Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer
File: cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer (raw, json)
Hash identifier: Aq8zvz+4zyWtwWOpzHAcM+bL8nbUFIEXuf4S7VwlDr8=
Subject key identifier: 72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D638F82DE5EB91B5A2D9BF2417975
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:29:58 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 199351
IP: 2001:67c:1394::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:63:8f:82:de:5e:b9:1b:5a:2d:9b:f2:41:79:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=727309f110347cc61b8c27bbfbf10a6bfb408358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9a:df:73:36:11:65:a9:00:9a:ae:4a:fd:75:
74:da:16:10:57:11:49:11:6f:42:de:5f:51:c2:8e:
26:44:3e:49:e3:53:56:57:8c:06:c0:3e:f2:e7:b5:
fb:d4:02:19:15:1c:aa:bd:77:a4:fa:65:9e:6f:b6:
69:f2:4e:38:b4:ac:c7:e0:74:98:5f:02:d3:19:04:
6d:c5:5f:79:8f:37:86:67:cb:4a:9b:73:e0:f4:dc:
c4:01:1a:95:46:f0:0f:81:df:db:89:80:c8:33:9f:
01:8a:28:a6:c3:61:ba:c2:19:ac:4c:8f:5d:70:50:
89:a0:47:5e:40:6a:ba:32:59:b4:58:ef:b9:bd:92:
3a:de:ea:4c:56:98:61:32:a6:5d:3a:b3:42:9e:7a:
2d:b1:f1:00:16:a8:bf:cb:0e:84:f9:54:4b:54:12:
3a:b9:e2:da:f6:34:8a:e1:20:ed:2c:b3:c8:44:98:
dd:9e:62:71:70:82:8a:e6:c8:23:5b:18:71:ac:ba:
75:f7:e9:1d:70:59:08:af:75:8c:3e:e0:4f:0e:e8:
ce:28:92:f4:5f:7f:03:83:49:ea:f1:9a:6a:2a:a9:
2a:da:25:7a:af:b3:0b:6c:14:39:75:36:cb:41:27:
24:4f:bd:3b:2a:aa:71:9d:5d:9c:b8:54:16:87:a0:
69:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1394::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199351
Signature Algorithm: sha256WithRSAEncryption
17:79:c0:5e:0f:8a:8a:32:d0:88:82:9d:af:8a:42:99:e9:0a:
7b:8a:69:5e:c0:63:72:7a:cb:85:e6:5f:35:86:6f:66:1b:75:
fc:90:81:e7:95:e1:63:4f:2b:8c:be:bb:67:a5:92:86:7a:8a:
e8:6b:05:2c:a8:c3:59:7b:37:12:67:8b:fe:71:74:70:1d:2a:
2a:b0:47:61:fb:a7:56:8e:a0:ce:a4:2b:6f:14:e1:57:fd:d1:
f2:cf:8b:54:ce:21:6d:60:ac:3f:5e:dc:0e:5f:1b:43:5a:15:
6e:6f:40:80:b3:4e:05:a8:3a:36:45:61:89:ba:31:d8:7a:b3:
b4:4c:09:06:ab:49:d0:25:d2:68:ec:1b:24:40:4e:b8:7e:94:
12:b1:74:b6:82:f3:33:19:3f:b4:ad:2f:e6:d2:32:1e:5e:2e:
b0:83:f8:8c:be:c6:83:da:09:0b:d0:24:51:7c:e2:60:e7:90:
07:4c:73:fc:f9:4f:b1:92:20:36:dd:ef:38:91:54:3f:c6:ea:
87:b4:a1:42:53:86:9a:74:01:97:48:4c:27:99:b3:3e:49:d8:
48:1c:9a:5d:b2:bc:49:ae:a4:11:32:83:05:49:7c:99:5d:76:
0b:5d:6f:db:e9:30:e8:8b:fe:6b:48:8c:53:69:07:d8:2a:5e:
f4:b3:e3:73
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzCbWOPgt5euRtaLZvyQXl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjczMDlmMTEwMzQ3Y2M2MWI4YzI3YmJmYmYxMGE2YmZiNDA4MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArprfczYRZakAmq5K/XV02hYQVxFJ
EW9C3l9Rwo4mRD5J41NWV4wGwD7y57X71AIZFRyqvXek+mWeb7Zp8k44tKzH4HSY
XwLTGQRtxV95jzeGZ8tKm3Pg9NzEARqVRvAPgd/biYDIM58Biiimw2G6whmsTI9d
cFCJoEdeQGq6Mlm0WO+5vZI63upMVphhMqZdOrNCnnotsfEAFqi/yw6E+VRLVBI6
ueLa9jSK4SDtLLPIRJjdnmJxcIKK5sgjWxhxrLp19+kdcFkIr3WMPuBPDujOKJL0
X38Dg0nq8ZpqKqkq2iV6r7MLbBQ5dTbLQSckT707KqpxnV2cuFQWh6Bp2QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFHJzCfEQNHzGG4wnu/vxCmv7QINYMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0LzAwODkw
OS03MmVhLTQ3OTEtYTViZi1mMjMzNDZiY2MyMTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvMDA4OTA5
LTcyZWEtNDc5MS1hNWJmLWYyMzM0NmJjYzIxNy8xL2NuTUo4UkEwZk1ZYmpDZTct
X0VLYV90QWcxZy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBOUMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMKtzANBgkqhkiG9w0BAQsFAAOCAQEAF3nAXg+KijLQiIKdr4pCmekKe4pp
XsBjcnrLheZfNYZvZht1/JCB55XhY08rjL67Z6WShnqK6GsFLKjDWXs3EmeL/nF0
cB0qKrBHYfunVo6gzqQrbxThV/3R8s+LVM4hbWCsP17cDl8bQ1oVbm9AgLNOBag6
NkVhibox2HqztEwJBqtJ0CXSaOwbJEBOuH6UErF0toLzMxk/tK0v5tIyHl4usIP4
jL7Gg9oJC9AkUXziYOeQB0xz/PlPsZIgNt3vOJFUP8bqh7ShQlOGmnQBl0hMJ5mz
PknYSByaXbK8Sa6kETKDBUl8mV12C11v2+kw6Iv+a0iMU2kH2Cpe9LPjcw==
-----END CERTIFICATE-----
Generated at Fri May 3 03:21:03 2024 by rpki-client on console-fra.rpki-client.org