Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
File: ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer (raw, json)
Hash identifier: /dd4+auQA4ZzECMbmunzwd3D1gDUvrBqDo01XwV9xSU=
Subject key identifier: 66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC94DC61A9A57C0BDA6A1A6F9DBCEC971
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 08:32:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.145.72.0/22
IP: 213.232.108.0/22
IP: 2a09:5180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c6:1a:9a:57:c0:bd:a6:a1:a6:f9:db:ce:c9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66259dea3e9cae6e819588c5c913f02d4410398b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:29:d5:dd:2a:a3:b7:c7:66:b9:55:8b:b3:5c:
e1:39:7b:3c:82:cd:81:4a:33:fe:af:d4:7a:6e:68:
36:d3:02:56:54:f3:b6:a1:2d:f1:5f:cc:a2:a4:c1:
b2:6b:ab:9c:82:3a:b5:52:ef:6e:9b:d1:73:81:35:
a7:30:8e:83:f6:ce:1f:43:5c:5b:51:50:6e:e0:92:
67:da:0e:ef:2e:95:6b:13:4b:df:08:70:a7:07:b9:
83:8f:4a:94:f4:2a:bd:fa:af:94:08:aa:9e:5b:d9:
cf:2a:e8:97:d1:f6:44:32:b7:0e:62:6c:04:68:66:
57:b1:34:1b:9b:98:52:55:c4:67:8a:b1:d1:31:5a:
e9:18:de:a0:db:28:da:60:ab:41:d5:97:6b:6a:68:
db:1a:c2:81:e4:64:03:0f:2d:85:ff:df:71:74:1d:
6f:46:fa:4d:41:64:a0:ae:4b:89:c4:b6:78:e7:4d:
7a:36:d1:52:88:ce:b5:bd:2e:27:e0:4a:01:8f:cb:
82:bb:05:2d:50:c2:b6:ba:3e:cf:18:28:b8:85:a5:
9f:bb:f4:df:40:d4:8b:aa:29:11:72:04:ed:dd:95:
63:86:fe:29:c6:de:3a:3c:db:52:a4:0c:d3:eb:4a:
7f:7c:e2:96:23:19:a7:ec:d1:d4:3d:b9:0a:08:55:
0d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.72.0/22
213.232.108.0/22
IPv6:
2a09:5180::/29
Signature Algorithm: sha256WithRSAEncryption
20:06:57:f5:bf:71:42:6e:d5:a9:d2:3e:da:35:86:5e:1b:63:
df:22:8c:a6:15:10:6b:0a:57:61:70:03:84:fb:e4:c2:88:0b:
0a:1f:29:6c:8e:98:fb:48:55:d1:b5:aa:59:e3:72:cb:3c:8f:
7c:ab:e4:37:3d:c8:9f:95:37:83:cd:3b:82:65:f6:33:08:62:
9b:cc:28:6d:8e:8d:6d:e5:a2:9a:ec:f8:97:e7:1a:d2:77:21:
12:91:85:94:82:34:01:52:a9:eb:89:77:68:09:35:fe:24:62:
40:bd:28:43:70:53:0c:86:39:b5:31:ee:30:69:33:ef:41:69:
42:45:0d:38:b5:17:41:99:41:b3:bb:6a:f1:21:7a:97:62:dd:
44:94:12:07:25:25:e4:6a:92:5f:54:92:9c:1a:b9:2b:21:3a:
ca:28:05:01:1d:74:5f:89:a1:08:ad:51:2b:41:48:80:51:07:
79:de:e0:d0:fa:b8:9a:46:a8:96:63:50:6c:05:d8:9d:1f:1e:
8d:bf:f9:c6:55:18:66:c2:fd:ad:d3:2d:a2:29:90:bc:71:3a:
ef:73:63:ac:8f:46:66:e4:71:6a:f0:06:22:e7:6c:70:ec:80:
df:4f:af:28:0b:27:0d:14:5d:5f:ad:61:cc:20:7d:5f:77:4c:
26:03:9f:21
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzJTcYamlfAvaahpvnbzslxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI1OWRlYTNlOWNhZTZlODE5NTg4YzVjOTEzZjAyZDQ0MTAzOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqynV3Sqjt8dmuVWLs1zhOXs8gs2B
SjP+r9R6bmg20wJWVPO2oS3xX8yipMGya6ucgjq1Uu9um9FzgTWnMI6D9s4fQ1xb
UVBu4JJn2g7vLpVrE0vfCHCnB7mDj0qU9Cq9+q+UCKqeW9nPKuiX0fZEMrcOYmwE
aGZXsTQbm5hSVcRnirHRMVrpGN6g2yjaYKtB1ZdramjbGsKB5GQDDy2F/99xdB1v
RvpNQWSgrkuJxLZ45016NtFSiM61vS4n4EoBj8uCuwUtUMK2uj7PGCi4haWfu/Tf
QNSLqikRcgTt3ZVjhv4pxt46PNtSpAzT60p/fOKWIxmn7NHUPbkKCFUNnQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFGYlneo+nK5ugZWIxckT8C1EEDmLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzBiMzI0
OS1mZDQ5LTQ1NjctYjM2ZC1jYmJlMzI0MmMyYmQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvMGIzMjQ5
LWZkNDktNDU2Ny1iMzZkLWNiYmUzMjQyYzJiZC8xL1ppV2Q2ajZjcm02QmxZakZ5
UlB3TFVRUU9Zcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuZFIAwQC1ehsMA0EAgACMAcDBQMqCVGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAgBlf1v3FCbtWp0j7aNYZeG2PfIoymFRBrCldhcAOE
++TCiAsKHylsjpj7SFXRtapZ43LLPI98q+Q3PciflTeDzTuCZfYzCGKbzChtjo1t
5aKa7PiX5xrSdyESkYWUgjQBUqnriXdoCTX+JGJAvShDcFMMhjm1Me4waTPvQWlC
RQ04tRdBmUGzu2rxIXqXYt1ElBIHJSXkapJfVJKcGrkrITrKKAUBHXRfiaEIrVEr
QUiAUQd53uDQ+riaRqiWY1BsBdidHx6Nv/nGVRhmwv2t0y2iKZC8cTrvc2Osj0Zm
5HFq8AYi52xw7IDfT68oCycNFF1frWHMIH1fd0wmA58h
-----END CERTIFICATE-----
Generated at Fri May 3 03:06:39 2024 by rpki-client on console-fra.rpki-client.org