Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/kjWkdYkz2WirR_c-MA1GbSl_Pck.cer
File: kjWkdYkz2WirR_c-MA1GbSl_Pck.cer (raw, json)
Hash identifier: Ao3IdCmRBapu3UZAi5hUhGF34heBmkw+mDIL+fCns0Q=
Subject key identifier: 92:35:A4:75:89:33:D9:68:AB:47:F7:3E:30:0D:46:6D:29:7F:3D:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D5D0191953E910B499BCB20B6BD5A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/4/9235A4758933D968AB47F73E300D466D297F3DC9.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/4
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:29:56 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 57870
AS: 199099
AS: 203458
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5d:01:91:95:3e:91:0b:49:9b:cb:20:b6:bd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9235a4758933d968ab47f73e300d466d297f3dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:71:16:6b:1e:db:dd:7e:64:94:e6:0c:c6:
ca:c4:91:45:e4:52:33:42:65:8a:df:4f:c9:85:60:
6f:30:ff:96:b2:b5:fc:f5:72:e8:36:cb:fa:71:a2:
3b:c6:77:0d:87:08:db:0f:98:96:ea:2e:ea:f1:9e:
eb:d4:f8:f2:0a:44:20:27:7e:87:d7:c1:d0:f6:6d:
1f:be:3c:a5:7c:6e:ce:56:c2:98:d8:fb:e3:2a:0c:
d8:01:97:c8:19:f8:76:a9:b2:48:7b:e1:37:5f:8e:
6d:32:b3:40:4a:2e:ce:ed:23:42:b8:f3:7a:04:5f:
2e:f9:50:de:92:0b:b6:4a:f1:3e:c2:a8:1e:be:cc:
a0:33:2e:2f:a3:07:5b:ee:cb:41:fe:91:f6:f6:7b:
6d:54:fb:98:ef:4c:3f:02:1a:8f:b3:e0:67:1c:26:
ae:b2:58:a7:83:70:8f:07:43:c9:52:6c:fe:98:58:
71:a5:26:24:2d:52:97:a7:ac:50:59:ec:8c:62:06:
3b:93:f7:37:06:5e:b4:25:71:6c:c4:a8:b3:d1:c9:
70:d5:98:d6:f6:0a:2d:f1:95:41:d0:f2:aa:b8:e8:
0e:57:6a:a5:37:f2:55:3a:4a:9b:f5:8a:a7:bc:e8:
d1:87:84:47:ae:1c:1d:ae:68:ff:ca:54:de:de:56:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:35:A4:75:89:33:D9:68:AB:47:F7:3E:30:0D:46:6D:29:7F:3D:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/4
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/ae6edeec-08ba-4cde-8979-4faea4b1bc12/4/9235A4758933D968AB47F73E300D466D297F3DC9.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57870
199099
203458
Signature Algorithm: sha256WithRSAEncryption
8a:0e:c3:9e:49:b9:9e:7a:db:68:f0:b1:84:8c:83:79:18:59:
71:8f:c3:f8:de:b8:03:c2:8b:e0:d1:2c:6a:c2:c9:cb:56:ed:
27:18:5b:d2:6e:d7:3b:2c:0f:e2:85:e3:31:cc:82:2e:d2:60:
bd:5c:00:18:1e:f3:10:4d:9d:c6:7e:15:a1:7f:95:e9:bb:98:
b3:eb:d1:49:b6:ab:66:ac:77:cf:9c:b4:3b:97:e4:3f:b1:5d:
31:a6:6f:20:65:15:ff:a8:77:65:16:2a:2d:53:af:da:a9:a3:
94:76:56:d4:e8:8f:d3:7b:74:29:7f:91:6d:9b:d5:d1:d9:27:
cf:09:87:36:7f:23:db:69:4e:5e:52:80:af:ea:f6:cc:f0:9e:
85:93:ef:17:64:af:9c:6b:9b:fc:ef:c7:9b:60:a8:66:e9:ed:
34:14:b9:94:3c:fe:4d:69:f2:da:67:24:78:b2:da:62:e4:6e:
52:35:f5:eb:64:6d:97:2d:90:d6:9b:ab:68:63:34:61:94:43:
db:34:4d:a8:b1:79:f3:ee:a4:12:e0:2f:32:92:bc:b6:d4:c0:
6f:eb:57:a1:cc:a2:49:41:6d:2b:ed:43:ff:ba:d9:07:f8:4a:
53:62:d7:c5:64:65:1e:e6:1a:0d:b1:85:c0:75:43:6f:6c:1c:
11:f1:d8:df
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYzCbV0BkZU+kQtJm8sgtr1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM1YTQ3NTg5MzNkOTY4YWI0N2Y3M2UzMDBkNDY2ZDI5N2YzZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtntxFmse291+ZJTmDMbKxJFF5FIz
QmWK30/JhWBvMP+WsrX89XLoNsv6caI7xncNhwjbD5iW6i7q8Z7r1PjyCkQgJ36H
18HQ9m0fvjylfG7OVsKY2PvjKgzYAZfIGfh2qbJIe+E3X45tMrNASi7O7SNCuPN6
BF8u+VDekgu2SvE+wqgevsygMy4vowdb7stB/pH29nttVPuY70w/AhqPs+BnHCau
sling3CPB0PJUmz+mFhxpSYkLVKXp6xQWeyMYgY7k/c3Bl60JXFsxKiz0clw1ZjW
9got8ZVB0PKquOgOV2qlN/JVOkqb9YqnvOjRh4RHrhwdrmj/ylTe3lbftQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJI1pHWJM9loq0f3PjANRm0pfz3JMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE+BggrBgEFBQcBCwSCATAwggEsMF4GCCsGAQUFBzAFhlJy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FlNmVk
ZWVjLTA4YmEtNGNkZS04OTc5LTRmYWVhNGIxYmMxMi80MIGLBggrBgEFBQcwCoZ/
cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hZTZl
ZGVlYy0wOGJhLTRjZGUtODk3OS00ZmFlYTRiMWJjMTIvNC85MjM1QTQ3NTg5MzNE
OTY4QUI0N0Y3M0UzMDBENDY2RDI5N0YzREM5Lm1mdDA8BggrBgEFBQcwDYYwaHR0
cHM6Ly9ycmRwLnBhYXMucnBraS5yaXBlLm5ldC9ub3RpZmljYXRpb24ueG1sMFkG
A1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMyUUhWVjNkNW1rLmNybDAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8CAwDiDgID
Awm7AgMDGsIwDQYJKoZIhvcNAQELBQADggEBAIoOw55JuZ5622jwsYSMg3kYWXGP
w/jeuAPCi+DRLGrCyctW7ScYW9Ju1zssD+KF4zHMgi7SYL1cABge8xBNncZ+FaF/
lem7mLPr0Um2q2asd8+ctDuX5D+xXTGmbyBlFf+od2UWKi1Tr9qpo5R2VtToj9N7
dCl/kW2b1dHZJ88JhzZ/I9tpTl5SgK/q9szwnoWT7xdkr5xrm/zvx5tgqGbp7TQU
uZQ8/k1p8tpnJHiy2mLkblI19etkbZctkNabq2hjNGGUQ9s0TaixefPupBLgLzKS
vLbUwG/rV6HMoklBbSvtQ/+62Qf4SlNi18VkZR7mGg2xhcB1Q29sHBHx2N8=
-----END CERTIFICATE-----
Generated at Fri May 3 08:14:29 2024 by rpki-client on console-fra.rpki-client.org