Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/csZGC0-x70a8dFf_DPRjvcTgP6k.cer
File: csZGC0-x70a8dFf_DPRjvcTgP6k.cer (raw, json)
Hash identifier: ZmIaSEb3a/6Icq8bICwAblsSgAPkrMY/+Z9ZgKqMc5g=
Subject key identifier: 72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DE5004FC23C78E25E42DEE99D88B43
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/csZGC0-x70a8dFf_DPRjvcTgP6k.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:01 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 46.253.134.0/24
IP: 185.81.120.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:50:04:fc:23:c7:8e:25:e4:2d:ee:99:d8:8b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72c6460b4fb1ef46bc7457ff0cf463bdc4e03fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:48:6c:3b:27:2f:3c:3d:c0:d7:05:fc:10:
87:63:14:be:59:03:0d:93:a6:49:a1:8e:2c:d9:b1:
ba:ba:7a:3e:6b:e9:14:dd:47:f3:75:84:a5:33:34:
45:cb:e7:28:00:77:6f:98:8f:ed:0a:98:b2:24:3a:
0f:d5:d1:1b:a4:78:5f:a0:f4:b1:b3:9f:bd:41:4c:
9d:db:fd:75:b7:76:6e:ae:40:08:d4:2b:16:05:57:
46:ee:c8:1d:c1:42:43:db:04:6c:4b:dc:d3:c3:40:
e5:0e:35:e1:a7:11:5e:a8:1d:b4:ff:0e:64:45:1d:
ce:5a:11:01:05:be:4b:a9:5d:12:d1:f2:e6:19:2f:
91:2d:81:31:fe:e5:fb:e9:36:b8:c2:52:2c:9c:24:
67:d8:90:23:b4:89:8e:28:c5:e9:70:b6:d4:8b:10:
19:27:f4:d6:7b:69:18:2a:ad:44:26:33:1f:4d:fe:
db:d2:8b:c2:98:7b:59:f9:6e:c3:31:70:f1:f7:31:
8e:ed:fd:1d:17:66:0a:9e:9b:5b:b8:6c:57:e2:39:
73:3d:7a:af:0b:de:4b:98:52:8a:fa:36:02:df:8b:
9b:10:e4:15:40:54:7f:8e:a3:30:57:88:04:59:75:
fa:18:94:7a:29:e5:35:19:7b:3b:54:73:5b:9c:07:
4e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C6:46:0B:4F:B1:EF:46:BC:74:57:FF:0C:F4:63:BD:C4:E0:3F:A9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a5ce7e-7d1d-48ef-8f36-0b740a36a8ee/1/csZGC0-x70a8dFf_DPRjvcTgP6k.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.134.0/24
185.81.120.0/22
Signature Algorithm: sha256WithRSAEncryption
81:51:b7:9e:b9:3d:50:08:33:9a:28:78:93:f5:3d:7e:e6:fb:
78:63:c8:da:60:88:46:96:65:25:d5:db:b5:37:6a:1a:76:71:
ce:38:eb:9b:01:0d:68:b0:2b:e8:8c:b9:4c:c7:78:0a:d2:2d:
bf:09:7d:e6:9c:a3:f9:9a:69:66:89:3d:57:11:a4:e9:54:9e:
b0:3f:54:76:73:1d:5b:ba:fb:37:50:0d:63:b2:b2:09:49:10:
e8:69:06:fd:8c:bc:6b:0f:e4:a3:9a:79:e2:69:f1:e8:80:ee:
2e:4a:af:6b:fc:9b:09:45:f2:30:37:8e:27:bf:e2:7b:3c:7c:
10:3d:00:6a:21:68:a9:7e:bf:1a:6c:42:22:21:3b:e1:3b:69:
a7:de:cb:b1:ba:89:6f:98:de:2a:3e:e2:ae:a4:b3:ab:69:9d:
67:2f:27:ee:d7:66:af:d9:80:69:20:b9:d4:fc:a1:b5:cb:15:
12:0f:15:83:c9:c3:c9:be:70:8a:3e:6a:0e:e1:70:60:b5:0e:
e4:28:12:3c:f8:34:9b:1d:b5:d6:8c:d5:70:a8:5a:4d:b9:ae:
7f:c8:aa:8d:dd:a6:d9:11:ec:a0:50:57:cb:22:09:cd:7a:59:
5a:df:24:24:af:83:66:c1:03:10:d8:b6:2f:ae:95:51:ea:e6:
6c:44:f3:33
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzI3lAE/CPHjiXkLe6Z2ItDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM2NDYwYjRmYjFlZjQ2YmM3NDU3ZmYwY2Y0NjNiZGM0ZTAzZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgBIbDsnLzw9wNcF/BCHYxS+WQMN
k6ZJoY4s2bG6uno+a+kU3UfzdYSlMzRFy+coAHdvmI/tCpiyJDoP1dEbpHhfoPSx
s5+9QUyd2/11t3ZurkAI1CsWBVdG7sgdwUJD2wRsS9zTw0DlDjXhpxFeqB20/w5k
RR3OWhEBBb5LqV0S0fLmGS+RLYEx/uX76Ta4wlIsnCRn2JAjtImOKMXpcLbUixAZ
J/TWe2kYKq1EJjMfTf7b0ovCmHtZ+W7DMXDx9zGO7f0dF2YKnptbuGxX4jlzPXqv
C95LmFKK+jYC34ubEOQVQFR/jqMwV4gEWXX6GJR6KeU1GXs7VHNbnAdOPwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFHLGRgtPse9GvHRX/wz0Y73E4D+pMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZlL2E1Y2U3
ZS03ZDFkLTQ4ZWYtOGYzNi0wYjc0MGEzNmE4ZWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUvYTVjZTdl
LTdkMWQtNDhlZi04ZjM2LTBiNzQwYTM2YThlZS8xL2NzWkdDMC14NzBhOGRGZl9E
UFJqdmNUZ1A2ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQALv2GAwQCuVF4MA0GCSqGSIb3DQEBCwUAA4IB
AQCBUbeeuT1QCDOaKHiT9T1+5vt4Y8jaYIhGlmUl1du1N2oadnHOOOubAQ1osCvo
jLlMx3gK0i2/CX3mnKP5mmlmiT1XEaTpVJ6wP1R2cx1buvs3UA1jsrIJSRDoaQb9
jLxrD+SjmnniafHogO4uSq9r/JsJRfIwN44nv+J7PHwQPQBqIWipfr8abEIiITvh
O2mn3suxuolvmN4qPuKupLOraZ1nLyfu12av2YBpILnU/KG1yxUSDxWDycPJvnCK
PmoO4XBgtQ7kKBI8+DSbHbXWjNVwqFpNua5/yKqN3abZEeygUFfLIgnNella3yQk
r4NmwQMQ2LYvrpVR6uZsRPMz
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:18 2024 by rpki-client on console-ams.rpki-client.org