Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8GtFnaioypFoM85L3-cXqaOLeo.cer
File: a8GtFnaioypFoM85L3-cXqaOLeo.cer (raw, json)
Hash identifier: 2WXL8G9matz4AlX5op1oU6lBpOc7KyZUo3CtHPnPlZg=
Subject key identifier: 6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2A67FBFB7F169EC21808C4F8D841C5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:45 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 33867
IP: 195.248.64.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:67:fb:fb:7f:16:9e:c2:18:08:c4:f8:d8:41:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bc1ad1676a2a32a45a0cf392f7f9c5ea68e2dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:01:79:bf:78:01:c7:f2:70:fe:87:83:8c:
91:4f:3b:49:3c:62:c5:da:1c:3a:e1:a7:4e:ff:2e:
7f:09:14:ce:c3:73:49:7c:1d:46:43:c9:64:ee:2c:
03:53:2d:7b:27:bd:b8:5c:9c:cc:88:92:b4:6a:24:
e6:bb:15:7a:43:3d:e7:c5:2b:ef:6a:69:d9:74:70:
bb:75:0c:17:9f:3c:ff:8d:cc:bb:49:15:40:94:fd:
27:ac:d7:f7:3f:4e:7e:58:95:4c:4f:8e:d9:da:eb:
8b:3f:fd:ba:cc:e8:b3:2a:33:3c:8a:47:12:b9:35:
16:fc:da:f2:3c:55:4b:c3:7f:bd:5f:e1:58:db:8a:
1f:47:73:07:91:2a:66:e4:d0:ef:96:4d:53:d2:7f:
52:f9:10:63:5e:9c:5a:2c:89:59:26:b4:f0:d1:be:
a2:75:11:ae:f6:32:eb:55:52:7e:50:3a:5d:88:2e:
b4:2b:31:e0:f1:eb:eb:b1:a6:ca:49:4c:65:fb:fd:
ca:c4:49:f6:b2:78:73:75:f0:e8:cc:4d:0e:4f:87:
c3:46:b6:3f:87:fe:e7:a5:04:63:85:dc:14:5d:bc:
5d:3d:77:e7:8e:73:2f:a2:6b:c4:c3:be:90:a2:9b:
eb:96:26:af:2b:38:9e:eb:aa:85:31:16:69:8c:ec:
f2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.64.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
33867
Signature Algorithm: sha256WithRSAEncryption
07:4b:93:66:12:a1:9c:ad:5b:63:14:e6:ef:52:26:ea:4e:10:
71:86:e9:f2:1a:cb:a8:98:07:5a:e4:f9:e2:5b:19:bb:7a:61:
f2:c6:1a:65:43:63:ef:e2:81:31:b8:d4:c3:ca:48:52:c1:b7:
77:db:4b:51:ec:df:4f:a5:ac:ec:7f:3f:4f:fe:b4:76:ed:68:
07:14:92:ca:20:2a:ab:a1:55:b8:40:98:f0:e7:3b:0f:14:4c:
fc:15:50:a9:21:69:1c:8a:c3:c6:31:eb:ab:d1:98:48:0e:c5:
79:3a:e5:20:46:4d:c8:c6:60:e8:31:de:d4:a0:24:40:7c:a1:
20:eb:06:fa:3c:dc:fb:90:92:be:45:38:8a:c4:fd:b5:fa:dc:
0a:9b:42:19:10:4d:a4:f4:b5:5b:8d:b3:ad:67:c3:2b:32:3f:
b9:ad:ca:53:00:1f:81:73:59:b7:6b:b7:7c:1c:ec:d9:26:35:
d9:30:5d:94:2b:48:67:10:40:2d:8d:44:f3:62:44:0c:97:ba:
f8:1b:6e:ba:f6:a2:12:05:28:65:ab:a0:4e:4e:43:f3:b1:00:
87:09:a7:09:75:d0:7c:8c:03:36:b2:a7:7d:5e:86:1b:f6:58:
1e:92:1a:68:ed:b2:6a:79:b5:b5:34:1d:ae:c2:10:88:1d:b2:
17:c6:e4:0c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzKKmf7+38WnsIYCMT42EHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMxYWQxNjc2YTJhMzJhNDVhMGNmMzkyZjdmOWM1ZWE2OGUyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp0Beb94AcfycP6Hg4yRTztJPGLF
2hw64adO/y5/CRTOw3NJfB1GQ8lk7iwDUy17J724XJzMiJK0aiTmuxV6Qz3nxSvv
amnZdHC7dQwXnzz/jcy7SRVAlP0nrNf3P05+WJVMT47Z2uuLP/26zOizKjM8ikcS
uTUW/NryPFVLw3+9X+FY24ofR3MHkSpm5NDvlk1T0n9S+RBjXpxaLIlZJrTw0b6i
dRGu9jLrVVJ+UDpdiC60KzHg8evrsabKSUxl+/3KxEn2snhzdfDozE0OT4fDRrY/
h/7npQRjhdwUXbxdPXfnjnMvomvEw76QopvrliavKzie66qFMRZpjOzyWwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFGvBrRZ2oqMqRaDPOS9/nF6mji3qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzliLzIyMzky
ZS1hYTY3LTQ1ODgtYjgwOS1lZjFhYWFhYmZlMmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvMjIzOTJl
LWFhNjctNDU4OC1iODA5LWVmMWFhYWFiZmUyYi8xL2E4R3RGbmFpb3lwRm9NODVM
My1jWHFhT0xlby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw/hAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwCESzANBgkqhkiG9w0BAQsFAAOCAQEAB0uTZhKhnK1bYxTm71Im6k4QcYbp8hrL
qJgHWuT54lsZu3ph8sYaZUNj7+KBMbjUw8pIUsG3d9tLUezfT6Ws7H8/T/60du1o
BxSSyiAqq6FVuECY8Oc7DxRM/BVQqSFpHIrDxjHrq9GYSA7FeTrlIEZNyMZg6DHe
1KAkQHyhIOsG+jzc+5CSvkU4isT9tfrcCptCGRBNpPS1W42zrWfDKzI/ua3KUwAf
gXNZt2u3fBzs2SY12TBdlCtIZxBALY1E82JEDJe6+BtuuvaiEgUoZaugTk5D87EA
hwmnCXXQfIwDNrKnfV6GG/ZYHpIaaO2yanm1tTQdrsIQiB2yF8bkDA==
-----END CERTIFICATE-----
Generated at Fri May 3 07:07:36 2024 by rpki-client on console-ams.rpki-client.org