2c:c2:63:81:df:e1:cf:4d:f1:f9:c5:
f6:b8:9d:65:5e:c6:bb:85:99:e9:ba:f5:62:9a:0d:
77:53:4e:3e:a7:9b:eb:c2:f8:b6:af:e2:11:b9:6d:
8f:42:04:2f:e4:2b:31:31:4d:20:fe:62:2c:f9:f0:
50:a9:5b:d7:4e:bf:46:14:2f:dd:7c:bc:4d:0e:38:
ab:1f:a5:d7:4d:40:e5:96:6d:85:23:5b:8c:c5:98:
61:e1:fc:34:c9:c8:b2:0e:95:14:df:7d:84:d6:fb:
88:30:dd:6c:d8:f8:f0:65:95:8f:8f:02:d5:d0:d2:
a0:0f:c3:0f:cc:86:9d:7d:d7:f7:52:1b:bd:08:8f:
d2:a6:a2:11:d6:a6:fc:55:dc:26:3d:c6:d2:9d:2b:
86:4d:e0:2b:b2:24:cb:99:00:51:2d:f8:c1:45:c8:
7e:2f:fd:5f:be:01:d7:c8:3a:f8:ee:ea:2a:87:8a:
b1:eb:08:a0:8d:64:8c:2f:8e:d1:e0:17:eb:b0:06:
85:45:cc:0e:55:f9:4d:f3:8d:4d:1f:08:e3:d1:4d:
3b:08:5a:cb:56:05:89:a7:31:79:d0:30:bc:2f:86:
6c:f9:88:ef:7b:8d:7a:07:7e:10:55:5a:0d:9b:c1:
22:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203639
Signature Algorithm: sha256WithRSAEncryption
60:71:77:b7:ae:9b:ab:fb:3a:83:e7:30:d9:1b:d4:d2:46:71:
c4:34:6a:de:ee:1d:78:bf:6f:17:d6:eb:d2:10:3c:75:97:0a:
d9:3a:92:89:23:08:bf:e9:fa:5f:1c:46:67:cc:fa:c2:fa:15:
f0:14:36:63:4c:24:14:6b:ba:9e:b5:14:c3:e1:6d:2b:87:6b:
0a:cf:48:9f:06:da:e5:8a:2e:7b:4d:ab:51:87:b8:2c:df:1b:
c2:61:31:fa:62:98:e9:93:b8:4f:23:64:dc:1b:0f:68:8b:7d:
91:a9:b7:10:d9:55:fc:37:8c:95:61:0a:0f:05:70:9b:2f:ab:
f0:e3:93:c6:c1:e4:a3:aa:a1:f3:de:16:1a:5a:1c:ab:1a:82:
4b:7c:9b:25:f9:d4:75:63:ac:90:7d:9c:30:35:8f:5d:a4:8b:
9b:59:0f:ba:f1:cf:48:b7:0b:40:2f:81:b8:87:7b:f5:19:16:
c1:1f:3c:d2:96:83:f9:1f:e3:bd:ea:48:21:7f:54:ad:2f:80:
3e:14:34:f8:fb:bb:14:e5:8e:f4:4c:7b:20:cf:b1:a9:52:2a:
ff:53:28:fb:e5:57:dc:5c:b8:8e:c2:c7:d3:2a:fb:25:f9:d4:
e1:0c:e5:61:d0:4c:4f:7a:6e:a9:f6:35:8a:0a:d0:2d:3f:f6:
e5:13:4b:1e
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzFbekzExFJxHMDLM6uZDTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTA2YmI3ZWMwNjY2MDIyZjAzYzBiZDlmNTVmNzhjMGE3ZWFkYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV7OOLrP2Xnrg9hSDuK+1q3TLMJj
gd/hz03x+cX2uJ1lXsa7hZnpuvVimg13U04+p5vrwvi2r+IRuW2PQgQv5CsxMU0g
/mIs+fBQqVvXTr9GFC/dfLxNDjirH6XXTUDllm2FI1uMxZhh4fw0yciyDpUU332E
1vuIMN1s2PjwZZWPjwLV0NKgD8MPzIadfdf3Uhu9CI/SpqIR1qb8VdwmPcbSnSuG
TeArsiTLmQBRLfjBRch+L/1fvgHXyDr47uoqh4qx6wigjWSML47R4BfrsAaFRcwO
VflN841NHwjj0U07CFrLVgWJpzF50DC8L4Zs+Yjve416B34QVVoNm8Ei5QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFDUGu37AZmAi8DwL2fVfeMCn6tqfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZkL2FlOGU0
Ny0xNGI0LTQ5MTQtODI2Zi00MTNhNTk1OGE3ZjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQvYWU4ZTQ3
LTE0YjQtNDkxNC04MjZmLTQxM2E1OTU4YTdmMy8xL05RYTdmc0JtWUNMd1BBdlo5
Vjk0d0tmcTJwOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMbdzANBgkqhkiG9w0BAQsFAAOCAQEAYHF3t66bq/s6
g+cw2RvU0kZxxDRq3u4deL9vF9br0hA8dZcK2TqSiSMIv+n6XxxGZ8z6wvoV8BQ2
Y0wkFGu6nrUUw+FtK4drCs9Inwba5Youe02rUYe4LN8bwmEx+mKY6ZO4TyNk3BsP
aIt9kam3ENlV/DeMlWEKDwVwmy+r8OOTxsHko6qh894WGlocqxqCS3ybJfnUdWOs
kH2cMDWPXaSLm1kPuvHPSLcLQC+BuId79RkWwR880paD+R/jvepIIX9UrS+APhQ0
+Pu7FOWO9Ex7IM+xqVIq/1Mo++VX3Fy4jsLH0yr7JfnU4QzlYdBMT3puqfY1igrQ
LT/25RNLHg==
-----END CERTIFICATE-----
Generated at Fri May 3 02:55:21 2024 by rpki-client on console-fra.rpki-client.org