Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/_xukAAfM3NCTDxor3EsC4plFdno.cer
File: _xukAAfM3NCTDxor3EsC4plFdno.cer (raw, json)
Hash identifier: mR4Q773whcTi5Gz7LELwvxa5c7kcCOm1RQnw0mCn5yk=
Subject key identifier: FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC64B7CA15D4BA5A6287957EB81578186
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:31:25 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.104.136.0/22
IP: 217.65.132.0/22
IP: 2a10:97c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7c:a1:5d:4b:a5:a6:28:79:57:eb:81:57:81:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff1ba40007ccdcd0930f1a2bdc4b02e29945767a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:1c:46:d0:c4:3f:31:93:a4:89:09:e3:d0:
77:e1:47:63:14:66:b7:3e:9d:90:a9:0a:e2:19:de:
7a:43:f5:00:ad:99:64:bb:57:e6:87:35:5c:f2:35:
5c:04:29:41:81:4c:03:3f:f1:80:c9:6c:f7:30:59:
c8:9a:0e:be:08:91:18:e1:b3:10:94:dd:33:73:2e:
bf:3c:bb:2a:be:78:ff:4d:9c:a3:7e:0a:0a:ed:01:
94:57:33:81:87:75:da:af:48:e6:bf:e3:e5:5f:e5:
3e:47:6d:a1:6b:7a:a8:92:8d:73:da:d4:72:ef:9b:
1c:b7:94:19:72:19:4b:e4:ac:4b:5b:29:01:bb:a5:
83:c3:82:ea:5e:7b:6f:af:e8:74:1c:6d:d8:90:47:
3b:dc:22:46:95:0d:d0:bd:0d:a4:9b:11:02:02:14:
5a:b8:9f:59:12:f5:16:68:16:88:5c:dc:f2:1d:59:
03:68:4e:0e:56:ba:c4:37:08:25:48:4b:ea:8c:34:
74:56:14:b1:d1:14:cf:88:19:b4:41:cf:a1:41:8f:
06:77:da:b9:4f:43:21:9a:95:e3:53:b4:aa:25:61:
85:d2:8c:38:79:d6:3a:28:e8:a7:60:c0:0f:9d:6f:
77:f7:09:47:86:83:73:86:43:e2:ce:e5:7c:0e:2d:
f5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1B:A4:00:07:CC:DC:D0:93:0F:1A:2B:DC:4B:02:E2:99:45:76:7A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/060720-7320-49b5-89ab-8d2a653ba999/1/_xukAAfM3NCTDxor3EsC4plFdno.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.136.0/22
217.65.132.0/22
IPv6:
2a10:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
33:1b:35:0a:e2:36:28:cb:e1:11:e8:84:6d:e2:56:4c:56:d1:
e6:d4:ed:b5:5b:b4:79:b2:82:16:ca:2d:1c:a6:c5:89:4b:19:
98:e7:6a:ed:80:28:d9:31:63:45:d2:9c:53:6e:40:79:17:30:
10:92:8a:3f:74:38:05:2d:b9:3c:b7:d8:07:55:29:26:2d:5c:
2a:8a:b9:2f:3a:48:db:f5:27:b5:bd:ef:fa:a0:95:b9:86:c3:
1e:d5:b6:70:95:d7:14:a1:f0:66:d0:62:69:28:2e:70:a1:50:
77:42:3d:7f:a1:4b:bd:62:da:93:fc:85:26:bc:04:88:3e:8f:
aa:78:b5:6e:e3:6a:1c:af:5d:a7:23:76:d8:45:81:52:91:b2:
7b:6c:08:10:03:6e:5d:eb:da:3b:bd:a3:43:f0:02:34:1a:54:
67:80:15:f8:a1:f2:88:65:31:c4:89:2c:a8:66:6d:72:19:a4:
3c:2f:cf:54:09:60:06:70:17:fe:0d:0f:69:9b:c4:45:34:c1:
dd:68:84:e0:ec:74:cc:ad:c9:4b:c1:1e:62:a3:88:bf:d3:96:
fa:58:13:7b:59:c8:51:fe:67:1c:b9:2d:24:10:e5:2a:15:a4:
cb:fe:c3:1f:b0:54:3f:c3:de:77:a0:51:88:38:27:b0:ac:ee:
99:ce:30:58
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzGS3yhXUulpih5V+uBV4GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFiYTQwMDA3Y2NkY2QwOTMwZjFhMmJkYzRiMDJlMjk5NDU3NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAscRtDEPzGTpIkJ49B34UdjFGa3
Pp2QqQriGd56Q/UArZlku1fmhzVc8jVcBClBgUwDP/GAyWz3MFnImg6+CJEY4bMQ
lN0zcy6/PLsqvnj/TZyjfgoK7QGUVzOBh3Xar0jmv+PlX+U+R22ha3qoko1z2tRy
75sct5QZchlL5KxLWykBu6WDw4LqXntvr+h0HG3YkEc73CJGlQ3QvQ2kmxECAhRa
uJ9ZEvUWaBaIXNzyHVkDaE4OVrrENwglSEvqjDR0VhSx0RTPiBm0Qc+hQY8Gd9q5
T0MhmpXjU7SqJWGF0ow4edY6KOinYMAPnW939wlHhoNzhkPizuV8Di310wIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFP8bpAAHzNzQkw8aK9xLAuKZRXZ6MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzA2MDcy
MC03MzIwLTQ5YjUtODlhYi04ZDJhNjUzYmE5OTkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvMDYwNzIw
LTczMjAtNDliNS04OWFiLThkMmE2NTNiYTk5OS8xL194dWtBQWZNM05DVER4b3Iz
RXNDNHBsRmRuby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuWiIAwQC2UGEMA0EAgACMAcDBQMqEJfAMA0G
CSqGSIb3DQEBCwUAA4IBAQAzGzUK4jYoy+ER6IRt4lZMVtHm1O21W7R5soIWyi0c
psWJSxmY52rtgCjZMWNF0pxTbkB5FzAQkoo/dDgFLbk8t9gHVSkmLVwqirkvOkjb
9Se1ve/6oJW5hsMe1bZwldcUofBm0GJpKC5woVB3Qj1/oUu9YtqT/IUmvASIPo+q
eLVu42ocr12nI3bYRYFSkbJ7bAgQA25d69o7vaND8AI0GlRngBX4ofKIZTHEiSyo
Zm1yGaQ8L89UCWAGcBf+DQ9pm8RFNMHdaITg7HTMrclLwR5io4i/05b6WBN7WchR
/mccuS0kEOUqFaTL/sMfsFQ/w953oFGIOCewrO6ZzjBY
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:21:15 2024 by rpki-client on console-fra.rpki-client.org