Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
File: NW2albrOGXhcQGR2Y_MdkFYmHC8.cer (raw, json)
Hash identifier: DIovwrLRh01rOHUzBSjnqxXCgW4D2RtpH5pQpVnByBQ=
Subject key identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8014FFF06128A62521781DB83E3875B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 60321
IP: 185.32.192.0/22
IP: 2a04:5840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4f:ff:06:12:8a:62:52:17:81:db:83:e3:87:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=356d9a95bace19785c40647663f31d9056261c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:13:f8:80:e6:ad:96:b2:a5:3a:22:30:f4:
4a:51:d2:3e:ed:43:8a:dd:14:c7:8b:1a:99:fe:f7:
4a:a7:0a:84:24:01:73:c3:b9:b7:2f:7b:55:9b:5a:
36:69:7f:0a:48:a8:fa:75:28:7d:e9:89:99:16:59:
eb:f0:f9:10:36:e9:a1:40:cf:79:31:e5:2f:86:f1:
0b:28:82:82:a1:ea:ec:b9:bf:dd:12:0d:b0:9d:f9:
85:97:9a:77:98:5f:b2:43:8f:90:d3:f0:d1:de:77:
24:9f:b1:5c:92:01:ab:0b:6c:8a:c6:12:dc:6a:d1:
50:08:90:8f:60:de:82:e1:c3:7c:7e:28:90:d4:8b:
d8:8f:9b:c9:15:4a:bd:8d:13:96:2d:c5:ba:90:ef:
28:a6:f1:cb:f9:6d:f4:df:7b:d2:0a:ab:5c:07:ed:
93:e9:fd:be:82:b8:82:13:17:14:32:29:3c:ab:33:
07:d3:80:70:31:a2:89:91:89:cd:f0:9d:52:88:53:
66:87:98:a5:bf:9f:73:ae:12:64:52:24:2d:cc:cc:
d9:c0:38:71:07:88:8a:d8:8a:7a:f0:f5:92:a7:dc:
92:60:a0:1f:5f:7d:cf:7c:db:8e:7d:78:14:4f:b0:
9a:b2:10:ee:f4:6a:12:e0:f3:a6:19:64:dc:2a:2b:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.192.0/22
IPv6:
2a04:5840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60321
Signature Algorithm: sha256WithRSAEncryption
09:df:09:a1:1a:05:5d:a2:75:4b:8a:7c:fb:57:d1:89:c9:73:
96:47:74:66:c6:a4:18:f7:57:f9:0d:76:d5:83:82:e4:0c:bf:
cc:68:59:a7:8e:e8:91:1b:44:de:71:29:7e:06:f4:b4:f3:1b:
f1:e4:22:2e:46:8f:e5:bb:70:30:62:b5:74:00:3d:c2:7f:a7:
f4:69:88:1d:4e:02:0a:86:71:03:f8:85:a7:8f:f9:07:86:9b:
70:d9:eb:03:ab:f1:c7:47:80:ee:ce:44:45:7f:62:3d:aa:6a:
4b:03:d2:7e:e9:20:b1:13:1c:d8:08:0e:78:9b:d0:5d:31:de:
ef:36:22:c7:92:67:5f:cc:32:7b:c2:3d:c9:45:c8:ca:f6:e1:
89:d8:25:eb:c9:b5:2c:24:3b:8a:3c:d2:96:68:cd:cb:a4:ff:
cd:f3:a0:b0:b0:e0:56:e2:12:f4:17:eb:d1:c3:c0:1f:05:0d:
a0:60:ab:ec:c7:97:9f:da:20:90:d4:ec:e2:5b:81:37:fa:ff:
8b:7c:87:21:10:a7:ca:58:2b:f0:ff:5b:17:4d:68:81:d4:5c:
1d:be:5c:ef:bc:8a:90:3e:68:47:26:6e:ad:7d:66:bc:43:21:
74:9d:08:06:15:3b:a1:ab:1d:59:40:a6:b9:8c:63:83:74:51:
0c:22:d8:a2
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIAU//BhKKYlIXgduD44dbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZkOWE5NWJhY2UxOTc4NWM0MDY0NzY2M2YzMWQ5MDU2MjYxYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUcT+IDmrZaypToiMPRKUdI+7UOK
3RTHixqZ/vdKpwqEJAFzw7m3L3tVm1o2aX8KSKj6dSh96YmZFlnr8PkQNumhQM95
MeUvhvELKIKCoersub/dEg2wnfmFl5p3mF+yQ4+Q0/DR3nckn7FckgGrC2yKxhLc
atFQCJCPYN6C4cN8fiiQ1IvYj5vJFUq9jROWLcW6kO8opvHL+W3033vSCqtcB+2T
6f2+griCExcUMik8qzMH04BwMaKJkYnN8J1SiFNmh5ilv59zrhJkUiQtzMzZwDhx
B4iK2Ip68PWSp9ySYKAfX33PfNuOfXgUT7CashDu9GoS4POmGWTcKiut4wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDVtmpW6zhl4XEBkdmPzHZBWJhwvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhL2RkOWM5
MC0zMWE5LTQ5OTUtOWRhMy00ZWZkZTZlYjMyZDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvZGQ5Yzkw
LTMxYTktNDk5NS05ZGEzLTRlZmRlNmViMzJkNC8xL05XMmFsYnJPR1hoY1FHUjJZ
X01ka0ZZbUhDOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuSDAMA0EAgACMAcDBQMqBFhAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDroTANBgkqhkiG9w0BAQsFAAOCAQEACd8JoRoFXaJ1
S4p8+1fRiclzlkd0ZsakGPdX+Q121YOC5Ay/zGhZp47okRtE3nEpfgb0tPMb8eQi
LkaP5btwMGK1dAA9wn+n9GmIHU4CCoZxA/iFp4/5B4abcNnrA6vxx0eA7s5ERX9i
PapqSwPSfukgsRMc2AgOeJvQXTHe7zYix5JnX8wye8I9yUXIyvbhidgl68m1LCQ7
ijzSlmjNy6T/zfOgsLDgVuIS9Bfr0cPAHwUNoGCr7MeXn9ogkNTs4luBN/r/i3yH
IRCnylgr8P9bF01ogdRcHb5c77yKkD5oRyZurX1mvEMhdJ0IBhU7oasdWUCmuYxj
g3RRDCLYog==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:18:51 2024 by rpki-client on console-ams.rpki-client.org