Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.cer
File: bX6kOhxHVXh9SR-6VjuIgR3Mxfg.cer (raw, json)
Hash identifier: tw2ENxiMmerq01ctJMWb4Mo6GBM7AjxWwmjwn5uiINg=
Subject key identifier: 6D:7E:A4:3A:1C:47:55:78:7D:49:1F:BA:56:3B:88:81:1D:CC:C5:F8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC649DC3E12A58AF4E758877ADCA9DA5D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 18:29:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.199.225.0/24
IP: 195.28.12.0/23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:dc:3e:12:a5:8a:f4:e7:58:87:7a:dc:a9:da:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 18:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d7ea43a1c4755787d491fba563b88811dccc5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:f1:4c:cf:97:88:4e:53:c1:04:b4:26:49:
f6:81:43:41:00:3e:ab:ec:40:fe:30:0b:cb:6d:be:
77:88:7a:90:34:93:39:14:21:54:10:62:74:7f:f5:
02:bf:5e:55:cc:fc:b3:96:31:21:52:ea:10:7e:00:
7b:4f:1e:a5:84:28:59:2b:1a:0b:17:19:d5:ea:05:
cf:4c:08:ad:0e:33:bc:b3:8f:03:79:64:cc:25:0d:
fb:e0:2f:db:df:0a:e1:28:5b:92:09:a0:61:c9:28:
c7:3a:9c:ca:a9:bd:3c:f4:da:a8:45:2f:19:5c:4a:
dc:f4:09:7a:f6:3e:1b:ca:e5:df:ca:b2:8a:d2:a2:
38:80:3b:cb:2b:85:d9:32:8b:d5:97:b6:34:3f:ae:
ef:7a:a9:42:f8:96:e6:3a:86:33:ad:38:bd:f2:66:
07:f9:4e:32:c6:a2:8c:2a:f4:67:c5:b7:34:f8:40:
4c:af:8e:f0:d5:73:96:9b:3a:8c:36:ac:b7:dc:74:
8c:5c:26:f1:9a:3e:fd:01:26:80:51:42:62:7a:36:
4a:80:d1:64:b9:25:7e:4a:e4:2c:40:9a:be:b8:68:
47:1a:8b:cb:ff:df:23:90:9c:76:ba:16:46:8a:d6:
e1:08:f2:e3:6f:f9:07:a0:df:be:2e:1c:f6:6c:8f:
ce:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7E:A4:3A:1C:47:55:78:7D:49:1F:BA:56:3B:88:81:1D:CC:C5:F8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.225.0/24
195.28.12.0/23
Signature Algorithm: sha256WithRSAEncryption
92:ca:48:3c:7e:c0:a0:46:22:e3:69:d7:95:1a:66:5d:d8:07:
d9:00:8d:af:ac:78:18:61:92:54:ba:d8:a0:bf:27:9c:f1:16:
2e:85:ff:0c:27:62:ed:a2:67:1d:99:1d:ef:d0:c1:62:ce:c3:
f0:9f:d1:f8:bf:29:1d:fc:c0:a0:0b:b5:3d:9e:aa:96:eb:67:
a9:2e:57:77:8d:38:bc:89:e2:b7:39:c1:c1:cb:da:2d:5d:bb:
69:39:e1:3a:bd:aa:32:92:2b:42:85:40:1a:10:ff:bd:21:00:
55:20:50:01:7f:54:11:f9:7f:b6:5c:8d:54:85:5d:52:63:53:
18:44:33:05:94:7a:0c:86:be:57:6f:0a:f1:63:2a:d9:83:bb:
03:cb:8b:99:30:0c:13:04:4a:42:a9:c7:57:71:1c:60:2c:f4:
8e:22:ce:b7:68:e2:2c:0e:81:f7:f6:e8:11:11:ee:fe:43:45:
f2:02:35:db:5d:36:c9:59:a2:b0:64:3d:04:71:4f:4f:38:76:
68:f4:4c:2b:35:8d:a0:63:85:45:d9:2c:32:44:cc:08:3d:9a:
dc:44:1c:16:6c:ae:e2:10:af:86:b5:5e:25:d1:ab:fb:49:b3:
6c:01:f7:48:a7:78:a8:22:a3:d6:56:2c:2a:73:33:ad:79:62:
4f:41:37:19
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzGSdw+EqWK9OdYh3rcqdpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTgyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdlYTQzYTFjNDc1NTc4N2Q0OTFmYmE1NjNiODg4MTFkY2NjNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfnxTM+XiE5TwQS0Jkn2gUNBAD6r
7ED+MAvLbb53iHqQNJM5FCFUEGJ0f/UCv15VzPyzljEhUuoQfgB7Tx6lhChZKxoL
FxnV6gXPTAitDjO8s48DeWTMJQ374C/b3wrhKFuSCaBhySjHOpzKqb089NqoRS8Z
XErc9Al69j4byuXfyrKK0qI4gDvLK4XZMovVl7Y0P67veqlC+JbmOoYzrTi98mYH
+U4yxqKMKvRnxbc0+EBMr47w1XOWmzqMNqy33HSMXCbxmj79ASaAUUJiejZKgNFk
uSV+SuQsQJq+uGhHGovL/98jkJx2uhZGitbhCPLjb/kHoN++Lhz2bI/OoQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFG1+pDocR1V4fUkfulY7iIEdzMX4MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZmLzVjOTk5
Ni02ZjZiLTRjMzEtODYzZS01ODlkMzBmZmFhOGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYvNWM5OTk2
LTZmNmItNGMzMS04NjNlLTU4OWQzMGZmYWE4Yy8xL2JYNmtPaHhIVlhoOVNSLTZW
anVJZ1IzTXhmZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW8fhAwQBwxwMMA0GCSqGSIb3DQEBCwUAA4IB
AQCSykg8fsCgRiLjadeVGmZd2AfZAI2vrHgYYZJUutigvyec8RYuhf8MJ2Ltomcd
mR3v0MFizsPwn9H4vykd/MCgC7U9nqqW62epLld3jTi8ieK3OcHBy9otXbtpOeE6
vaoykitChUAaEP+9IQBVIFABf1QR+X+2XI1UhV1SY1MYRDMFlHoMhr5XbwrxYyrZ
g7sDy4uZMAwTBEpCqcdXcRxgLPSOIs63aOIsDoH39ugREe7+Q0XyAjXbXTbJWaKw
ZD0EcU9POHZo9EwrNY2gY4VF2SwyRMwIPZrcRBwWbK7iEK+GtV4l0av7SbNsAfdI
p3ioIqPWViwqczOteWJPQTcZ
-----END CERTIFICATE-----
Generated at Fri May 3 09:17:39 2024 by rpki-client on console-ams.rpki-client.org