Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.cer
File: U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.cer (raw, json)
Hash identifier: jd6ciVmtDxrKfHXwwIpmcUTYrf1aLGBhn2/uH8bRjis=
Subject key identifier: 53:76:46:7E:F0:92:1C:51:19:0E:2E:A6:0F:2A:BB:3B:D6:E9:C1:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA29D4AC66755C72BF657B8D0960B073
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 16181
IP: 193.41.218.0/23
IP: 2a0b:480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d4:ac:66:75:5c:72:bf:65:7b:8d:09:60:b0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5376467ef0921c51190e2ea60f2abb3bd6e9c19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7e:a5:08:c7:4c:88:89:56:3c:18:25:c8:12:
f6:78:69:15:c0:17:0c:d8:e0:e5:b0:70:49:8e:72:
02:91:06:eb:61:61:0e:9d:58:7b:3c:2e:78:8c:a4:
6b:fb:6a:1c:6d:c7:81:98:bb:cb:4c:27:9f:cc:f8:
8c:34:33:48:a5:b5:40:88:9d:0b:cc:f0:92:10:13:
10:07:9f:b3:c3:78:43:69:2d:51:a2:8c:a7:36:b9:
64:36:d8:26:e0:1b:ef:df:a3:6f:38:07:29:71:bf:
8c:ed:f4:1e:71:e7:e5:20:e9:43:bb:d2:9b:ad:bc:
8d:d0:51:e5:bc:ac:45:1f:6d:04:7a:26:9f:b9:98:
82:be:86:f7:bd:ec:ce:5d:a3:41:23:98:28:b4:04:
5c:39:3d:3b:8d:62:3b:c5:89:5c:a0:54:a5:ff:dc:
79:15:07:43:fc:d7:66:ef:27:2c:3b:2c:f0:db:6d:
e3:92:e6:10:0b:4d:4e:b8:99:e1:64:3a:8d:f6:5a:
14:85:a8:17:8a:5b:7a:95:02:e1:1b:d4:59:36:ce:
f9:7b:81:2e:ab:e4:59:f1:14:8b:28:94:91:a6:66:
56:0a:e7:bb:7b:4e:58:d7:d9:7e:2b:42:ad:c4:b0:
28:8b:52:01:8d:07:7f:e7:4f:3c:31:df:09:dd:b2:
90:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:76:46:7E:F0:92:1C:51:19:0E:2E:A6:0F:2A:BB:3B:D6:E9:C1:9F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c9db0e-903e-485e-b67f-2c7a2a746279/1/U3ZGfvCSHFEZDi6mDyq7O9bpwZ8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.218.0/23
IPv6:
2a0b:480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16181
Signature Algorithm: sha256WithRSAEncryption
5f:da:61:3a:4c:60:ae:39:88:27:6a:c0:0b:02:c8:ef:ff:85:
0e:d8:9e:bc:a1:7b:4f:4a:22:58:23:3a:85:4b:ce:e9:1d:ff:
02:fc:cc:04:dc:5b:e4:47:0f:54:22:30:d0:57:79:e0:06:a2:
ce:1a:e7:80:86:8d:04:b5:14:ce:b0:bc:cb:da:4c:3a:ad:95:
33:fc:cb:06:f4:1d:70:ca:26:8c:88:22:33:01:6c:bc:ca:ad:
fc:f6:8c:b1:11:d2:e1:d2:9e:9e:63:13:6b:fd:8f:02:55:94:
93:4c:08:24:b1:66:5c:2f:11:5a:6a:8e:07:b2:f8:cb:71:fa:
44:6d:43:5a:d0:4e:2e:76:0e:3d:35:0c:7a:06:89:51:44:db:
65:46:88:45:74:1d:41:ab:d1:eb:cc:61:f9:b5:f9:2a:3d:5e:
f5:4d:c7:4b:5e:39:11:fd:8a:9e:54:42:c9:1a:89:80:6d:db:
70:ac:51:34:f4:5f:fe:57:9e:ef:60:71:5e:a4:54:eb:87:92:
d9:21:51:5a:bd:d7:27:79:88:d0:4c:6a:a5:d4:43:14:2e:d2:
a7:e6:01:4e:24:f7:7b:4d:b9:78:c1:82:c5:4c:ef:1a:1f:a2:
65:3f:97:71:4d:54:8c:c8:c5:7c:11:15:52:20:53:4e:f5:ad:
a4:f6:aa:cc
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYzKKdSsZnVccr9le40JYLBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc2NDY3ZWYwOTIxYzUxMTkwZTJlYTYwZjJhYmIzYmQ2ZTljMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH6lCMdMiIlWPBglyBL2eGkVwBcM
2ODlsHBJjnICkQbrYWEOnVh7PC54jKRr+2ocbceBmLvLTCefzPiMNDNIpbVAiJ0L
zPCSEBMQB5+zw3hDaS1RooynNrlkNtgm4Bvv36NvOAcpcb+M7fQeceflIOlDu9Kb
rbyN0FHlvKxFH20EeiafuZiCvob3vezOXaNBI5gotARcOT07jWI7xYlcoFSl/9x5
FQdD/Ndm7ycsOyzw223jkuYQC01OuJnhZDqN9loUhagXilt6lQLhG9RZNs75e4Eu
q+RZ8RSLKJSRpmZWCue7e05Y19l+K0KtxLAoi1IBjQd/5088Md8J3bKQmQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFFN2Rn7wkhxRGQ4upg8quzvW6cGfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0L2M5ZGIw
ZS05MDNlLTQ4NWUtYjY3Zi0yYzdhMmE3NDYyNzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvYzlkYjBl
LTkwM2UtNDg1ZS1iNjdmLTJjN2EyYTc0NjI3OS8xL1UzWkdmdkNTSEZFWkRpNm1E
eXE3TzlicHdaOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBwSnaMA0EAgACMAcDBQMqCwSAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAj81MA0GCSqGSIb3DQEBCwUAA4IBAQBf2mE6TGCuOYgn
asALAsjv/4UO2J68oXtPSiJYIzqFS87pHf8C/MwE3FvkRw9UIjDQV3ngBqLOGueA
ho0EtRTOsLzL2kw6rZUz/MsG9B1wyiaMiCIzAWy8yq389oyxEdLh0p6eYxNr/Y8C
VZSTTAgksWZcLxFaao4HsvjLcfpEbUNa0E4udg49NQx6BolRRNtlRohFdB1Bq9Hr
zGH5tfkqPV71TcdLXjkR/YqeVELJGomAbdtwrFE09F/+V57vYHFepFTrh5LZIVFa
vdcneYjQTGql1EMULtKn5gFOJPd7Tbl4wYLFTO8aH6JlP5dxTVSMyMV8ERVSIFNO
9a2k9qrM
-----END CERTIFICATE-----
Generated at Fri May 3 10:17:16 2024 by rpki-client on console-fra.rpki-client.org