Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
File: iBmVbdzq4CLP4SPaNzxrERZANo0.cer (raw, json)
Hash identifier: 6L46A3+ezGns7WWEwcLUp/+d304Ir/suF1iNSttabdY=
Subject key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA2B7A1AC5AB07703C7D9B13F48E805E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 12:34:56 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 2600
IP: 212.109.224.0/19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:7a:1a:c5:ab:07:70:3c:7d:9b:13:f4:8e:80:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 12:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8819956ddceae022cfe123da373c6b111640368d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4a:62:8a:bf:b9:3e:57:58:ae:42:c2:65:50:
81:88:41:88:0f:5c:9c:dc:e5:ba:28:73:cd:19:4d:
be:ff:41:cc:a3:16:46:03:99:7a:be:87:5f:49:bf:
39:ec:7a:5b:a4:77:99:5f:a8:47:34:e3:1a:4f:cc:
20:03:97:03:9e:bc:1f:1b:49:95:80:0e:a0:12:7e:
88:68:be:9e:89:cb:41:d4:b9:7f:26:42:ef:4c:dc:
5b:2d:5b:7b:dd:89:38:d8:d5:5b:93:73:f6:4d:67:
57:56:85:a5:f0:b9:aa:c6:17:07:d2:73:5f:3f:8b:
1c:54:58:31:d7:ce:8a:42:4f:73:0e:0b:d8:c9:70:
ba:0b:08:fe:ed:49:03:b3:a6:2e:c0:30:95:d0:0b:
56:9b:97:0c:7b:55:a3:48:9b:8d:51:2b:fb:17:bf:
a6:52:d0:46:d7:d2:b1:6b:58:67:4e:d7:11:05:9c:
b3:21:8e:42:c9:9c:60:7d:23:53:c7:10:a1:36:d0:
d6:e7:76:4b:2e:1c:1b:a3:8e:07:b3:6f:b9:fe:7d:
2b:55:f8:5c:3f:75:ca:46:7e:4f:21:a4:eb:f2:ad:
94:83:8a:fa:5c:ce:f7:94:1e:85:12:fb:41:27:f5:
21:cb:51:56:2a:ee:98:37:6c:f1:9e:f2:88:4c:66:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.109.224.0/19
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
2600
Signature Algorithm: sha256WithRSAEncryption
2c:dd:3e:b3:ba:22:0e:2c:29:99:a1:6b:5b:3b:8e:d1:52:52:
97:ef:4c:fa:e1:d6:5a:8d:12:af:52:a0:90:56:a5:38:30:e9:
02:d0:d0:3a:23:34:d7:00:9e:3b:b0:a5:e0:f0:1d:6d:d8:9e:
bc:4e:05:e3:ec:0a:91:84:05:d4:a6:e0:f9:d9:6d:45:35:d1:
1e:8e:97:5b:23:77:1a:f8:c6:d2:7d:11:18:e2:da:5a:c2:e7:
a9:ad:5c:0f:ba:d6:29:19:75:2b:f1:71:fb:f5:2a:01:63:6a:
f3:aa:da:b3:60:ed:17:97:10:05:10:37:15:1d:db:d4:33:06:
7c:1c:f4:f2:3a:d1:a7:8e:34:06:43:8a:76:77:08:a8:91:e3:
5e:03:21:0f:7c:fb:fb:19:d4:59:2b:dd:06:78:10:25:65:0f:
06:23:60:15:94:e5:12:0c:a5:09:bb:42:df:ef:4b:75:56:22:
a7:39:77:0e:59:52:28:5b:7a:1b:70:69:8c:09:6f:f4:27:91:
1d:59:08:9d:2e:0f:13:22:82:19:55:72:11:ee:f7:69:e5:b8:
cb:ab:8d:27:ac:91:73:b4:f0:95:67:cf:08:00:c4:7e:29:59:
3d:2a:9e:4c:1a:3a:93:fd:bf:17:da:91:f4:2a:e6:3a:68:b7:
b5:f7:ec:77
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzKK3oaxasHcDx9mxP0joBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTIzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODE5OTU2ZGRjZWFlMDIyY2ZlMTIzZGEzNzNjNmIxMTE2NDAzNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kpiir+5PldYrkLCZVCBiEGID1yc
3OW6KHPNGU2+/0HMoxZGA5l6vodfSb857HpbpHeZX6hHNOMaT8wgA5cDnrwfG0mV
gA6gEn6IaL6eictB1Ll/JkLvTNxbLVt73Yk42NVbk3P2TWdXVoWl8LmqxhcH0nNf
P4scVFgx186KQk9zDgvYyXC6Cwj+7UkDs6YuwDCV0AtWm5cMe1WjSJuNUSv7F7+m
UtBG19Kxa1hnTtcRBZyzIY5CyZxgfSNTxxChNtDW53ZLLhwbo44Hs2+5/n0rVfhc
P3XKRn5PIaTr8q2Ug4r6XM73lB6FEvtBJ/Uhy1FWKu6YN2zxnvKITGYB/QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFIgZlW3c6uAiz+Ej2jc8axEWQDaNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM3Lzk4ODc2
OC1mMTdiLTRmNTktYmUwOS0yZGViMTRjMjkwZWQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvOTg4NzY4
LWYxN2ItNGY1OS1iZTA5LTJkZWIxNGMyOTBlZC8xL2lCbVZiZHpxNENMUDRTUGFO
enhyRVJaQU5vMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQF1G3gMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AgooMA0GCSqGSIb3DQEBCwUAA4IBAQAs3T6zuiIOLCmZoWtbO47RUlKX70z64dZa
jRKvUqCQVqU4MOkC0NA6IzTXAJ47sKXg8B1t2J68TgXj7AqRhAXUpuD52W1FNdEe
jpdbI3ca+MbSfREY4tpawueprVwPutYpGXUr8XH79SoBY2rzqtqzYO0XlxAFEDcV
HdvUMwZ8HPTyOtGnjjQGQ4p2dwiokeNeAyEPfPv7GdRZK90GeBAlZQ8GI2AVlOUS
DKUJu0Lf70t1ViKnOXcOWVIoW3obcGmMCW/0J5EdWQidLg8TIoIZVXIR7vdp5bjL
q40nrJFztPCVZ88IAMR+KVk9Kp5MGjqT/b8X2pH0KuY6aLe19+x3
-----END CERTIFICATE-----
Generated at Fri May 3 11:58:28 2024 by rpki-client on console-ams.rpki-client.org