Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/icPJKk4dT-iFcr-mjJhcMeM2jII.cer
File: icPJKk4dT-iFcr-mjJhcMeM2jII.cer (raw, json)
Hash identifier: 8PiGu9vekFL1Rkij2B3tPPH3ytjNWa0HdZ7rRw5y3Ts=
Subject key identifier: 89:C3:C9:2A:4E:1D:4F:E8:85:72:BF:A6:8C:98:5C:31:E3:36:8C:82
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC7275E90B78D8AF30ED8F345AFB815E7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/icPJKk4dT-iFcr-mjJhcMeM2jII.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 22:31:35 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 199302
IP: 2001:67c:150c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5e:90:b7:8d:8a:f3:0e:d8:f3:45:af:b8:15:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89c3c92a4e1d4fe88572bfa68c985c31e3368c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:9a:b5:b3:8d:e6:c6:d4:f8:a9:d0:80:8f:
17:50:1b:19:a2:f0:84:24:d3:6e:10:cb:58:45:f1:
54:64:da:29:79:78:8c:0b:30:48:66:30:b3:32:45:
ec:a9:e5:84:cf:e4:bc:82:c0:dd:b5:e9:2e:ad:15:
3c:f1:2d:fc:13:dd:3e:c8:75:8d:2d:54:7a:5c:9a:
ac:c4:39:82:8c:12:d9:21:2e:c9:e1:f8:67:50:68:
6a:73:63:e0:9e:eb:b6:3d:22:19:06:e5:f5:ba:b2:
53:b4:52:42:c3:51:69:5d:ab:31:be:c3:60:b1:2a:
4d:d3:0e:61:4a:95:a5:e7:a3:fe:72:1c:3c:08:a1:
a1:f3:78:95:4d:54:f6:48:00:4d:f3:c3:46:e8:3f:
75:b2:29:82:74:e6:b6:81:35:cd:f5:de:52:43:4d:
64:42:00:46:0a:95:68:58:17:05:73:30:77:66:16:
a8:b9:10:ba:f0:f9:fb:0e:bc:52:f4:f9:2a:d3:33:
4c:be:30:9f:3e:8d:58:49:ae:75:e8:7f:16:7d:e9:
ae:d4:04:6c:76:30:95:f0:d6:30:f6:bb:43:7a:04:
b6:09:61:95:bc:3e:99:be:22:35:ab:4b:e1:23:07:
d7:0e:78:5c:3e:91:c6:e2:a3:0b:ee:a3:35:51:cf:
38:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C3:C9:2A:4E:1D:4F:E8:85:72:BF:A6:8C:98:5C:31:E3:36:8C:82
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/c33905-ecc5-44b7-8146-e91ff5fe6c26/1/icPJKk4dT-iFcr-mjJhcMeM2jII.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:150c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
199302
Signature Algorithm: sha256WithRSAEncryption
0c:15:54:e1:5e:2a:09:fb:26:3e:01:b3:80:97:22:1b:5e:71:
33:af:31:3a:e4:a1:63:10:22:e6:df:c3:46:8d:a5:59:ed:68:
97:39:56:ea:bb:5a:b0:e5:d2:c7:ee:1b:14:17:5d:3d:6e:a1:
17:77:35:5c:14:1f:25:c2:59:83:0b:d8:bc:82:dd:8a:0c:03:
48:10:ae:a4:87:a2:9a:4f:2b:21:3f:cf:8f:f2:2a:a7:d0:e8:
39:c3:0f:d6:d1:20:c9:51:d5:e5:00:e5:c0:8e:a8:be:1c:83:
a4:23:d2:2c:f1:35:b6:98:1d:68:1d:a5:31:06:79:0a:7c:c8:
c7:b2:9b:bb:4d:7f:3e:c7:f5:d8:b4:9b:df:23:ea:20:79:30:
8f:83:88:2e:4f:63:e9:02:4a:30:c3:72:f1:1b:99:3a:c2:24:
30:9b:7a:72:93:0d:53:8c:b9:a3:61:65:18:01:6c:0c:0a:5d:
6b:e5:35:28:bc:fb:e0:d4:a9:4e:26:ff:c9:31:a3:32:0f:e1:
c1:68:31:fa:04:ab:47:c9:b4:40:50:a5:df:c9:ba:f2:57:95:
2a:b0:5b:0b:5f:84:f3:5d:4a:31:8d:76:b5:27:34:d1:ae:87:
15:5f:ce:0a:c5:23:f3:31:6b:9d:52:08:89:01:e8:fc:4c:df:
f8:a9:1c:8b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzHJ16Qt42K8w7Y80WvuBXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWMzYzkyYTRlMWQ0ZmU4ODU3MmJmYTY4Yzk4NWMzMWUzMzY4YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm2atbON5sbU+KnQgI8XUBsZovCE
JNNuEMtYRfFUZNopeXiMCzBIZjCzMkXsqeWEz+S8gsDdtekurRU88S38E90+yHWN
LVR6XJqsxDmCjBLZIS7J4fhnUGhqc2Pgnuu2PSIZBuX1urJTtFJCw1FpXasxvsNg
sSpN0w5hSpWl56P+chw8CKGh83iVTVT2SABN88NG6D91simCdOa2gTXN9d5SQ01k
QgBGCpVoWBcFczB3ZhaouRC68Pn7DrxS9Pkq0zNMvjCfPo1YSa516H8Wfemu1ARs
djCV8NYw9rtDegS2CWGVvD6ZviI1q0vhIwfXDnhcPpHG4qML7qM1Uc84FQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFInDySpOHU/ohXK/poyYXDHjNoyCMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBlL2MzMzkw
NS1lY2M1LTQ0YjctODE0Ni1lOTFmZjVmZTZjMjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUvYzMzOTA1
LWVjYzUtNDRiNy04MTQ2LWU5MWZmNWZlNmMyNi8xL2ljUEpLazRkVC1pRmNyLW1q
SmhjTWVNMmpJSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBUMMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMKhjANBgkqhkiG9w0BAQsFAAOCAQEADBVU4V4qCfsmPgGzgJciG15xM68x
OuShYxAi5t/DRo2lWe1olzlW6rtasOXSx+4bFBddPW6hF3c1XBQfJcJZgwvYvILd
igwDSBCupIeimk8rIT/Pj/Iqp9DoOcMP1tEgyVHV5QDlwI6ovhyDpCPSLPE1tpgd
aB2lMQZ5CnzIx7Kbu01/Psf12LSb3yPqIHkwj4OILk9j6QJKMMNy8RuZOsIkMJt6
cpMNU4y5o2FlGAFsDApda+U1KLz74NSpTib/yTGjMg/hwWgx+gSrR8m0QFCl38m6
8leVKrBbC1+E811KMY12tSc00a6HFV/OCsUj8zFrnVIIiQHo/Ezf+Kkciw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:02:48 2024 by rpki-client on console-ams.rpki-client.org