Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XL1s2RrWpyhrIfZQn92fUP7nXYc.cer
File: XL1s2RrWpyhrIfZQn92fUP7nXYc.cer (raw, json)
Hash identifier: 75EiAfSlJhaHGa1EbW4MNbzE6e+C9qvvDd6j7pPJSWA=
Subject key identifier: 5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4250EEA71275456A901AE891BAB1098
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:30:12 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 195.10.206.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0e:ea:71:27:54:56:a9:01:ae:89:1b:ab:10:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cbd6cd91ad6a7286b21f6509fdd9f50fee75d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a2:a2:1d:62:0f:a6:e9:ed:b0:c3:57:fe:11:
e6:6f:83:51:b2:92:ed:8d:e9:4b:f3:55:f6:b1:91:
e3:fc:b3:45:e2:1e:f5:3d:3c:34:a6:96:a3:86:30:
e7:a5:ce:29:d5:a2:51:f1:67:4a:42:c3:5f:0d:19:
ae:2b:e8:e4:0a:a6:bc:5b:be:45:2f:1d:d7:eb:8b:
1c:1f:fc:11:c2:70:2c:66:4a:0c:be:bc:2a:d0:28:
db:39:05:b7:93:67:35:49:56:7e:e4:ab:5b:4d:af:
bf:57:49:79:f7:9d:87:26:f3:b7:58:6e:f7:bc:13:
aa:32:5d:15:4d:a9:6c:83:4a:3c:55:c8:13:97:04:
9f:e2:54:1e:68:1a:cc:48:58:04:15:38:2c:cd:fd:
e0:7e:93:7e:ba:7b:28:8d:11:1e:e1:af:3c:92:3c:
05:2e:03:0f:22:8c:48:9a:b0:2e:96:54:9c:0c:a1:
ba:9f:58:02:d3:31:3e:80:ff:b9:6d:7c:5b:9c:e1:
6c:41:2f:3c:5d:24:01:32:81:44:6b:36:29:ee:f0:
0b:87:3f:ad:0c:e4:fc:42:76:66:f1:d3:90:17:58:
3b:ae:8f:0b:5d:15:ea:41:e5:4a:83:32:d8:f5:3f:
1f:5d:f2:62:d3:00:95:e6:6d:ed:ee:94:3e:89:fa:
fb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BD:6C:D9:1A:D6:A7:28:6B:21:F6:50:9F:DD:9F:50:FE:E7:5D:87
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e0223a-31fd-4cac-8164-fba074ba1b90/1/XL1s2RrWpyhrIfZQn92fUP7nXYc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.10.206.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:58:b4:8e:e9:ab:0b:27:f3:90:7a:ca:ad:bf:b2:bf:68:a2:
e7:a5:ee:c1:1e:ca:98:37:0f:d4:fa:be:90:2a:40:1a:89:d7:
d4:2d:6b:dc:89:69:57:87:10:e9:c5:39:b8:91:ad:97:dd:1d:
62:b5:ef:dc:39:e0:7f:97:18:6a:b3:99:64:70:9c:fb:26:2b:
d4:c2:3a:d5:b4:42:d3:49:de:b7:77:19:96:14:f6:ff:c9:83:
d5:9a:79:f7:31:41:a1:c0:b9:8c:b2:f6:d3:02:ae:2b:25:5e:
cc:a0:6a:4d:30:dd:73:36:2a:d5:f0:65:09:f3:f0:34:74:29:
bd:cc:63:9b:9c:aa:2c:1b:a5:6e:24:6a:0a:da:bf:67:31:21:
dc:ae:b1:b9:0c:14:6c:52:69:1f:57:56:ef:48:9c:52:1b:27:
07:0f:6d:d2:20:09:4b:9b:dc:29:59:55:a4:03:3c:a6:df:c8:
9d:0e:82:ec:bb:b9:5e:6e:bf:2b:0a:21:81:8e:c5:25:14:16:
ab:56:df:d8:bb:57:49:60:95:5b:3b:97:67:5b:d5:a0:25:b4:
04:4e:b6:45:a0:40:68:54:c1:22:69:eb:22:8d:bc:3a:5a:ed:
16:11:d0:5b:05:e9:af:32:1f:f6:08:13:a6:bc:18:0c:6e:70:
8e:28:86:f2
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzEJQ7qcSdUVqkBrokbqxCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JkNmNkOTFhZDZhNzI4NmIyMWY2NTA5ZmRkOWY1MGZlZTc1ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaKiHWIPpuntsMNX/hHmb4NRspLt
jelL81X2sZHj/LNF4h71PTw0ppajhjDnpc4p1aJR8WdKQsNfDRmuK+jkCqa8W75F
Lx3X64scH/wRwnAsZkoMvrwq0CjbOQW3k2c1SVZ+5KtbTa+/V0l5952HJvO3WG73
vBOqMl0VTalsg0o8VcgTlwSf4lQeaBrMSFgEFTgszf3gfpN+unsojREe4a88kjwF
LgMPIoxImrAullScDKG6n1gC0zE+gP+5bXxbnOFsQS88XSQBMoFEazYp7vALhz+t
DOT8QnZm8dOQF1g7ro8LXRXqQeVKgzLY9T8fXfJi0wCV5m3t7pQ+ifr7tQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFy9bNka1qcoayH2UJ/dn1D+512HMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhhL2UwMjIz
YS0zMWZkLTRjYWMtODE2NC1mYmEwNzRiYTFiOTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEvZTAyMjNh
LTMxZmQtNGNhYy04MTY0LWZiYTA3NGJhMWI5MC8xL1hMMXMyUnJXcHlocklmWlFu
OTJmVVA3blhZYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwwrOMA0GCSqGSIb3DQEBCwUAA4IBAQBaWLSO
6asLJ/OQesqtv7K/aKLnpe7BHsqYNw/U+r6QKkAaidfULWvciWlXhxDpxTm4ka2X
3R1ite/cOeB/lxhqs5lkcJz7JivUwjrVtELTSd63dxmWFPb/yYPVmnn3MUGhwLmM
svbTAq4rJV7MoGpNMN1zNirV8GUJ8/A0dCm9zGObnKosG6VuJGoK2r9nMSHcrrG5
DBRsUmkfV1bvSJxSGycHD23SIAlLm9wpWVWkAzym38idDoLsu7lebr8rCiGBjsUl
FBarVt/Yu1dJYJVbO5dnW9WgJbQETrZFoEBoVMEiaesijbw6Wu0WEdBbBemvMh/2
CBOmvBgMbnCOKIby
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:10:20 2024 by rpki-client on console-fra.rpki-client.org