Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
File: gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer (raw, json)
Hash identifier: prpTyALuQwtrb9xtKYcb++W8W50QsfaT4kcFdux8+oE=
Subject key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC56DDF20DEFAF6C28CB0D3B6AE132B9E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 14:29:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 213176
IP: 209.35.224.0/19
IP: 212.59.64.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:df:20:de:fa:f6:c2:8c:b0:d3:b6:ae:13:2b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:7d:68:6c:15:98:4f:51:05:f7:eb:19:e7:
46:ed:84:de:bf:85:61:9d:de:3a:11:28:df:fc:10:
33:75:58:fc:43:d1:54:d9:81:66:7b:ca:32:7b:23:
8d:1f:51:4b:a9:bd:e1:a3:20:b3:27:fc:3a:16:36:
65:85:35:84:7e:1d:70:56:df:f8:81:db:c4:a9:fb:
39:5a:0b:ff:4f:08:b8:f7:7e:4b:16:5a:aa:31:d9:
8d:83:cc:af:bc:a7:c0:5f:af:b5:82:49:73:f4:cc:
ce:1e:70:20:a3:bd:14:1a:80:84:71:95:23:1b:09:
5a:af:34:98:f4:77:e3:80:37:78:cd:df:97:5b:68:
94:7d:81:cd:c6:0b:d5:40:90:76:42:a6:b6:c5:20:
8f:14:2f:eb:61:62:09:df:2e:b9:41:72:9b:c2:0d:
74:a8:c9:3a:72:30:95:31:ee:21:5a:23:d0:6a:6d:
22:2d:3a:6d:d6:9d:e2:03:ef:13:65:ff:f9:d5:4c:
a3:44:dc:a1:96:b2:41:a1:f2:d9:f6:cd:b6:fd:b8:
9c:2f:e8:56:e8:b0:1b:3a:bf:1c:b8:0e:4e:07:70:
28:1a:e3:db:13:43:06:9e:be:c8:9f:7a:82:55:bd:
bb:37:a5:bb:ce:f2:a3:99:4c:01:da:1f:56:1b:00:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/19
212.59.64.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213176
Signature Algorithm: sha256WithRSAEncryption
57:07:28:25:4c:70:48:a6:d0:8b:15:cc:d8:c0:f7:39:38:7f:
ae:fa:1d:12:27:51:6d:a1:c3:57:a1:47:7a:da:02:12:10:63:
db:b8:7b:dc:b8:0c:3f:23:2b:3f:6b:20:45:b5:4f:a1:1d:b2:
f7:01:ab:36:31:07:0f:88:c1:29:a8:ab:97:98:b5:b9:e5:35:
fd:86:80:27:20:6c:4b:34:e9:57:e7:93:70:e2:3c:57:ac:09:
35:97:cc:2b:94:6f:ca:0e:73:3b:6c:08:85:53:6b:ae:e5:d1:
11:4e:a8:b1:67:05:34:8a:b2:bc:2c:cf:e9:2d:98:f5:8f:9d:
68:4b:7a:4b:a2:bd:44:ec:1b:d6:2c:00:e0:d7:21:af:41:80:
16:ad:79:73:e8:42:5f:4f:a9:27:bb:44:15:27:2c:96:34:a8:
eb:da:8a:7d:41:21:ac:22:6b:a6:0a:6b:62:46:6c:60:d6:b3:
cf:50:ea:85:d6:33:5a:19:df:f5:59:23:fd:db:d1:ff:9d:68:
76:2b:bd:c6:2b:a5:b3:b7:49:ce:f1:ff:0d:de:d0:b9:eb:5b:
77:e1:5e:c1:07:e4:81:71:49:dd:9e:68:9a:de:ef:36:04:ae:
cc:c5:a7:39:9b:66:c1:73:cd:da:31:05:29:4e:83:be:f8:6f:
57:0c:31:0e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzFbd8g3vr2woyw07auEyueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWEyZDBkY2Q1MGE2ODJmOTc1ZWEzZDhjMzhlNWU2N2JiMDMyMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3V9aGwVmE9RBffrGedG7YTev4Vh
nd46ESjf/BAzdVj8Q9FU2YFme8oyeyONH1FLqb3hoyCzJ/w6FjZlhTWEfh1wVt/4
gdvEqfs5Wgv/Twi4935LFlqqMdmNg8yvvKfAX6+1gklz9MzOHnAgo70UGoCEcZUj
GwlarzSY9HfjgDd4zd+XW2iUfYHNxgvVQJB2Qqa2xSCPFC/rYWIJ3y65QXKbwg10
qMk6cjCVMe4hWiPQam0iLTpt1p3iA+8TZf/51UyjRNyhlrJBofLZ9s22/bicL+hW
6LAbOr8cuA5OB3AoGuPbE0MGnr7In3qCVb27N6W7zvKjmUwB2h9WGwCFjQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFIGi0NzVCmgvl16j2MOOXme7AyL5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UyL2QyNWE3
Mi1iYmUzLTRhYjAtOTU2NC1mZTQ1ZDUxNjBjMzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvZDI1YTcy
LWJiZTMtNGFiMC05NTY0LWZlNDVkNTE2MGMzOS8xL2dhTFEzTlVLYUMtWFhxUFl3
NDVlWjdzREl2ay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQF0SPgAwQD1DtAMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwNAuDANBgkqhkiG9w0BAQsFAAOCAQEAVwcoJUxwSKbQixXM2MD3OTh/
rvodEidRbaHDV6FHetoCEhBj27h73LgMPyMrP2sgRbVPoR2y9wGrNjEHD4jBKair
l5i1ueU1/YaAJyBsSzTpV+eTcOI8V6wJNZfMK5Rvyg5zO2wIhVNrruXREU6osWcF
NIqyvCzP6S2Y9Y+daEt6S6K9ROwb1iwA4Nchr0GAFq15c+hCX0+pJ7tEFScsljSo
69qKfUEhrCJrpgprYkZsYNazz1DqhdYzWhnf9Vkj/dvR/51odiu9xiuls7dJzvH/
Dd7Quetbd+FewQfkgXFJ3Z5omt7vNgSuzMWnOZtmwXPN2jEFKU6DvvhvVwwxDg==
-----END CERTIFICATE-----
Generated at Fri May 3 10:51:31 2024 by rpki-client on console-fra.rpki-client.org