Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
File: iOZzGonffpNxq6M-sU1y9h45gLk.cer (raw, json)
Hash identifier: I2ISV3ixUs9PjSqeVIj42vtAmi6j0Cm4FJcqDUrMWc8=
Subject key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DF915E84575969C31EFC4E29BDF582
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:32:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.134.200.0/21
IP: 5.134.224.0/19
IP: 89.47.80.0/21
IP: 93.113.164.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:91:5e:84:57:59:69:c3:1e:fc:4e:29:bd:f5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:71:8c:7d:12:9b:f5:a2:b3:65:2d:22:35:
56:d8:3c:65:e5:c6:23:1e:8e:6d:00:11:b9:83:15:
69:3a:fb:f1:db:cc:f8:bf:13:4a:e1:bf:02:30:c9:
ff:17:55:12:1f:24:44:fe:cd:57:0b:f1:76:af:95:
09:dc:b1:42:49:6c:af:c4:76:63:c0:5f:c6:59:b7:
17:a0:b9:7a:ba:31:ea:7d:c6:19:89:0c:1c:42:f7:
7a:43:99:91:53:01:a0:f4:80:b5:e9:ee:28:b3:5c:
81:17:40:4f:19:f5:c7:83:85:36:39:a8:fe:05:eb:
d3:b2:f0:03:05:04:2c:55:c3:b3:e6:13:21:cc:4b:
3c:80:ad:82:39:d7:e8:51:1b:a9:2d:23:d2:7a:c9:
92:16:46:ca:11:77:12:dd:4e:58:34:b7:4a:7d:b7:
3b:f0:a1:f3:2e:f7:cd:ba:07:ce:74:96:e2:a3:37:
83:de:ad:83:a2:db:c6:37:af:93:3e:b3:a7:4c:c6:
af:c8:84:2e:94:e7:1b:18:be:77:ed:be:df:14:34:
a9:f3:ee:38:37:ab:d1:70:60:f1:e7:49:b4:18:d0:
01:fb:2d:e6:c8:7a:7a:66:76:f2:ce:75:a6:aa:23:
b3:90:a3:d4:3f:eb:4f:eb:05:73:94:ac:f1:0b:e0:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.200.0/21
5.134.224.0/19
89.47.80.0/21
93.113.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:f2:0a:ef:e1:07:b7:3d:e3:d5:67:a9:f7:84:96:bd:bc:c2:
6c:4f:31:af:f9:ba:77:dc:47:d6:0a:e2:b8:5f:79:3e:56:ba:
53:f5:7c:4d:5a:ca:af:88:3c:93:64:3a:a8:90:a7:6b:b3:f0:
b7:09:52:19:72:98:a4:66:d6:7c:77:fc:24:6b:ea:4b:06:5f:
d3:21:ef:00:2b:16:0f:72:ca:46:a6:95:82:5f:42:94:00:c5:
21:57:29:ef:9e:ec:c5:9d:2c:93:21:55:2f:7c:a0:99:ea:e6:
42:42:47:61:83:65:4f:99:0b:66:55:a4:41:9c:41:a3:4c:d1:
1e:43:fd:fc:91:b2:3d:2b:16:a0:47:2b:db:c0:aa:07:6e:4c:
5b:05:73:1b:44:da:d6:ae:5e:09:01:09:90:7c:15:a0:56:d3:
e6:51:ee:8b:ab:9a:98:58:a0:db:67:83:50:4d:07:83:04:c6:
d3:9c:06:3e:ff:5e:9f:e8:13:25:5a:4e:9b:30:b0:80:d2:18:
a4:c7:a1:92:a6:9a:ca:1f:f0:89:bb:55:ff:f3:2c:9c:63:8f:
79:cf:1e:5d:f2:23:b5:dd:02:aa:bc:2f:61:45:83:5d:66:33:
ba:21:5d:1b:46:08:42:4d:b1:54:ad:f0:46:f9:ea:c2:ec:90:
60:1b:4f:8c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzI35FehFdZacMe/E4pvfWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU2NzMxYTg5ZGY3ZTkzNzFhYmEzM2ViMTRkNzJmNjFlMzk4MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvElxjH0Sm/Wis2UtIjVW2Dxl5cYj
Ho5tABG5gxVpOvvx28z4vxNK4b8CMMn/F1USHyRE/s1XC/F2r5UJ3LFCSWyvxHZj
wF/GWbcXoLl6ujHqfcYZiQwcQvd6Q5mRUwGg9IC16e4os1yBF0BPGfXHg4U2Oaj+
BevTsvADBQQsVcOz5hMhzEs8gK2COdfoURupLSPSesmSFkbKEXcS3U5YNLdKfbc7
8KHzLvfNugfOdJbiozeD3q2DotvGN6+TPrOnTMavyIQulOcbGL537b7fFDSp8+44
N6vRcGDx50m0GNAB+y3myHp6ZnbyznWmqiOzkKPUP+tP6wVzlKzxC+CEiwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFIjmcxqJ336TcaujPrFNcvYeOYC5MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E2LzMzNmNi
My1mNGY3LTRkOGEtOTVjZS02YmNmNGE0MmFjN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvMzM2Y2Iz
LWY0ZjctNGQ4YS05NWNlLTZiY2Y0YTQyYWM3ZC8xL2lPWnpHb25mZnBOeHE2TS1z
VTF5OWg0NWdMay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQDBYbIAwQFBYbgAwQDWS9QAwQCXXGkMA0GCSqG
SIb3DQEBCwUAA4IBAQCp8grv4Qe3PePVZ6n3hJa9vMJsTzGv+bp33EfWCuK4X3k+
VrpT9XxNWsqviDyTZDqokKdrs/C3CVIZcpikZtZ8d/wka+pLBl/TIe8AKxYPcspG
ppWCX0KUAMUhVynvnuzFnSyTIVUvfKCZ6uZCQkdhg2VPmQtmVaRBnEGjTNEeQ/38
kbI9KxagRyvbwKoHbkxbBXMbRNrWrl4JAQmQfBWgVtPmUe6Lq5qYWKDbZ4NQTQeD
BMbTnAY+/16f6BMlWk6bMLCA0hikx6GSpprKH/CJu1X/8yycY495zx5d8iO13QKq
vC9hRYNdZjO6IV0bRghCTbFUrfBG+erC7JBgG0+M
-----END CERTIFICATE-----
Generated at Fri May 3 10:53:04 2024 by rpki-client on console-fra.rpki-client.org