Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
File: PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer (raw, json)
Hash identifier: Ec3YpmXQuBs+OsQ9QNUfR8FIyJFSAhi0AnIB3i7Jb3k=
Subject key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9BCCBE0991DE138AE513972140514AC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:34:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35492
IP: 78.41.112.0/21
IP: 185.194.20.0/22
IP: 193.238.156.0/22
IP: 2a02:60::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cb:e0:99:1d:e1:38:ae:51:39:72:14:05:14:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:9b:52:c0:01:56:c8:04:0c:03:12:28:e4:
28:a3:08:31:41:65:e3:e6:51:c0:6e:4a:96:41:b4:
0e:52:46:cf:d2:a8:1e:e5:92:26:6a:f6:3d:38:ff:
61:66:88:3a:0b:ab:c9:2b:b5:28:e6:9c:cc:f6:6f:
9d:c7:2c:c0:7f:6d:09:32:8f:af:2e:cd:a0:a9:cf:
7b:e8:39:33:23:6d:90:3f:2e:7a:6a:97:bb:b7:72:
da:fc:5c:b3:94:c9:23:4a:44:06:73:fc:1c:6e:d1:
ec:00:60:75:dd:78:63:0a:b8:69:6e:af:0a:b2:75:
20:d1:a8:b5:0f:b3:b4:4e:eb:67:df:ff:ef:ba:70:
a4:13:f3:20:18:56:61:93:05:da:b0:26:cd:1b:66:
73:09:c8:51:b3:ba:1d:a3:91:13:97:b9:0b:dd:f8:
51:db:d6:ec:77:c3:db:64:db:a0:9a:e5:a6:2b:53:
ed:e4:09:f8:41:c6:65:f0:93:5b:38:68:56:00:1b:
11:23:64:ba:ca:4e:4c:c0:56:0d:82:98:c0:d2:e8:
bf:0c:0e:d7:a2:99:9c:50:0a:53:d9:af:47:dd:eb:
0f:37:aa:62:d8:31:e3:c3:e1:31:f1:44:1f:6a:b5:
56:d7:0d:b7:36:76:59:2f:90:88:dc:a2:88:a9:bf:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.112.0/21
185.194.20.0/22
193.238.156.0/22
IPv6:
2a02:60::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35492
Signature Algorithm: sha256WithRSAEncryption
2a:08:3d:ff:ba:5b:5b:06:51:f9:a4:b3:d5:28:41:60:bf:1e:
36:a1:3a:c2:54:93:e3:56:7b:8c:ed:58:88:dd:22:e8:db:6f:
1a:1c:58:d0:cd:84:2f:96:dc:e2:86:5a:c4:1a:b7:cd:53:57:
13:07:b9:5a:54:f6:25:e6:93:1d:21:b8:1a:4c:4c:fe:1c:d2:
25:61:e0:01:a3:0c:9c:48:0d:90:16:80:de:16:27:94:13:e2:
4f:95:d1:62:01:de:13:77:bf:a2:bf:54:fd:89:35:17:8e:2c:
5a:46:9d:9d:2f:43:3d:9e:67:99:02:a1:55:4c:7a:19:37:f4:
ff:df:e2:5d:6a:7c:aa:e6:79:87:55:83:d9:4d:ff:e4:ca:2b:
b3:48:ce:a3:f4:c2:66:b1:f7:fe:95:aa:ac:a2:ec:00:90:5f:
cf:7a:5b:10:b4:6a:e8:ec:9b:30:28:9e:c8:a4:6b:5b:2b:db:
2d:95:e7:7b:68:72:9a:24:bd:a3:ab:6d:0c:3d:19:f0:53:65:
52:ba:d6:54:3e:40:8e:c0:61:10:b7:ff:6a:bb:71:99:19:76:
45:09:81:47:3d:da:61:09:2d:ea:97:5d:e2:4f:ae:fc:ff:56:
bc:5f:d1:c5:6d:34:d1:62:01:df:78:d4:0a:13:6c:c1:df:40:
d9:d1:6f:a3
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYzJvMvgmR3hOK5ROXIUBRSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwZjFmNjU2M2RlNDNhMTFkMzY0NDk3NTY2N2MxYzI4ZTc5NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq42bUsABVsgEDAMSKOQoowgxQWXj
5lHAbkqWQbQOUkbP0qge5ZImavY9OP9hZog6C6vJK7Uo5pzM9m+dxyzAf20JMo+v
Ls2gqc976DkzI22QPy56ape7t3La/FyzlMkjSkQGc/wcbtHsAGB13XhjCrhpbq8K
snUg0ai1D7O0Tutn3//vunCkE/MgGFZhkwXasCbNG2ZzCchRs7odo5ETl7kL3fhR
29bsd8PbZNugmuWmK1Pt5An4QcZl8JNbOGhWABsRI2S6yk5MwFYNgpjA0ui/DA7X
opmcUApT2a9H3esPN6pi2DHjw+Ex8UQfarVW1w23NnZZL5CI3KKIqb/T0QIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFD1w8fZWPeQ6EdNkSXVmfBwo55WeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzZjMDc1
ZS02MjYzLTRmZjMtYTI2ZC04ZDMyMjIwNzE1ZWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNmMwNzVl
LTYyNjMtNGZmMy1hMjZkLThkMzIyMjA3MTVlZS8xL1BYRHg5bFk5NURvUjAyUkpk
V1o4SENqbmxaNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDTilwAwQCucIUAwQCwe6cMA0EAgACMAcDBQMq
AgBgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCKpDANBgkqhkiG9w0BAQsFAAOC
AQEAKgg9/7pbWwZR+aSz1ShBYL8eNqE6wlST41Z7jO1YiN0i6NtvGhxY0M2EL5bc
4oZaxBq3zVNXEwe5WlT2JeaTHSG4GkxM/hzSJWHgAaMMnEgNkBaA3hYnlBPiT5XR
YgHeE3e/or9U/Yk1F44sWkadnS9DPZ5nmQKhVUx6GTf0/9/iXWp8quZ5h1WD2U3/
5Mors0jOo/TCZrH3/pWqrKLsAJBfz3pbELRq6OybMCieyKRrWyvbLZXne2hymiS9
o6ttDD0Z8FNlUrrWVD5AjsBhELf/artxmRl2RQmBRz3aYQkt6pdd4k+u/P9WvF/R
xW000WIB33jUChNswd9A2dFvow==
-----END CERTIFICATE-----
Generated at Fri May 3 07:32:46 2024 by rpki-client on console-fra.rpki-client.org