Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
File: PBuDiIaW_ERHjGk9bngD6VFiUOY.cer (raw, json)
Hash identifier: x/E088UHFMRK1v4j3JGhGyJhB7GCi/Ys+Cx+d7A3HOs=
Subject key identifier: 3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DF7FAE22E1C8773D1D19ABBB5AB0A8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:32:19 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 216442
IP: 185.51.172.0/22
IP: 2a01:b2a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7f:ae:22:e1:c8:77:3d:1d:19:ab:bb:5a:b0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c1b83888696fc44478c693d6e7803e9516250e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:66:21:23:be:f9:1d:0e:1c:df:a3:07:8c:
03:69:25:00:ae:ea:9e:20:56:1b:5d:aa:f5:8c:0d:
c6:0c:f1:c1:7f:7c:e8:f3:d2:cc:cc:33:f6:fc:22:
af:27:91:32:00:f1:0a:b9:f1:c4:8c:0d:36:01:6e:
22:4d:6b:1c:72:aa:12:a5:ec:1a:b2:89:5d:05:17:
29:a8:f3:87:1b:69:3f:fd:0c:21:4f:f3:f4:c5:d0:
7f:8d:ba:83:72:f7:cb:cd:42:76:9b:79:39:49:06:
7d:26:d5:f1:9e:7f:7d:5c:56:ca:1d:b3:05:58:e4:
08:66:58:42:16:6f:02:02:bd:74:7f:42:46:f0:e1:
a9:85:fd:d0:d9:13:d3:82:ec:12:e9:fa:50:7e:7b:
f1:ac:1a:8a:2d:07:1c:09:0d:ef:db:01:bc:32:09:
95:91:f3:e3:e5:fe:08:19:4b:b7:03:1a:a1:f7:7f:
60:5f:cf:f6:d9:ea:4f:8f:4a:de:66:80:41:f1:5f:
6c:81:9f:1e:37:a6:11:f9:ac:0f:09:22:a6:55:f7:
86:9c:d2:33:89:ea:44:ec:9d:f6:ad:0f:f8:6a:cd:
44:2e:e4:9f:6e:4e:68:91:29:29:71:76:fc:07:e6:
58:b4:1c:8d:b5:20:4f:8f:0e:a9:23:55:6c:e4:bf:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.172.0/22
IPv6:
2a01:b2a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
216442
Signature Algorithm: sha256WithRSAEncryption
33:66:ce:b9:3d:1e:ee:51:0d:fc:f2:e0:a7:1b:28:1b:1c:45:
e0:1d:da:50:c3:9b:9e:2e:a8:47:71:fb:e4:75:40:6f:bb:e3:
f1:95:e9:bd:33:ab:a0:2b:6d:d8:88:74:db:4f:18:ca:03:db:
7c:ae:e7:69:cd:80:ef:c8:ac:bf:ff:f2:01:cc:de:d1:fd:85:
52:fe:d4:b4:30:2b:49:16:14:74:52:3f:b7:3d:b4:61:52:02:
68:c2:b1:71:7f:64:b3:a8:a9:87:d9:ed:79:69:61:04:ee:65:
1f:bf:25:f6:8a:e6:48:6d:e8:e5:b9:94:54:8d:15:11:cd:bb:
69:c5:f3:48:1f:ad:69:5c:27:eb:7c:f8:21:c7:0c:40:87:0f:
e2:ed:6b:c2:7f:1c:ad:f2:a5:a2:0c:57:7b:96:d4:6f:e6:0c:
20:33:44:f8:30:b6:43:f8:ad:a9:45:0f:bf:37:d0:6b:b8:59:
2f:dc:d1:47:5f:7a:21:7b:84:78:9c:7b:78:c3:eb:d5:df:03:
c2:74:19:7c:cf:ce:65:00:a4:d8:1a:9a:36:ab:89:94:c4:d8:
93:8c:e8:97:60:a4:80:60:71:bb:45:c7:87:6c:79:30:a5:aa:
7e:d0:f4:3f:1d:18:aa:0a:b4:b3:5f:52:c9:73:49:e2:f4:5b:
28:24:a3:9e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzI33+uIuHIdz0dGau7WrCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFiODM4ODg2OTZmYzQ0NDc4YzY5M2Q2ZTc4MDNlOTUxNjI1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycJmISO++R0OHN+jB4wDaSUAruqe
IFYbXar1jA3GDPHBf3zo89LMzDP2/CKvJ5EyAPEKufHEjA02AW4iTWsccqoSpewa
soldBRcpqPOHG2k//QwhT/P0xdB/jbqDcvfLzUJ2m3k5SQZ9JtXxnn99XFbKHbMF
WOQIZlhCFm8CAr10f0JG8OGphf3Q2RPTguwS6fpQfnvxrBqKLQccCQ3v2wG8MgmV
kfPj5f4IGUu3Axqh939gX8/22epPj0reZoBB8V9sgZ8eN6YR+awPCSKmVfeGnNIz
iepE7J32rQ/4as1ELuSfbk5okSkpcXb8B+ZYtByNtSBPjw6pI1Vs5L8JmwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDwbg4iGlvxER4xpPW54A+lRYlDmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2L2Q1NTY4
My1mZWMyLTQ3ZmQtYWM2ZS05ZTgyZGE3MzE1Y2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvZDU1Njgz
LWZlYzItNDdmZC1hYzZlLTllODJkYTczMTVjZi8xL1BCdURpSWFXX0VSSGpHazli
bmdENlZGaVVPWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTOsMA0EAgACMAcDBQAqAbKgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNNejANBgkqhkiG9w0BAQsFAAOCAQEAM2bOuT0e7lEN
/PLgpxsoGxxF4B3aUMObni6oR3H75HVAb7vj8ZXpvTOroCtt2Ih0208YygPbfK7n
ac2A78isv//yAcze0f2FUv7UtDArSRYUdFI/tz20YVICaMKxcX9ks6iph9nteWlh
BO5lH78l9ormSG3o5bmUVI0VEc27acXzSB+taVwn63z4IccMQIcP4u1rwn8crfKl
ogxXe5bUb+YMIDNE+DC2Q/itqUUPvzfQa7hZL9zRR196IXuEeJx7eMPr1d8DwnQZ
fM/OZQCk2BqaNquJlMTYk4zol2CkgGBxu0XHh2x5MKWqftD0Px0Yqgq0s19SyXNJ
4vRbKCSjng==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:15:37 2024 by rpki-client on console-ams.rpki-client.org