Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
File: Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer (raw, json)
Hash identifier: yjv2TUdEkFeAerWMkdwwVKrRQ7zihM0yxawnxf0Z6n8=
Subject key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC794D021962F2F99066F96DF003A5F1B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:31:07 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 41289
IP: 141.38.0.0/16
IP: 2001:67c:1364::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d0:21:96:2f:2f:99:06:6f:96:df:00:3a:5f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:a2:48:17:14:be:d5:2b:8b:bb:c1:3b:0d:
4b:91:39:32:bb:66:05:8e:5a:73:0f:59:c0:21:63:
58:fd:51:9f:58:72:a8:9e:8b:05:d2:39:22:d8:6d:
51:69:0e:e3:60:24:24:bb:bc:4f:31:00:4c:71:f4:
70:8f:2c:79:43:6b:d7:68:ab:ae:51:b5:55:7a:f4:
17:89:5e:a6:b7:3d:a5:3f:94:57:82:58:cd:e6:f9:
fb:59:ad:62:09:49:2d:f0:f3:46:8e:61:fc:13:0a:
82:8d:eb:f3:ae:fe:43:fb:60:4a:97:31:3b:e7:29:
2b:ac:d8:e8:c9:ec:ce:bb:7a:4d:da:c4:c1:6a:a9:
99:f0:53:a2:fc:16:43:4c:88:53:da:80:84:d3:27:
27:09:a6:21:8f:0b:96:0d:b5:ce:36:9a:d2:36:84:
2f:7f:b3:ea:a0:dd:91:88:98:f1:05:13:72:6b:88:
7b:ad:d4:ac:e7:71:0c:67:7e:36:8b:45:f1:ce:8c:
84:44:5c:de:b6:f0:3c:72:7f:d5:c9:5a:2a:41:b0:
cf:24:56:7a:35:ec:5a:25:e6:c1:c4:da:d7:c9:86:
1f:c7:a8:1f:9f:dd:f4:c5:05:18:0f:6d:51:7a:f1:
2e:fe:9a:ba:68:c0:b2:98:71:9c:f0:29:bb:c4:35:
56:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.38.0.0/16
IPv6:
2001:67c:1364::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41289
Signature Algorithm: sha256WithRSAEncryption
6a:5c:23:73:5b:8f:92:81:85:0f:12:75:8c:34:d4:2e:22:aa:
f7:b6:db:c9:41:0d:cb:b4:af:a8:c0:56:bf:29:94:e2:d2:89:
22:bd:d7:6c:c7:c3:b4:67:9c:cc:ec:d3:93:a5:c8:dd:2e:ff:
29:4f:39:ff:09:17:46:04:20:15:e4:9d:f8:85:25:ff:42:35:
b1:aa:b8:65:ca:2b:45:f7:87:07:fe:6e:38:f6:b8:1a:ac:5f:
68:8f:87:31:5f:fc:8d:aa:0a:46:af:ae:36:c9:c4:1b:62:80:
2e:d5:82:41:78:2d:4e:a8:11:d6:b9:d7:2a:fa:94:58:9d:28:
5d:3c:10:2a:f2:44:33:09:fc:a5:75:b6:03:e6:a0:b0:65:94:
1e:38:15:1f:79:a1:ad:2d:c7:26:38:37:8d:0b:cb:dc:c0:1c:
40:cd:78:5b:cd:43:ff:ac:6e:d5:c8:84:97:e2:b1:58:38:7f:
f8:3d:3c:8e:12:c2:c2:0b:ec:29:75:1f:8f:3a:04:92:b9:70:
d9:38:ba:cb:17:39:b4:a1:86:af:41:83:6f:07:4a:0a:ad:e6:
70:cd:96:e6:3c:68:7a:3f:74:db:d3:38:e1:69:d8:c2:d7:80:
16:db:d7:8d:4c:62:05:7c:35:ea:d2:e6:0b:c7:1c:b1:54:04:
8c:c7:18:98
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzHlNAhli8vmQZvlt8AOl8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjRmZDFhM2EwMjU4ZGNjYTY3ZmM5ZGRkYmY0ZTM2MTU3ZTZhNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsleiSBcUvtUri7vBOw1LkTkyu2YF
jlpzD1nAIWNY/VGfWHKonosF0jki2G1RaQ7jYCQku7xPMQBMcfRwjyx5Q2vXaKuu
UbVVevQXiV6mtz2lP5RXgljN5vn7Wa1iCUkt8PNGjmH8EwqCjevzrv5D+2BKlzE7
5ykrrNjoyezOu3pN2sTBaqmZ8FOi/BZDTIhT2oCE0ycnCaYhjwuWDbXONprSNoQv
f7PqoN2RiJjxBRNya4h7rdSs53EMZ342i0XxzoyERFzetvA8cn/VyVoqQbDPJFZ6
NexaJebBxNrXyYYfx6gfn930xQUYD21RevEu/pq6aMCymHGc8Cm7xDVWvwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFEJP0aOgJY3Mpn/J3dv042FX5qcWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU5LzkxMzc1
Mi1iOGRjLTRkZmYtODY2Ny03NDdiMGU1N2FiNWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvOTEzNzUy
LWI4ZGMtNGRmZi04NjY3LTc0N2IwZTU3YWI1ZS8xL1FrX1JvNkFsamN5bWY4bmQy
X1RqWVZmbXB4WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC8GCCsGAQUF
BwEHAQH/BCAwHjALBAIAATAFAwMAjSYwDwQCAAIwCQMHACABBnwTZDAaBggrBgEF
BQcBCAEB/wQLMAmgBzAFAgMAoUkwDQYJKoZIhvcNAQELBQADggEBAGpcI3Nbj5KB
hQ8SdYw01C4iqve228lBDcu0r6jAVr8plOLSiSK912zHw7RnnMzs05OlyN0u/ylP
Of8JF0YEIBXknfiFJf9CNbGquGXKK0X3hwf+bjj2uBqsX2iPhzFf/I2qCkavrjbJ
xBtigC7VgkF4LU6oEda51yr6lFidKF08ECryRDMJ/KV1tgPmoLBllB44FR95oa0t
xyY4N40Ly9zAHEDNeFvNQ/+sbtXIhJfisVg4f/g9PI4SwsIL7Cl1H486BJK5cNk4
ussXObShhq9Bg28HSgqt5nDNluY8aHo/dNvTOOFp2MLXgBbb141MYgV8NerS5gvH
HLFUBIzHGJg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:50:00 2024 by rpki-client on console-ams.rpki-client.org