Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer
File: PS0a2mFMaOF0xN7fVZlqlUMW6uY.cer (raw, json)
Hash identifier: R4cKQhJxvu9Pdx10dwehiyK11qwCyY+itHNGoKN6YiM=
Subject key identifier: 3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC726E6D9B693D6951A9AE1262AC7F988
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:04 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 208890
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e6:d9:b6:93:d6:95:1a:9a:e1:26:2a:c7:f9:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d2d1ada614c68e174c4dedf55996a954316eae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:38:86:a9:ca:da:b6:03:a0:d8:14:d8:f9:91:
7b:19:49:ba:ef:40:17:c6:d5:1c:5a:f9:36:f3:93:
d8:7a:0d:52:bd:3d:3e:ef:9f:0a:d2:82:d8:9c:eb:
40:4b:f1:e3:a8:4e:21:a6:29:43:19:4b:6e:3a:64:
58:1a:43:12:7b:cc:4a:a9:77:e4:cd:1b:71:ef:33:
bd:28:91:34:a2:78:d3:60:c2:d9:99:ec:12:f2:a6:
16:e6:ae:d8:f4:27:6e:ab:0c:5d:fb:c0:4b:a7:2d:
94:e5:84:00:c1:5c:c7:ec:ab:29:65:95:14:b9:a4:
78:c3:00:6f:4a:4f:4d:40:c6:7c:bb:d6:f4:b6:ae:
01:65:71:ae:27:9d:14:ce:62:e4:f0:e3:f4:db:2d:
e4:d4:cb:ad:b1:fc:a2:6e:11:e1:4f:9e:fe:d1:9d:
bb:1e:7d:e8:0e:b4:02:64:dd:4e:92:e5:40:46:24:
13:d6:a3:6a:75:2e:da:f4:65:4d:8b:80:ec:f5:80:
3d:b8:2d:60:c6:81:da:9c:85:77:ee:6c:20:0d:ad:
bf:3f:a0:a6:de:48:fe:b4:27:e1:41:95:4c:0e:79:
72:72:71:ac:e0:ec:0b:5d:3b:80:31:28:d6:95:b4:
8b:05:91:bd:0d:4c:fd:2f:2f:b8:7b:32:6a:7b:af:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2D:1A:DA:61:4C:68:E1:74:C4:DE:DF:55:99:6A:95:43:16:EA:E6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/fcbfd7-d785-4b06-88c5-486cae041e0e/1/PS0a2mFMaOF0xN7fVZlqlUMW6uY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208890
Signature Algorithm: sha256WithRSAEncryption
7c:cc:24:79:ca:f1:77:bb:22:91:59:48:e7:ac:b8:c7:54:5f:
ae:44:28:b8:a0:3e:15:47:cb:89:00:7b:28:11:44:75:07:4b:
82:ef:17:b5:0f:87:f8:96:36:02:7b:c7:02:76:42:da:2d:1f:
68:e6:2f:6e:9d:0e:a8:b2:3f:a0:88:d1:28:55:ce:cf:d9:30:
6c:19:64:c6:2e:a3:44:4f:7b:be:e9:4b:4f:52:0b:ca:d6:98:
51:c1:aa:80:fa:11:0d:4c:b1:32:a8:68:e4:ec:b0:d1:57:23:
cb:35:c0:be:bd:95:ea:c3:bc:d6:60:0e:52:44:83:96:61:a0:
76:34:43:10:c3:7e:64:f0:0d:75:0d:92:a2:3f:ca:cc:45:7b:
8f:fa:69:c6:49:1f:39:0c:37:25:24:99:a7:29:f6:ab:db:31:
8b:61:64:ac:c1:ea:c5:2c:dc:86:5d:6a:be:63:33:d8:ff:4a:
9e:d5:69:dd:91:6c:30:3c:70:d5:9e:20:de:71:88:53:e0:ef:
c0:1e:f3:ca:db:9a:6e:a0:4d:21:25:cf:e4:38:e5:62:20:be:
8e:8d:03:cf:a9:59:73:9b:b5:06:fe:2c:11:5b:89:69:5b:d6:
1e:de:02:7c:bd:02:37:75:48:98:05:c7:d7:02:07:e6:59:91:
35:82:78:72
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYzHJubZtpPWlRqa4SYqx/mIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJkMWFkYTYxNGM2OGUxNzRjNGRlZGY1NTk5NmE5NTQzMTZlYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDiGqcratgOg2BTY+ZF7GUm670AX
xtUcWvk285PYeg1SvT0+758K0oLYnOtAS/HjqE4hpilDGUtuOmRYGkMSe8xKqXfk
zRtx7zO9KJE0onjTYMLZmewS8qYW5q7Y9Cduqwxd+8BLpy2U5YQAwVzH7KspZZUU
uaR4wwBvSk9NQMZ8u9b0tq4BZXGuJ50UzmLk8OP02y3k1MutsfyibhHhT57+0Z27
Hn3oDrQCZN1OkuVARiQT1qNqdS7a9GVNi4Ds9YA9uC1gxoHanIV37mwgDa2/P6Cm
3kj+tCfhQZVMDnlycnGs4OwLXTuAMSjWlbSLBZG9DUz9Ly+4ezJqe69E2wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFD0tGtphTGjhdMTe31WZapVDFurmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkL2ZjYmZk
Ny1kNzg1LTRiMDYtODhjNS00ODZjYWUwNDFlMGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvZmNiZmQ3
LWQ3ODUtNGIwNi04OGM1LTQ4NmNhZTA0MWUwZS8xL1BTMGEybUZNYU9GMHhON2ZW
WmxxbFVNVzZ1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMv+jANBgkqhkiG9w0BAQsFAAOCAQEAfMwkecrxd7si
kVlI56y4x1RfrkQouKA+FUfLiQB7KBFEdQdLgu8XtQ+H+JY2AnvHAnZC2i0faOYv
bp0OqLI/oIjRKFXOz9kwbBlkxi6jRE97vulLT1ILytaYUcGqgPoRDUyxMqho5Oyw
0VcjyzXAvr2V6sO81mAOUkSDlmGgdjRDEMN+ZPANdQ2Soj/KzEV7j/ppxkkfOQw3
JSSZpyn2q9sxi2FkrMHqxSzchl1qvmMz2P9KntVp3ZFsMDxw1Z4g3nGIU+DvwB7z
ytuabqBNISXP5DjlYiC+jo0Dz6lZc5u1Bv4sEVuJaVvWHt4CfL0CN3VImAXH1wIH
5lmRNYJ4cg==
-----END CERTIFICATE-----
Generated at Fri May 3 10:13:02 2024 by rpki-client on console-fra.rpki-client.org