Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer
File: TOSIxkAcj16WnhXWRlH7Sy0tzfc.cer (raw, json)
Hash identifier: 40ixjJNO6DSRRalCVWSJxdGu/dO2OuDmje8gUcXrM24=
Subject key identifier: 4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2A357BCA66CD1C38D166CAE9955E91
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/TOSIxkAcj16WnhXWRlH7Sy0tzfc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 51735
IP: 91.220.78.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:35:7b:ca:66:cd:1c:38:d1:66:ca:e9:95:5e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ce488c6401c8f5e969e15d64651fb4b2d2dcdf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c3:b7:8e:40:77:bb:d5:4b:54:08:2d:50:bc:
e3:bc:ba:15:a2:e0:4e:a0:be:a1:ae:3d:e7:98:57:
b8:1f:5c:66:37:5f:19:8f:4a:6d:53:7c:27:e9:08:
f7:0e:8d:8b:53:2d:74:be:46:41:8c:20:9a:0b:60:
b5:a2:7a:ae:a7:d6:0c:d5:8a:61:c7:11:04:09:e4:
e2:78:cc:04:e3:de:5a:b3:a8:89:ff:18:eb:eb:b1:
45:2e:46:3a:77:ff:89:30:3d:1b:3f:ca:01:95:e9:
e6:b3:a9:f7:a5:35:c7:4a:32:74:e0:5a:c8:f6:4e:
b9:f4:80:e6:a0:c1:71:5f:61:f3:44:e6:f6:69:d0:
88:c1:ac:61:db:77:21:b8:b0:cf:ca:c6:6d:37:4d:
c2:eb:9c:e1:b6:55:75:5a:59:73:44:04:c1:66:74:
fe:d5:a0:71:a1:3a:d8:8a:65:b0:42:0c:04:7a:55:
6c:cf:74:80:2a:69:2f:7f:3e:c8:9c:0f:3c:71:7a:
96:b3:0b:1a:95:0d:1e:b5:33:b6:24:ae:c5:13:d8:
52:bc:8e:d7:54:48:3b:2e:8e:77:cd:62:d3:51:cd:
01:d5:83:db:23:8a:b8:69:fc:2e:e0:78:df:74:4f:
96:ae:23:9e:04:fe:69:eb:66:0f:f8:6a:eb:22:08:
80:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E4:88:C6:40:1C:8F:5E:96:9E:15:D6:46:51:FB:4B:2D:2D:CD:F7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c5c595-2673-4d5f-8a85-ae8c81f96f42/1/TOSIxkAcj16WnhXWRlH7Sy0tzfc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.78.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
51735
Signature Algorithm: sha256WithRSAEncryption
16:09:55:95:48:e4:2b:e3:76:02:f6:7c:e5:5e:b4:45:18:a5:
99:65:4a:d5:9a:dc:4b:fd:3b:73:7e:6e:71:7e:11:5d:9e:fc:
73:a0:f8:75:30:9a:9d:da:4e:6e:b3:be:f3:ee:e1:b6:46:ad:
44:52:74:49:55:31:39:d3:5e:aa:8e:6b:0d:90:17:04:84:ef:
bf:96:d1:3d:a0:96:00:96:b0:fa:9c:ef:a4:b3:75:1e:2f:a5:
07:b4:dd:f2:df:44:ba:43:05:28:6c:88:1c:26:98:3e:13:2f:
b4:be:8b:f5:c2:2e:3d:87:e1:ff:02:ae:5a:68:c4:1e:f4:63:
da:de:61:78:9d:11:a8:05:71:ab:3c:08:bc:00:36:c5:72:29:
12:21:e9:ed:38:5c:7a:42:43:08:5a:77:67:3a:38:6a:61:af:
00:c4:12:43:7c:1e:6f:90:04:56:5b:a0:7a:bf:30:b3:af:ac:
94:e5:10:92:a4:b5:2d:de:08:08:e8:05:64:26:d4:6b:d1:fe:
0b:97:6f:ed:59:92:01:80:bd:38:9b:3d:fc:ee:fd:5a:57:a8:
d5:49:35:cf:cc:04:c4:b2:ed:c2:2f:1d:18:2a:53:24:20:a3:
d7:13:42:58:c7:bc:4c:2e:9a:ff:63:0c:cf:d1:07:41:7a:77:
b0:fd:ca:7e
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzKKjV7ymbNHDjRZsrplV6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U0ODhjNjQwMWM4ZjVlOTY5ZTE1ZDY0NjUxZmI0YjJkMmRjZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8O3jkB3u9VLVAgtULzjvLoVouBO
oL6hrj3nmFe4H1xmN18Zj0ptU3wn6Qj3Do2LUy10vkZBjCCaC2C1onqup9YM1Yph
xxEECeTieMwE495as6iJ/xjr67FFLkY6d/+JMD0bP8oBlenms6n3pTXHSjJ04FrI
9k659IDmoMFxX2HzROb2adCIwaxh23chuLDPysZtN03C65zhtlV1WllzRATBZnT+
1aBxoTrYimWwQgwEelVsz3SAKmkvfz7InA88cXqWswsalQ0etTO2JK7FE9hSvI7X
VEg7Lo53zWLTUc0B1YPbI4q4afwu4HjfdE+WriOeBP5p62YP+GrrIgiAjwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEzkiMZAHI9elp4V1kZR+0stLc33MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE1L2M1YzU5
NS0yNjczLTRkNWYtOGE4NS1hZThjODFmOTZmNDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUvYzVjNTk1
LTI2NzMtNGQ1Zi04YTg1LWFlOGM4MWY5NmY0Mi8xL1RPU0l4a0FjajE2V25oWFdS
bEg3U3kwdHpmYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW9xOMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDKFzANBgkqhkiG9w0BAQsFAAOCAQEAFglVlUjkK+N2AvZ85V60RRilmWVK1Zrc
S/07c35ucX4RXZ78c6D4dTCandpObrO+8+7htkatRFJ0SVUxOdNeqo5rDZAXBITv
v5bRPaCWAJaw+pzvpLN1Hi+lB7Td8t9EukMFKGyIHCaYPhMvtL6L9cIuPYfh/wKu
WmjEHvRj2t5heJ0RqAVxqzwIvAA2xXIpEiHp7ThcekJDCFp3Zzo4amGvAMQSQ3we
b5AEVluger8ws6+slOUQkqS1Ld4ICOgFZCbUa9H+C5dv7VmSAYC9OJs9/O79Wleo
1Uk1z8wExLLtwi8dGCpTJCCj1xNCWMe8TC6a/2MMz9EHQXp3sP3Kfg==
-----END CERTIFICATE-----
Generated at Fri May 3 10:16:39 2024 by rpki-client on console-fra.rpki-client.org