Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q7iP8e37ZyBmAwJncaquyEuLHrg.cer
File: Q7iP8e37ZyBmAwJncaquyEuLHrg.cer (raw, json)
Hash identifier: pjANKzGtUf5tJSoEAbekIPO29/ykFmQdwK7sxzuDeCU=
Subject key identifier: 43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2BADF09735579C7AF139A9A3F33299
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:35:09 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 212031
IP: 193.163.145.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:ad:f0:97:35:57:9c:7a:f1:39:a9:a3:f3:32:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43b88ff1edfb67206603026771aaaec84b8b1eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:de:c4:b9:dc:fd:a3:1d:aa:5b:b4:b3:da:
2f:5e:cd:9b:db:1f:02:29:e3:a9:b9:6c:05:f1:2d:
6c:d3:5e:db:4f:f4:ee:07:55:1a:59:c4:2d:92:65:
d9:7a:58:7c:b4:01:ed:c0:e8:54:53:1d:c3:c0:08:
90:50:77:70:9f:58:ab:37:a4:78:17:a3:aa:12:40:
6c:c6:c7:61:44:88:85:86:bf:8c:53:de:0d:cf:76:
67:61:58:6a:6a:57:0f:2f:c6:91:ba:99:6c:ca:c0:
c3:ba:d4:34:3c:85:d7:de:bf:44:e0:03:07:f3:82:
31:5b:7f:e8:68:7d:e5:3e:38:93:01:93:51:66:cf:
55:d5:e0:06:45:40:0d:59:b9:f9:91:da:84:41:ef:
ff:f5:00:8b:d0:b2:d7:19:01:ee:07:6c:e9:b0:07:
e8:3c:26:b8:8a:b5:cd:2d:1d:29:8c:d1:63:3b:70:
a7:fd:cc:8f:5b:c9:6f:9e:19:5e:7f:c6:5d:49:f7:
70:44:c2:07:aa:46:4a:20:ae:1d:c4:8c:29:d2:3d:
db:d3:00:c1:5e:09:aa:6f:b9:64:0e:88:9b:55:46:
0c:2d:01:d0:0a:b3:8a:f2:5c:8e:2a:cb:c4:c7:c3:
8f:bd:93:38:4a:8e:fc:33:95:b6:dd:b9:ec:37:d4:
26:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B8:8F:F1:ED:FB:67:20:66:03:02:67:71:AA:AE:C8:4B:8B:1E:B8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/e5c783-436e-46e5-b514-c1be5dc01bbe/1/Q7iP8e37ZyBmAwJncaquyEuLHrg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.145.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212031
Signature Algorithm: sha256WithRSAEncryption
02:f0:6e:f6:bf:7c:f3:b9:92:a1:88:df:94:26:e4:9e:e5:e8:
e0:52:c1:e3:39:20:e3:e3:fc:71:47:c7:f4:d9:62:87:a7:fe:
ac:1b:38:86:6f:e8:f7:4c:ae:4c:0c:5f:9b:db:bf:e3:d1:1e:
15:d0:23:a2:7d:fc:5a:14:3f:78:8c:54:ae:03:66:cc:b1:0b:
72:aa:32:5c:25:2a:71:ad:ee:28:46:fa:81:d5:f6:90:6d:32:
6a:73:09:62:4a:b0:9e:04:e9:88:a5:6f:90:7b:2e:8a:03:43:
00:c1:14:27:43:aa:50:e7:21:b0:56:3c:16:10:d8:aa:1e:71:
f6:02:d4:de:d2:db:e2:0e:15:c1:70:c4:c7:6b:c8:f2:d3:a8:
80:f9:41:e6:ad:62:32:ce:f7:a0:7a:0f:44:0e:ee:e5:f5:42:
d9:28:20:4b:83:ab:94:ca:d3:48:ef:63:91:19:50:23:64:12:
d4:1e:bc:4f:0b:8c:9f:2c:91:2d:0c:4c:6d:3f:a9:4c:93:f1:
dd:39:59:2c:b3:b0:1e:1d:b9:30:39:1c:b4:2f:28:c1:37:81:
16:0e:ab:a6:7b:64:0a:00:d1:0a:91:89:95:3a:41:36:58:d7:
51:4a:af:40:0e:a3:e4:18:63:a1:57:b0:28:39:8e:f7:49:7f:
6e:d2:3a:69
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzKK63wlzVXnHrxOamj8zKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I4OGZmMWVkZmI2NzIwNjYwMzAyNjc3MWFhYWVjODRiOGIxZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2vexLnc/aMdqlu0s9ovXs2b2x8C
KeOpuWwF8S1s017bT/TuB1UaWcQtkmXZelh8tAHtwOhUUx3DwAiQUHdwn1irN6R4
F6OqEkBsxsdhRIiFhr+MU94Nz3ZnYVhqalcPL8aRuplsysDDutQ0PIXX3r9E4AMH
84IxW3/oaH3lPjiTAZNRZs9V1eAGRUANWbn5kdqEQe//9QCL0LLXGQHuB2zpsAfo
PCa4irXNLR0pjNFjO3Cn/cyPW8lvnhlef8ZdSfdwRMIHqkZKIK4dxIwp0j3b0wDB
Xgmqb7lkDoibVUYMLQHQCrOK8lyOKsvEx8OPvZM4So78M5W23bnsN9QmmwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEO4j/Ht+2cgZgMCZ3GqrshLix64MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JmL2U1Yzc4
My00MzZlLTQ2ZTUtYjUxNC1jMWJlNWRjMDFiYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYvZTVjNzgz
LTQzNmUtNDZlNS1iNTE0LWMxYmU1ZGMwMWJiZS8xL1E3aVA4ZTM3WnlCbUF3Sm5j
YXF1eUV1TEhyZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwaORMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwM8PzANBgkqhkiG9w0BAQsFAAOCAQEAAvBu9r9887mSoYjflCbknuXo4FLB4zkg
4+P8cUfH9Nlih6f+rBs4hm/o90yuTAxfm9u/49EeFdAjon38WhQ/eIxUrgNmzLEL
cqoyXCUqca3uKEb6gdX2kG0yanMJYkqwngTpiKVvkHsuigNDAMEUJ0OqUOchsFY8
FhDYqh5x9gLU3tLb4g4VwXDEx2vI8tOogPlB5q1iMs73oHoPRA7u5fVC2SggS4Or
lMrTSO9jkRlQI2QS1B68TwuMnyyRLQxMbT+pTJPx3TlZLLOwHh25MDkctC8owTeB
Fg6rpntkCgDRCpGJlTpBNljXUUqvQA6j5BhjoVewKDmO90l/btI6aQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:49:50 2024 by rpki-client on console-ams.rpki-client.org