Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer (raw, json)
Hash identifier: VkkefqjHTjKIJ2sjux6JdkDlcjHuiljDCsUTDoa0wpw=
Subject key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC79491C972CF0E9DCC7E00F959F2EBE8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 00:30:51 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 38924
IP: 95.87.0.0/18
IP: 2a00:fc40::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:91:c9:72:cf:0e:9d:cc:7e:00:f9:59:f2:eb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 00:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:f1:57:d4:21:79:cf:f8:9c:bd:af:ea:04:
24:bd:34:4a:90:8c:69:ee:59:36:18:af:c2:14:67:
23:35:e2:9a:f0:8e:64:a4:8e:7c:7c:d2:18:c7:46:
0a:93:2b:83:22:40:dd:d0:be:2b:0c:e2:ea:aa:9c:
5a:67:51:f6:43:84:1c:d5:12:9f:d6:04:1f:76:2e:
d9:7a:d3:72:89:5c:1a:56:9f:09:6c:ae:8b:4d:6f:
c1:3f:e4:df:80:24:f4:30:e6:3c:e5:fc:7e:52:28:
89:62:8e:5c:7f:69:0c:c7:07:5e:55:b7:cc:0f:f9:
11:df:29:65:e3:71:d9:b1:c4:63:cd:27:80:91:ab:
9e:3f:10:af:33:e0:80:1c:19:07:d5:83:31:87:c0:
f3:60:47:c9:ae:b2:2d:1b:24:4a:88:cd:8e:44:94:
d3:db:c3:d4:80:52:b7:18:15:b5:7f:0d:ce:1c:ba:
95:99:61:e7:bb:f2:04:c4:fc:7d:3b:c3:54:8b:72:
9f:2c:f8:56:b1:f0:34:0d:45:fd:4b:6c:da:93:d0:
d0:ac:2e:ff:c2:68:71:1a:bc:43:ec:f0:d5:a9:3a:
9f:3e:ea:49:cc:2d:c9:4c:57:cd:46:d5:03:e7:43:
c4:5a:53:59:de:07:e6:5a:b3:8d:76:58:db:39:72:
f4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.87.0.0/18
IPv6:
2a00:fc40::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
38924
Signature Algorithm: sha256WithRSAEncryption
6b:44:2e:5e:76:a7:72:cc:e5:77:03:bb:79:3c:ae:31:1b:09:
12:14:ce:eb:bd:39:13:c1:92:db:19:23:6b:d0:51:ca:d5:da:
8d:10:b2:57:36:a2:5c:28:8d:a7:50:69:b1:27:5f:41:9b:22:
2c:50:e6:5b:3e:90:89:11:b2:94:35:9c:ea:18:b1:bc:83:16:
54:6f:62:74:4c:84:3c:61:8d:7e:5b:75:73:c3:af:a1:66:52:
87:98:84:f1:e2:c4:cd:f7:a6:02:d7:04:7f:b9:cc:cf:a5:66:
dc:a5:36:f5:52:5c:2d:79:59:8d:41:bb:bf:54:d0:07:12:41:
43:7a:53:f9:af:25:6b:12:de:d8:be:b6:9d:37:76:da:33:47:
07:90:d6:4f:3d:e6:de:4f:f7:33:14:ec:4a:3b:51:aa:99:d0:
e1:1c:51:c8:d4:21:a2:50:12:b7:c4:78:c9:5c:e2:c2:28:2a:
e9:57:93:2b:c5:f2:0b:12:3a:b0:c9:d1:11:74:df:29:e3:b6:
09:fb:aa:76:f8:d8:82:64:6d:64:bd:8a:d8:07:de:4f:90:2c:
c0:75:b7:a1:44:6a:82:6c:cd:3e:fb:91:8a:07:ba:ff:0c:fd:
9f:f5:e2:6a:61:6c:2a:0a:c5:0d:5e:36:97:dd:c3:22:e6:cb:
cf:ee:f4:b5
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzHlJHJcs8Oncx+APlZ8uvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRhYmQ0MzVmODk5ZDU3MGE4ZTVmYjgzYmRhZDExNTM0NTVkZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCzxV9Qhec/4nL2v6gQkvTRKkIxp
7lk2GK/CFGcjNeKa8I5kpI58fNIYx0YKkyuDIkDd0L4rDOLqqpxaZ1H2Q4Qc1RKf
1gQfdi7ZetNyiVwaVp8JbK6LTW/BP+TfgCT0MOY85fx+UiiJYo5cf2kMxwdeVbfM
D/kR3yll43HZscRjzSeAkauePxCvM+CAHBkH1YMxh8DzYEfJrrItGyRKiM2ORJTT
28PUgFK3GBW1fw3OHLqVmWHnu/IExPx9O8NUi3KfLPhWsfA0DUX9S2zak9DQrC7/
wmhxGrxD7PDVqTqfPupJzC3JTFfNRtUD50PEWlNZ3gfmWrONdljbOXL0tQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhLzNmMTMz
Zi0xYzgxLTRhNGItYTI1NS0zZTM2NDY1OTFhYTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvM2YxMzNm
LTFjODEtNGE0Yi1hMjU1LTNlMzY0NjU5MWFhMC8xL2hrcTlRMS1KblZjS2psLTRP
OXJSRlRSVjN1QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQGX1cAMA0EAgACMAcDBQAqAPxAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCYDDANBgkqhkiG9w0BAQsFAAOCAQEAa0QuXnancszl
dwO7eTyuMRsJEhTO6705E8GS2xkja9BRytXajRCyVzaiXCiNp1BpsSdfQZsiLFDm
Wz6QiRGylDWc6hixvIMWVG9idEyEPGGNflt1c8OvoWZSh5iE8eLEzfemAtcEf7nM
z6Vm3KU29VJcLXlZjUG7v1TQBxJBQ3pT+a8laxLe2L62nTd22jNHB5DWTz3m3k/3
MxTsSjtRqpnQ4RxRyNQholASt8R4yVziwigq6VeTK8XyCxI6sMnREXTfKeO2Cfuq
dvjYgmRtZL2K2AfeT5AswHW3oURqgmzNPvuRige6/wz9n/XiamFsKgrFDV42l93D
IubLz+70tQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:02:37 2024 by rpki-client on console-ams.rpki-client.org