Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_X0csRSU6ziY8Q09Y1vnXxay3FE.cer
File: _X0csRSU6ziY8Q09Y1vnXxay3FE.cer (raw, json)
Hash identifier: 1ZH93eolHJ/7w4yldwyNrpmR10Lpfyw//n6xtSTgJWE=
Subject key identifier: FD:7D:1C:B1:14:94:EB:38:98:F1:0D:3D:63:5B:E7:5F:16:B2:DC:51
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01917E671A0AB5246A3C29AF7AC20E57CDE6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/_X0csRSU6ziY8Q09Y1vnXxay3FE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 Aug 2024 08:42:51 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 47708
IP: 134.25.0.0/16
IP: 2001:678:330::/48
IP: 2001:67c:d8::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:67:1a:0a:b5:24:6a:3c:29:af:7a:c2:0e:57:cd:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 23 08:42:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd7d1cb11494eb3898f10d3d635be75f16b2dc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f9:c4:35:0b:6a:e3:fe:e2:a0:c6:cc:93:1e:
5d:81:b7:90:27:8b:17:bc:94:8c:7b:4a:63:e3:70:
aa:36:b3:64:32:58:30:3f:fd:8b:91:87:aa:ed:0c:
9d:a4:94:93:56:c7:38:ff:7b:eb:a1:d7:ce:c6:b7:
63:8c:90:42:29:e5:56:3a:f8:97:b1:63:c4:8b:99:
ed:57:b8:86:62:ae:49:bd:4c:be:d0:6b:15:02:6e:
9a:87:29:1d:14:52:2a:c5:fc:63:45:fd:6a:f9:0e:
52:b4:af:1d:20:0a:d0:71:e3:7d:20:fe:b1:15:da:
a6:fa:5e:93:25:34:13:01:5a:ad:d9:65:03:6a:f1:
df:32:cc:6d:62:a1:dd:c8:17:fb:88:84:8d:b7:02:
fb:ba:dc:9c:d4:38:ac:b1:f0:3d:8c:ce:b4:28:8d:
cf:b7:4a:fa:3f:03:05:a9:88:df:c8:bd:3c:e0:76:
ff:75:d0:39:97:79:ff:49:b7:69:78:e5:30:b0:6c:
23:61:53:d1:b1:6c:e5:b9:69:99:4f:87:e8:70:4a:
a3:99:4a:9c:97:c0:77:cf:2a:74:60:b6:40:00:65:
2c:bf:61:8d:3d:4a:e9:26:d7:08:ec:c6:51:0e:c0:
8d:15:c1:a3:38:fe:02:34:76:9b:db:1c:b3:e9:39:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7D:1C:B1:14:94:EB:38:98:F1:0D:3D:63:5B:E7:5F:16:B2:DC:51
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a6c152-37d3-4f86-8f6e-7659bf86ac4c/1/_X0csRSU6ziY8Q09Y1vnXxay3FE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.25.0.0/16
IPv6:
2001:678:330::/48
2001:67c:d8::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47708
Signature Algorithm: sha256WithRSAEncryption
30:52:1c:fb:a9:ee:6a:36:57:44:b6:26:5a:d8:08:f1:97:f7:
da:61:46:c2:d5:76:f2:0c:76:3b:05:64:27:41:f5:f8:bb:ae:
18:2e:71:68:69:5f:08:86:1c:cb:19:36:2d:80:07:25:9a:6a:
83:ed:15:88:b2:63:16:40:bf:7a:66:51:9e:be:91:eb:5b:74:
4a:f0:7e:56:df:40:62:b9:f3:dc:78:96:1f:4f:d4:e2:57:86:
22:5b:7d:28:fb:5d:5e:24:70:58:22:b6:39:49:8e:94:a4:84:
d7:b9:a0:55:d4:78:f1:bc:83:22:f6:8e:0c:b6:8a:25:4e:aa:
05:97:3a:29:e0:01:67:da:0f:8e:5d:db:7f:50:da:97:4c:c9:
5d:df:38:42:4e:c3:6c:5e:48:6c:5b:81:39:e9:05:46:98:19:
a3:00:8b:59:3b:dd:af:ab:05:38:01:5e:8f:3b:11:3b:d1:cc:
94:77:71:9e:13:da:80:59:23:a3:b7:87:b7:96:e5:bc:fe:11:
74:77:f7:c2:87:f7:fb:bf:ee:e2:91:b3:c2:9a:9a:d6:8f:5a:
f5:52:ab:e4:a8:60:5e:76:7a:d7:b2:8c:39:f6:16:80:59:5f:
af:fc:20:a0:0f:7e:d3:48:09:f6:7b:64:42:6e:71:d9:85:28:
34:0f:cd:f2
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZF+ZxoKtSRqPCmvesIOV83mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODIzMDg0MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdkMWNiMTE0OTRlYjM4OThmMTBkM2Q2MzViZTc1ZjE2YjJkYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/nENQtq4/7ioMbMkx5dgbeQJ4sX
vJSMe0pj43CqNrNkMlgwP/2LkYeq7QydpJSTVsc4/3vrodfOxrdjjJBCKeVWOviX
sWPEi5ntV7iGYq5JvUy+0GsVAm6ahykdFFIqxfxjRf1q+Q5StK8dIArQceN9IP6x
Fdqm+l6TJTQTAVqt2WUDavHfMsxtYqHdyBf7iISNtwL7utyc1DissfA9jM60KI3P
t0r6PwMFqYjfyL084Hb/ddA5l3n/SbdpeOUwsGwjYVPRsWzluWmZT4focEqjmUqc
l8B3zyp0YLZAAGUsv2GNPUrpJtcI7MZRDsCNFcGjOP4CNHab2xyz6TmgaQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFP19HLEUlOs4mPENPWNb518WstxRMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhjL2E2YzE1
Mi0zN2QzLTRmODYtOGY2ZS03NjU5YmY4NmFjNGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMvYTZjMTUy
LTM3ZDMtNGY4Ni04ZjZlLTc2NTliZjg2YWM0Yy8xL19YMGNzUlNVNnppWThRMDlZ
MXZuWHhheTNGRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDgGCCsGAQUF
BwEHAQH/BCkwJzALBAIAATAFAwMAhhkwGAQCAAIwEgMHACABBngDMAMHACABBnwA
2DAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAulwwDQYJKoZIhvcNAQELBQADggEB
ADBSHPup7mo2V0S2JlrYCPGX99phRsLVdvIMdjsFZCdB9fi7rhgucWhpXwiGHMsZ
Ni2AByWaaoPtFYiyYxZAv3pmUZ6+ketbdErwflbfQGK589x4lh9P1OJXhiJbfSj7
XV4kcFgitjlJjpSkhNe5oFXUePG8gyL2jgy2iiVOqgWXOingAWfaD45d239Q2pdM
yV3fOEJOw2xeSGxbgTnpBUaYGaMAi1k73a+rBTgBXo87ETvRzJR3cZ4T2oBZI6O3
h7eW5bz+EXR398KH9/u/7uKRs8KamtaPWvVSq+SoYF52eteyjDn2FoBZX6/8IKAP
ftNICfZ7ZEJucdmFKDQPzfI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:34:17 2024 by rpki-client on console-fra.rpki-client.org