Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jg9oOGfvdpoKIq3hcRjtBvpXuB8.cer
File: jg9oOGfvdpoKIq3hcRjtBvpXuB8.cer (raw, json)
Hash identifier: aOCqXS4usMtzeJkR/zYWyxoxbvMeNZZB0b1TXtk+6eM=
Subject key identifier: 8E:0F:68:38:67:EF:76:9A:0A:22:AD:E1:71:18:ED:06:FA:57:B8:1F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018E0E35E45531D44C8D8879FA33B00D8E71
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/jg9oOGfvdpoKIq3hcRjtBvpXuB8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 05 Mar 2024 10:43:16 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 215387
IP: 2001:67c:e24::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:35:e4:55:31:d4:4c:8d:88:79:fa:33:b0:0d:8e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 5 10:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e0f683867ef769a0a22ade17118ed06fa57b81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ef:46:9d:6f:57:95:64:20:61:1f:9c:ca:58:
5d:04:26:6d:99:13:5f:fd:a5:b1:d6:96:7e:7f:ab:
d8:4b:8d:68:c9:4f:db:a9:77:15:6e:c7:a4:8a:eb:
e2:e2:f4:76:85:c8:b3:76:db:69:a8:e5:23:8d:f3:
fd:00:5c:0a:0d:70:43:f0:cc:e2:d0:46:60:e2:93:
08:60:86:02:3d:de:d1:00:96:bf:f0:94:95:fd:04:
d8:c7:e3:a3:9b:0c:76:83:27:35:0a:59:b0:10:f4:
64:48:d5:a6:8c:41:87:db:34:55:d3:38:3f:43:75:
2e:9f:32:5d:92:28:9b:f9:e2:7b:3f:98:3f:24:50:
55:b5:1e:a8:92:2a:71:b2:ff:e7:4d:4f:4a:5f:b9:
49:32:1c:ae:a3:ac:4c:73:48:c3:8e:c1:f2:bd:02:
aa:5d:5d:68:3e:1a:51:ad:ae:c3:9b:3b:a7:ef:f1:
77:94:be:3c:a8:94:e8:be:f9:aa:7c:2b:6c:cf:b7:
df:a1:a5:d2:cf:32:aa:f1:19:52:da:b6:c1:89:a2:
53:4f:43:bc:d2:83:61:37:d9:de:4b:3c:dc:86:7e:
ec:12:6f:2f:6c:4c:97:9d:6b:bc:c6:79:4a:69:a7:
30:d3:5a:d7:1c:47:ce:e4:db:2f:27:5a:b7:af:38:
fe:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0F:68:38:67:EF:76:9A:0A:22:AD:E1:71:18:ED:06:FA:57:B8:1F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/jg9oOGfvdpoKIq3hcRjtBvpXuB8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e24::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
215387
Signature Algorithm: sha256WithRSAEncryption
26:3c:b0:6d:56:bf:ac:d8:00:ea:80:c9:6a:8c:08:1d:fd:08:
8d:9c:98:79:d7:55:4b:82:ea:cb:bd:fc:4c:4b:a2:19:45:09:
6f:74:57:c7:65:db:3b:dc:0c:ae:77:62:5a:d9:a9:4e:e0:06:
28:8d:89:07:ac:bb:07:87:f5:39:f3:a1:4b:04:29:e4:38:7b:
43:12:27:ee:b7:e7:59:11:07:0b:bc:3c:d6:82:ce:43:4d:ff:
fc:73:36:20:1e:23:42:d5:f2:eb:34:5c:af:5c:94:1e:76:c4:
ce:05:5f:e0:cf:d8:78:1e:00:3c:74:f7:76:a7:36:1a:29:e5:
70:9b:60:96:3a:9d:ba:db:ad:d5:47:4c:95:18:48:74:30:47:
67:96:d3:23:d2:6e:95:84:d2:d4:f3:69:9b:58:47:51:af:9f:
23:67:a5:44:ed:51:78:bf:57:91:64:e5:5e:70:42:fb:28:08:
2b:ef:8d:88:c1:75:3e:72:98:c2:b3:0d:22:0a:95:25:71:d3:
ac:f3:cf:05:a5:5c:db:5c:30:43:4d:79:98:4d:d7:31:f0:0a:
5d:25:ec:c7:81:02:91:ec:5e:ac:86:f4:15:03:3a:69:69:c2:
4a:25:d3:43:1f:24:c8:af:1d:e1:cf:b4:18:fb:9c:22:63:66:
a7:cd:95:5b
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY4ONeRVMdRMjYh5+jOwDY5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMzA1MTA0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBmNjgzODY3ZWY3NjlhMGEyMmFkZTE3MTE4ZWQwNmZhNTdiODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu9GnW9XlWQgYR+cylhdBCZtmRNf
/aWx1pZ+f6vYS41oyU/bqXcVbsekiuvi4vR2hcizdttpqOUjjfP9AFwKDXBD8Mzi
0EZg4pMIYIYCPd7RAJa/8JSV/QTYx+Ojmwx2gyc1ClmwEPRkSNWmjEGH2zRV0zg/
Q3UunzJdkiib+eJ7P5g/JFBVtR6okipxsv/nTU9KX7lJMhyuo6xMc0jDjsHyvQKq
XV1oPhpRra7Dmzun7/F3lL48qJTovvmqfCtsz7ffoaXSzzKq8RlS2rbBiaJTT0O8
0oNhN9neSzzchn7sEm8vbEyXnWu8xnlKaacw01rXHEfO5NsvJ1q3rzj+KQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFI4PaDhn73aaCiKt4XEY7Qb6V7gfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUwLzg2YzAw
Mi03NThiLTQ5NWEtYjljZC03YjBkYzAwYThjMjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAvODZjMDAy
LTc1OGItNDk1YS1iOWNkLTdiMGRjMDBhOGMyMC8xL2pnOW9PR2Z2ZHBvS0lxM2hj
Ump0QnZwWHVCOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA4kMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwNJWzANBgkqhkiG9w0BAQsFAAOCAQEAJjywbVa/rNgA6oDJaowIHf0IjZyY
eddVS4Lqy738TEuiGUUJb3RXx2XbO9wMrndiWtmpTuAGKI2JB6y7B4f1OfOhSwQp
5Dh7QxIn7rfnWREHC7w81oLOQ03//HM2IB4jQtXy6zRcr1yUHnbEzgVf4M/YeB4A
PHT3dqc2GinlcJtgljqdutut1UdMlRhIdDBHZ5bTI9JulYTS1PNpm1hHUa+fI2el
RO1ReL9XkWTlXnBC+ygIK++NiMF1PnKYwrMNIgqVJXHTrPPPBaVc21wwQ015mE3X
MfAKXSXsx4ECkexerIb0FQM6aWnCSiXTQx8kyK8d4c+0GPucImNmp82VWw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:20:27 2024 by rpki-client on console-fra.rpki-client.org