Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
File: du8KDuj6FU162kOK8SEiac4KzEE.cer (raw, json)
Hash identifier: OqlW/GZhvOzN5La9ut8Ya3+fRJZevi1WLypbD6aRP4c=
Subject key identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018DE62FB9480B6717876EC0FA132ED210F4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 26 Feb 2024 16:11:43 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 43152
IP: 77.95.200.0/21
IP: 109.71.240.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:2f:b9:48:0b:67:17:87:6e:c0:fa:13:2e:d2:10:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Feb 26 16:11:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:68:1b:ae:09:8a:2f:8a:83:48:6d:ca:cd:1e:
b4:ba:be:cb:b7:1e:6e:03:57:34:78:b5:f4:4d:9d:
73:2b:94:bd:96:a7:c0:78:0a:48:11:5e:9a:89:f9:
89:5f:8d:84:d6:08:fd:e7:f0:ef:be:f0:b5:2d:07:
6b:9e:7f:04:7a:9b:9b:47:ef:b3:e3:de:4b:5d:06:
15:39:21:d4:db:05:ff:a6:0a:59:ff:73:28:03:e0:
43:25:a1:e5:a8:df:d1:be:ff:cd:f3:f6:8d:bf:ca:
87:e3:8f:9d:f8:f5:6a:47:04:55:54:e6:dc:e8:d4:
f4:62:8e:5a:34:34:f4:a7:9e:3b:81:4f:f3:7e:0f:
5f:ba:61:a5:d2:41:0e:a1:d3:f0:9f:a1:0a:5f:69:
e3:d1:ea:63:1f:d5:b3:cb:08:42:eb:a3:8a:e0:1b:
f7:ba:7f:ba:b9:16:29:13:4b:ec:b8:5c:79:74:70:
53:eb:99:d9:47:18:b1:8c:d4:72:73:ad:37:15:69:
04:97:5b:93:cb:2d:a1:5d:6a:54:10:49:a7:5b:d2:
3a:76:68:2b:25:a8:0e:03:89:d0:fd:a0:a4:eb:fa:
a4:2f:2d:a0:35:ad:f8:ff:7d:16:3b:55:90:8d:61:
5a:e4:bd:d4:7e:da:61:97:46:ff:d5:9f:9e:49:0c:
8f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.200.0/21
109.71.240.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43152
Signature Algorithm: sha256WithRSAEncryption
6b:fd:5d:61:a7:7b:82:1a:60:c2:37:e6:a3:14:6f:1b:5c:2b:
33:92:2e:f4:c3:09:85:04:55:b8:a9:dc:00:d5:fa:63:b3:37:
88:82:f4:c2:a4:54:6e:ca:bb:3c:6c:8e:c0:29:74:61:c0:12:
5b:e6:9c:1c:72:56:79:84:89:d8:02:06:d6:5d:1d:f5:81:d0:
d3:2e:62:4d:1d:9f:13:56:03:84:77:de:22:95:89:cb:2c:9a:
5a:84:4a:7a:9a:12:4c:80:96:86:60:61:47:c2:0d:6d:95:d5:
3e:94:e2:57:55:1f:af:c5:41:c7:54:cd:0d:43:a8:d6:67:19:
cc:4a:14:b9:4c:0a:18:6e:c8:f9:b5:11:64:c8:3b:ac:8b:d4:
18:5c:ae:9f:81:21:a9:cb:df:f6:39:97:2e:2b:18:83:0d:23:
9c:44:b7:bc:d7:87:d2:6e:c6:bf:43:06:c8:a2:3e:d3:a0:3c:
47:b1:b8:62:9e:0d:69:43:65:19:0a:0c:cd:95:6d:d3:46:bf:
d7:60:58:bb:c6:cd:f0:d1:98:58:92:b4:b9:8f:c0:b9:3f:e1:
eb:15:61:0f:3b:10:7c:9c:54:99:10:7c:31:b3:d7:d7:88:56:
7c:ce:e3:84:5f:0f:e3:c5:3b:da:b3:4e:cd:9f:0a:06:8b:0a:
ea:0c:6d:29
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY3mL7lIC2cXh27A+hMu0hD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMjI2MTYxMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVmMGEwZWU4ZmExNTRkN2FkYTQzOGFmMTIxMjI2OWNlMGFjYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2gbrgmKL4qDSG3KzR60ur7Ltx5u
A1c0eLX0TZ1zK5S9lqfAeApIEV6aifmJX42E1gj95/DvvvC1LQdrnn8EepubR++z
495LXQYVOSHU2wX/pgpZ/3MoA+BDJaHlqN/Rvv/N8/aNv8qH44+d+PVqRwRVVObc
6NT0Yo5aNDT0p547gU/zfg9fumGl0kEOodPwn6EKX2nj0epjH9WzywhC66OK4Bv3
un+6uRYpE0vsuFx5dHBT65nZRxixjNRyc603FWkEl1uTyy2hXWpUEEmnW9I6dmgr
JagOA4nQ/aCk6/qkLy2gNa34/30WO1WQjWFa5L3Uftphl0b/1Z+eSQyPEQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFHbvCg7o+hVNetpDivEhImnOCsxBMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE1LzE2ODZj
My1kYTcwLTRiNTQtYWIyYi0zYmU5OTVkMmJiZGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUvMTY4NmMz
LWRhNzAtNGI1NC1hYjJiLTNiZTk5NWQyYmJkYS8xL2R1OEtEdWo2RlUxNjJrT0s4
U0VpYWM0S3pFRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQDTV/IAwQDbUfwMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwCokDANBgkqhkiG9w0BAQsFAAOCAQEAa/1dYad7ghpgwjfmoxRvG1wr
M5Iu9MMJhQRVuKncANX6Y7M3iIL0wqRUbsq7PGyOwCl0YcASW+acHHJWeYSJ2AIG
1l0d9YHQ0y5iTR2fE1YDhHfeIpWJyyyaWoRKepoSTICWhmBhR8INbZXVPpTiV1Uf
r8VBx1TNDUOo1mcZzEoUuUwKGG7I+bURZMg7rIvUGFyun4Ehqcvf9jmXLisYgw0j
nES3vNeH0m7Gv0MGyKI+06A8R7G4Yp4NaUNlGQoMzZVt00a/12BYu8bN8NGYWJK0
uY/AuT/h6xVhDzsQfJxUmRB8MbPX14hWfM7jhF8P48U72rNOzZ8KBosK6gxtKQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:38 2024 by rpki-client on console-fra.rpki-client.org