Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer
File: bcDQX47p6Vj8ld5l3FmiFBxfHv0.cer (raw, json)
Hash identifier: xTEMPAuJPHNgA3R1MFv3/H7O7ts/Hz4S6jUiLXAh/Go=
Subject key identifier: 6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2A6CC97C20FA0AE2CDFFDE09828131
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:33:47 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 56552
IP: 185.71.64.0/22
IP: 185.121.240.0/22
IP: 2a06:a180::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6c:c9:7c:20:fa:0a:e2:cd:ff:de:09:82:81:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc0d05f8ee9e958fc95de65dc59a2141c5f1efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:46:d3:1d:33:f0:f0:94:1b:4f:12:73:9a:
1a:9e:1f:87:0e:77:ef:64:06:c0:c4:89:f5:8a:f4:
9b:da:8f:84:06:46:b0:2b:d7:4a:26:ff:7e:56:82:
98:e1:b3:83:26:b7:a4:cf:b7:58:0f:d8:1f:6a:6d:
bf:83:9e:3a:11:81:21:0e:95:e8:77:14:54:a1:8b:
26:07:22:30:13:cd:a8:16:e8:3f:1f:0f:c4:5c:fd:
9c:ba:49:9e:31:cd:9d:5d:19:45:df:15:7f:3e:5f:
f4:6c:67:63:c5:c4:95:26:d1:c5:b9:d8:5d:68:d6:
8c:22:0f:1a:ec:cc:4d:19:56:03:6c:2c:54:62:84:
9c:9d:3c:94:4a:f3:70:fa:60:c9:03:08:f9:38:0d:
e6:bd:1d:36:20:be:b1:4f:f6:67:02:a6:09:89:3b:
c6:e2:11:d5:dd:0a:2b:ad:0a:14:43:75:ae:06:7a:
25:ca:7b:03:9f:fb:c6:bc:b6:3b:18:d3:c8:ff:56:
07:19:9e:a7:4c:dc:5e:85:a5:a3:cd:7d:83:9e:4d:
6f:7f:3d:23:16:80:0e:85:80:dd:8b:aa:72:29:8f:
b3:70:d3:d3:82:20:af:88:58:32:29:17:c7:49:ee:
b5:93:5d:73:05:f3:85:ed:2f:9f:67:48:94:97:cd:
b8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C0:D0:5F:8E:E9:E9:58:FC:95:DE:65:DC:59:A2:14:1C:5F:1E:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1d57dd-5599-45a7-ab03-4d6ce0766eb5/1/bcDQX47p6Vj8ld5l3FmiFBxfHv0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.64.0/22
185.121.240.0/22
IPv6:
2a06:a180::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
56552
Signature Algorithm: sha256WithRSAEncryption
07:57:13:8d:01:ad:6b:44:f2:36:4a:bb:7b:f2:30:d0:7b:17:
cc:05:03:28:14:01:72:f7:f4:e9:9d:14:c9:2b:ad:21:54:90:
76:6b:8a:39:29:c2:31:48:b4:23:f7:d6:06:b5:68:2e:ee:7a:
25:aa:1c:e2:f2:64:3a:06:12:2e:1a:ab:44:da:be:fb:be:e8:
53:7c:b4:1f:81:09:71:ac:45:c6:9c:f5:18:04:69:61:25:44:
85:3b:97:d9:e7:9b:f7:80:cd:11:f1:25:a0:0a:0b:bd:80:c3:
0c:ce:9a:fb:7d:95:df:64:40:96:cc:7a:34:89:c6:08:6b:f6:
5e:06:69:61:14:18:c1:29:c8:5a:c7:cf:52:cf:53:be:b3:57:
c4:eb:48:ba:40:7f:04:f5:77:a6:e6:87:c5:d8:e7:91:be:b7:
b6:db:60:cf:12:bc:9c:cf:9c:05:a8:17:e0:65:3d:45:c0:ee:
7d:83:7b:7c:2a:62:04:82:5b:c0:15:a5:a7:bf:37:91:18:58:
22:7c:2c:37:52:49:9e:c5:c5:f5:82:89:90:b1:6a:4b:4f:cb:
94:12:3a:4b:ba:81:aa:6f:86:ab:9f:91:2b:d0:33:31:fa:b9:
f5:90:ac:84:0e:88:ad:45:e9:db:d9:51:ab:76:b2:46:20:2c:
06:03:73:ad
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzKKmzJfCD6CuLN/94JgoExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGMwZDA1ZjhlZTllOTU4ZmM5NWRlNjVkYzU5YTIxNDFjNWYxZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKZG0x0z8PCUG08Sc5oanh+HDnfv
ZAbAxIn1ivSb2o+EBkawK9dKJv9+VoKY4bODJrekz7dYD9gfam2/g546EYEhDpXo
dxRUoYsmByIwE82oFug/Hw/EXP2cukmeMc2dXRlF3xV/Pl/0bGdjxcSVJtHFudhd
aNaMIg8a7MxNGVYDbCxUYoScnTyUSvNw+mDJAwj5OA3mvR02IL6xT/ZnAqYJiTvG
4hHV3QorrQoUQ3WuBnolynsDn/vGvLY7GNPI/1YHGZ6nTNxehaWjzX2Dnk1vfz0j
FoAOhYDdi6pyKY+zcNPTgiCviFgyKRfHSe61k11zBfOF7S+fZ0iUl824UwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFG3A0F+O6elY/JXeZdxZohQcXx79MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzFkNTdk
ZC01NTk5LTQ1YTctYWIwMy00ZDZjZTA3NjZlYjUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvMWQ1N2Rk
LTU1OTktNDVhNy1hYjAzLTRkNmNlMDc2NmViNS8xL2JjRFFYNDdwNlZqOGxkNWwz
Rm1pRkJ4Zkh2MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuUdAAwQCuXnwMA0EAgACMAcDBQMqBqGAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDc6DANBgkqhkiG9w0BAQsFAAOCAQEAB1cT
jQGta0TyNkq7e/Iw0HsXzAUDKBQBcvf06Z0UySutIVSQdmuKOSnCMUi0I/fWBrVo
Lu56Jaoc4vJkOgYSLhqrRNq++77oU3y0H4EJcaxFxpz1GARpYSVEhTuX2eeb94DN
EfEloAoLvYDDDM6a+32V32RAlsx6NInGCGv2XgZpYRQYwSnIWsfPUs9TvrNXxOtI
ukB/BPV3puaHxdjnkb63tttgzxK8nM+cBagX4GU9RcDufYN7fCpiBIJbwBWlp783
kRhYInwsN1JJnsXF9YKJkLFqS0/LlBI6S7qBqm+Gq5+RK9AzMfq59ZCshA6IrUXp
29lRq3ayRiAsBgNzrQ==
-----END CERTIFICATE-----
Generated at Fri May 3 10:31:43 2024 by rpki-client on console-fra.rpki-client.org