Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
File: NZXHvH5fzXae1uUxEfPF5IkfnaE.cer (raw, json)
Hash identifier: d30m3RAlivkNI2Bbf76j/uc8qb1CdPZUCNBD73lMKrk=
Subject key identifier: 35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B6A0B69AB8C43BA2B569435E7F3A5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:20 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 201500
IP: 185.72.212.0/22
IP: 185.236.12.0/22
IP: 2a05:39c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6a:0b:69:ab:8c:43:ba:2b:56:94:35:e7:f3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:50:4c:b4:89:9d:19:98:fd:f6:a8:a8:2e:a9:
26:02:61:d8:e6:6d:87:b8:af:6e:13:c7:ac:1b:63:
46:9c:7e:1f:4c:6c:9a:0c:78:2d:75:ce:12:bf:75:
0f:28:b6:8d:41:5f:9a:c7:72:c1:71:1a:1a:f3:21:
f3:22:a5:5d:de:95:aa:87:0d:02:31:1b:47:d1:93:
ac:9e:0c:cc:fc:99:dd:8d:86:c9:77:ad:23:09:ee:
4a:f8:9f:50:df:72:4d:58:94:d9:40:ee:0e:83:b3:
31:48:13:f0:25:3a:e0:5b:d8:60:c4:34:76:ba:a4:
c5:21:ca:65:f5:fd:3f:6b:be:54:5b:ff:7f:22:69:
24:80:23:1b:02:5b:cc:20:52:ef:87:93:73:37:34:
31:a0:1b:6c:84:ac:7f:31:b8:c4:94:9d:c9:74:24:
39:12:78:9d:84:73:fe:4d:39:17:eb:97:06:9e:16:
a2:c8:fe:f2:3d:b4:85:90:ba:6c:c5:95:6e:33:aa:
24:87:f6:fa:1e:55:1c:74:c9:37:02:b6:4a:3f:40:
e9:dc:47:ab:44:4e:1c:a1:42:1f:ec:da:60:c0:04:
d0:39:8e:5f:13:d0:6e:3d:ac:41:d0:ab:f1:54:fd:
fe:d1:dc:8d:e2:f3:b2:25:70:61:ce:1c:35:8a:35:
5c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.212.0/22
185.236.12.0/22
IPv6:
2a05:39c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201500
Signature Algorithm: sha256WithRSAEncryption
62:7d:a0:ce:57:1e:c8:4c:70:c7:af:72:20:42:bc:3e:85:54:
9f:c1:12:97:b5:ef:d1:67:08:a0:9d:04:31:5d:45:90:29:4e:
e0:5c:6d:4a:68:a6:77:c1:37:71:5b:92:ea:ef:91:e7:13:e6:
e5:fc:59:84:f0:fc:7a:06:e0:0c:b0:ec:02:b5:ae:b3:50:8e:
70:bf:b3:a5:5e:39:ca:2d:6b:45:80:7b:fb:8f:d1:bb:6b:5f:
55:3c:d1:c8:f9:ee:cf:8f:49:07:a1:b0:6c:90:a4:b3:e2:a8:
69:25:52:54:ed:e0:54:15:12:cd:7b:08:ef:d2:4b:bb:58:02:
52:65:87:e5:46:27:c1:ff:76:a7:70:20:5f:64:63:0e:2e:3c:
b6:b8:97:ac:68:b2:3e:f6:39:f6:a8:77:26:ea:4a:47:cc:6b:
d8:b7:39:41:a7:53:6a:fb:d0:02:d8:3a:96:ea:bb:f0:ac:24:
5f:9c:2a:33:ce:66:30:66:95:11:48:11:37:15:21:f5:f4:9a:
93:ee:8d:8e:61:a5:86:4f:6c:f3:7f:83:1e:f9:62:e3:4e:bf:
d5:b2:c3:53:51:46:24:e9:c6:65:a6:3e:27:b2:ee:81:6c:5d:
f5:a0:3d:cf:e9:68:d5:26:bd:6e:f0:84:a6:d2:74:1b:07:f5:
92:05:2f:47
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzGS2oLaauMQ7orVpQ15/OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk1YzdiYzdlNWZjZDc2OWVkNmU1MzExMWYzYzVlNDg5MWY5ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1BMtImdGZj99qioLqkmAmHY5m2H
uK9uE8esG2NGnH4fTGyaDHgtdc4Sv3UPKLaNQV+ax3LBcRoa8yHzIqVd3pWqhw0C
MRtH0ZOsngzM/JndjYbJd60jCe5K+J9Q33JNWJTZQO4Og7MxSBPwJTrgW9hgxDR2
uqTFIcpl9f0/a75UW/9/ImkkgCMbAlvMIFLvh5NzNzQxoBtshKx/MbjElJ3JdCQ5
EnidhHP+TTkX65cGnhaiyP7yPbSFkLpsxZVuM6okh/b6HlUcdMk3ArZKP0Dp3Eer
RE4coUIf7NpgwATQOY5fE9BuPaxB0KvxVP3+0dyN4vOyJXBhzhw1ijVcmQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDWVx7x+X812ntblMRHzxeSJH52hMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRiLzAxZGMz
Yy1kOTI2LTRjZGYtOTc4Ny1iZTA0NGE0ZGYzYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIvMDFkYzNj
LWQ5MjYtNGNkZi05Nzg3LWJlMDQ0YTRkZjNhMC8xL05aWEh2SDVmelhhZTF1VXhF
ZlBGNUlrZm5hRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuUjUAwQCuewMMA0EAgACMAcDBQMqBTnAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMTHDANBgkqhkiG9w0BAQsFAAOCAQEAYn2g
zlceyExwx69yIEK8PoVUn8ESl7Xv0WcIoJ0EMV1FkClO4FxtSmimd8E3cVuS6u+R
5xPm5fxZhPD8egbgDLDsArWus1COcL+zpV45yi1rRYB7+4/Ru2tfVTzRyPnuz49J
B6GwbJCks+KoaSVSVO3gVBUSzXsI79JLu1gCUmWH5UYnwf92p3AgX2RjDi48triX
rGiyPvY59qh3JupKR8xr2Lc5QadTavvQAtg6luq78KwkX5wqM85mMGaVEUgRNxUh
9fSak+6NjmGlhk9s83+DHvli406/1bLDU1FGJOnGZaY+J7LugWxd9aA9z+lo1Sa9
bvCEptJ0Gwf1kgUvRw==
-----END CERTIFICATE-----
Generated at Fri May 3 06:57:50 2024 by rpki-client on console-ams.rpki-client.org