Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
File: XbWMRb7iUfx1daY-W0kN7GEU5so.cer (raw, json)
Hash identifier: fXb1fkF2S5M7qlgHwvYH42nWu45TY0X7BxM6CzOXdnc=
Subject key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B83F237B7577BD9A9D7C4A0F412B62
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:30:12 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43231
IP: 185.188.36.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:3f:23:7b:75:77:bd:9a:9d:7c:4a:0f:41:2b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:8e:fe:4e:69:e4:84:fe:7b:1a:81:7b:c7:
51:6b:1d:aa:6b:1e:4b:f7:e8:29:e9:b2:a3:c9:d0:
43:1b:60:2d:43:70:f8:0c:a1:2a:4c:fb:b9:23:30:
ad:af:26:7f:5a:d9:ed:7c:58:9e:c7:1f:b9:96:93:
ff:57:68:45:c6:a3:63:82:bf:73:a0:5e:26:84:40:
3d:0d:5a:f1:c2:6a:96:6d:3c:da:d6:cd:51:f4:b2:
b3:2e:bd:02:5e:e4:6c:46:ea:48:ac:e4:2a:c5:38:
cf:74:c4:3a:5e:db:5b:42:ae:e8:b0:76:2b:bc:40:
80:ca:61:20:3c:74:8c:e6:5b:49:64:0c:2b:1d:3e:
47:c7:41:67:04:f7:c9:20:c5:ac:82:2a:86:67:f9:
53:c8:96:f5:75:db:06:29:7f:db:c6:e0:72:f7:b4:
7e:89:af:d1:a3:2a:a6:33:91:de:4e:b9:f9:32:5c:
d9:36:51:89:b1:a8:8e:67:d9:f8:f3:cc:c4:9b:cb:
a5:7b:1b:8b:ff:71:7a:3f:6c:cb:73:8a:6e:9c:57:
05:10:09:74:35:0b:5a:46:5b:d1:67:85:45:b2:94:
8e:eb:5c:e4:22:44:14:9c:fd:16:f8:3f:d2:f5:c9:
e9:4a:a1:6c:65:e4:ea:24:72:2b:9e:52:81:a6:79:
90:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.36.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43231
Signature Algorithm: sha256WithRSAEncryption
1e:52:8e:8c:40:f1:8a:3b:cf:74:eb:8c:c1:da:1e:ad:53:6e:
3c:75:37:7b:e8:0b:b5:24:f4:33:19:f9:39:ef:45:62:f5:61:
77:fc:be:08:da:d1:f9:ea:bf:02:f0:43:fa:9b:fc:c6:8a:0d:
0d:64:9a:75:be:d0:b4:5d:44:7f:a9:72:da:eb:e4:6b:c6:cf:
9a:8a:e9:f1:11:53:cb:48:ce:91:28:32:bd:48:46:a0:19:d4:
66:0e:f9:d8:18:ad:5b:61:4b:87:82:33:6b:ac:e7:6d:93:9d:
0f:0c:b8:f8:23:f4:47:2c:ca:d8:ef:0e:0c:fb:c5:fc:e6:3c:
5b:91:3c:04:cd:8f:82:10:4f:32:1d:e8:f5:be:c4:cb:1b:47:
7c:40:73:38:75:fd:8d:db:df:14:30:16:59:4b:6d:bb:00:08:
c6:fb:eb:eb:2a:86:be:0a:8c:67:a9:5f:4a:c1:75:7b:5e:fd:
c5:30:7f:98:38:2c:6c:1c:d8:a9:e4:94:c7:18:f8:72:a7:f5:
2e:c1:e2:42:22:a8:08:d7:8a:54:ee:40:86:e3:d9:ef:07:d4:
33:3c:40:31:32:85:67:e7:7b:b8:19:2f:57:43:5f:6a:11:5a:
79:e3:0b:d3:06:9b:5c:a6:64:e7:d3:9e:31:67:dc:e4:48:38:
c3:1d:b0:90
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzGuD8je3V3vZqdfEoPQStiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGI1OGM0NWJlZTI1MWZjNzU3NWE2M2U1YjQ5MGRlYzYxMTRlNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKyO/k5p5IT+exqBe8dRax2qax5L
9+gp6bKjydBDG2AtQ3D4DKEqTPu5IzCtryZ/WtntfFiexx+5lpP/V2hFxqNjgr9z
oF4mhEA9DVrxwmqWbTza1s1R9LKzLr0CXuRsRupIrOQqxTjPdMQ6XttbQq7osHYr
vECAymEgPHSM5ltJZAwrHT5Hx0FnBPfJIMWsgiqGZ/lTyJb1ddsGKX/bxuBy97R+
ia/RoyqmM5HeTrn5MlzZNlGJsaiOZ9n488zEm8ulexuL/3F6P2zLc4punFcFEAl0
NQtaRlvRZ4VFspSO61zkIkQUnP0W+D/S9cnpSqFsZeTqJHIrnlKBpnmQvQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFF21jEW+4lH8dXWmPltJDexhFObKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JjL2FkZjkz
ZC05OGRhLTQxY2MtOGE2ZC05YzJhZDQ3NWEyMzEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvYWRmOTNk
LTk4ZGEtNDFjYy04YTZkLTljMmFkNDc1YTIzMS8xL1hiV01SYjdpVWZ4MWRhWS1X
MGtON0dFVTVzby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCubwkMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCo3zANBgkqhkiG9w0BAQsFAAOCAQEAHlKOjEDxijvPdOuMwdoerVNuPHU3e+gL
tST0Mxn5Oe9FYvVhd/y+CNrR+eq/AvBD+pv8xooNDWSadb7QtF1Ef6ly2uvka8bP
morp8RFTy0jOkSgyvUhGoBnUZg752BitW2FLh4Iza6znbZOdDwy4+CP0RyzK2O8O
DPvF/OY8W5E8BM2PghBPMh3o9b7EyxtHfEBzOHX9jdvfFDAWWUttuwAIxvvr6yqG
vgqMZ6lfSsF1e179xTB/mDgsbBzYqeSUxxj4cqf1LsHiQiKoCNeKVO5AhuPZ7wfU
MzxAMTKFZ+d7uBkvV0NfahFaeeML0wabXKZk59OeMWfc5Eg4wx2wkA==
-----END CERTIFICATE-----
Generated at Fri May 3 01:48:20 2024 by rpki-client on console-ams.rpki-client.org