Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U12xQ-kGqiDleCkH-EXUp2li_3s.cer
File: U12xQ-kGqiDleCkH-EXUp2li_3s.cer (raw, json)
Hash identifier: /2ZRTxtYN0fSOPK0VnEKWxFjLibFZ7eIRBMxb+dccMs=
Subject key identifier: 53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DB015429BDAE91A38289187A1A1290
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/U12xQ-kGqiDleCkH-EXUp2li_3s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 51785
IP: 46.18.248.0/21
IP: 2a06:a4c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:01:54:29:bd:ae:91:a3:82:89:18:7a:1a:12:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=535db143e906aa20e5782907f845d4a76962ff7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:b8:73:e2:19:ce:02:03:bf:29:31:e2:0d:
54:e8:09:5f:9e:f0:61:a5:e3:95:9b:70:92:3f:c2:
1c:3a:33:63:03:26:71:65:ac:b3:f8:ad:d5:75:6c:
44:c9:af:e8:55:6c:04:60:d2:9b:40:e3:19:a1:aa:
10:49:35:61:6b:d8:4a:6f:c3:82:3d:45:37:1b:81:
8b:ad:25:58:b4:9b:a2:ff:23:83:5e:49:f0:2b:f3:
9c:5b:c3:f3:48:b3:db:5c:94:4e:03:7f:bb:25:d8:
20:a5:d9:28:b4:28:79:6d:d6:42:3f:4e:12:61:fd:
25:19:86:65:54:59:44:d5:e7:88:eb:f9:25:12:95:
05:f0:cd:98:21:0d:2d:08:12:3c:b5:d0:cd:a0:43:
a2:b8:09:68:8a:63:2c:3f:8e:b8:5f:74:24:66:4f:
bf:cc:e3:c4:7c:5a:95:ba:2c:b6:c4:fd:28:b4:bf:
13:96:a8:f1:b9:cd:d0:85:c5:33:e3:12:83:61:e3:
73:19:98:09:ce:78:90:e4:ff:f7:12:b5:76:3f:c0:
cb:ee:40:11:92:31:2c:53:91:2f:e6:88:81:c0:b8:
3a:e4:8a:62:b6:2e:be:e0:b9:32:71:8e:5d:e6:7a:
3f:25:f3:97:b6:ca:f4:dd:b6:ca:3c:7a:8e:18:70:
81:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/U12xQ-kGqiDleCkH-EXUp2li_3s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.248.0/21
IPv6:
2a06:a4c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
51785
Signature Algorithm: sha256WithRSAEncryption
39:1d:58:4c:66:89:56:a5:4d:73:9b:02:68:31:ae:0a:2d:eb:
2f:bb:7c:eb:86:8c:5c:db:48:09:80:78:d1:d8:87:5d:07:2d:
72:96:b8:87:68:43:f0:fd:ce:86:04:ef:7a:d8:df:ba:5c:ba:
30:89:8b:46:7d:b6:d3:7c:fa:0d:e0:d5:53:5f:80:2c:70:4e:
19:38:f8:4c:a8:f1:51:c8:a5:4e:5b:6c:2d:a2:ae:77:5f:a1:
3e:d1:9e:4b:23:ba:d3:31:9b:a6:39:88:7e:87:0c:de:33:f4:
de:e9:57:32:6e:d3:e2:57:00:6b:6e:86:ac:e7:46:06:28:a1:
a4:c2:55:e5:33:85:77:d6:1f:b6:70:09:14:37:fa:6a:6a:02:
ea:93:c8:63:b0:ea:23:78:d5:38:c3:63:a7:c2:d6:2a:23:ba:
6a:e2:16:1d:8a:68:88:04:46:f4:54:3f:e6:59:2c:cf:ce:4b:
af:c2:f4:09:7f:fb:8d:c4:42:f0:ce:fa:6a:48:d5:01:f4:e3:
bf:90:cf:90:51:e5:10:cb:1e:c5:a7:15:b6:8e:cb:b5:93:3c:
49:ae:8d:69:00:6a:d6:32:4e:79:c3:34:4e:94:8b:5d:04:bc:
be:38:5d:3c:18:13:25:52:8b:54:fd:ea:d0:40:86:59:c9:90:
13:a4:28:01
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2wFUKb2ukaOCiRh6GhKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzVkYjE0M2U5MDZhYTIwZTU3ODI5MDdmODQ1ZDRhNzY5NjJmZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArai4c+IZzgIDvykx4g1U6AlfnvBh
peOVm3CSP8IcOjNjAyZxZayz+K3VdWxEya/oVWwEYNKbQOMZoaoQSTVha9hKb8OC
PUU3G4GLrSVYtJui/yODXknwK/OcW8PzSLPbXJROA3+7JdggpdkotCh5bdZCP04S
Yf0lGYZlVFlE1eeI6/klEpUF8M2YIQ0tCBI8tdDNoEOiuAloimMsP464X3QkZk+/
zOPEfFqVuiy2xP0otL8Tlqjxuc3QhcUz4xKDYeNzGZgJzniQ5P/3ErV2P8DL7kAR
kjEsU5Ev5oiBwLg65Ipiti6+4LkycY5d5no/JfOXtsr03bbKPHqOGHCBvQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFNdsUPpBqog5XgpB/hF1KdpYv97MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3LzFhOGQ5
OC0zNGM5LTRkMjYtOTdkYy00ODczMWIzYzAzYTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMWE4ZDk4
LTM0YzktNGQyNi05N2RjLTQ4NzMxYjNjMDNhNC8xL1UxMnhRLWtHcWlEbGVDa0gt
RVhVcDJsaV8zcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQDLhL4MA0EAgACMAcDBQMqBqTAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDKSTANBgkqhkiG9w0BAQsFAAOCAQEAOR1YTGaJVqVN
c5sCaDGuCi3rL7t864aMXNtICYB40diHXQctcpa4h2hD8P3OhgTvetjfuly6MImL
Rn2203z6DeDVU1+ALHBOGTj4TKjxUcilTltsLaKud1+hPtGeSyO60zGbpjmIfocM
3jP03ulXMm7T4lcAa26GrOdGBiihpMJV5TOFd9YftnAJFDf6amoC6pPIY7DqI3jV
OMNjp8LWKiO6auIWHYpoiARG9FQ/5lksz85Lr8L0CX/7jcRC8M76akjVAfTjv5DP
kFHlEMsexacVto7LtZM8Sa6NaQBq1jJOecM0TpSLXQS8vjhdPBgTJVKLVP3q0ECG
WcmQE6QoAQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:32:27 2024 by rpki-client on console-fra.rpki-client.org