Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
File: TRNilffzLmS-ePs5nrbRWuPpJjI.cer (raw, json)
Hash identifier: QHNgSA8CR3Jc7go+seA1oYXFJj+E1EbHEFS5A0dgK9c=
Subject key identifier: 4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7946E167DB242F1C78535FEE4D40F7F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:42 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 194.5.175.0/24
IP: 194.5.188.0/24
IP: 194.5.195.0/24
IP: 194.5.205.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6e:16:7d:b2:42:f1:c7:85:35:fe:e4:d4:0f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:84:4a:22:21:97:0a:f7:ed:07:26:35:65:
f4:b1:96:f8:6d:46:7f:2b:56:6a:61:a8:95:75:e0:
aa:92:c2:ad:5b:8a:5f:81:57:ad:90:f1:5a:3c:9a:
8f:18:0d:37:18:11:70:bd:69:56:e5:6d:a2:ec:76:
10:70:cf:45:63:79:8b:ae:f3:ed:4c:68:3c:31:d9:
00:09:2e:c4:08:c8:19:12:04:4a:0d:2a:93:2a:1f:
df:89:3d:a4:4e:fa:c6:6b:ce:62:c5:1b:8b:45:a0:
2a:d4:7e:14:08:ec:fc:93:f6:84:52:01:15:75:7c:
53:cc:52:97:2e:2f:b0:81:fc:8c:ba:c7:30:98:bc:
98:e3:83:9f:74:08:41:9c:95:a0:89:25:ce:2d:fd:
12:86:7b:71:d5:1a:b4:c5:b8:e7:52:84:6c:7b:c2:
b9:ad:10:3b:27:fb:08:bd:1f:63:60:40:2c:52:86:
4d:e5:d2:72:fa:e4:0c:a1:a2:dd:88:02:3e:87:f7:
a0:6a:71:66:b0:40:c2:53:6c:f8:1a:2a:5b:b4:62:
f4:00:63:43:17:c2:33:71:7a:50:9c:00:39:77:5f:
95:12:54:60:e3:ab:83:4a:b6:f1:dd:3b:58:87:92:
c5:6e:5c:54:c7:56:48:ba:d5:28:b8:a3:56:2f:ee:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.175.0/24
194.5.188.0/24
194.5.195.0/24
194.5.205.0/24
Signature Algorithm: sha256WithRSAEncryption
03:92:79:d7:64:b1:db:41:df:93:78:08:73:ef:54:25:71:d4:
ca:e1:d9:94:08:68:a7:af:8b:8e:63:f1:1e:21:6e:4c:65:11:
08:a8:71:b9:7e:da:7a:e3:9f:f9:fa:23:74:91:12:09:88:3b:
b1:3c:92:bf:55:d1:51:9d:36:32:20:f3:83:da:1f:94:84:23:
5f:27:1a:31:8f:f5:34:80:fa:f6:a5:a0:ce:fb:bf:6f:eb:d0:
46:04:c3:2f:30:f9:a5:b6:70:aa:7e:81:27:5e:9c:9a:81:1c:
2c:fe:6c:97:c7:24:32:ba:40:e3:ca:0a:42:e0:c5:e1:a7:bf:
91:53:1e:07:ee:2d:22:a6:f9:f5:0b:e7:7a:2f:b5:24:56:97:
7f:cd:74:da:84:c7:5f:65:61:3f:ca:04:8c:47:1a:8f:67:28:
7f:f3:41:f4:56:4e:b4:38:4f:69:fa:c3:46:5e:75:7f:66:fc:
ec:9b:73:18:3c:fa:6e:dc:db:7b:42:92:32:0b:85:34:3c:b9:
63:3b:cf:cf:e3:7e:a0:9e:1e:1b:a7:e2:9c:52:eb:03:0f:91:
e9:55:f7:76:2b:5d:6d:2a:51:45:83:2e:68:9f:a0:0e:04:e2:
47:1c:67:70:06:6f:c3:ff:4b:ec:23:c4:46:93:62:17:c5:2d:
84:46:4a:f7
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzHlG4WfbJC8ceFNf7k1A9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDEzNjI5NWY3ZjMyZTY0YmU3OGZiMzk5ZWI2ZDE1YWUzZTkyNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cKESiIhlwr37QcmNWX0sZb4bUZ/
K1ZqYaiVdeCqksKtW4pfgVetkPFaPJqPGA03GBFwvWlW5W2i7HYQcM9FY3mLrvPt
TGg8MdkACS7ECMgZEgRKDSqTKh/fiT2kTvrGa85ixRuLRaAq1H4UCOz8k/aEUgEV
dXxTzFKXLi+wgfyMuscwmLyY44OfdAhBnJWgiSXOLf0Shntx1Rq0xbjnUoRse8K5
rRA7J/sIvR9jYEAsUoZN5dJy+uQMoaLdiAI+h/eganFmsEDCU2z4GipbtGL0AGND
F8IzcXpQnAA5d1+VElRg46uDSrbx3TtYh5LFblxUx1ZIutUouKNWL+79jwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFE0TYpX38y5kvnj7OZ620Vrj6SYyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RiL2I0NDMz
MC01ZDNiLTQ0NzktOGIxMC0yYmI3ZmRkNWY3MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIvYjQ0MzMw
LTVkM2ItNDQ3OS04YjEwLTJiYjdmZGQ1ZjcyOC8xL1RSTmlsZmZ6TG1TLWVQczVu
cmJSV3VQcEpqSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQAwgWvAwQAwgW8AwQAwgXDAwQAwgXNMA0GCSqG
SIb3DQEBCwUAA4IBAQADknnXZLHbQd+TeAhz71QlcdTK4dmUCGinr4uOY/EeIW5M
ZREIqHG5ftp645/5+iN0kRIJiDuxPJK/VdFRnTYyIPOD2h+UhCNfJxoxj/U0gPr2
paDO+79v69BGBMMvMPmltnCqfoEnXpyagRws/myXxyQyukDjygpC4MXhp7+RUx4H
7i0ipvn1C+d6L7UkVpd/zXTahMdfZWE/ygSMRxqPZyh/80H0Vk60OE9p+sNGXnV/
Zvzsm3MYPPpu3Nt7QpIyC4U0PLljO8/P436gnh4bp+KcUusDD5HpVfd2K11tKlFF
gy5on6AOBOJHHGdwBm/D/0vsI8RGk2IXxS2ERkr3
-----END CERTIFICATE-----
Generated at Fri May 3 10:16:42 2024 by rpki-client on console-fra.rpki-client.org