Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer
File: iq2cDOW6OQW0GXCgTlGXYHbGfgA.cer (raw, json)
Hash identifier: CtCtYSrGHDnqbBRgX0pF7TdO8koOFu1QFTNIzwM7hsE=
Subject key identifier: 8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC34952A63330C08E79E8441B0124AF21
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:11 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 49837
IP: 193.135.40.0/21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:52:a6:33:30:c0:8e:79:e8:44:1b:01:24:af:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aad9c0ce5ba3905b41970a04e51976076c67e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:85:70:82:c1:20:e0:50:52:31:c8:61:89:
da:a1:89:dc:5e:9a:5a:4b:a0:71:f9:f9:db:8f:67:
16:11:bb:60:13:59:0c:96:70:59:f1:04:04:fa:67:
00:bc:6a:19:be:a6:ca:58:67:bb:a3:5b:4c:01:b9:
37:ca:4f:ca:fe:5a:f9:89:01:3d:05:72:ba:58:3f:
af:19:c2:59:be:1c:df:a5:7f:a2:6a:60:ec:85:06:
25:43:cb:6c:91:a4:c3:04:69:c5:f8:ed:7a:aa:b3:
5f:1d:43:93:3f:ef:ec:63:83:f8:6b:67:de:eb:e7:
af:c1:1a:34:9a:a7:2b:e0:e3:6d:d4:4a:a3:9d:f0:
ee:e2:70:9e:e8:a1:1d:97:d1:f8:27:ce:a2:9a:2e:
07:35:13:e2:61:95:c2:ec:1a:d2:07:b2:00:2e:26:
d2:32:37:99:ed:35:8f:a4:25:96:62:5a:6c:9f:30:
ba:51:72:e5:47:6e:4e:00:85:69:1b:31:fd:48:84:
fd:ef:75:38:8b:cf:c1:2c:58:3a:1d:d0:d1:cd:6f:
ed:08:fc:41:bc:58:bd:cd:9d:6f:b7:37:3d:0a:68:
93:b8:a1:9f:1e:61:c0:20:48:0f:f0:3c:df:b8:5b:
74:c6:da:66:72:57:db:82:56:5e:38:ed:13:36:36:
93:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AD:9C:0C:E5:BA:39:05:B4:19:70:A0:4E:51:97:60:76:C6:7E:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e445e4-26bd-48c9-83db-7a0ece9c0af8/1/iq2cDOW6OQW0GXCgTlGXYHbGfgA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.40.0/21
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49837
Signature Algorithm: sha256WithRSAEncryption
43:a1:8f:fa:40:ab:b7:64:9c:fd:61:ff:7e:8f:57:89:07:e1:
c3:f3:1d:08:54:50:07:06:82:40:6e:44:22:6e:38:34:ad:ea:
b5:7d:62:3a:d8:c1:58:cd:8c:ab:ff:5a:34:83:f1:38:b9:b9:
2c:a4:27:f9:88:76:67:e9:bb:f6:e6:58:ec:f6:19:a0:d1:bf:
64:36:02:32:d6:9d:94:30:9b:90:09:77:4b:08:57:e1:bd:87:
ad:e4:b2:7c:4e:17:11:7f:0c:f5:31:a3:a0:4c:d9:5d:92:cb:
d7:b6:ed:e6:5c:72:b9:0b:92:6e:20:b9:8e:de:b9:5a:f1:c1:
b6:5b:65:38:79:7c:ee:0a:36:a4:87:45:7f:bc:3a:4b:0f:ac:
3c:c6:1a:80:18:a6:fa:60:e8:6d:59:26:ea:6b:50:45:19:ea:
4d:c4:d2:85:55:ce:34:65:bc:70:02:80:03:94:0e:53:75:00:
18:bc:f9:6c:b9:23:d6:86:35:5f:cc:e8:33:74:0a:da:24:e3:
aa:18:c6:72:63:9f:a5:df:b9:9f:bc:e7:4f:38:40:30:cd:80:
d7:b3:e8:8b:e6:37:e5:1a:d4:9a:ea:d7:5a:16:d5:4b:20:78:
de:53:55:46:a8:4a:4e:61:53:02:d6:8d:56:03:82:c1:0e:fc:
c1:0a:e6:fb
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDSVKmMzDAjnnoRBsBJK8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFkOWMwY2U1YmEzOTA1YjQxOTcwYTA0ZTUxOTc2MDc2YzY3ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplaFcILBIOBQUjHIYYnaoYncXppa
S6Bx+fnbj2cWEbtgE1kMlnBZ8QQE+mcAvGoZvqbKWGe7o1tMAbk3yk/K/lr5iQE9
BXK6WD+vGcJZvhzfpX+iamDshQYlQ8tskaTDBGnF+O16qrNfHUOTP+/sY4P4a2fe
6+evwRo0mqcr4ONt1EqjnfDu4nCe6KEdl9H4J86imi4HNRPiYZXC7BrSB7IALibS
MjeZ7TWPpCWWYlpsnzC6UXLlR25OAIVpGzH9SIT973U4i8/BLFg6HdDRzW/tCPxB
vFi9zZ1vtzc9CmiTuKGfHmHAIEgP8DzfuFt0xtpmclfbglZeOO0TNjaTPwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFIqtnAzlujkFtBlwoE5Rl2B2xn4AMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyL2U0NDVl
NC0yNmJkLTQ4YzktODNkYi03YTBlY2U5YzBhZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvZTQ0NWU0
LTI2YmQtNDhjOS04M2RiLTdhMGVjZTljMGFmOC8xL2lxMmNET1c2T1FXMEdYQ2dU
bEdYWUhiR2ZnQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQDwYcoMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwDCrTANBgkqhkiG9w0BAQsFAAOCAQEAQ6GP+kCrt2Sc/WH/fo9XiQfhw/MdCFRQ
BwaCQG5EIm44NK3qtX1iOtjBWM2Mq/9aNIPxOLm5LKQn+Yh2Z+m79uZY7PYZoNG/
ZDYCMtadlDCbkAl3SwhX4b2HreSyfE4XEX8M9TGjoEzZXZLL17bt5lxyuQuSbiC5
jt65WvHBtltlOHl87go2pIdFf7w6Sw+sPMYagBim+mDobVkm6mtQRRnqTcTShVXO
NGW8cAKAA5QOU3UAGLz5bLkj1oY1X8zoM3QK2iTjqhjGcmOfpd+5n7znTzhAMM2A
17Poi+Y35RrUmurXWhbVSyB43lNVRqhKTmFTAtaNVgOCwQ78wQrm+w==
-----END CERTIFICATE-----
Generated at Fri May 3 02:10:45 2024 by rpki-client on console-ams.rpki-client.org