Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O5olHl0dO6vkxXnJHrPgrDf3vyo.cer
File: O5olHl0dO6vkxXnJHrPgrDf3vyo.cer (raw, json)
Hash identifier: xGXzRkRNMLOA1ZMMhd1noSFkwfb9S9Hf2El7yr++Fq4=
Subject key identifier: 3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DB4563F8D33EB13204339903C6C5D4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:59 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 205020
IP: 94.142.252.0/24
IP: 2a12:76c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:45:63:f8:d3:3e:b1:32:04:33:99:03:c6:c5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b9a251e5d1d3babe4c579c91eb3e0ac37f7bf2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:73:5a:65:69:42:91:3a:f7:e4:94:56:ab:
6d:a1:13:15:23:ed:ec:5f:88:93:1a:9a:ee:c9:09:
8e:df:99:3d:c9:8b:f3:dc:17:df:49:4d:87:76:09:
d1:83:ed:74:d8:a0:07:92:ed:81:f5:3c:14:72:c1:
49:b1:4a:5e:77:32:02:0c:a2:ae:92:7d:a5:90:b5:
23:b0:e5:fd:9c:f5:19:8c:f0:39:5c:eb:4f:77:0c:
19:3e:dd:09:e7:de:d6:9f:48:d2:ac:88:42:e9:fd:
6f:cc:1e:f6:3a:50:dc:f0:f0:a0:5a:78:e4:b2:1b:
d7:89:8b:ee:88:48:88:3d:ee:49:ad:c9:2b:d9:23:
cb:4c:b4:bd:e2:bf:6d:02:a7:6a:3b:d6:a2:90:82:
de:35:e3:3c:6f:ca:43:0a:ad:fa:14:b8:67:fc:e4:
b4:27:00:c7:2f:ef:97:0e:c3:f4:14:07:f3:2c:13:
fd:8a:e2:53:fa:fa:32:58:53:9a:39:f7:0f:4c:bb:
93:50:56:05:7a:6b:14:1c:e1:ef:90:81:32:dc:28:
88:de:77:f8:b7:2f:be:4d:1c:c0:ef:38:a3:1b:e4:
35:16:8a:12:5e:d3:6b:68:2d:e2:0e:4e:a9:e5:6d:
9d:36:45:98:4b:6a:da:70:0f:b3:52:95:c6:50:76:
0f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.252.0/24
IPv6:
2a12:76c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205020
Signature Algorithm: sha256WithRSAEncryption
2b:89:5b:73:b9:eb:fa:7c:97:75:02:f2:ac:18:9a:1f:96:02:
b3:92:1b:90:25:85:f6:b0:71:4e:c6:99:8c:d7:55:6e:20:fa:
5d:7d:e5:b1:87:96:fa:43:79:b6:f2:0a:1f:5b:69:a2:97:1a:
bd:e9:34:0d:37:03:ac:01:05:14:a9:39:e9:64:22:33:3a:be:
ac:28:24:b2:91:09:b8:6c:72:3d:44:88:b4:45:38:4f:cf:f4:
50:f2:5d:d4:88:fe:57:45:aa:66:a1:6b:63:97:ef:16:5a:b0:
cc:35:7c:5a:3e:45:94:66:bd:db:18:b2:77:bc:d0:d3:3d:64:
0c:83:ca:8f:0d:56:2c:e4:11:ed:77:c6:88:cd:f5:90:20:8c:
e3:9b:8d:ff:b3:a5:2e:94:1c:f0:92:e4:cb:1f:c5:2a:e9:c2:
e9:81:1f:78:62:c8:84:f1:5b:51:04:26:de:c5:aa:22:8d:97:
41:63:f3:34:9f:f7:bd:2e:ea:2a:28:10:ec:0c:54:4f:6a:e2:
f8:87:74:a7:db:af:6b:61:0b:cd:58:2c:cb:cd:c4:6f:9b:30:
a3:c8:54:b3:11:51:1e:5a:91:f0:7d:0c:ba:8b:02:8d:57:3e:
e1:24:b7:77:c1:1f:9f:44:77:a3:88:0b:13:c0:f0:23:0a:97:
e0:fc:76:c5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC20Vj+NM+sTIEM5kDxsXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjlhMjUxZTVkMWQzYmFiZTRjNTc5YzkxZWIzZTBhYzM3ZjdiZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfRzWmVpQpE69+SUVqttoRMVI+3s
X4iTGpruyQmO35k9yYvz3BffSU2HdgnRg+102KAHku2B9TwUcsFJsUpedzICDKKu
kn2lkLUjsOX9nPUZjPA5XOtPdwwZPt0J597Wn0jSrIhC6f1vzB72OlDc8PCgWnjk
shvXiYvuiEiIPe5Jrckr2SPLTLS94r9tAqdqO9aikILeNeM8b8pDCq36FLhn/OS0
JwDHL++XDsP0FAfzLBP9iuJT+voyWFOaOfcPTLuTUFYFemsUHOHvkIEy3CiI3nf4
ty++TRzA7zijG+Q1FooSXtNraC3iDk6p5W2dNkWYS2racA+zUpXGUHYP+wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDuaJR5dHTur5MV5yR6z4Kw3978qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1LzBkZGZm
My05ZTcwLTRkNjMtYjVhMC1jNjYzMmNjMDE0YjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvMGRkZmYz
LTllNzAtNGQ2My1iNWEwLWM2NjMyY2MwMTRiMC8xL081b2xIbDBkTzZ2a3hYbkpI
clBnckRmM3Z5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXo78MA0EAgACMAcDBQMqEnbAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMg3DANBgkqhkiG9w0BAQsFAAOCAQEAK4lbc7nr+nyX
dQLyrBiaH5YCs5IbkCWF9rBxTsaZjNdVbiD6XX3lsYeW+kN5tvIKH1tpopcavek0
DTcDrAEFFKk56WQiMzq+rCgkspEJuGxyPUSItEU4T8/0UPJd1Ij+V0WqZqFrY5fv
FlqwzDV8Wj5FlGa92xiyd7zQ0z1kDIPKjw1WLOQR7XfGiM31kCCM45uN/7OlLpQc
8JLkyx/FKunC6YEfeGLIhPFbUQQm3sWqIo2XQWPzNJ/3vS7qKigQ7AxUT2ri+Id0
p9uva2ELzVgsy83Eb5swo8hUsxFRHlqR8H0MuosCjVc+4SS3d8Efn0R3o4gLE8Dw
IwqX4Px2xQ==
-----END CERTIFICATE-----
Generated at Fri May 3 01:43:01 2024 by rpki-client on console-ams.rpki-client.org