Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.cer (raw, json)
Hash identifier: Hnza7m5zMPMLqg3GQiuOn/ofGIqe+xfK8aFH1ZCTLRg=
Subject key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B70AA3AC8FA71035222DE7E59257B1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:30:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 34978
IP: 81.29.224.0/20
IP: 185.52.8.0/22
IP: 2a04:c640::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0a:a3:ac:8f:a7:10:35:22:2d:e7:e5:92:57:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:df:34:62:81:54:47:b4:9b:ca:9f:03:34:
9d:27:ad:c8:e6:f2:0a:12:26:11:05:07:40:2b:ab:
73:ff:8d:8a:34:4a:d2:89:88:37:c8:66:59:72:69:
91:f8:96:50:34:4b:be:df:12:d7:08:40:61:4c:83:
51:0d:ba:5f:d7:b7:c9:03:8e:73:76:83:02:12:88:
aa:a0:42:c6:c1:d4:fe:2d:2c:f2:e1:f9:51:bd:9b:
66:15:57:03:b2:e7:c8:73:59:b9:c9:0d:18:93:85:
9e:23:0c:96:bd:97:94:c9:7e:24:ed:08:73:aa:91:
ea:9a:85:0c:52:7f:e8:b5:29:f6:b0:6d:6c:c3:02:
d9:76:d4:c3:69:7f:84:85:8f:5a:97:b2:22:6b:a2:
8c:f5:fe:43:a6:05:02:5e:39:c5:75:7e:ab:fa:28:
06:c1:1b:22:79:25:08:88:15:22:74:a8:75:ec:cf:
9a:a1:9a:56:64:ac:25:a1:69:52:5f:6c:3c:5b:c9:
38:63:11:18:fd:98:5d:21:4a:e4:21:3a:a4:89:d9:
d0:c7:23:c4:9a:e6:52:3f:68:73:dd:56:c5:67:9b:
a1:cc:40:6e:79:3a:88:a0:be:c0:81:a9:bd:17:0c:
65:22:67:c8:bb:b4:ef:0c:9e:e8:b2:82:ce:eb:c5:
15:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.224.0/20
185.52.8.0/22
IPv6:
2a04:c640::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34978
Signature Algorithm: sha256WithRSAEncryption
16:02:d1:4d:ef:89:38:2f:8f:ef:8a:ba:1d:7c:f9:1a:63:1f:
00:9c:a3:ca:61:a0:70:1d:64:88:bb:a0:42:3f:0a:da:87:fc:
db:07:e4:d5:d5:2a:f4:1a:9a:b2:95:66:b9:75:a1:c8:76:da:
56:c4:99:19:4a:39:d6:46:53:c0:32:9b:a8:50:30:eb:54:12:
19:50:00:24:df:93:9d:bc:57:91:87:9d:1f:bc:6b:d6:6e:a9:
6a:63:06:94:70:84:c5:dd:97:85:f6:89:30:00:d7:66:c6:ba:
1e:a0:fd:f2:d6:94:2e:18:fd:02:62:2f:37:4f:10:5e:1c:4c:
03:a0:5a:5c:4e:f0:d2:d4:db:2e:b4:53:91:fe:42:ed:26:84:
35:37:f5:ec:53:47:61:36:61:b0:10:1e:62:17:b1:aa:cd:ee:
0b:cc:0c:48:a3:2f:50:76:0d:2c:a3:f9:7b:5e:44:0f:3a:fc:
a5:7b:d5:77:7c:c2:e1:50:e4:b5:ca:37:93:43:49:64:cf:bc:
58:26:01:d3:50:0b:e9:44:36:91:1d:be:6c:8f:3c:c1:30:05:
12:78:2d:6f:99:e5:26:96:a1:d0:99:4a:22:a0:b5:95:af:ed:
9b:f0:b1:45:f3:57:4c:c9:9e:d1:81:6a:0f:60:60:05:17:cc:
49:2a:a5:d5
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzDtwqjrI+nEDUiLeflklexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEzN2MyNGRkY2EzNDdkNzEzZWQ3OTRkMzNjZDRhODFhOGI0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdXfNGKBVEe0m8qfAzSdJ63I5vIK
EiYRBQdAK6tz/42KNErSiYg3yGZZcmmR+JZQNEu+3xLXCEBhTINRDbpf17fJA45z
doMCEoiqoELGwdT+LSzy4flRvZtmFVcDsufIc1m5yQ0Yk4WeIwyWvZeUyX4k7Qhz
qpHqmoUMUn/otSn2sG1swwLZdtTDaX+EhY9al7Iia6KM9f5DpgUCXjnFdX6r+igG
wRsieSUIiBUidKh17M+aoZpWZKwloWlSX2w8W8k4YxEY/ZhdIUrkITqkidnQxyPE
muZSP2hz3VbFZ5uhzEBueTqIoL7Agam9FwxlImfIu7TvDJ7osoLO68UVJQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDijfCTdyjR9cT7XlNM81Kgai0mKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzFlMzNj
My1kMTk3LTQ1ZjItODI4ZS00NGE0OWQyNjM3MDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMWUzM2Mz
LWQxOTctNDVmMi04MjhlLTQ0YTQ5ZDI2MzcwMC8xL09LTjhKTjNLTkgxeFB0ZVUw
enpVcUJxTFNZby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEUR3gAwQCuTQIMA0EAgACMAcDBQMqBMZAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCIojANBgkqhkiG9w0BAQsFAAOCAQEAFgLR
Te+JOC+P74q6HXz5GmMfAJyjymGgcB1kiLugQj8K2of82wfk1dUq9BqaspVmuXWh
yHbaVsSZGUo51kZTwDKbqFAw61QSGVAAJN+TnbxXkYedH7xr1m6pamMGlHCExd2X
hfaJMADXZsa6HqD98taULhj9AmIvN08QXhxMA6BaXE7w0tTbLrRTkf5C7SaENTf1
7FNHYTZhsBAeYhexqs3uC8wMSKMvUHYNLKP5e15EDzr8pXvVd3zC4VDktco3k0NJ
ZM+8WCYB01AL6UQ2kR2+bI88wTAFEngtb5nlJpah0JlKIqC1la/tm/CxRfNXTMme
0YFqD2BgBRfMSSql1Q==
-----END CERTIFICATE-----
Generated at Fri May 3 02:56:12 2024 by rpki-client on console-fra.rpki-client.org