Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_TrysG9KUBbg5avtGD9GXbFfQdU.cer
File: _TrysG9KUBbg5avtGD9GXbFfQdU.cer (raw, json)
Hash identifier: WtDqCGi6Y2x1iiIuD/ttaBvOhhDMVRiQUczb4QeLcS8=
Subject key identifier: FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC725A1CFF7F2F1828EBDA68404C87F15
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:29:41 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.145.160.0/22
IP: 2a07:4880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a1:cf:f7:f2:f1:82:8e:bd:a6:84:04:c8:7f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd3af2b06f4a5016e0e5abed183f465db15f41d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d1:e4:c3:e1:31:a1:ae:38:71:ca:8d:f4:35:
c2:0f:2d:b1:b2:e9:80:0f:2c:0e:9b:5e:b5:65:e4:
54:93:8d:9e:e9:a1:8a:c4:1f:4c:88:4d:65:9f:71:
e9:e4:e7:7c:65:eb:41:d3:49:aa:95:39:6e:98:15:
ea:ba:38:63:b1:04:7e:58:fc:95:93:bb:ac:c5:ba:
2b:fa:f9:42:e1:74:6f:72:2f:64:46:cd:04:0f:3a:
47:c5:46:9e:73:46:59:6d:62:f3:d5:e0:92:81:7b:
8b:7c:6b:3c:d0:3a:90:71:5f:0d:6e:57:7e:9d:cf:
f1:fe:7d:f4:42:23:26:55:e6:68:1a:e5:df:ed:06:
5f:36:38:8b:d1:40:36:e8:e6:40:b8:84:aa:6f:4b:
16:15:13:08:3e:9c:ab:be:fb:2e:68:cc:95:8e:fc:
b8:ea:8d:fc:b7:36:2e:4a:cb:30:95:85:e2:eb:9f:
50:de:be:29:61:f3:48:51:7b:04:b8:df:91:9b:44:
57:c5:ff:0d:8c:e9:ff:65:3c:ae:05:f7:ee:d6:86:
27:30:69:b5:91:37:6d:48:9e:09:f7:62:8f:15:63:
f5:e0:d3:bb:22:94:ca:0f:c4:37:4a:5a:2d:0d:88:
1c:30:14:d2:ba:74:f9:9b:d2:9c:60:13:7e:c6:8f:
96:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3A:F2:B0:6F:4A:50:16:E0:E5:AB:ED:18:3F:46:5D:B1:5F:41:D5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/92262e-2276-4a88-a733-049bd7b1e119/1/_TrysG9KUBbg5avtGD9GXbFfQdU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.160.0/22
IPv6:
2a07:4880::/29
Signature Algorithm: sha256WithRSAEncryption
3a:b0:cb:f8:05:dd:55:0d:a0:4a:58:ab:23:e8:18:2f:28:bf:
9e:e2:ca:69:95:b0:e4:1f:d9:27:30:db:2e:60:a6:01:91:6c:
37:84:4a:bb:59:05:8f:e2:e0:16:fd:45:14:00:57:89:9d:12:
2d:a2:8c:22:7d:1e:16:b4:4b:9e:8c:9b:6e:bf:d8:07:19:98:
23:19:a8:23:35:b8:c6:e1:fb:49:3e:c8:8c:95:b7:1b:db:df:
4c:85:d1:02:99:2f:83:29:6c:af:11:e3:6d:c4:fe:f4:f8:95:
3f:0f:0e:38:4f:27:16:b7:77:e3:35:ee:34:6c:11:3a:97:a5:
18:84:25:05:bf:00:43:5b:cd:26:2d:00:ec:8c:78:d0:c6:9e:
1a:29:84:19:a8:c7:3a:25:ed:99:4c:96:5a:ba:9c:43:73:bb:
fa:5e:76:dc:3f:41:08:80:6b:d7:c9:d6:14:f8:2a:fc:94:33:
70:1f:f9:b8:19:5c:a7:ee:12:06:6a:f2:dc:17:c2:48:42:60:
98:0f:39:62:21:26:b9:7e:2a:e4:34:d5:78:03:95:08:43:15:
34:4e:23:da:c0:dc:73:6c:47:7c:17:fd:6c:67:9d:6c:c6:16:
6b:f5:e8:27:07:1d:d2:bf:3b:8a:bb:7b:b7:4f:35:77:88:c8:
cd:1b:2f:d0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzHJaHP9/Lxgo69poQEyH8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNhZjJiMDZmNGE1MDE2ZTBlNWFiZWQxODNmNDY1ZGIxNWY0MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNHkw+Exoa44ccqN9DXCDy2xsumA
DywOm161ZeRUk42e6aGKxB9MiE1ln3Hp5Od8ZetB00mqlTlumBXqujhjsQR+WPyV
k7usxbor+vlC4XRvci9kRs0EDzpHxUaec0ZZbWLz1eCSgXuLfGs80DqQcV8Nbld+
nc/x/n30QiMmVeZoGuXf7QZfNjiL0UA26OZAuISqb0sWFRMIPpyrvvsuaMyVjvy4
6o38tzYuSsswlYXi659Q3r4pYfNIUXsEuN+Rm0RXxf8NjOn/ZTyuBffu1oYnMGm1
kTdtSJ4J92KPFWP14NO7IpTKD8Q3SlotDYgcMBTSunT5m9KcYBN+xo+WswIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFP068rBvSlAW4OWr7Rg/Rl2xX0HVMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzkyMjYy
ZS0yMjc2LTRhODgtYTczMy0wNDliZDdiMWUxMTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvOTIyNjJl
LTIyNzYtNGE4OC1hNzMzLTA0OWJkN2IxZTExOS8xL19UcnlzRzlLVUJiZzVhdnRH
RDlHWGJGZlFkVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZGgMA0EAgACMAcDBQMqB0iAMA0GCSqGSIb3
DQEBCwUAA4IBAQA6sMv4Bd1VDaBKWKsj6BgvKL+e4spplbDkH9knMNsuYKYBkWw3
hEq7WQWP4uAW/UUUAFeJnRItoowifR4WtEuejJtuv9gHGZgjGagjNbjG4ftJPsiM
lbcb299MhdECmS+DKWyvEeNtxP70+JU/Dw44TycWt3fjNe40bBE6l6UYhCUFvwBD
W80mLQDsjHjQxp4aKYQZqMc6Je2ZTJZaupxDc7v6XnbcP0EIgGvXydYU+Cr8lDNw
H/m4GVyn7hIGavLcF8JIQmCYDzliISa5firkNNV4A5UIQxU0TiPawNxzbEd8F/1s
Z51sxhZr9egnBx3SvzuKu3u3TzV3iMjNGy/Q
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:08 2024 by rpki-client on console-fra.rpki-client.org