Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/knr31AfwRdvqgHcyZbBM5XTQt-M.cer
File: knr31AfwRdvqgHcyZbBM5XTQt-M.cer (raw, json)
Hash identifier: CHwK064LMCvnTHs3ILWmMYUYMDamsBOXOgrjioFXB9Y=
Subject key identifier: 92:7A:F7:D4:07:F0:45:DB:EA:80:77:32:65:B0:4C:E5:74:D0:B7:E3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC26D7284C4CDC1B46FB620619B2784CB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/58/6d5e29-af6e-4c8c-b0ad-516e0b30eb10/1/knr31AfwRdvqgHcyZbBM5XTQt-M.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/58/6d5e29-af6e-4c8c-b0ad-516e0b30eb10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 00:30:01 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 192.104.140.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:72:84:c4:cd:c1:b4:6f:b6:20:61:9b:27:84:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=927af7d407f045dbea80773265b04ce574d0b7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:aa:6d:8f:e7:37:0a:2b:1e:61:75:be:0a:40:
4c:0d:3a:4a:4b:af:a3:bd:e8:d6:89:54:ae:ec:23:
1f:d3:30:19:a5:9d:08:ea:7a:50:e4:93:3c:c8:d9:
73:bc:d6:3c:58:07:fb:bf:33:9a:5b:fd:e2:a0:95:
6f:90:f0:82:ce:bc:0d:5c:6e:e8:61:ca:89:d5:6e:
5d:0c:c0:19:37:1d:0a:ec:44:46:34:2b:09:45:1c:
20:5c:94:d7:8d:59:d2:5a:5e:de:0b:d3:a8:53:24:
8e:31:31:a8:98:c6:2a:e0:23:0b:a5:aa:a1:33:c7:
1c:29:ce:ea:df:81:3e:88:4f:8a:be:a9:27:9b:0b:
18:59:0a:34:cd:40:75:2b:f5:fe:be:2d:17:19:71:
42:f5:68:7d:31:9b:1c:5c:55:99:33:85:d9:ee:f0:
0f:b8:a4:d8:da:05:6b:92:2b:45:c0:cc:0e:b8:68:
e7:20:0d:85:c3:d1:23:9b:15:9e:2b:19:58:40:c0:
ce:4a:08:35:25:ca:ce:d7:a3:86:35:c6:80:93:67:
b7:4c:84:36:b7:a8:b4:2c:1a:03:c7:ee:65:8e:9b:
10:a1:c2:cb:d4:25:8c:ae:e4:a3:c7:52:f6:3b:89:
18:d6:98:3e:4e:c1:8b:6c:3d:a5:02:bd:03:89:05:
41:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7A:F7:D4:07:F0:45:DB:EA:80:77:32:65:B0:4C:E5:74:D0:B7:E3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d5e29-af6e-4c8c-b0ad-516e0b30eb10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d5e29-af6e-4c8c-b0ad-516e0b30eb10/1/knr31AfwRdvqgHcyZbBM5XTQt-M.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.104.140.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2d:d3:77:06:57:36:3c:4b:74:47:cd:89:e1:23:e5:0c:06:
60:fe:d7:b6:f3:72:23:b3:2d:2f:b5:30:bb:75:cb:26:e9:68:
44:9b:97:17:d2:c2:67:6e:90:24:5f:d2:10:f4:5b:d9:7c:9b:
b3:8f:00:11:a8:c3:d1:8f:33:87:c8:2e:e7:03:a1:c7:98:23:
30:7f:f1:75:50:6d:43:d1:01:9a:8a:0b:bb:70:68:14:10:5c:
29:8b:ab:06:d9:46:15:e7:2b:23:38:b2:73:f5:9b:aa:4d:4c:
13:23:f3:c0:60:06:b9:9a:37:3d:21:f9:92:d2:5a:5f:be:80:
f0:10:d8:13:d2:c0:07:00:8e:09:21:f3:d2:85:fe:1f:c4:dd:
99:21:dc:f2:c3:0e:9e:bf:55:64:f6:a6:ff:0c:3e:41:0d:ad:
10:31:d9:7e:ec:11:76:7d:69:13:61:b3:90:a8:8f:b5:f5:f9:
ec:53:c4:f9:03:35:fd:c5:a0:64:e2:1e:52:51:14:81:6e:a2:
b7:aa:6a:d9:f7:c0:d4:bd:d6:cc:51:30:d7:d1:d3:0b:47:f8:
c0:d9:a3:61:cc:e6:53:fc:d2:2e:2a:6b:b8:fe:6a:33:d0:00:
1a:fd:ad:1f:d3:1b:00:a6:0b:a5:8d:9c:a4:ef:90:54:a1:80:
a8:f4:ae:00
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzCbXKExM3BtG+2IGGbJ4TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdhZjdkNDA3ZjA0NWRiZWE4MDc3MzI2NWIwNGNlNTc0ZDBiN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Kptj+c3CiseYXW+CkBMDTpKS6+j
vejWiVSu7CMf0zAZpZ0I6npQ5JM8yNlzvNY8WAf7vzOaW/3ioJVvkPCCzrwNXG7o
YcqJ1W5dDMAZNx0K7ERGNCsJRRwgXJTXjVnSWl7eC9OoUySOMTGomMYq4CMLpaqh
M8ccKc7q34E+iE+KvqknmwsYWQo0zUB1K/X+vi0XGXFC9Wh9MZscXFWZM4XZ7vAP
uKTY2gVrkitFwMwOuGjnIA2Fw9EjmxWeKxlYQMDOSgg1JcrO16OGNcaAk2e3TIQ2
t6i0LBoDx+5ljpsQocLL1CWMruSjx1L2O4kY1pg+TsGLbD2lAr0DiQVBKQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJJ699QH8EXb6oB3MmWwTOV00LfjMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU4LzZkNWUy
OS1hZjZlLTRjOGMtYjBhZC01MTZlMGIzMGViMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgvNmQ1ZTI5
LWFmNmUtNGM4Yy1iMGFkLTUxNmUwYjMwZWIxMC8xL2tucjMxQWZ3UmR2cWdIY3la
YkJNNVhUUXQtTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAwGiMMA0GCSqGSIb3DQEBCwUAA4IBAQAxLdN3
Blc2PEt0R82J4SPlDAZg/te283Ijsy0vtTC7dcsm6WhEm5cX0sJnbpAkX9IQ9FvZ
fJuzjwARqMPRjzOHyC7nA6HHmCMwf/F1UG1D0QGaigu7cGgUEFwpi6sG2UYV5ysj
OLJz9ZuqTUwTI/PAYAa5mjc9IfmS0lpfvoDwENgT0sAHAI4JIfPShf4fxN2ZIdzy
ww6ev1Vk9qb/DD5BDa0QMdl+7BF2fWkTYbOQqI+19fnsU8T5AzX9xaBk4h5SURSB
bqK3qmrZ98DUvdbMUTDX0dMLR/jA2aNhzOZT/NIuKmu4/moz0AAa/a0f0xsApgul
jZyk75BUoYCo9K4A
-----END CERTIFICATE-----
Generated at Fri May 3 09:34:36 2024 by rpki-client on console-ams.rpki-client.org