Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/VAavgE71pjb0ZOcajUHo1AGn9pc.cer
File: VAavgE71pjb0ZOcajUHo1AGn9pc.cer (raw, json)
Hash identifier: c6z7pC6tvQ0Fg4mT9/3v2eY5C/UEN0q56ugBhJtVEkE=
Subject key identifier: 54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B7B17D3973B6AEEF069942BC74571
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/VAavgE71pjb0ZOcajUHo1AGn9pc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35139
IP: 2.58.104.0/22
IP: 2a09:e7c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7b:17:d3:97:3b:6a:ee:f0:69:94:2b:c7:45:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5406af804ef5a636f464e71a8d41e8d401a7f697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:e4:c7:12:5e:6b:27:18:d4:c0:b0:1a:ed:
81:44:dd:79:35:83:b4:a5:b5:93:75:7f:9b:3f:d7:
19:f3:cb:49:7e:19:a1:1f:4a:f3:3c:2d:fa:48:f8:
b1:08:19:14:3b:d8:2b:a4:af:79:a1:5b:0a:73:b5:
1f:1e:ba:02:93:52:f7:7a:3a:62:ac:0c:ce:aa:eb:
42:22:aa:7c:a1:30:e8:63:87:c1:60:2d:7f:7f:67:
3c:a3:43:a1:df:cd:c6:f2:23:3e:52:5c:61:ac:28:
9f:b6:9f:1c:39:47:22:2b:e0:21:60:06:c0:7d:d4:
53:fb:ba:20:a4:b3:ad:60:c1:e0:e2:94:11:bf:1f:
94:9d:0e:f9:2f:09:28:15:41:ae:87:b2:40:42:58:
54:53:3e:ca:2c:45:5e:a1:02:31:32:fe:80:ec:a2:
eb:fc:27:2f:6c:32:f2:f9:0b:6b:f5:40:bd:1b:6b:
b6:b3:f2:d3:83:64:fe:7a:31:af:e6:cc:cd:f0:74:
23:a7:00:ac:3c:2e:71:5e:3e:c0:f9:90:9a:ef:8d:
63:8e:d3:c3:e6:51:d9:2c:37:29:7f:f0:68:44:4e:
04:f6:43:26:14:16:17:e7:ce:4c:de:c2:27:3e:03:
54:f2:94:c7:ef:5d:9d:8f:00:e8:1f:5b:ec:2d:a3:
22:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/VAavgE71pjb0ZOcajUHo1AGn9pc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.104.0/22
IPv6:
2a09:e7c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35139
Signature Algorithm: sha256WithRSAEncryption
b0:29:61:f4:8a:e7:0c:05:9e:45:be:c7:2b:d9:5e:db:73:7d:
13:07:6a:4f:1c:2b:77:b3:8b:45:d1:23:a8:b6:f8:4a:d2:b2:
9e:df:be:f5:79:62:b2:1c:e6:b1:b3:ba:37:d3:ca:a5:bf:a6:
46:89:24:bf:8f:1c:f8:8f:91:f0:f2:27:8f:27:a1:90:ce:dc:
df:cc:b2:54:05:01:f3:44:85:94:ee:eb:10:b7:9c:b2:35:6f:
ba:b4:ba:c1:1a:69:4f:cb:55:7d:eb:9f:d8:e0:5a:3e:e4:7f:
fd:fc:74:24:e5:c5:7f:b2:4f:1c:a8:6f:3a:42:69:b2:3c:d2:
ee:05:b1:35:f9:de:24:48:d7:46:f5:d1:78:8b:6c:a5:48:58:
94:6e:f8:30:a7:de:a3:79:52:44:7d:cd:09:c8:18:69:34:ff:
f9:8b:89:95:96:11:db:19:58:ff:c8:1a:31:d4:05:9d:a9:8d:
ff:b6:73:c0:5c:2a:c4:8e:a8:90:07:d0:92:ba:d2:87:58:98:
35:0b:4a:e7:90:ea:c1:3b:2d:fc:5b:77:2f:9e:78:c7:c0:d2:
11:e3:6c:fd:3d:78:8c:d5:9a:d4:5e:00:06:f0:37:50:8f:e3:
d5:16:6e:d4:90:0d:09:01:a4:c6:e2:98:af:da:ec:a4:c2:93:
7f:d3:d5:89
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzGS3sX05c7au7waZQrx0VxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDA2YWY4MDRlZjVhNjM2ZjQ2NGU3MWE4ZDQxZThkNDAxYTdmNjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKDkxxJeaycY1MCwGu2BRN15NYO0
pbWTdX+bP9cZ88tJfhmhH0rzPC36SPixCBkUO9grpK95oVsKc7UfHroCk1L3ejpi
rAzOqutCIqp8oTDoY4fBYC1/f2c8o0Oh383G8iM+UlxhrCiftp8cOUciK+AhYAbA
fdRT+7ogpLOtYMHg4pQRvx+UnQ75LwkoFUGuh7JAQlhUUz7KLEVeoQIxMv6A7KLr
/CcvbDLy+Qtr9UC9G2u2s/LTg2T+ejGv5szN8HQjpwCsPC5xXj7A+ZCa741jjtPD
5lHZLDcpf/BoRE4E9kMmFBYX585M3sInPgNU8pTH712djwDoH1vsLaMiXQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFFQGr4BO9aY29GTnGo1B6NQBp/aXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZiLzM1Y2I1
Yy05M2E1LTRiZjEtYmExZC0xY2E5ZDI1OWUyYWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIvMzVjYjVj
LTkzYTUtNGJmMS1iYTFkLTFjYTlkMjU5ZTJhZC8xL1ZBYXZnRTcxcGpiMFpPY2Fq
VUhvMUFHbjlwYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCAjpoMA0EAgACMAcDBQMqCefAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCJQzANBgkqhkiG9w0BAQsFAAOCAQEAsClh9IrnDAWe
Rb7HK9le23N9EwdqTxwrd7OLRdEjqLb4StKynt++9XlishzmsbO6N9PKpb+mRokk
v48c+I+R8PInjyehkM7c38yyVAUB80SFlO7rELecsjVvurS6wRppT8tVfeuf2OBa
PuR//fx0JOXFf7JPHKhvOkJpsjzS7gWxNfneJEjXRvXReItspUhYlG74MKfeo3lS
RH3NCcgYaTT/+YuJlZYR2xlY/8gaMdQFnamN/7ZzwFwqxI6okAfQkrrSh1iYNQtK
55DqwTst/Ft3L554x8DSEeNs/T14jNWa1F4ABvA3UI/j1RZu1JANCQGkxuKYr9rs
pMKTf9PViQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:32:46 2024 by rpki-client on console-fra.rpki-client.org