Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer
File: fxaAKOwNq2aKZ9W_b1NYyqvjN6g.cer (raw, json)
Hash identifier: P8WkmuLFfI1NrP30oP5zuchxCL5OqYn4uTHkb5MZzlE=
Subject key identifier: 7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC94DC777D774947CDD09E4C4CAB93A4E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 08:32:46 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.57.224.0/21
IP: 146.255.16.0/21
IP: 185.2.148.0/22
IP: 185.47.12.0/22
IP: 185.57.172.0/22
IP: 185.99.184.0/22
IP: 185.103.36.0/22
IP: 185.104.132.0/22
IP: 185.105.220.0/22
IP: 2a00:de40::/32
IP: 2a01:8ae0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c7:77:d7:74:94:7c:dd:09:e4:c4:ca:b9:3a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 08:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f168028ec0dab668a67d5bf6f5358caabe337a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:25:51:de:5a:bf:5c:a1:24:4b:8e:e0:0e:3c:
86:a2:e4:8c:f5:f9:15:42:a8:b8:f6:33:22:ae:9a:
53:9c:b0:22:1d:f0:40:61:86:81:75:59:86:37:e6:
0e:6b:3a:4d:c2:27:db:b4:67:2e:7b:e5:70:09:1d:
42:91:87:39:3a:ef:68:46:2a:f5:ba:90:6e:1a:0c:
15:a0:e0:ca:c9:ef:0b:29:a1:79:c0:ce:0d:cc:0c:
bf:43:b5:56:18:0b:f5:bf:fb:18:6a:bf:b4:ac:40:
01:11:cb:fe:13:ed:cc:f5:e8:32:46:2c:66:3d:e7:
ae:c1:ce:7a:42:37:0e:fe:b3:12:6b:8d:32:7a:dc:
c5:ce:a5:ec:1d:dd:73:13:bf:16:e7:98:49:4d:d2:
bb:85:16:18:35:22:ed:6a:c4:a2:a1:41:19:fc:de:
80:73:5c:72:97:85:c1:20:95:9e:66:d1:14:00:e9:
f2:bb:55:9c:31:4a:ef:cf:b7:65:2c:ba:b1:b4:ff:
ed:b8:b0:7a:8e:94:50:dd:4c:6e:e1:8a:2b:51:1a:
4a:b1:36:a9:9c:a2:ec:35:27:cc:6f:b2:a5:97:5e:
9b:27:6a:2e:23:30:67:3f:05:4f:ec:86:72:57:a5:
31:39:07:bb:65:8e:6a:a1:6b:2e:40:ed:4d:ea:34:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:16:80:28:EC:0D:AB:66:8A:67:D5:BF:6F:53:58:CA:AB:E3:37:A8
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b15286-fd4d-49fe-a69e-7fadf50a2e37/1/fxaAKOwNq2aKZ9W_b1NYyqvjN6g.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.224.0/21
146.255.16.0/21
185.2.148.0/22
185.47.12.0/22
185.57.172.0/22
185.99.184.0/22
185.103.36.0/22
185.104.132.0/22
185.105.220.0/22
IPv6:
2a00:de40::/32
2a01:8ae0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:81:c7:9b:77:82:41:cd:7f:25:1b:0a:b5:7f:cc:73:ce:51:
9c:49:54:2e:d1:9b:c1:20:25:b2:81:ec:dc:07:0a:53:c4:9d:
0f:86:b6:2c:97:a4:0e:df:15:48:23:b9:41:33:4d:07:e8:69:
c9:b2:97:00:08:32:22:b9:91:02:ef:38:8e:5e:81:65:9c:a1:
73:c3:2a:40:b3:1e:e0:6d:c0:ec:67:8c:68:ed:d2:a8:d6:51:
fa:28:4a:6c:e7:5d:93:6b:7a:5a:92:db:e6:6c:af:e2:2e:17:
2a:02:4a:0f:56:73:57:51:76:e7:65:c5:be:70:f1:42:c2:8e:
96:54:41:ac:59:ef:8e:4b:10:a7:08:7a:31:bb:8f:c1:4c:2a:
fb:af:9a:ab:f2:38:4d:77:5f:b5:60:d9:6e:3b:65:fe:33:ec:
f2:64:0e:90:b8:c1:a6:94:a9:93:fe:35:ae:9a:af:90:ad:eb:
c1:94:bd:75:ec:1f:d1:85:3f:ad:ce:aa:53:b1:0b:cb:97:14:
65:df:96:3a:31:44:08:0b:27:02:0b:16:35:58:05:fc:93:b1:
7f:69:a8:ac:a5:b4:e9:7c:25:e2:0f:88:10:77:e0:dd:61:77:
d6:ef:e1:30:80:45:8d:83:9e:42:39:8f:f3:13:11:7a:29:47:
88:af:d1:11
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYzJTcd313SUfN0J5MTKuTpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDgzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjE2ODAyOGVjMGRhYjY2OGE2N2Q1YmY2ZjUzNThjYWFiZTMzN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SVR3lq/XKEkS47gDjyGouSM9fkV
Qqi49jMirppTnLAiHfBAYYaBdVmGN+YOazpNwifbtGcue+VwCR1CkYc5Ou9oRir1
upBuGgwVoODKye8LKaF5wM4NzAy/Q7VWGAv1v/sYar+0rEABEcv+E+3M9egyRixm
Peeuwc56QjcO/rMSa40yetzFzqXsHd1zE78W55hJTdK7hRYYNSLtasSioUEZ/N6A
c1xyl4XBIJWeZtEUAOnyu1WcMUrvz7dlLLqxtP/tuLB6jpRQ3Uxu4YorURpKsTap
nKLsNSfMb7Kll16bJ2ouIzBnPwVP7IZyV6UxOQe7ZY5qoWsuQO1N6jTG/QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFH8WgCjsDatmimfVv29TWMqr4zeoMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2IxNTI4
Ni1mZDRkLTQ5ZmUtYTY5ZS03ZmFkZjUwYTJlMzcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvYjE1Mjg2
LWZkNGQtNDlmZS1hNjllLTdmYWRmNTBhMmUzNy8xL2Z4YUFLT3dOcTJhS1o5V19i
MU5ZeXF2ak42Zy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUGCCsGAQUF
BwEHAQH/BFYwVDA8BAIAATA2AwQDBTngAwQDkv8QAwQCuQKUAwQCuS8MAwQCuTms
AwQCuWO4AwQCuWckAwQCuWiEAwQCuWncMBQEAgACMA4DBQAqAN5AAwUAKgGK4DAN
BgkqhkiG9w0BAQsFAAOCAQEALYHHm3eCQc1/JRsKtX/Mc85RnElULtGbwSAlsoHs
3AcKU8SdD4a2LJekDt8VSCO5QTNNB+hpybKXAAgyIrmRAu84jl6BZZyhc8MqQLMe
4G3A7GeMaO3SqNZR+ihKbOddk2t6WpLb5myv4i4XKgJKD1ZzV1F252XFvnDxQsKO
llRBrFnvjksQpwh6MbuPwUwq+6+aq/I4TXdftWDZbjtl/jPs8mQOkLjBppSpk/41
rpqvkK3rwZS9dewf0YU/rc6qU7ELy5cUZd+WOjFECAsnAgsWNVgF/JOxf2morKW0
6Xwl4g+IEHfg3WF31u/hMIBFjYOeQjmP8xMReilHiK/REQ==
-----END CERTIFICATE-----
Generated at Fri May 3 10:50:58 2024 by rpki-client on console-fra.rpki-client.org