Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
File: XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer (raw, json)
Hash identifier: 8FKNM4qJ6CoqXgl5lRH9XnaauQ0bye4pxt+fy3OUsD0=
Subject key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA99770DD45B39B6D5F53BC3BC314C26
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 14:35:04 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204258
IP: 185.109.40.0/22
IP: 2a06:4e80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:77:0d:d4:5b:39:b6:d5:f5:3b:c3:bc:31:4c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:85:c1:a7:a4:83:ff:e4:0f:5f:c9:c9:1e:d0:
6b:6a:f4:6c:2b:0b:10:e7:24:14:f2:7c:75:33:e1:
d2:33:d5:43:77:d7:67:70:a6:a9:83:c7:26:d7:d1:
38:7e:00:a3:11:90:8d:cd:0c:26:31:e5:45:c7:f0:
54:14:6c:b6:e3:62:3e:6f:93:dc:33:17:9a:88:27:
5b:4a:8c:19:7e:6d:a1:69:f3:9a:52:a9:30:71:70:
39:c8:ae:65:a6:02:58:4c:d6:42:47:66:0b:62:f0:
60:24:1d:6d:4f:fc:cb:f5:6c:91:a1:1e:6e:48:1c:
68:d3:cc:f4:34:67:91:ce:b0:eb:ba:e8:6b:07:08:
f5:2a:98:20:ff:59:ca:8f:d5:3a:d6:56:45:c8:db:
6d:ea:20:2d:a8:91:da:4e:a2:1b:f1:1d:30:1d:68:
5b:21:f3:e6:75:92:db:fc:8d:88:d1:a4:10:66:1a:
65:a4:21:3d:c7:b4:c7:d9:9a:f1:88:11:a9:1b:cf:
4b:3a:80:bb:e5:96:19:fc:f6:c1:77:6b:60:7b:8d:
bf:ad:1b:62:87:c3:5f:64:b8:f8:a2:40:79:b9:de:
ba:12:23:ed:2b:98:a4:81:56:f7:04:b2:ba:32:55:
47:d8:f0:40:d6:77:b8:22:04:ed:67:7c:93:f4:44:
d4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.40.0/22
IPv6:
2a06:4e80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204258
Signature Algorithm: sha256WithRSAEncryption
4c:79:9e:cd:9f:42:fa:c3:e0:be:c5:a9:c1:c4:34:f2:d7:a9:
6d:00:73:6c:99:ca:e2:c9:69:c9:ed:c5:b2:d5:6b:5b:09:48:
18:15:a8:d1:61:2b:f4:9d:6c:56:46:56:cf:7f:d8:cf:64:56:
6e:0b:09:23:37:5d:b7:de:7d:e0:c1:57:98:d7:61:ea:ab:ef:
c6:f6:da:17:1c:00:5e:ef:c8:20:15:45:2e:e1:db:5f:fa:7b:
bb:10:31:fc:bf:14:d1:46:b2:71:e2:43:4c:e4:2d:71:a5:e5:
a5:8e:8e:63:ce:9a:33:a7:db:70:f8:e7:e3:af:aa:c2:03:23:
3f:28:4d:44:4e:e0:2d:ed:2f:5b:06:00:57:1f:ff:ad:ed:4a:
ab:3c:f9:a4:12:a8:53:25:4b:0b:34:d2:ef:ac:b7:94:c0:6e:
f3:97:75:9f:26:f7:51:8a:32:6a:8e:87:11:8d:ca:e3:b7:3d:
7f:7e:82:2e:89:8d:93:76:85:c7:da:d9:8b:46:16:f1:f2:eb:
7f:12:88:4d:b4:b7:71:af:a8:45:12:c0:c4:f0:69:28:dd:ae:
9a:4b:f5:93:38:10:bf:b9:63:ab:b1:57:3c:63:59:97:54:e8:
56:3a:cd:aa:e8:1d:2e:39:ef:44:97:b4:56:d6:b9:08:bf:67:
34:fb:4d:5f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzKmXcN1Fs5ttX1O8O8MUwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE4NWYxZGQ0ZDAzNDY0ODBmMDA5ODc0YThmNTY3MGUzMTA4NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoXBp6SD/+QPX8nJHtBravRsKwsQ
5yQU8nx1M+HSM9VDd9dncKapg8cm19E4fgCjEZCNzQwmMeVFx/BUFGy242I+b5Pc
MxeaiCdbSowZfm2hafOaUqkwcXA5yK5lpgJYTNZCR2YLYvBgJB1tT/zL9WyRoR5u
SBxo08z0NGeRzrDruuhrBwj1Kpgg/1nKj9U61lZFyNtt6iAtqJHaTqIb8R0wHWhb
IfPmdZLb/I2I0aQQZhplpCE9x7TH2ZrxiBGpG89LOoC75ZYZ/PbBd2tge42/rRti
h8NfZLj4okB5ud66EiPtK5ikgVb3BLK6MlVH2PBA1ne4IgTtZ3yT9ETUkwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFF6oXx3U0DRkgPAJh0qPVnDjEIXCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VjL2VmNzgw
OC0xMjJiLTRiODktOTM1OC01OTBjNWYxYjAxYjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMvZWY3ODA4
LTEyMmItNGI4OS05MzU4LTU5MGM1ZjFiMDFiMy8xL1hxaGZIZFRRTkdTQThBbUhT
bzlXY09NUWhjSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuW0oMA0EAgACMAcDBQMqBk6AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMd4jANBgkqhkiG9w0BAQsFAAOCAQEATHmezZ9C+sPg
vsWpwcQ08tepbQBzbJnK4slpye3FstVrWwlIGBWo0WEr9J1sVkZWz3/Yz2RWbgsJ
Izddt9594MFXmNdh6qvvxvbaFxwAXu/IIBVFLuHbX/p7uxAx/L8U0UayceJDTOQt
caXlpY6OY86aM6fbcPjn46+qwgMjPyhNRE7gLe0vWwYAVx//re1Kqzz5pBKoUyVL
CzTS76y3lMBu85d1nyb3UYoyao6HEY3K47c9f36CLomNk3aFx9rZi0YW8fLrfxKI
TbS3ca+oRRLAxPBpKN2umkv1kzgQv7ljq7FXPGNZl1ToVjrNqugdLjnvRJe0Vta5
CL9nNPtNXw==
-----END CERTIFICATE-----
Generated at Fri May 3 09:10:46 2024 by rpki-client on console-ams.rpki-client.org