Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/P4_xyWZv4ZXySqH-jDRdecSOe8A.cer
File: P4_xyWZv4ZXySqH-jDRdecSOe8A.cer (raw, json)
Hash identifier: Z0BkVt98v3MrKcbs3Vx4Ms+JSYt8+eQTHiCMZIWP494=
Subject key identifier: 3F:8F:F1:C9:66:6F:E1:95:F2:4A:A1:FE:8C:34:5D:79:C4:8E:7B:C0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC500800BA6CE207755B3E7118B335F41
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e7/572ebf-18bb-4c38-a994-fbd361cb8193/1/P4_xyWZv4ZXySqH-jDRdecSOe8A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e7/572ebf-18bb-4c38-a994-fbd361cb8193/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:29:53 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 57312
IP: 91.231.112.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:80:0b:a6:ce:20:77:55:b3:e7:11:8b:33:5f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f8ff1c9666fe195f24aa1fe8c345d79c48e7bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7c:c6:3a:1d:92:5d:24:a3:6f:6a:40:5e:16:
69:4b:07:19:63:a2:0f:d3:e7:8e:63:74:0d:77:58:
27:02:01:38:99:81:bc:e2:0a:f3:b2:78:5b:7d:fa:
54:84:ff:55:4f:31:6b:c1:0a:ef:a4:a1:4d:30:5c:
da:15:24:52:5d:5b:79:64:97:66:1d:5c:c9:4d:4d:
9f:e5:f3:08:9b:62:f6:92:cc:d2:10:25:60:1d:7f:
4b:2a:3e:5b:47:a8:08:91:eb:6c:76:f5:f4:b4:76:
df:b2:7b:73:14:ac:d1:15:f3:f9:69:49:f9:fd:44:
e8:a5:0f:2e:e2:a5:2e:75:9f:77:82:4d:d0:77:75:
4d:06:dd:d0:9b:a0:61:63:1a:0c:27:a2:5c:95:20:
fe:0c:26:7d:2a:f6:97:49:55:74:59:b4:dc:a9:47:
2e:72:53:38:b2:70:ea:50:d6:c0:96:7a:7a:af:07:
62:87:0e:30:02:e1:6f:58:aa:0e:56:8b:3d:06:b8:
6e:97:cb:db:f3:3a:49:a0:f4:f5:5f:46:65:62:3a:
f6:ae:66:eb:3e:f6:c2:83:6f:dc:25:98:d8:dd:8d:
3d:55:af:8f:09:80:49:ce:58:f3:93:6c:8b:e1:95:
18:50:93:92:92:dd:7d:3b:06:40:b6:77:e7:a7:4a:
32:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8F:F1:C9:66:6F:E1:95:F2:4A:A1:FE:8C:34:5D:79:C4:8E:7B:C0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/572ebf-18bb-4c38-a994-fbd361cb8193/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/572ebf-18bb-4c38-a994-fbd361cb8193/1/P4_xyWZv4ZXySqH-jDRdecSOe8A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.112.0/23
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57312
Signature Algorithm: sha256WithRSAEncryption
00:39:7b:79:3f:7e:26:30:9d:78:f7:84:35:0c:b9:87:a6:28:
68:16:b6:25:89:9a:bd:d1:77:ec:0c:78:0c:91:59:17:70:c6:
01:4c:b5:b5:d2:4b:c8:ce:91:ac:e6:4e:b2:13:09:89:9b:fa:
f0:63:1c:df:1d:d2:91:f7:c0:bb:3d:7c:4d:f0:c5:14:d4:c5:
f3:21:cf:23:8e:be:1f:3b:a0:54:87:8a:6b:f2:b0:a2:7a:da:
b5:2c:4f:1c:62:62:a1:92:80:35:06:9d:4d:52:61:b2:35:76:
c2:86:4f:e1:37:69:95:f6:ce:4e:6f:55:be:23:51:44:98:6d:
51:51:b0:db:af:bd:33:4f:87:34:60:71:13:db:46:ea:16:75:
0a:de:03:eb:c0:13:5e:c7:d1:00:75:5a:3f:71:a5:e8:6e:a1:
e3:50:06:ce:e7:38:5a:bc:15:1d:1c:e1:09:33:c6:21:d0:2c:
e1:8f:24:47:fd:df:96:1d:bf:d1:8d:06:e8:99:c2:59:4f:1c:
0e:a5:d4:e1:d6:50:cd:ca:f2:21:1b:65:3f:af:ba:5c:08:be:
46:27:71:61:ff:23:a7:55:2f:48:53:8e:01:14:bf:0e:6a:05:
7e:f8:ed:af:56:c7:34:d5:59:ce:3e:a8:4a:49:24:07:97:5a:
e9:e4:d2:4e
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzFAIALps4gd1Wz5xGLM19BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhmZjFjOTY2NmZlMTk1ZjI0YWExZmU4YzM0NWQ3OWM0OGU3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXzGOh2SXSSjb2pAXhZpSwcZY6IP
0+eOY3QNd1gnAgE4mYG84grzsnhbffpUhP9VTzFrwQrvpKFNMFzaFSRSXVt5ZJdm
HVzJTU2f5fMIm2L2kszSECVgHX9LKj5bR6gIketsdvX0tHbfsntzFKzRFfP5aUn5
/UTopQ8u4qUudZ93gk3Qd3VNBt3Qm6BhYxoMJ6JclSD+DCZ9KvaXSVV0WbTcqUcu
clM4snDqUNbAlnp6rwdihw4wAuFvWKoOVos9Brhul8vb8zpJoPT1X0ZlYjr2rmbr
PvbCg2/cJZjY3Y09Va+PCYBJzljzk2yL4ZUYUJOSkt19OwZAtnfnp0oy+QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFD+P8clmb+GV8kqh/ow0XXnEjnvAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U3LzU3MmVi
Zi0xOGJiLTRjMzgtYTk5NC1mYmQzNjFjYjgxOTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcvNTcyZWJm
LTE4YmItNGMzOC1hOTk0LWZiZDM2MWNiODE5My8xL1A0X3h5V1p2NFpYeVNxSC1q
RFJkZWNTT2U4QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQBW+dwMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDf4DANBgkqhkiG9w0BAQsFAAOCAQEAADl7eT9+JjCdePeENQy5h6YoaBa2JYma
vdF37Ax4DJFZF3DGAUy1tdJLyM6RrOZOshMJiZv68GMc3x3SkffAuz18TfDFFNTF
8yHPI46+HzugVIeKa/KwonratSxPHGJioZKANQadTVJhsjV2woZP4TdplfbOTm9V
viNRRJhtUVGw26+9M0+HNGBxE9tG6hZ1Ct4D68ATXsfRAHVaP3Gl6G6h41AGzuc4
WrwVHRzhCTPGIdAs4Y8kR/3flh2/0Y0G6JnCWU8cDqXU4dZQzcryIRtlP6+6XAi+
RidxYf8jp1UvSFOOARS/DmoFfvjtr1bHNNVZzj6oSkkkB5da6eTSTg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:52:43 2024 by rpki-client on console-fra.rpki-client.org