Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
File: QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer (raw, json)
Hash identifier: SosuuBVqAWU7SI/jU93UbucJ2LPx04Z2Kxc0bIXdvnI=
Subject key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3489587B4B7A9206B0BBFB96E31E6BB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:29:23 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.235.8.0/22
IP: 185.18.36.0/22
IP: 185.93.200.0/22
IP: 2a05:fa40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:95:87:b4:b7:a9:20:6b:0b:bf:b9:6e:31:e6:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:eb:ef:6c:70:f4:bd:46:48:9e:3f:41:9f:
be:c8:77:41:b1:2f:f0:77:70:0c:25:cb:43:08:1f:
98:69:f0:85:8b:84:d0:09:48:ee:d8:6b:89:7a:be:
77:b0:01:04:cb:89:56:90:08:9e:db:86:d4:f8:ca:
b4:be:86:31:20:3c:7f:78:fc:40:16:fe:ed:b2:15:
0c:80:ed:ec:36:75:3e:39:39:56:3c:e2:e5:34:a1:
66:8e:58:42:7b:4e:e6:af:54:8b:48:3e:a2:ae:fc:
30:df:f3:f3:ce:e8:cf:77:a4:f0:88:0d:c7:96:d2:
7e:7f:ca:0f:f7:ae:e6:df:c7:a2:e7:6a:68:ca:dd:
7d:39:6e:ae:73:bc:ba:fa:ab:f2:ce:ed:c4:b6:6c:
bb:13:8b:8e:33:22:51:49:b1:b0:35:fb:39:c8:84:
86:47:1e:94:40:4d:de:03:d3:ca:47:cb:e5:f1:c4:
ea:60:58:92:07:f4:46:a1:3a:a6:c4:6e:01:82:55:
10:7a:ff:7e:7a:e6:f4:90:26:d2:71:43:2e:50:87:
8f:13:5c:d9:d2:20:16:a0:69:1f:10:44:9e:1d:ab:
9a:13:5a:a2:84:c2:af:13:6e:64:f2:8b:cb:ea:6e:
5f:42:0e:a7:c1:fa:b7:3c:15:0b:82:a8:39:45:85:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.8.0/22
185.18.36.0/22
185.93.200.0/22
IPv6:
2a05:fa40::/29
Signature Algorithm: sha256WithRSAEncryption
80:d9:5a:87:2e:6e:74:82:e1:90:2e:d6:d6:e4:a0:f2:d0:c5:
fe:02:df:01:fb:e7:22:0b:cd:fe:70:3e:5d:22:d8:34:98:e4:
36:a0:06:0d:1a:56:67:b6:f1:64:c2:ef:4a:38:25:70:ea:26:
36:ea:79:d6:c7:5f:dc:7c:2c:35:64:bb:aa:8c:e6:74:8c:70:
6d:80:35:6b:6f:62:8e:95:12:30:86:82:d9:87:a8:4f:3d:de:
a9:2d:4e:d6:0d:0b:b6:30:97:0b:47:52:b1:8c:58:9b:59:5f:
ef:b8:79:a8:28:7b:34:27:e6:ed:97:b9:4d:9e:fb:38:a3:a6:
aa:00:fa:62:5c:08:b8:87:77:4c:fa:27:88:14:c8:87:3a:85:
db:06:da:9a:c4:8d:0f:ba:11:6f:74:4f:dc:a7:71:13:41:c9:
6e:61:0d:38:ff:54:4c:12:f1:f1:7a:a2:a2:cd:cb:f9:82:eb:
7c:1c:91:b7:c3:ef:84:6c:99:cc:56:6b:28:87:66:d5:e6:98:
9e:59:78:74:53:ea:ca:0e:66:ac:8c:c2:96:3f:30:28:5c:8e:
29:16:d6:06:18:79:f7:c6:13:0d:7e:31:07:68:c6:2e:11:68:
a2:b4:56:4f:06:19:cd:8e:67:14:fd:ff:f4:30:41:2a:1f:20:
af:de:a9:51
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzDSJWHtLepIGsLv7luMea7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVjMTBmODRkYzIyOTM3ZWY2ZDE1ZWI3MWJiYjRhNTMwODE2MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp13r72xw9L1GSJ4/QZ++yHdBsS/w
d3AMJctDCB+YafCFi4TQCUju2GuJer53sAEEy4lWkAie24bU+Mq0voYxIDx/ePxA
Fv7tshUMgO3sNnU+OTlWPOLlNKFmjlhCe07mr1SLSD6irvww3/PzzujPd6TwiA3H
ltJ+f8oP967m38ei52poyt19OW6uc7y6+qvyzu3Etmy7E4uOMyJRSbGwNfs5yISG
Rx6UQE3eA9PKR8vl8cTqYFiSB/RGoTqmxG4BglUQev9+eub0kCbScUMuUIePE1zZ
0iAWoGkfEESeHauaE1qihMKvE25k8ovL6m5fQg6nwfq3PBULgqg5RYWYDwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFEFcEPhNwik3720V63G7tKUwgWK/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA2LzVjNTdl
Ny03YmE4LTRhNjItOGQxNS1jNmI2ZmQxMmNlMjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvNWM1N2U3
LTdiYTgtNGE2Mi04ZDE1LWM2YjZmZDEyY2UyNy8xL1FWd1EtRTNDS1RmdmJSWHJj
YnUwcFRDQllyOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQCW+sIAwQCuRIkAwQCuV3IMA0EAgACMAcDBQMq
BfpAMA0GCSqGSIb3DQEBCwUAA4IBAQCA2VqHLm50guGQLtbW5KDy0MX+At8B++ci
C83+cD5dItg0mOQ2oAYNGlZntvFkwu9KOCVw6iY26nnWx1/cfCw1ZLuqjOZ0jHBt
gDVrb2KOlRIwhoLZh6hPPd6pLU7WDQu2MJcLR1KxjFibWV/vuHmoKHs0J+btl7lN
nvs4o6aqAPpiXAi4h3dM+ieIFMiHOoXbBtqaxI0PuhFvdE/cp3ETQcluYQ04/1RM
EvHxeqKizcv5gut8HJG3w++EbJnMVmsoh2bV5pieWXh0U+rKDmasjMKWPzAoXI4p
FtYGGHn3xhMNfjEHaMYuEWiitFZPBhnNjmcU/f/0MEEqHyCv3qlR
-----END CERTIFICATE-----
Generated at Fri May 3 09:06:31 2024 by rpki-client on console-ams.rpki-client.org