Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
File: Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer (raw, json)
Hash identifier: 6gLaL3RBhbz8BWtmH/MyJJTwMyYxILpoo7Tb81enw4M=
Subject key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DAF05A4930128E3421FE958C94AEE6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:37 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 198287
IP: 194.126.129.0/24
IP: 2a05:3700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f0:5a:49:30:12:8e:34:21:fe:95:8c:94:ae:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8b:77:c5:a8:61:e5:2f:1d:c4:2e:ca:d7:fa:
79:42:22:57:e8:0b:ee:88:ca:1e:c1:09:17:aa:b6:
3f:9c:ba:9c:de:ce:e1:7e:50:84:de:e1:91:39:bd:
d7:da:23:11:4c:85:5d:98:63:2f:48:45:9a:7a:cc:
e5:69:64:37:dd:44:79:e2:fa:23:92:e2:65:c8:54:
08:9a:69:86:15:30:d3:df:24:76:87:8e:f8:90:78:
85:99:19:61:cb:08:0e:44:1f:94:bf:c0:f2:07:1b:
15:02:d0:63:d7:9a:70:ae:a0:b2:38:ec:cd:47:f7:
fd:d9:17:c1:dc:98:9c:c8:a6:9e:4b:30:56:f6:1e:
8c:30:d8:51:47:a8:15:af:bc:a2:cc:4e:38:dc:57:
ea:a7:43:f8:49:ad:00:09:da:94:38:59:71:50:e9:
12:f4:bc:5b:82:97:12:25:87:19:11:60:f2:90:ff:
52:15:f2:73:1e:8f:14:18:b4:c3:8d:2d:86:53:84:
bb:3a:f0:b7:14:33:94:8e:6f:f4:0f:a9:26:14:ec:
fd:37:56:fa:fb:78:3b:7f:17:ad:b6:e0:35:7d:e5:
bd:e2:70:c3:e5:4c:b6:7e:1c:39:60:25:60:f6:03:
a4:6d:bf:30:fc:e1:37:d6:cb:fb:97:a9:7a:45:da:
fe:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.129.0/24
IPv6:
2a05:3700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
198287
Signature Algorithm: sha256WithRSAEncryption
61:0c:b6:95:54:9d:fe:a2:1c:bd:89:72:ef:bb:6a:82:ff:27:
d8:5d:97:b0:24:fc:ea:40:40:1e:a8:45:86:96:d6:5e:c3:c7:
01:e2:28:b3:86:d5:e3:00:b9:81:78:15:4f:d3:05:59:bc:e5:
46:37:f7:93:be:2d:9f:24:fb:c5:93:de:c9:32:8d:ac:09:ce:
e2:e6:f6:e8:92:60:1e:b8:4d:e5:49:71:f3:1f:d5:67:95:a2:
38:90:38:23:fb:95:be:e0:32:d2:78:c0:e1:2b:70:02:4e:36:
0a:1b:aa:d0:be:68:dd:51:5d:36:ba:8d:ca:f8:82:0d:d7:c5:
0d:ab:43:c9:ce:9e:db:46:c1:56:fb:f3:ea:04:7b:b1:f2:fe:
a0:9c:62:a8:2b:f4:7b:0c:10:38:51:ac:fa:5e:f3:a4:55:5d:
03:12:08:cd:41:1f:ee:7f:d7:8d:53:5c:38:9d:33:e3:dd:01:
ff:74:1f:26:57:39:c2:71:f2:e8:92:ad:fa:a9:66:f1:c6:8a:
24:7d:77:b8:22:d0:73:16:77:99:fa:63:45:dc:5b:cf:d2:20:
c6:7a:78:db:be:b1:f7:06:bd:7f:45:cb:70:78:b4:20:93:4d:
fe:d2:3f:58:5b:b9:cd:21:f8:3b:f3:31:0f:f3:7d:9b:60:1b:
5d:53:a9:a5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2vBaSTASjjQh/pWMlK7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UxY2VkZmUwODI2ZjBmOTc3NWJkZmE4ZTk0MjUzMDBiZGU5ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4t3xahh5S8dxC7K1/p5QiJX6Avu
iMoewQkXqrY/nLqc3s7hflCE3uGROb3X2iMRTIVdmGMvSEWaeszlaWQ33UR54voj
kuJlyFQImmmGFTDT3yR2h474kHiFmRlhywgORB+Uv8DyBxsVAtBj15pwrqCyOOzN
R/f92RfB3JicyKaeSzBW9h6MMNhRR6gVr7yizE443Ffqp0P4Sa0ACdqUOFlxUOkS
9LxbgpcSJYcZEWDykP9SFfJzHo8UGLTDjS2GU4S7OvC3FDOUjm/0D6kmFOz9N1b6
+3g7fxettuA1feW94nDD5Uy2fhw5YCVg9gOkbb8w/OE31sv7l6l6Rdr+XwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IzLzE5ZmE0
YS1mNDFkLTRiYWYtYjllYS1lYzliNzU1MjEyOTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvMTlmYTRh
LWY0MWQtNGJhZi1iOWVhLWVjOWI3NTUyMTI5Ny8xL1otSE8zLUNDYnctWGRiMzZq
cFFsTUF2ZW54TS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwn6BMA0EAgACMAcDBQMqBTcAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMGjzANBgkqhkiG9w0BAQsFAAOCAQEAYQy2lVSd/qIc
vYly77tqgv8n2F2XsCT86kBAHqhFhpbWXsPHAeIos4bV4wC5gXgVT9MFWbzlRjf3
k74tnyT7xZPeyTKNrAnO4ub26JJgHrhN5Ulx8x/VZ5WiOJA4I/uVvuAy0njA4Stw
Ak42Chuq0L5o3VFdNrqNyviCDdfFDatDyc6e20bBVvvz6gR7sfL+oJxiqCv0ewwQ
OFGs+l7zpFVdAxIIzUEf7n/XjVNcOJ0z490B/3QfJlc5wnHy6JKt+qlm8caKJH13
uCLQcxZ3mfpjRdxbz9Igxnp4276x9wa9f0XLcHi0IJNN/tI/WFu5zSH4O/MxD/N9
m2AbXVOppQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:52:06 2024 by rpki-client on console-ams.rpki-client.org