Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4QIvvwC39bmGQhUh4WgCKS3TWc.cer
File: a4QIvvwC39bmGQhUh4WgCKS3TWc.cer (raw, json)
Hash identifier: AkVIfUEM5fvGew6CWNsMkPxvgatYmkV14ySm3aUffN0=
Subject key identifier: 6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7275C377C68CAC787CBFE4344EA2FC2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/a4QIvvwC39bmGQhUh4WgCKS3TWc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:34 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 44622
IP: 85.202.224.0/20
IP: 91.209.218.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5c:37:7c:68:ca:c7:87:cb:fe:43:44:ea:2f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8408befc02dfd6e61908548785a008a4b74d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:21:a4:ee:c9:df:42:2c:8d:20:12:8b:42:ef:
e0:74:80:1c:2b:02:29:db:d4:27:23:11:be:e5:8f:
91:36:44:11:5c:0d:96:94:d1:0d:30:fa:26:c2:c6:
45:c6:48:51:00:4a:b5:ba:f6:e4:7c:03:23:da:e2:
c6:57:ac:2f:37:e3:ce:a9:5b:21:d1:56:3a:75:b0:
3a:18:aa:a8:12:a0:fd:7c:29:f7:6f:a1:8e:4d:6f:
8c:66:da:2a:62:36:3d:cb:bd:97:4e:ee:0f:45:a2:
ae:57:10:57:1d:f0:34:60:2c:d5:fd:5d:90:1b:0c:
0f:8c:ca:95:d2:89:19:b4:69:2f:54:24:a5:db:c7:
b4:28:3b:5f:69:70:bd:02:93:3e:26:9e:6c:1e:0c:
5e:cd:4a:84:f0:f3:5a:7a:e9:f7:87:2c:af:70:5a:
90:bd:46:21:87:fe:07:b9:62:bf:07:cb:2a:73:f4:
b7:d3:62:43:6c:75:77:46:38:16:7c:5f:50:68:e3:
86:aa:a9:a5:96:25:a6:61:d5:ec:fc:3a:2c:4e:74:
bb:08:17:88:c1:d8:89:20:76:bd:cd:ec:88:2b:57:
be:c4:82:5f:ad:d3:a1:74:4b:61:77:fb:ca:84:a5:
4d:cc:82:c7:72:06:02:2e:6d:60:98:05:03:4c:0b:
a7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:08:BE:FC:02:DF:D6:E6:19:08:54:87:85:A0:08:A4:B7:4D:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e615e-3610-4520-9484-7a8baeef5ee4/1/a4QIvvwC39bmGQhUh4WgCKS3TWc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.224.0/20
91.209.218.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44622
Signature Algorithm: sha256WithRSAEncryption
40:76:12:48:a7:8b:de:c9:2c:c2:82:b4:45:04:6a:b1:2b:ff:
3e:ec:7f:b7:18:e5:f5:90:8d:c2:64:93:bc:b0:6c:0d:b1:e3:
6e:2b:1b:80:ff:02:37:f3:10:15:86:6c:ed:05:ea:39:92:2d:
84:05:b3:7a:43:b5:e3:bd:21:27:c6:d3:44:4d:a1:8c:0a:0b:
df:f8:30:da:f7:12:a4:7d:f4:0f:44:41:99:32:0c:00:4c:68:
82:12:97:ac:4f:c5:e3:c8:95:c6:0d:90:1d:9e:96:18:fd:be:
49:e2:61:d1:f8:be:fe:72:c0:9c:9a:7e:eb:b1:3c:f2:59:ae:
e2:47:52:89:0d:e4:f5:d6:b8:01:12:f9:07:38:86:a1:50:9d:
04:8f:b5:d5:cc:de:fc:b7:ad:8f:92:e0:de:1f:ee:94:0c:a8:
fe:94:30:85:60:13:2e:fb:5e:84:f5:77:3d:c9:92:af:76:28:
e1:ec:df:ba:b6:f4:db:e7:b5:ed:d5:b6:65:e2:72:d8:10:fc:
17:c8:e4:69:12:7d:f4:b0:98:2b:f4:9c:d6:80:91:22:c8:34:
5d:1e:56:c2:7e:93:74:90:1d:88:28:b5:bf:35:4a:24:dd:5f:
1d:93:8a:81:6b:b7:af:13:54:ad:46:9b:6e:1c:00:76:59:c7:
a2:c3:d7:c7
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzHJ1w3fGjKx4fL/kNE6i/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg0MDhiZWZjMDJkZmQ2ZTYxOTA4NTQ4Nzg1YTAwOGE0Yjc0ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SGk7snfQiyNIBKLQu/gdIAcKwIp
29QnIxG+5Y+RNkQRXA2WlNENMPomwsZFxkhRAEq1uvbkfAMj2uLGV6wvN+POqVsh
0VY6dbA6GKqoEqD9fCn3b6GOTW+MZtoqYjY9y72XTu4PRaKuVxBXHfA0YCzV/V2Q
GwwPjMqV0okZtGkvVCSl28e0KDtfaXC9ApM+Jp5sHgxezUqE8PNaeun3hyyvcFqQ
vUYhh/4HuWK/B8sqc/S302JDbHV3RjgWfF9QaOOGqqmlliWmYdXs/DosTnS7CBeI
wdiJIHa9zeyIK1e+xIJfrdOhdEthd/vKhKVNzILHcgYCLm1gmAUDTAuncwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFGuECL78At/W5hkIVIeFoAikt01nMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzllLzllNjE1
ZS0zNjEwLTQ1MjAtOTQ4NC03YThiYWVlZjVlZTQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUvOWU2MTVl
LTM2MTAtNDUyMC05NDg0LTdhOGJhZWVmNWVlNC8xL2E0UUl2dndDMzlibUdRaFVo
NFdnQ0tTM1RXYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQEVcrgAwQAW9HaMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCuTjANBgkqhkiG9w0BAQsFAAOCAQEAQHYSSKeL3skswoK0RQRqsSv/
Pux/txjl9ZCNwmSTvLBsDbHjbisbgP8CN/MQFYZs7QXqOZIthAWzekO1470hJ8bT
RE2hjAoL3/gw2vcSpH30D0RBmTIMAExoghKXrE/F48iVxg2QHZ6WGP2+SeJh0fi+
/nLAnJp+67E88lmu4kdSiQ3k9da4ARL5BziGoVCdBI+11cze/Letj5Lg3h/ulAyo
/pQwhWATLvtehPV3PcmSr3Yo4ezfurb02+e17dW2ZeJy2BD8F8jkaRJ99LCYK/Sc
1oCRIsg0XR5Wwn6TdJAdiCi1vzVKJN1fHZOKgWu3rxNUrUabbhwAdlnHosPXxw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:00 2024 by rpki-client on console-ams.rpki-client.org