Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/S3DLCl46TlMIm1HemjcKXyM4dMY.cer
File: S3DLCl46TlMIm1HemjcKXyM4dMY.cer (raw, json)
Hash identifier: 0o4WWerf7UgQinZgUSXf3OAvUZGG20wzShKmLFTX2ZE=
Subject key identifier: 4B:70:CB:0A:5E:3A:4E:53:08:9B:51:DE:9A:37:0A:5F:23:38:74:C6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DCA4F2C50ABA55EDC6B2628ACE79E5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/S3DLCl46TlMIm1HemjcKXyM4dMY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:30:20 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 192.54.192.0/22
IP: 2a00:7e40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a4:f2:c5:0a:ba:55:ed:c6:b2:62:8a:ce:79:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b70cb0a5e3a4e53089b51de9a370a5f233874c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:19:3f:d8:2b:92:22:55:1d:3d:21:d4:92:14:
bb:ce:1e:b2:4d:85:e0:0f:c4:9b:ba:96:e2:6e:a7:
47:78:4b:a1:c0:86:4e:28:99:ad:ab:6e:53:44:0e:
1c:fe:2e:07:4e:84:94:fb:c3:7e:c6:b6:c8:d5:6d:
19:89:17:7b:8f:16:f9:2f:39:6d:b3:b4:ca:81:c7:
1a:c1:4f:46:65:d2:5c:e4:ef:ce:da:93:de:a7:2e:
8c:57:e1:fb:ef:94:59:bc:a1:6b:dc:35:f7:16:b7:
90:4e:53:d1:6c:d4:93:7b:a7:4a:f4:d3:b7:df:53:
3b:e2:72:2e:56:e1:2b:71:b5:50:30:e2:7b:d4:db:
45:d5:1b:13:48:c4:74:9a:b2:ab:72:cb:55:49:9c:
ba:5b:41:b1:a0:ef:28:0c:f2:f5:4f:61:a7:35:77:
94:33:1d:c0:ea:a6:aa:c1:b0:9d:df:2f:c1:d3:5e:
ea:64:90:5e:83:a0:5f:54:bf:49:7d:ee:ad:46:8c:
bd:0b:98:61:57:4f:f5:a8:89:4b:4a:7c:e8:bc:9d:
31:55:59:62:60:8f:7c:a8:fd:83:55:a6:6f:66:34:
61:53:0c:26:a5:89:31:0a:44:58:dd:45:6a:e0:fe:
cf:42:d9:93:3e:cc:ff:70:08:f8:38:6b:f2:45:02:
30:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:70:CB:0A:5E:3A:4E:53:08:9B:51:DE:9A:37:0A:5F:23:38:74:C6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/S3DLCl46TlMIm1HemjcKXyM4dMY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.54.192.0/22
IPv6:
2a00:7e40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:3a:5f:5c:35:48:85:38:70:2c:34:ac:83:9f:34:e9:32:61:
db:1c:ab:c6:10:a4:d6:ce:06:e3:0d:83:18:f8:da:4c:4b:34:
62:9c:8a:b5:75:b0:f3:2e:95:25:47:f3:47:7b:33:fe:e8:92:
3c:9d:e3:1b:18:55:a5:c7:bb:74:ad:4f:ca:29:48:d0:a3:f1:
5c:67:0d:0d:dc:ef:ed:60:79:f6:07:a0:5a:04:55:f4:63:ec:
18:bc:33:e2:da:0f:fc:9a:e4:90:b5:7e:c6:77:5c:58:62:32:
62:31:bd:b5:74:06:97:26:67:35:8b:e2:45:9d:7a:62:5c:65:
32:1c:6b:20:ec:51:44:11:ba:de:ff:02:f6:c9:d2:dd:94:ad:
8b:ab:15:06:08:22:7a:2d:55:ce:47:44:ee:2b:3c:e3:4a:6c:
6e:cb:ff:df:8f:2a:50:b2:a6:0b:b7:f3:95:a6:ec:e9:5b:a8:
7d:bc:fb:a5:b6:4a:c4:38:f6:b9:67:19:3f:3e:3c:32:85:10:
68:25:29:94:6b:ec:bd:6e:6e:22:09:5d:cb:f6:6f:64:00:21:
b2:99:50:60:65:51:d1:71:10:e6:6e:99:a6:a8:56:4e:59:92:
44:89:12:97:02:61:23:95:09:d0:93:de:e1:5e:ba:80:0b:05:
cd:e9:1c:a1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzF3KTyxQq6Ve3GsmKKznnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcwY2IwYTVlM2E0ZTUzMDg5YjUxZGU5YTM3MGE1ZjIzMzg3NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohk/2CuSIlUdPSHUkhS7zh6yTYXg
D8SbupbibqdHeEuhwIZOKJmtq25TRA4c/i4HToSU+8N+xrbI1W0ZiRd7jxb5Lzlt
s7TKgccawU9GZdJc5O/O2pPepy6MV+H775RZvKFr3DX3FreQTlPRbNSTe6dK9NO3
31M74nIuVuErcbVQMOJ71NtF1RsTSMR0mrKrcstVSZy6W0GxoO8oDPL1T2GnNXeU
Mx3A6qaqwbCd3y/B017qZJBeg6BfVL9Jfe6tRoy9C5hhV0/1qIlLSnzovJ0xVVli
YI98qP2DVaZvZjRhUwwmpYkxCkRY3UVq4P7PQtmTPsz/cAj4OGvyRQIwgwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFEtwywpeOk5TCJtR3po3Cl8jOHTGMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc1LzA0ZTIy
ZS1lNTU1LTRlY2UtODVjZi1jZTU5NTIyZWY2NmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvMDRlMjJl
LWU1NTUtNGVjZS04NWNmLWNlNTk1MjJlZjY2Zi8xL1MzRExDbDQ2VGxNSW0xSGVt
amNLWHlNNGRNWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCwDbAMA0EAgACMAcDBQMqAH5AMA0GCSqGSIb3
DQEBCwUAA4IBAQCOOl9cNUiFOHAsNKyDnzTpMmHbHKvGEKTWzgbjDYMY+NpMSzRi
nIq1dbDzLpUlR/NHezP+6JI8neMbGFWlx7t0rU/KKUjQo/FcZw0N3O/tYHn2B6Ba
BFX0Y+wYvDPi2g/8muSQtX7Gd1xYYjJiMb21dAaXJmc1i+JFnXpiXGUyHGsg7FFE
Ebre/wL2ydLdlK2LqxUGCCJ6LVXOR0TuKzzjSmxuy//fjypQsqYLt/OVpuzpW6h9
vPultkrEOPa5Zxk/PjwyhRBoJSmUa+y9bm4iCV3L9m9kACGymVBgZVHRcRDmbpmm
qFZOWZJEiRKXAmEjlQnQk97hXrqACwXN6Ryh
-----END CERTIFICATE-----
Generated at Fri May 3 01:45:14 2024 by rpki-client on console-ams.rpki-client.org