Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer
File: jm11tOSYb6zLYUszTkXV4Dk1Kpw.cer (raw, json)
Hash identifier: G/NZXTPr3T/gkhd94rRyppXD6OrJTrhFzAjsALau8EM=
Subject key identifier: 8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8015802EDE1FBF053E0F5C00ACC3117
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/jm11tOSYb6zLYUszTkXV4Dk1Kpw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:40 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 20691
IP: 91.209.188.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:58:02:ed:e1:fb:f0:53:e0:f5:c0:0a:cc:31:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e6d75b4e4986faccb614b334e45d5e039352a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:c7:29:07:1b:fa:8e:c1:6a:81:67:53:1a:
bd:8c:78:f4:a5:d2:6a:f8:63:a6:d1:de:54:af:d3:
36:16:d7:df:1a:97:44:45:88:a6:26:c6:76:2a:d5:
25:a9:e7:5b:9d:52:fa:6a:82:72:b4:65:36:76:1a:
f9:c1:a1:2b:b6:bf:a8:f2:fb:b2:f0:65:ec:bd:5b:
cf:f7:eb:ec:30:6a:71:29:12:70:e3:62:bb:18:fb:
d9:18:60:ec:1f:c2:87:c8:da:56:81:da:bb:48:b0:
dd:b2:16:77:27:e0:20:e8:85:4e:88:89:3e:0a:f0:
43:53:b4:81:d1:ab:87:f6:c9:8c:1a:c5:33:ee:32:
d6:72:a1:b4:54:28:dc:48:b6:3e:ef:9a:21:5d:7d:
b9:3b:89:2e:2f:36:44:16:11:f9:b7:f1:cb:03:28:
21:eb:e1:db:d2:a2:4b:e3:92:40:e3:55:5e:e4:52:
d3:ee:3d:ee:71:76:9e:30:dc:fc:68:3c:fc:4b:8c:
1c:79:39:46:db:d5:25:1d:33:a4:95:cc:c6:69:10:
e4:e3:59:86:47:40:55:7a:d9:61:34:94:02:03:46:
d9:02:50:6f:75:eb:4c:68:a6:5f:fe:35:2b:c6:81:
72:38:87:6e:6e:12:b0:32:91:a1:4d:a0:59:29:d5:
29:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:6D:75:B4:E4:98:6F:AC:CB:61:4B:33:4E:45:D5:E0:39:35:2A:9C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/aca994-f3c0-45a4-a642-6d7602d24c83/1/jm11tOSYb6zLYUszTkXV4Dk1Kpw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.188.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20691
Signature Algorithm: sha256WithRSAEncryption
54:61:4a:95:dc:99:89:7a:14:60:42:4b:98:ce:5f:12:f7:d2:
33:a7:03:08:1b:ac:7c:2b:42:1e:61:84:6a:aa:4e:7c:2a:cc:
26:26:76:04:0a:60:15:4e:d7:1b:23:76:af:cb:e0:12:50:ac:
99:73:90:b4:89:69:03:6f:5d:c4:6b:f4:b6:2c:b1:93:c5:96:
ad:f0:5e:55:b9:6b:71:a2:ce:14:c8:40:54:2e:b0:55:d4:28:
07:3d:7d:33:b8:4d:03:d3:55:58:4d:1e:89:55:fa:bb:c8:ae:
7f:e8:34:1b:ab:f6:3a:41:39:ca:10:16:ea:03:e2:04:24:45:
34:b1:aa:10:f3:06:3e:21:90:8d:bd:3d:00:9e:7d:3c:ee:11:
a1:79:d2:1f:8a:0f:60:b3:71:36:13:44:28:63:d4:90:fb:3a:
ba:c8:e1:64:b4:ba:55:1e:d7:b1:db:da:d1:77:97:82:da:2c:
3e:b0:d3:b7:3e:c1:ad:e0:a8:b1:4d:4b:3e:42:0b:61:6f:68:
8e:66:1d:c5:75:e7:64:c1:ec:5f:a4:0d:57:be:8c:80:43:2b:
f0:92:d8:e2:15:59:59:3b:53:4d:93:46:20:b6:20:a7:64:7a:
19:b7:46:bc:55:81:ca:27:ca:58:1f:ab:1b:fb:80:87:9c:9f:
b2:30:b6:cf
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzIAVgC7eH78FPg9cAKzDEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTZkNzViNGU0OTg2ZmFjY2I2MTRiMzM0ZTQ1ZDVlMDM5MzUyYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ebHKQcb+o7BaoFnUxq9jHj0pdJq
+GOm0d5Ur9M2FtffGpdERYimJsZ2KtUlqedbnVL6aoJytGU2dhr5waErtr+o8vuy
8GXsvVvP9+vsMGpxKRJw42K7GPvZGGDsH8KHyNpWgdq7SLDdshZ3J+Ag6IVOiIk+
CvBDU7SB0auH9smMGsUz7jLWcqG0VCjcSLY+75ohXX25O4kuLzZEFhH5t/HLAygh
6+Hb0qJL45JA41Ve5FLT7j3ucXaeMNz8aDz8S4wceTlG29UlHTOklczGaRDk41mG
R0BVetlhNJQCA0bZAlBvdetMaKZf/jUrxoFyOIdubhKwMpGhTaBZKdUpyQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFI5tdbTkmG+sy2FLM05F1eA5NSqcMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y5L2FjYTk5
NC1mM2MwLTQ1YTQtYTY0Mi02ZDc2MDJkMjRjODMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkvYWNhOTk0
LWYzYzAtNDVhNC1hNjQyLTZkNzYwMmQyNGM4My8xL2ptMTF0T1NZYjZ6TFlVc3pU
a1hWNERrMUtwdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW9G8MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQC
AlDTMA0GCSqGSIb3DQEBCwUAA4IBAQBUYUqV3JmJehRgQkuYzl8S99IzpwMIG6x8
K0IeYYRqqk58KswmJnYECmAVTtcbI3avy+ASUKyZc5C0iWkDb13Ea/S2LLGTxZat
8F5VuWtxos4UyEBULrBV1CgHPX0zuE0D01VYTR6JVfq7yK5/6DQbq/Y6QTnKEBbq
A+IEJEU0saoQ8wY+IZCNvT0Ann087hGhedIfig9gs3E2E0QoY9SQ+zq6yOFktLpV
Htex29rRd5eC2iw+sNO3PsGt4KixTUs+Qgthb2iOZh3FdedkwexfpA1XvoyAQyvw
ktjiFVlZO1NNk0YgtiCnZHoZt0a8VYHKJ8pYH6sb+4CHnJ+yMLbP
-----END CERTIFICATE-----
Generated at Fri May 3 02:11:17 2024 by rpki-client on console-ams.rpki-client.org