Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer
File: TzLUClO7YLhnWebsClIHMAtBr3A.cer (raw, json)
Hash identifier: V8S/d3aqlZLTg3XzwnY57c2y7z5HM5xembJ6vJ9bxRA=
Subject key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA9A04F347BA97B8B0B30C61393FF40D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 14:35:40 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.50.176.0/22
IP: 2a01:aba0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:04:f3:47:ba:97:b8:b0:b3:0c:61:39:3f:f4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:74:19:8c:bf:2e:da:8d:a5:a0:cb:fd:2c:63:
54:a2:75:89:3b:ff:4b:1e:bb:1c:8a:cb:2d:c6:88:
44:84:b3:22:3b:ef:6c:42:7d:43:ea:9e:6e:b6:40:
98:bd:ee:6a:71:fb:cc:3f:ac:de:fb:c4:a5:e1:c5:
a4:af:74:6b:bb:49:4f:47:15:df:97:dd:28:bf:fb:
67:70:3a:d7:7a:ac:f9:75:89:5c:2e:d3:4d:90:9e:
8c:71:99:54:1a:16:78:f4:85:9b:89:d6:f8:08:91:
2f:0c:8f:82:7c:72:06:3e:2e:5f:72:09:3e:60:f6:
8b:6b:06:77:44:99:91:08:0f:73:03:86:d6:50:0e:
91:9f:46:9a:b9:05:4c:0c:6c:60:cb:fb:8f:e7:a0:
05:70:a2:b7:e8:6e:16:3f:1c:00:8c:6f:0c:85:37:
e0:69:7a:9e:8a:75:dd:fd:5e:ca:48:e3:62:fc:de:
dd:62:1b:52:e3:82:d9:02:b1:f3:03:1e:10:9a:cd:
0c:da:77:37:11:93:38:90:ac:93:d8:a3:83:48:dc:
6d:71:bd:6c:80:2b:29:59:24:6b:03:c1:2c:ff:ed:
c2:54:51:4c:fb:0d:19:02:18:18:47:6a:d5:96:ea:
eb:71:02:e7:e1:01:ac:d0:c0:c1:f1:ba:62:d3:e4:
ad:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.176.0/22
IPv6:
2a01:aba0::/32
Signature Algorithm: sha256WithRSAEncryption
23:32:af:d2:72:4e:ab:6d:70:0d:80:9a:42:b2:21:77:15:6a:
a0:d4:5c:b8:7b:9e:b7:fe:1b:4f:1c:10:64:7b:1c:1e:0a:24:
58:5f:af:b7:83:66:66:cc:7c:a9:ba:e7:a9:36:c3:34:0d:70:
b2:45:d1:08:05:01:a0:f9:81:7d:3e:c2:cf:72:91:5d:67:eb:
19:3c:ea:42:c3:1e:54:ac:fb:89:c9:24:db:3e:b3:97:ba:7e:
25:6a:f7:c2:f3:98:a5:af:f1:dc:85:33:52:13:97:c8:d0:3d:
3f:d7:1b:f8:2c:0c:ea:de:a5:5a:dc:4b:ea:80:c0:9a:e1:1c:
50:79:05:26:21:20:72:69:94:89:7f:23:67:48:d2:cb:cc:3d:
e8:92:1e:74:9b:38:67:56:73:ca:95:a0:f4:fe:23:3c:eb:0a:
90:7c:c9:f3:74:c2:d3:1c:f1:96:f2:64:79:76:08:0b:33:c2:
79:c6:87:de:65:5f:31:e5:99:d5:aa:e6:f2:ab:52:5f:46:28:
73:72:b7:1b:7b:84:78:6a:d3:83:85:d7:9e:0b:fa:05:c3:25:
78:99:e5:2d:35:2b:4e:1b:c5:ca:c7:aa:31:b6:13:45:e8:6f:
a1:2d:93:b8:49:cc:98:70:87:50:95:9c:7b:94:02:8b:ba:7c:
5f:4c:81:ed
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzKmgTzR7qXuLCzDGE5P/QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMyZDQwYTUzYmI2MGI4Njc1OWU2ZWMwYTUyMDczMDBiNDFhZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHQZjL8u2o2loMv9LGNUonWJO/9L
HrscisstxohEhLMiO+9sQn1D6p5utkCYve5qcfvMP6ze+8Sl4cWkr3Rru0lPRxXf
l90ov/tncDrXeqz5dYlcLtNNkJ6McZlUGhZ49IWbidb4CJEvDI+CfHIGPi5fcgk+
YPaLawZ3RJmRCA9zA4bWUA6Rn0aauQVMDGxgy/uP56AFcKK36G4WPxwAjG8MhTfg
aXqeinXd/V7KSONi/N7dYhtS44LZArHzAx4Qms0M2nc3EZM4kKyT2KODSNxtcb1s
gCspWSRrA8Es/+3CVFFM+w0ZAhgYR2rVlurrcQLn4QGs0MDB8bpi0+StzwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFE8y1ApTu2C4Z1nm7ApSBzALQa9wMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YzL2E3NWU2
My04MTQ5LTQ5YzYtOTM5Zi1jNmJmMmZmYjcyNTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTc1ZTYz
LTgxNDktNDljNi05MzlmLWM2YmYyZmZiNzI1My8xL1R6TFVDbE83WUxobldlYnND
bElITUF0QnIzQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTKwMA0EAgACMAcDBQAqAaugMA0GCSqGSIb3
DQEBCwUAA4IBAQAjMq/Sck6rbXANgJpCsiF3FWqg1Fy4e563/htPHBBkexweCiRY
X6+3g2ZmzHypuuepNsM0DXCyRdEIBQGg+YF9PsLPcpFdZ+sZPOpCwx5UrPuJySTb
PrOXun4lavfC85ilr/HchTNSE5fI0D0/1xv4LAzq3qVa3EvqgMCa4RxQeQUmISBy
aZSJfyNnSNLLzD3okh50mzhnVnPKlaD0/iM86wqQfMnzdMLTHPGW8mR5dggLM8J5
xofeZV8x5ZnVqubyq1JfRihzcrcbe4R4atODhdeeC/oFwyV4meUtNStOG8XKx6ox
thNF6G+hLZO4ScyYcIdQlZx7lAKLunxfTIHt
-----END CERTIFICATE-----
Generated at Fri May 3 07:01:54 2024 by rpki-client on console-ams.rpki-client.org