Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
File: knaysJMpLF-nXm4UwqSZrIR-QWs.cer (raw, json)
Hash identifier: Y/afyokS+ExpPf6Plaat5Zoduhhg8zpyZDfL8BVPLdU=
Subject key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B69DE4A74B92E5A4887EA7374FB17C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:29:34 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 25046
IP: 91.90.128.0/20
IP: 194.29.32.0/20
IP: 2001:67c:2840::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9d:e4:a7:4b:92:e5:a4:88:7e:a7:37:4f:b1:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:32:26:50:33:04:1e:89:3e:53:c9:2e:54:
c7:95:8d:86:a9:82:31:25:db:ea:54:5a:8a:f0:92:
bd:0b:69:62:93:e8:01:25:5e:0c:6c:b0:47:ef:fc:
7b:f6:15:9b:af:85:73:e6:e8:59:64:6f:68:d5:9c:
1c:67:8e:fc:d8:74:fe:b4:34:13:fd:23:c8:a0:e5:
10:34:b9:d4:26:b3:a5:4e:51:59:28:88:2b:40:5c:
b5:a4:b0:24:ae:e5:ee:b9:48:03:c3:88:8e:55:d0:
03:4a:c9:5c:f5:a4:ec:f2:ab:ed:5a:15:d9:d1:f7:
b3:dc:e3:f7:ef:38:f1:67:d1:82:56:44:a7:b4:54:
7d:64:da:bc:4f:80:ab:99:77:1f:55:5c:ce:87:5c:
ef:6d:b0:16:ad:30:45:8e:3e:0d:f4:10:fb:c2:3a:
8b:e3:18:af:dd:8d:84:d0:60:4e:e5:a8:a3:8a:fd:
3f:ad:ca:24:c8:2d:19:15:d3:d3:62:b0:aa:a6:35:
20:08:78:11:91:10:19:ef:bd:b3:51:c9:1b:bb:5a:
df:70:07:ac:e1:99:1e:4c:18:90:22:63:9d:77:01:
6c:04:d8:0d:9c:fd:4e:68:39:3c:52:61:5a:94:1a:
6f:65:a4:05:a5:a5:13:41:bd:ba:de:9c:e7:ad:4e:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.90.128.0/20
194.29.32.0/20
IPv6:
2001:67c:2840::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
25046
Signature Algorithm: sha256WithRSAEncryption
82:24:d1:51:fb:ee:c7:a2:72:5d:62:df:5d:06:52:7d:27:d3:
c0:43:16:42:ce:72:9a:69:12:e2:c1:da:a9:f8:d7:cd:8f:4d:
08:26:08:47:0e:01:95:25:0c:c4:6a:9c:08:02:05:b8:5b:ab:
53:8a:93:a9:0f:c8:a7:59:34:d9:0d:a1:f6:a6:f7:35:39:68:
68:c8:ce:17:44:b6:a4:33:05:59:45:88:42:e2:14:1f:ce:b3:
7e:f5:f5:f9:7c:28:c7:d0:a7:be:12:38:b5:15:a1:ba:61:d5:
24:cb:46:f8:e6:fc:5c:48:a9:60:1a:c8:cf:21:f6:ac:ba:87:
a4:4a:b5:80:06:8d:ec:fa:f9:14:e5:f7:41:ee:06:fc:b2:cf:
81:86:cd:bc:e5:09:48:57:fa:b0:0e:a5:4b:7e:06:0a:ce:85:
c2:ea:0a:7c:e8:cb:06:ac:6d:8f:c9:95:31:c0:08:03:14:e2:
04:d8:15:8a:f9:29:45:fd:17:ae:f2:bb:d7:4f:8d:02:33:a0:
af:b1:4f:4e:92:9c:96:0c:02:eb:30:41:e3:ed:ad:a2:26:08:
0d:63:db:bc:e8:ba:48:21:26:07:6b:99:00:90:bd:08:f0:21:
22:66:cb:21:0d:65:5e:b3:da:26:2f:37:55:58:b0:46:d1:b3:
13:9d:df:cc
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzDtp3kp0uS5aSIfqc3T7F8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc2YjJiMDkzMjkyYzVmYTc1ZTZlMTRjMmE0OTlhYzg0N2U0MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OMyJlAzBB6JPlPJLlTHlY2GqYIx
JdvqVFqK8JK9C2lik+gBJV4MbLBH7/x79hWbr4Vz5uhZZG9o1ZwcZ4782HT+tDQT
/SPIoOUQNLnUJrOlTlFZKIgrQFy1pLAkruXuuUgDw4iOVdADSslc9aTs8qvtWhXZ
0fez3OP37zjxZ9GCVkSntFR9ZNq8T4CrmXcfVVzOh1zvbbAWrTBFjj4N9BD7wjqL
4xiv3Y2E0GBO5aijiv0/rcokyC0ZFdPTYrCqpjUgCHgRkRAZ772zUckbu1rfcAes
4ZkeTBiQImOddwFsBNgNnP1OaDk8UmFalBpvZaQFpaUTQb263pznrU6AxwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJJ2srCTKSxfp15uFMKkmayEfkFrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZlLzNmYTky
Zi1jYWJkLTQxM2ItYWU1Yy02OWI3MzNjYmM1MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUvM2ZhOTJm
LWNhYmQtNDEzYi1hZTVjLTY5YjczM2NiYzUyOC8xL2tuYXlzSk1wTEYtblhtNFV3
cVNacklSLVFXcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQEW1qAAwQEwh0gMA8EAgACMAkDBwAgAQZ8KEAw
GQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICYdYwDQYJKoZIhvcNAQELBQADggEBAIIk
0VH77seicl1i310GUn0n08BDFkLOcpppEuLB2qn4182PTQgmCEcOAZUlDMRqnAgC
Bbhbq1OKk6kPyKdZNNkNofam9zU5aGjIzhdEtqQzBVlFiELiFB/Os3719fl8KMfQ
p74SOLUVobph1STLRvjm/FxIqWAayM8h9qy6h6RKtYAGjez6+RTl90HuBvyyz4GG
zbzlCUhX+rAOpUt+BgrOhcLqCnzoywasbY/JlTHACAMU4gTYFYr5KUX9F67yu9dP
jQIzoK+xT06SnJYMAuswQePtraImCA1j27zoukghJgdrmQCQvQjwISJmyyENZV6z
2iYvN1VYsEbRsxOd38w=
-----END CERTIFICATE-----
Generated at Fri May 3 12:00:25 2024 by rpki-client on console-ams.rpki-client.org