Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
File: XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer (raw, json)
Hash identifier: ZmNX1/cU6LZnmBggnR43gGJMWANKs+zs0BxYjNFNDPU=
Subject key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3CEF1FEB003C907D140BEDC8237352A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:56:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 45.81.56.0/22
IP: 2a09:d640::/29
IP: 2a0e:5080::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:ce:f1:fe:b0:03:c9:07:d1:40:be:dc:82:37:35:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:56:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:6f:94:57:2f:15:42:22:b3:a6:33:19:68:
ea:cb:75:e0:c6:a5:7a:5a:81:04:ce:41:7b:37:4a:
33:cc:51:14:d8:29:d5:ab:c7:3a:56:3e:4b:04:83:
95:d0:79:e3:73:1d:7d:37:91:bc:63:cc:7c:15:e3:
db:05:ec:7e:e6:73:ae:98:f2:2d:db:46:b2:79:d2:
f6:23:84:f8:70:dd:30:dd:4c:3f:5b:eb:b5:a8:4c:
5b:1f:1b:c3:7c:4b:11:f7:a4:ca:c0:95:2a:44:b0:
c2:cc:c4:bd:5b:11:ab:99:26:bb:e1:19:f8:73:12:
09:ff:1f:61:f8:8d:cc:64:89:dc:c5:8c:7a:20:f1:
fd:b2:e1:cb:93:ff:44:30:90:b0:8e:c1:ee:5d:84:
1e:eb:7a:e8:54:43:e7:15:e7:2a:3a:77:a0:85:1b:
0e:d2:2b:03:25:31:e1:d4:e4:85:6f:e9:61:ae:3e:
0b:c8:c2:87:f0:58:1c:3c:db:c5:59:5f:89:26:70:
2b:ba:50:53:f1:88:ff:57:ab:b6:0b:0c:dd:a8:84:
58:42:17:72:4e:10:03:08:4e:62:7e:7f:97:f3:44:
31:57:71:a8:39:e8:25:ff:76:1f:e3:64:b6:c2:45:
69:2b:0e:45:fe:18:aa:c2:4a:51:26:28:49:5b:1f:
72:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.56.0/22
IPv6:
2a09:d640::/29
2a0e:5080::/29
Signature Algorithm: sha256WithRSAEncryption
40:37:e6:b3:a9:0b:30:94:78:40:6a:62:ac:2e:45:17:3e:33:
60:0d:80:c9:64:99:ae:b4:89:e9:80:c9:e4:23:e3:1c:ff:ac:
27:dd:e6:18:95:46:6c:fd:3a:1f:b9:4f:e3:4b:4f:eb:a8:91:
ec:2e:ab:fa:97:53:a1:a1:d1:fe:0d:c0:f1:db:77:b0:26:e3:
d5:32:ad:6b:a8:f8:79:32:e7:b3:43:c8:6c:63:ec:40:9d:9b:
62:20:bd:4f:cb:d6:77:19:98:36:3b:87:16:d8:cd:7f:92:ae:
c5:80:a5:da:f1:c0:d2:79:78:50:43:30:ba:74:ab:56:52:11:
34:8b:5e:0f:0d:47:be:97:08:57:62:51:63:47:34:0f:92:b6:
fe:b4:a5:bf:79:ea:8a:e0:62:54:c3:f0:c6:1a:a7:96:23:88:
18:32:fe:a0:1b:f6:91:a3:2c:50:4d:4c:1f:23:45:d0:83:cd:
3d:fd:cf:b9:79:ac:36:57:04:f9:85:e5:51:1e:1c:36:86:6c:
4b:86:7f:63:aa:10:5c:cf:56:6c:1b:15:f8:25:0b:af:82:82:
68:34:85:a0:29:78:47:1f:eb:f0:75:b8:19:70:9c:98:bb:8b:
c7:8b:cc:38:c3:f7:7a:5b:0f:f2:53:0f:b1:4d:f6:37:4a:2f:
9f:e4:f4:96
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzDzvH+sAPJB9FAvtyCNzUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDY1NjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGEzMjE1YWJmYTQ2MjFkNTc3MDlmODM4YTkyODAxZjJlOTBkZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsflvlFcvFUIis6YzGWjqy3XgxqV6
WoEEzkF7N0ozzFEU2CnVq8c6Vj5LBIOV0Hnjcx19N5G8Y8x8FePbBex+5nOumPIt
20ayedL2I4T4cN0w3Uw/W+u1qExbHxvDfEsR96TKwJUqRLDCzMS9WxGrmSa74Rn4
cxIJ/x9h+I3MZIncxYx6IPH9suHLk/9EMJCwjsHuXYQe63roVEPnFecqOneghRsO
0isDJTHh1OSFb+lhrj4LyMKH8FgcPNvFWV+JJnArulBT8Yj/V6u2CwzdqIRYQhdy
ThADCE5ifn+X80QxV3GoOegl/3Yf42S2wkVpKw5F/hiqwkpRJihJWx9yXwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFF2jIVq/pGIdV3Cfg4qSgB8ukN3+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2JmMjQ1
NjdiLTdhNzQtNGMxZi1hYTg1LWRkMjRhZjczY2NiYi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYy
NDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvNURBMzIxNUFCRkE0
NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgME
Ai1RODAUBAIAAjAOAwUDKgnWQAMFAyoOUIAwDQYJKoZIhvcNAQELBQADggEBAEA3
5rOpCzCUeEBqYqwuRRc+M2ANgMlkma60iemAyeQj4xz/rCfd5hiVRmz9Oh+5T+NL
T+uokewuq/qXU6Gh0f4NwPHbd7Am49UyrWuo+Hky57NDyGxj7ECdm2IgvU/L1ncZ
mDY7hxbYzX+SrsWApdrxwNJ5eFBDMLp0q1ZSETSLXg8NR76XCFdiUWNHNA+Stv60
pb956orgYlTD8MYap5YjiBgy/qAb9pGjLFBNTB8jRdCDzT39z7l5rDZXBPmF5VEe
HDaGbEuGf2OqEFzPVmwbFfglC6+Cgmg0haApeEcf6/B1uBlwnJi7i8eLzDjD93pb
D/JTD7FN9jdKL5/k9JY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:25:32 2024 by rpki-client on console-ams.rpki-client.org