Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer
File: fNxAw9vfgZ10E-dyvYdYFMfq9V4.cer (raw, json)
Hash identifier: mJJ+o+j36UTEujfD6T1V/Muujc2w1+F72JkNhLox+WU=
Subject key identifier: 7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56E3CEC41379A89779A2870453DC372
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:45 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 201233
IP: 217.18.85.0/24
IP: 2a12:e640::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3c:ec:41:37:9a:89:77:9a:28:70:45:3d:c3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cdc40c3dbdf819d7413e772bd875814c7eaf55e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2b:7b:81:14:e1:c6:ef:55:f8:72:ae:cd:f2:
f2:45:e1:92:35:c4:f3:0c:aa:6d:7c:73:57:d1:c6:
5b:00:e3:63:41:ef:02:41:59:8b:98:d6:70:79:78:
64:b7:dd:96:d6:83:11:8f:9f:e3:c9:af:b3:e7:ad:
03:45:e1:2c:9f:f0:b3:b7:cb:82:d0:6f:ee:fc:19:
89:06:fe:e8:79:42:ec:e9:78:07:3d:70:87:96:de:
00:f6:b9:1b:6c:dc:8c:44:4b:aa:a6:d1:b5:a4:c7:
6e:d7:34:e4:90:05:a9:83:d6:52:12:25:c1:8d:d2:
d1:5a:2e:8b:b2:99:96:d5:ff:f3:9d:de:29:c1:32:
6d:b8:a7:35:1d:70:f5:d8:22:6b:53:75:a6:e4:1f:
95:f6:0f:c5:de:e1:38:93:9b:53:70:02:ad:a8:4e:
e8:6c:7f:6b:bb:22:ce:ad:6b:25:cb:2b:c4:2b:08:
d0:09:e8:d5:3c:10:d8:ad:82:2b:c3:72:91:52:a6:
2c:01:82:b5:ca:16:ac:63:ff:78:4a:5d:49:79:ed:
b3:1b:69:78:27:d2:ca:e5:59:15:64:e6:20:a0:2a:
7d:5d:af:b3:c1:d1:b4:99:b3:9a:f4:eb:89:b0:28:
e4:19:ea:25:bd:ed:39:83:58:e7:af:5a:02:5a:96:
fe:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DC:40:C3:DB:DF:81:9D:74:13:E7:72:BD:87:58:14:C7:EA:F5:5E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/2e543d-4ef7-4e85-867a-99f2004659d1/1/fNxAw9vfgZ10E-dyvYdYFMfq9V4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.85.0/24
IPv6:
2a12:e640::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201233
Signature Algorithm: sha256WithRSAEncryption
ad:f9:a5:14:7f:b6:59:70:0a:fc:07:aa:86:7c:48:29:29:f0:
d0:7f:f0:4d:2e:ff:4c:23:93:6c:0e:36:04:3f:f1:a5:0c:37:
ce:4b:a9:dd:be:0e:44:bc:7d:4a:73:4f:c2:f5:90:00:bf:a8:
1c:6e:e7:8f:79:a0:c1:30:c8:05:25:55:6b:85:cc:87:a5:22:
bc:f3:66:94:43:c3:27:b9:db:bf:6b:8f:c8:d4:e5:ec:ed:88:
d4:a1:c7:2c:0a:cf:38:63:76:f3:f7:65:87:d0:9b:2d:1c:ea:
42:23:50:b5:0b:af:f5:99:34:0b:8c:de:50:fa:15:3c:c1:c8:
c5:be:51:a0:47:70:84:8e:63:9b:f6:96:ed:af:23:3c:ab:ca:
82:66:60:06:6c:00:18:a5:8d:dc:9c:73:59:29:2f:85:77:75:
ae:22:a6:d8:c3:0e:2b:35:6e:bb:12:c6:e0:26:55:68:9a:a6:
49:89:67:1e:9f:f8:5f:a0:f6:7f:43:7b:e7:06:44:f9:d9:bf:
64:60:10:04:c5:40:b5:2a:a3:51:88:58:73:cc:e4:be:80:69:
0c:41:db:be:87:75:a7:c4:71:e4:cb:02:5b:73:c3:e3:09:85:
29:dd:ff:f7:7b:07:4c:61:13:72:75:47:fd:7e:63:75:29:f3:
8b:db:7e:be
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzFbjzsQTeaiXeaKHBFPcNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2RjNDBjM2RiZGY4MTlkNzQxM2U3NzJiZDg3NTgxNGM3ZWFmNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yt7gRThxu9V+HKuzfLyReGSNcTz
DKptfHNX0cZbAONjQe8CQVmLmNZweXhkt92W1oMRj5/jya+z560DReEsn/Czt8uC
0G/u/BmJBv7oeULs6XgHPXCHlt4A9rkbbNyMREuqptG1pMdu1zTkkAWpg9ZSEiXB
jdLRWi6LspmW1f/znd4pwTJtuKc1HXD12CJrU3Wm5B+V9g/F3uE4k5tTcAKtqE7o
bH9ruyLOrWslyyvEKwjQCejVPBDYrYIrw3KRUqYsAYK1yhasY/94Sl1Jee2zG2l4
J9LK5VkVZOYgoCp9Xa+zwdG0mbOa9OuJsCjkGeolve05g1jnr1oCWpb+8wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHzcQMPb34GddBPncr2HWBTH6vVeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzllLzJlNTQz
ZC00ZWY3LTRlODUtODY3YS05OWYyMDA0NjU5ZDEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUvMmU1NDNk
LTRlZjctNGU4NS04NjdhLTk5ZjIwMDQ2NTlkMS8xL2ZOeEF3OXZmZ1oxMEUtZHl2
WWRZRk1mcTlWNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQA2RJVMA0EAgACMAcDBQMqEuZAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMSETANBgkqhkiG9w0BAQsFAAOCAQEArfmlFH+2WXAK
/AeqhnxIKSnw0H/wTS7/TCOTbA42BD/xpQw3zkup3b4ORLx9SnNPwvWQAL+oHG7n
j3mgwTDIBSVVa4XMh6UivPNmlEPDJ7nbv2uPyNTl7O2I1KHHLArPOGN28/dlh9Cb
LRzqQiNQtQuv9Zk0C4zeUPoVPMHIxb5RoEdwhI5jm/aW7a8jPKvKgmZgBmwAGKWN
3JxzWSkvhXd1riKm2MMOKzVuuxLG4CZVaJqmSYlnHp/4X6D2f0N75wZE+dm/ZGAQ
BMVAtSqjUYhYc8zkvoBpDEHbvod1p8Rx5MsCW3PD4wmFKd3/93sHTGETcnVH/X5j
dSnzi9t+vg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:04 2024 by rpki-client on console-fra.rpki-client.org