Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Vzm709YFZftZWALsfGl-ohq9l-Q.cer
File: Vzm709YFZftZWALsfGl-ohq9l-Q.cer (raw, json)
Hash identifier: 4D3jRrRf0pu01SATCi/nZiGL/PLab6wQYpXdYNje2xo=
Subject key identifier: 57:39:BB:D3:D6:05:65:FB:59:58:02:EC:7C:69:7E:A2:1A:BD:97:E4
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DC4C33DB808721E63BF557BB24892A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f1/9a26f1-3ab5-49f6-bc57-5d62959d105b/1/Vzm709YFZftZWALsfGl-ohq9l-Q.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f1/9a26f1-3ab5-49f6-bc57-5d62959d105b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:58 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.87.152.0/22
IP: 193.57.174.0/23
IP: 193.57.202.0/23
IP: 2a05:c080::/29
IP: 2a0f:bc40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4c:33:db:80:87:21:e6:3b:f5:57:bb:24:89:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5739bbd3d60565fb595802ec7c697ea21abd97e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:19:77:7e:f4:6d:d7:70:fd:b3:77:3c:ed:
41:94:2c:36:61:81:af:30:17:d0:0a:a3:8f:27:ee:
78:48:49:10:22:e6:51:47:5c:39:5a:05:7f:a8:c1:
01:cd:2e:d3:ca:87:11:7b:fb:ea:fe:c7:ee:55:37:
24:37:c2:5a:b3:6b:35:f6:66:04:de:67:ed:63:8b:
3e:e1:d1:7c:3c:7f:1c:61:07:d4:19:02:a2:6d:a6:
9e:3a:ca:0d:e7:4f:26:d3:44:10:7c:78:4c:dc:43:
c5:7e:bc:e0:1a:9f:19:8c:c1:51:a1:79:27:27:e5:
a9:f7:49:96:37:80:e3:98:0f:b2:87:a3:b7:14:de:
e0:90:b0:8a:98:86:01:39:6c:8f:6d:7e:d9:1d:8c:
e2:73:29:97:b5:b8:a9:ba:ac:b9:a8:e2:44:a9:be:
3f:c8:69:fd:26:2c:37:64:6a:6b:e1:c1:48:ee:3c:
78:25:71:51:75:8e:0a:c1:7f:89:95:2f:97:11:3e:
e6:e0:85:06:18:56:27:1f:fc:60:53:3b:cf:07:f4:
7d:e8:cb:6d:d6:df:a9:29:72:c8:4b:c9:f9:d2:d9:
56:9d:99:28:30:24:06:81:6c:b7:25:06:3f:af:51:
64:bc:a7:ee:dd:15:35:c7:63:54:dc:b3:a7:75:a6:
a0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:39:BB:D3:D6:05:65:FB:59:58:02:EC:7C:69:7E:A2:1A:BD:97:E4
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a26f1-3ab5-49f6-bc57-5d62959d105b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9a26f1-3ab5-49f6-bc57-5d62959d105b/1/Vzm709YFZftZWALsfGl-ohq9l-Q.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.152.0/22
193.57.174.0/23
193.57.202.0/23
IPv6:
2a05:c080::/29
2a0f:bc40::/29
Signature Algorithm: sha256WithRSAEncryption
92:a6:1c:de:4d:a6:56:a9:4b:ba:dd:10:46:a7:a6:54:33:a6:
67:3c:09:eb:5e:a5:9e:1f:3d:33:35:e3:23:7d:6f:7a:6c:4a:
77:47:ec:8f:e7:ef:7d:7d:3c:4e:ab:0a:d0:57:c7:68:21:b9:
49:c4:32:6c:a5:65:ce:47:62:fb:fd:2b:14:96:08:d3:d2:d1:
cb:75:34:32:5d:4f:72:27:1c:a0:0f:cf:cf:f2:83:3d:50:35:
1d:64:dd:b1:4b:96:7c:10:e6:42:a0:1d:52:5f:6e:c9:2b:42:
89:a9:33:c2:80:18:d4:77:f1:5e:a5:82:9f:68:45:96:4a:02:
11:58:cc:c0:69:df:07:10:d6:07:57:8a:a6:58:73:a7:b0:d9:
ed:bc:7d:a6:e8:c0:68:dd:f2:3b:cd:4a:72:5f:ef:00:a5:b0:
54:63:98:1c:78:fc:44:2b:15:96:65:ab:89:31:87:57:5a:e3:
df:7d:12:f8:99:8e:b4:09:7f:3b:1a:59:eb:5c:76:ba:04:dc:
f0:14:eb:13:0f:c6:f1:08:25:40:31:72:99:b1:fc:89:12:73:
8d:b0:d6:45:ec:f0:fc:0e:9c:3e:16:8a:bf:39:c9:79:3c:a1:
a8:99:97:c9:73:2b:d0:e7:53:e6:09:34:8d:43:7e:0e:f8:c4:
fc:0b:db:da
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzF3Ewz24CHIeY79Ve7JIkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM5YmJkM2Q2MDU2NWZiNTk1ODAyZWM3YzY5N2VhMjFhYmQ5N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyysZd370bddw/bN3PO1BlCw2YYGv
MBfQCqOPJ+54SEkQIuZRR1w5WgV/qMEBzS7TyocRe/vq/sfuVTckN8Jas2s19mYE
3mftY4s+4dF8PH8cYQfUGQKibaaeOsoN508m00QQfHhM3EPFfrzgGp8ZjMFRoXkn
J+Wp90mWN4DjmA+yh6O3FN7gkLCKmIYBOWyPbX7ZHYzicymXtbipuqy5qOJEqb4/
yGn9Jiw3ZGpr4cFI7jx4JXFRdY4KwX+JlS+XET7m4IUGGFYnH/xgUzvPB/R96Mtt
1t+pKXLIS8n50tlWnZkoMCQGgWy3JQY/r1FkvKfu3RU1x2NU3LOndaageQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFFc5u9PWBWX7WVgC7HxpfqIavZfkMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YxLzlhMjZm
MS0zYWI1LTQ5ZjYtYmM1Ny01ZDYyOTU5ZDEwNWIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvOWEyNmYx
LTNhYjUtNDlmNi1iYzU3LTVkNjI5NTlkMTA1Yi8xL1Z6bTcwOVlGWmZ0WldBTHNm
R2wtb2hxOWwtUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUF
BwEHAQH/BDIwMDAYBAIAATASAwQCuVeYAwQBwTmuAwQBwTnKMBQEAgACMA4DBQMq
BcCAAwUDKg+8QDANBgkqhkiG9w0BAQsFAAOCAQEAkqYc3k2mVqlLut0QRqemVDOm
ZzwJ616lnh89MzXjI31vemxKd0fsj+fvfX08TqsK0FfHaCG5ScQybKVlzkdi+/0r
FJYI09LRy3U0Ml1PciccoA/Pz/KDPVA1HWTdsUuWfBDmQqAdUl9uyStCiakzwoAY
1HfxXqWCn2hFlkoCEVjMwGnfBxDWB1eKplhzp7DZ7bx9pujAaN3yO81Kcl/vAKWw
VGOYHHj8RCsVlmWriTGHV1rj330S+JmOtAl/OxpZ61x2ugTc8BTrEw/G8QglQDFy
mbH8iRJzjbDWRezw/A6cPhaKvznJeTyhqJmXyXMr0OdT5gk0jUN+DvjE/Avb2g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:14:03 2024 by rpki-client on console-fra.rpki-client.org