Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
File: O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer (raw, json)
Hash identifier: ixS4s60s4iE+A8iqCM4teq3p62v8siyfhnpLF2Hu1Iw=
Subject key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8011E7DDFCEA7E9832DB8BAAB4DE91D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:25 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 5429
AS: 29233
IP: 85.89.96.0/19
IP: 185.92.140.0/22
IP: 193.108.182.0/24
IP: 195.178.192.0/19
IP: 217.67.112.0/20
IP: 2a02:7bc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1e:7d:df:ce:a7:e9:83:2d:b8:ba:ab:4d:e9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b55e7feb907137299f5792c36395efba9b34b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:c8:bf:e7:72:30:de:5d:4e:d1:a2:99:cf:
70:c4:50:f7:c2:ca:1b:5d:ce:d1:ef:89:09:a4:90:
03:7e:03:62:b7:37:e4:1f:19:13:97:1a:2b:79:20:
0a:4a:c9:ae:f1:6f:c6:b3:23:77:29:6c:7e:39:18:
ff:0f:28:76:a8:28:a3:21:dc:e1:b1:9b:24:75:54:
df:17:47:4d:de:4b:3c:84:c4:9b:74:cb:62:5d:98:
d1:28:e5:51:86:3e:72:84:4a:0e:74:a5:e2:07:37:
b1:8c:c6:b0:f5:3b:5a:92:42:fc:46:d7:0f:67:b0:
95:f0:4c:da:05:20:08:8c:89:79:48:6c:05:c1:3d:
d9:12:31:b9:a0:2b:79:a3:d7:e7:1c:a9:11:17:5d:
4a:86:ae:ed:41:17:12:10:02:f8:51:73:94:ff:a2:
14:08:6e:28:d2:05:32:1e:2a:43:95:23:a8:f0:52:
d7:76:42:4c:09:9d:50:c1:02:74:41:79:cb:00:43:
8e:0b:69:51:fd:a9:48:c2:b0:67:af:c4:1e:27:11:
7a:7f:7f:6e:ba:af:6c:9a:65:cf:b2:3b:1f:aa:c8:
51:6b:7c:9d:52:d0:c7:9d:00:45:14:eb:f9:4e:26:
a8:a5:7d:45:e2:c7:a7:9d:1f:91:10:2c:b6:d9:f6:
25:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.89.96.0/19
185.92.140.0/22
193.108.182.0/24
195.178.192.0/19
217.67.112.0/20
IPv6:
2a02:7bc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
5429
29233
Signature Algorithm: sha256WithRSAEncryption
a5:2b:cd:65:a0:dd:bf:df:43:78:80:00:fe:0b:89:18:f6:3d:
b1:c8:96:a2:87:8c:59:e9:ac:ba:c4:fa:bf:fe:68:dd:5b:9d:
46:90:71:df:b4:e6:fd:dd:2e:a3:b7:3b:94:e0:8a:81:ae:82:
4a:a7:30:bc:70:c9:61:70:ee:d3:ae:48:40:30:42:0d:f2:46:
da:ea:6b:9f:04:56:35:eb:01:49:28:2d:11:f8:67:64:a2:2b:
ce:97:f6:ce:4d:f3:d4:c8:26:49:a8:b7:71:0b:99:a0:12:1e:
2a:22:6d:b1:d2:1f:63:50:af:37:c1:31:bb:10:bb:cc:49:a7:
d7:30:2a:84:5a:a1:1f:21:8f:43:05:f9:a5:76:fd:80:59:49:
27:3d:4f:35:51:62:66:45:8f:41:59:22:72:dc:49:df:cf:9a:
17:68:1c:40:b5:60:d8:7a:2d:7f:8e:fc:fd:2c:ea:bb:77:d3:
60:d1:7f:bc:83:ad:13:cd:83:4a:89:05:a6:bd:36:2c:73:c3:
d5:67:b3:0c:0a:0e:ba:13:77:d6:fb:06:c7:03:11:47:24:1d:
e9:a9:24:95:b3:8b:cd:b4:47:58:05:aa:94:0f:a7:60:3a:0b:
ea:fe:e1:be:ed:2a:fa:f0:bc:23:49:a4:4a:e2:39:a1:d9:02:
75:1a:c4:98
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYzIAR59386n6YMtuLqrTekdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU1ZTdmZWI5MDcxMzcyOTlmNTc5MmMzNjM5NWVmYmE5YjM0YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5XIv+dyMN5dTtGimc9wxFD3wsob
Xc7R74kJpJADfgNitzfkHxkTlxoreSAKSsmu8W/GsyN3KWx+ORj/Dyh2qCijIdzh
sZskdVTfF0dN3ks8hMSbdMtiXZjRKOVRhj5yhEoOdKXiBzexjMaw9TtakkL8RtcP
Z7CV8EzaBSAIjIl5SGwFwT3ZEjG5oCt5o9fnHKkRF11Khq7tQRcSEAL4UXOU/6IU
CG4o0gUyHipDlSOo8FLXdkJMCZ1QwQJ0QXnLAEOOC2lR/alIwrBnr8QeJxF6f39u
uq9smmXPsjsfqshRa3ydUtDHnQBFFOv5TiaopX1F4sennR+RECy22fYlPwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFDtV5/65BxNymfV5LDY5Xvups0tiMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2LzhiNzY4
Yy0wZTBhLTRhZDMtOTEwMC1hNDQxZTI0YmUwMzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvOGI3Njhj
LTBlMGEtNGFkMy05MTAwLWE0NDFlMjRiZTAzNi8xL08xWG5fcmtIRTNLWjlYa3NO
amxlLTZtelMySS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQFVVlgAwQCuVyMAwQAwWy2AwQFw7LAAwQE2UNw
MA0EAgACMAcDBQAqAnvAMB0GCCsGAQUFBwEIAQH/BA4wDKAKMAgCAhU1AgJyMTAN
BgkqhkiG9w0BAQsFAAOCAQEApSvNZaDdv99DeIAA/guJGPY9sciWooeMWemsusT6
v/5o3VudRpBx37Tm/d0uo7c7lOCKga6CSqcwvHDJYXDu065IQDBCDfJG2uprnwRW
NesBSSgtEfhnZKIrzpf2zk3z1MgmSai3cQuZoBIeKiJtsdIfY1CvN8ExuxC7zEmn
1zAqhFqhHyGPQwX5pXb9gFlJJz1PNVFiZkWPQVkictxJ38+aF2gcQLVg2Hotf478
/Szqu3fTYNF/vIOtE82DSokFpr02LHPD1WezDAoOuhN31vsGxwMRRyQd6akklbOL
zbRHWAWqlA+nYDoL6v7hvu0q+vC8I0mkSuI5odkCdRrEmA==
-----END CERTIFICATE-----
Generated at Fri May 3 07:31:31 2024 by rpki-client on console-fra.rpki-client.org