Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
File: _OTzlnKb9HjmNlSYIfb2lw2JP1I.cer (raw, json)
Hash identifier: YAp9u8jm4d0j45HTUsG6Az3oZiOt4mfAwuEjB7kX+LQ=
Subject key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DD57BC2F5F9C85266DD395B251D1E5671
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 Feb 2024 10:21:14 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47648
IP: 152.89.188.0/22
IP: 185.239.196.0/22
IP: 195.68.248.0/23
IP: 195.68.254.0/23
IP: 2a0c:6180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:7b:c2:f5:f9:c8:52:66:dd:39:5b:25:1d:1e:56:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 23 10:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fce4f396729bf478e636549821f6f6970d893f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d5:f4:51:d1:3d:b8:f8:97:63:b2:db:0f:b8:
eb:26:47:c9:b3:e5:5d:ab:15:9e:3d:73:77:f3:24:
9d:0b:ca:ac:71:0f:cb:ef:27:56:ac:61:c1:ca:dd:
c1:c4:54:c5:08:03:fd:72:c6:53:a1:1c:84:40:e2:
68:58:c2:bd:19:70:e2:8b:76:96:5c:32:43:0a:f9:
70:4b:48:cc:db:63:83:3d:8a:88:95:eb:9d:e3:0d:
f0:3f:1a:fd:d1:bf:93:1c:63:3a:32:6f:eb:3d:84:
93:75:b1:ee:7f:93:dd:d3:b0:1f:49:1c:c1:0a:10:
51:30:a3:2e:79:ac:a8:1e:0a:ec:21:a8:11:ec:05:
f4:9c:34:21:da:4b:c2:bb:c5:d0:5d:de:49:bd:0a:
e2:53:b4:a4:c1:c7:8b:76:77:10:47:98:b2:79:45:
ad:e9:bc:10:9a:47:10:0d:25:ef:51:d9:07:0b:d3:
5f:ff:0b:4e:0d:e9:9e:7a:1e:48:91:29:b1:41:d5:
7b:45:7c:0e:27:5a:0a:5c:0e:86:66:9e:d5:3b:36:
50:53:8e:17:3b:5a:b7:bc:83:80:e8:63:3d:32:8f:
b7:cf:3b:92:5e:14:bf:ae:31:77:21:9e:c8:f7:54:
80:b3:9a:22:5f:b1:c3:78:07:32:8c:53:4e:7f:80:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
195.68.248.0/23
195.68.254.0/23
IPv6:
2a0c:6180::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47648
Signature Algorithm: sha256WithRSAEncryption
a3:ea:e3:1e:ab:4f:66:c8:b8:0a:42:2c:be:59:95:c4:11:c2:
03:10:9b:7a:bd:11:88:c8:1b:e3:4a:9e:a8:15:40:50:08:30:
10:be:73:03:47:f2:7d:44:7c:dd:d2:72:a1:c7:f5:99:bd:1d:
b1:af:dd:e6:4e:f9:de:e8:bd:b0:60:39:18:b8:29:53:b3:af:
31:f0:5e:04:56:ae:bf:b9:bb:c6:e8:4f:fd:4e:d7:d1:72:3c:
65:d0:34:6a:8b:0f:3e:a3:1f:f4:f5:47:22:f6:5f:d3:2b:05:
40:6c:1d:a5:02:2c:ee:77:73:fc:4d:3e:40:e3:ef:c7:e2:0e:
7f:c0:96:bc:bb:65:7e:48:59:e7:b5:05:97:6d:51:d7:b6:cd:
ed:bb:3d:71:0b:6c:e4:f3:a2:2e:6d:7d:33:ee:04:da:b2:6e:
52:7a:59:22:53:70:27:e1:ec:64:11:13:5a:07:4d:0c:ec:59:
8a:64:dd:19:0f:90:8a:7b:78:02:6d:35:80:59:e9:1d:88:bc:
ce:bc:62:bf:be:c9:0d:63:14:d7:f1:ef:4e:f5:36:aa:25:44:
94:60:9f:59:55:f8:8f:44:99:07:d2:55:c8:79:93:81:eb:a1:
57:80:db:a0:d6:7d:30:44:15:d8:b3:b6:42:76:46:dd:83:96:
84:c3:89:42
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY3Ve8L1+chSZt05WyUdHlZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjIzMTAyMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2U0ZjM5NjcyOWJmNDc4ZTYzNjU0OTgyMWY2ZjY5NzBkODkzZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NX0UdE9uPiXY7LbD7jrJkfJs+Vd
qxWePXN38ySdC8qscQ/L7ydWrGHByt3BxFTFCAP9csZToRyEQOJoWMK9GXDii3aW
XDJDCvlwS0jM22ODPYqIleud4w3wPxr90b+THGM6Mm/rPYSTdbHuf5Pd07AfSRzB
ChBRMKMueayoHgrsIagR7AX0nDQh2kvCu8XQXd5JvQriU7SkwceLdncQR5iyeUWt
6bwQmkcQDSXvUdkHC9Nf/wtODemeeh5IkSmxQdV7RXwOJ1oKXA6GZp7VOzZQU44X
O1q3vIOA6GM9Mo+3zzuSXhS/rjF3IZ7I91SAs5oiX7HDeAcyjFNOf4AceQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFPzk85Zym/R45jZUmCH29pcNiT9SMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYzLzM2Mjc1
ZS02NzU5LTRkNTItYjJkMS04YzcwZGU5ZTliOWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMvMzYyNzVl
LTY3NTktNGQ1Mi1iMmQxLThjNzBkZTllOWI5ZC8xL19PVHpsbktiOUhqbU5sU1lJ
ZmIybHcySlAxSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQCmFm8AwQCue/EAwQBw0T4AwQBw0T+MA0EAgAC
MAcDBQMqDGGAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC6IDANBgkqhkiG9w0B
AQsFAAOCAQEAo+rjHqtPZsi4CkIsvlmVxBHCAxCber0RiMgb40qeqBVAUAgwEL5z
A0fyfUR83dJyocf1mb0dsa/d5k753ui9sGA5GLgpU7OvMfBeBFauv7m7xuhP/U7X
0XI8ZdA0aosPPqMf9PVHIvZf0ysFQGwdpQIs7ndz/E0+QOPvx+IOf8CWvLtlfkhZ
57UFl21R17bN7bs9cQts5POiLm19M+4E2rJuUnpZIlNwJ+HsZBETWgdNDOxZimTd
GQ+Qint4Am01gFnpHYi8zrxiv77JDWMU1/HvTvU2qiVElGCfWVX4j0SZB9JVyHmT
geuhV4DboNZ9MEQV2LO2QnZG3YOWhMOJQg==
-----END CERTIFICATE-----
Generated at Fri May 3 07:42:44 2024 by rpki-client on console-fra.rpki-client.org