Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jP3v7O1c7o8abJN5jlo0tiH23As.cer
File: jP3v7O1c7o8abJN5jlo0tiH23As.cer (raw, json)
Hash identifier: SUZmM45hIKmRKDaw0Vr+qoHgermggrLaa/36Qsx/V0w=
Subject key identifier: 8C:FD:EF:EC:ED:5C:EE:8F:1A:6C:93:79:8E:5A:34:B6:21:F6:DC:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01917E630E9E90B49AD650F2DFA6427AAB1B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5a/9fb7ab-f3cb-47fc-9a14-06cdeb38f7b6/1/jP3v7O1c7o8abJN5jlo0tiH23As.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5a/9fb7ab-f3cb-47fc-9a14-06cdeb38f7b6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 Aug 2024 08:38:26 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 204003
IP: 2001:67c:20ec::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:63:0e:9e:90:b4:9a:d6:50:f2:df:a6:42:7a:ab:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Aug 23 08:38:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cfdefeced5cee8f1a6c93798e5a34b621f6dc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:37:5f:0f:56:d7:31:e4:ce:f7:ac:6a:d9:28:
1a:e8:5d:fe:22:8f:7b:45:69:4e:3f:50:9a:e9:89:
57:69:a9:29:e6:df:8d:a9:98:29:69:95:eb:f1:f7:
59:19:fc:48:31:b6:f0:77:43:43:bc:6e:cb:0d:e1:
ab:49:7e:83:cd:9b:97:06:66:34:9b:cc:78:8f:d4:
3c:94:e1:47:a1:b6:7a:8b:7a:56:fc:03:72:d5:da:
5d:d8:ad:5d:08:6f:4d:14:f4:a3:5c:53:18:08:a1:
6d:27:83:d8:83:1b:6f:99:e4:d1:a7:0a:ae:97:64:
5f:0a:37:00:42:2b:a5:d9:78:35:36:83:5e:c7:d1:
c5:32:15:d8:3f:42:d0:95:b2:17:85:12:7c:ff:22:
39:60:13:25:97:5a:26:50:44:c6:40:6c:44:ba:ea:
e2:4d:6e:bd:dd:19:01:33:40:4f:da:46:42:d0:75:
60:75:91:4b:d6:bb:26:27:04:9b:4d:ef:9b:36:13:
a1:e6:54:a9:7e:03:10:f1:4a:8d:c8:c1:7a:e0:4c:
23:d4:2d:3c:f3:5e:06:35:ab:18:f0:f6:ae:22:ff:
58:ea:e6:31:ed:1e:c5:1f:5a:e8:4c:52:7d:5f:ff:
4b:75:e0:eb:a6:57:85:8b:a3:47:fd:81:95:1e:6a:
97:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FD:EF:EC:ED:5C:EE:8F:1A:6C:93:79:8E:5A:34:B6:21:F6:DC:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9fb7ab-f3cb-47fc-9a14-06cdeb38f7b6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9fb7ab-f3cb-47fc-9a14-06cdeb38f7b6/1/jP3v7O1c7o8abJN5jlo0tiH23As.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:20ec::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204003
Signature Algorithm: sha256WithRSAEncryption
38:b0:85:6a:b8:b8:e8:e0:94:1a:23:a6:3d:6b:9b:dc:4b:0a:
e6:8c:df:88:17:74:0b:ea:93:d3:99:44:b5:80:14:d2:44:c0:
70:d5:32:07:87:66:76:91:a0:3e:03:28:6c:15:0b:68:bf:c3:
81:41:4f:03:e3:75:fb:4b:d7:de:0d:53:88:6d:62:83:4c:9a:
2b:9a:27:e4:3e:5b:3d:53:09:a4:19:17:f2:b2:c1:6b:ae:ac:
0e:f8:29:25:0d:82:88:c7:69:a0:10:0d:09:23:49:bb:57:b4:
9d:e2:28:c9:e2:ad:e2:79:c0:17:85:6e:63:8d:a4:59:ee:54:
bf:c7:33:e0:bf:3f:31:6c:a4:ab:d0:33:58:be:5b:68:5d:c2:
61:a3:6a:11:0c:e5:6c:e1:84:09:5b:7d:a6:7e:12:15:c6:d0:
80:34:52:12:19:b4:92:86:00:c2:a4:6f:3e:29:cf:76:44:13:
c0:b7:c6:7f:cc:4d:ee:0f:c1:d1:68:52:8f:10:83:17:fc:9d:
c9:e0:d3:13:81:67:13:a1:1c:16:25:c0:15:dd:68:69:2d:7b:
99:2b:af:19:ac:73:98:ba:9f:02:9c:99:a7:cb:19:e7:de:86:
4e:eb:69:d3:b8:25:69:8c:e3:89:22:ac:1e:f3:f7:c5:1e:8e:
29:80:64:64
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZF+Yw6ekLSa1lDy36ZCeqsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwODIzMDgzODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2ZkZWZlY2VkNWNlZThmMWE2YzkzNzk4ZTVhMzRiNjIxZjZkYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzdfD1bXMeTO96xq2Sga6F3+Io97
RWlOP1Ca6YlXaakp5t+NqZgpaZXr8fdZGfxIMbbwd0NDvG7LDeGrSX6DzZuXBmY0
m8x4j9Q8lOFHobZ6i3pW/ANy1dpd2K1dCG9NFPSjXFMYCKFtJ4PYgxtvmeTRpwqu
l2RfCjcAQiul2Xg1NoNex9HFMhXYP0LQlbIXhRJ8/yI5YBMll1omUETGQGxEuuri
TW693RkBM0BP2kZC0HVgdZFL1rsmJwSbTe+bNhOh5lSpfgMQ8UqNyMF64Ewj1C08
814GNasY8PauIv9Y6uYx7R7FH1roTFJ9X/9LdeDrpleFi6NH/YGVHmqXNwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFIz97+ztXO6PGmyTeY5aNLYh9twLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVhLzlmYjdh
Yi1mM2NiLTQ3ZmMtOWExNC0wNmNkZWIzOGY3YjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEvOWZiN2Fi
LWYzY2ItNDdmYy05YTE0LTA2Y2RlYjM4ZjdiNi8xL2pQM3Y3TzFjN284YWJKTjVq
bG8wdGlIMjNBcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCDsMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMc4zANBgkqhkiG9w0BAQsFAAOCAQEAOLCFari46OCUGiOmPWub3EsK5ozf
iBd0C+qT05lEtYAU0kTAcNUyB4dmdpGgPgMobBULaL/DgUFPA+N1+0vX3g1TiG1i
g0yaK5on5D5bPVMJpBkX8rLBa66sDvgpJQ2CiMdpoBANCSNJu1e0neIoyeKt4nnA
F4VuY42kWe5Uv8cz4L8/MWykq9AzWL5baF3CYaNqEQzlbOGECVt9pn4SFcbQgDRS
Ehm0koYAwqRvPinPdkQTwLfGf8xN7g/B0WhSjxCDF/ydyeDTE4FnE6EcFiXAFd1o
aS17mSuvGaxzmLqfApyZp8sZ596GTutp07glaYzjiSKsHvP3xR6OKYBkZA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:29:07 2024 by rpki-client on console-ams.rpki-client.org