Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Z39mPNqlmWhoAZsF0Qm6rTVYvjo.cer
File: Z39mPNqlmWhoAZsF0Qm6rTVYvjo.cer (raw, json)
Hash identifier: luwpFCaMBk8JQ0shad0fsqitzpW1Y16vOdGL7qdX65g=
Subject key identifier: 67:7F:66:3C:DA:A5:99:68:68:01:9B:05:D1:09:BA:AD:35:58:BE:3A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018D36CD65E7923243A5EC525B2D24E57C30
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/677F663CDAA5996868019B05D109BAAD3558BE3A.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Tue 23 Jan 2024 14:50:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 200454
AS: 203619
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:cd:65:e7:92:32:43:a5:ec:52:5b:2d:24:e5:7c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 23 14:50:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=677f663cdaa5996868019b05d109baad3558be3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ec:12:72:61:14:a9:6d:d2:b2:ee:51:7c:eb:
13:a6:e8:a0:76:e0:4c:b9:c1:fa:a4:bc:24:84:f4:
e8:eb:8d:6a:d4:8c:18:3c:e7:98:d0:4d:5f:50:c2:
4b:e9:50:2b:4c:5a:ba:a7:78:af:54:73:08:15:15:
3d:78:6b:12:a1:25:79:85:37:23:fc:c0:39:fc:3e:
3e:3e:0a:15:69:78:1a:f4:46:10:a8:8a:5f:eb:ef:
c4:7f:76:07:44:4d:24:cc:7b:9b:28:41:f4:c2:53:
94:fd:7f:24:55:fe:2c:3f:df:6f:eb:9f:b1:01:a9:
5e:4b:fa:b3:c9:ee:f8:af:df:16:af:6c:d3:c1:7f:
8f:93:ae:c2:56:35:51:f2:49:5e:39:8f:21:6d:b5:
15:49:de:1d:e5:8a:f9:92:16:bb:82:78:5c:81:9b:
16:9d:9a:0e:80:92:b1:d9:0b:75:b9:37:ca:56:a6:
22:0a:19:1a:95:ce:b9:ca:11:92:60:66:bc:47:96:
bc:7d:75:28:bf:d7:f8:47:6f:64:cb:4d:db:9f:a5:
61:4c:04:19:b5:57:01:74:ac:61:cf:b9:2e:e8:98:
4b:7f:31:5b:2e:bd:7b:cf:48:96:1e:3e:55:5c:30:
a3:2a:9e:f6:7c:bc:00:1d:fe:d8:17:4b:16:b1:a6:
a1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7F:66:3C:DA:A5:99:68:68:01:9B:05:D1:09:BA:AD:35:58:BE:3A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/0229bc11-dc0c-4ee5-838d-077696223e74/0/677F663CDAA5996868019B05D109BAAD3558BE3A.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200454
203619
Signature Algorithm: sha256WithRSAEncryption
10:7f:eb:77:28:be:6c:81:62:35:4b:74:63:94:34:a2:a9:63:
40:d9:20:7d:86:f5:88:8a:40:94:85:00:fb:cc:09:40:f0:fb:
df:be:81:78:20:b8:33:9b:47:45:b0:dd:2a:ce:cc:4a:a8:a1:
1b:34:e7:ba:ba:8f:0e:68:e4:99:be:d1:ee:4f:69:d1:b7:37:
6a:e1:67:0f:e7:99:d9:7a:be:b2:b1:fd:18:56:ff:68:01:6a:
e4:05:e1:37:fa:81:ac:6c:86:d2:ad:0f:a5:33:52:00:8d:fc:
ac:d4:f9:83:a2:62:ee:e2:be:86:b9:a7:24:59:50:67:46:f3:
10:5f:9e:05:66:f2:0a:12:00:17:33:5f:24:db:bc:05:de:4d:
93:6b:5d:e2:57:31:77:d4:cf:f2:ec:97:48:c2:a3:74:17:1d:
eb:28:12:53:64:d8:24:35:b7:c5:f3:8a:d6:00:1a:1c:9e:a2:
87:39:e6:4f:e0:59:86:63:73:a0:cf:89:d5:f0:11:d9:29:02:
29:23:9e:e9:2f:96:bf:e3:cb:76:04:ea:4a:73:48:6e:50:ed:
11:a0:d7:d2:94:54:ab:7a:f2:31:97:59:9c:b0:2d:b6:19:6b:
31:28:a8:2f:87:08:0b:2e:7f:f6:1a:66:24:9d:db:ae:07:1b:
ce:5a:e7:5a
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY02zWXnkjJDpexSWy0k5XwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTIzMTQ1MDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdmNjYzY2RhYTU5OTY4NjgwMTliMDVkMTA5YmFhZDM1NThiZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OwScmEUqW3Ssu5RfOsTpuigduBM
ucH6pLwkhPTo641q1IwYPOeY0E1fUMJL6VArTFq6p3ivVHMIFRU9eGsSoSV5hTcj
/MA5/D4+PgoVaXga9EYQqIpf6+/Ef3YHRE0kzHubKEH0wlOU/X8kVf4sP99v65+x
AaleS/qzye74r98Wr2zTwX+Pk67CVjVR8kleOY8hbbUVSd4d5Yr5kha7gnhcgZsW
nZoOgJKx2Qt1uTfKVqYiChkalc65yhGSYGa8R5a8fXUov9f4R29ky03bn6VhTAQZ
tVcBdKxhz7ku6JhLfzFbLr17z0iWHj5VXDCjKp72fLwAHf7YF0sWsaahFQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFGd/ZjzapZloaAGbBdEJuq01WL46MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzAyMjli
YzExLWRjMGMtNGVlNS04MzhkLTA3NzY5NjIyM2U3NC8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDIy
OWJjMTEtZGMwYy00ZWU1LTgzOGQtMDc3Njk2MjIzZTc0LzAvNjc3RjY2M0NEQUE1
OTk2ODY4MDE5QjA1RDEwOUJBQUQzNTU4QkUzQS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBCAEB/wQQMA6gDDAKAgMDDwYC
AwMbYzANBgkqhkiG9w0BAQsFAAOCAQEAEH/rdyi+bIFiNUt0Y5Q0oqljQNkgfYb1
iIpAlIUA+8wJQPD7376BeCC4M5tHRbDdKs7MSqihGzTnurqPDmjkmb7R7k9p0bc3
auFnD+eZ2Xq+srH9GFb/aAFq5AXhN/qBrGyG0q0PpTNSAI38rNT5g6Ji7uK+hrmn
JFlQZ0bzEF+eBWbyChIAFzNfJNu8Bd5Nk2td4lcxd9TP8uyXSMKjdBcd6ygSU2TY
JDW3xfOK1gAaHJ6ihznmT+BZhmNzoM+J1fAR2SkCKSOe6S+Wv+PLdgTqSnNIblDt
EaDX0pRUq3ryMZdZnLAtthlrMSioL4cICy5/9hpmJJ3brgcbzlrnWg==
-----END CERTIFICATE-----
Generated at Fri May 3 03:05:59 2024 by rpki-client on console-fra.rpki-client.org