Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/krknliKgzX1YqiukNvvj8gsX6z0.cer
File: krknliKgzX1YqiukNvvj8gsX6z0.cer (raw, json)
Hash identifier: 1ie2NTiF0oOAwS0gh1Le9E2qE5dDVZfCEw2JlxMl0pI=
Subject key identifier: 92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DAD792B9709BED3B3AC7BAF02F61F9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/krknliKgzX1YqiukNvvj8gsX6z0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:31 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 209428
IP: 91.206.229.0/24
IP: 2a09:5ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d7:92:b9:70:9b:ed:3b:3a:c7:ba:f0:2f:61:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b9279622a0cd7d58aa2ba436fbe3f20b17eb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:03:94:c5:28:44:a3:24:66:54:bd:5c:07:4e:
85:b2:e3:b6:f3:36:17:f0:03:e2:1a:dd:c0:73:89:
70:d1:00:09:1d:70:76:d1:91:e8:e9:2d:af:24:e5:
19:52:7d:dd:29:1c:dc:6d:8b:98:81:46:f8:03:bd:
46:61:aa:a1:c9:ce:18:76:7c:55:c0:bf:9b:72:ac:
8c:50:48:bf:bf:25:6f:a5:bf:2d:91:fa:58:93:c7:
1d:e2:65:f8:46:6e:8a:fe:dd:ee:9b:f8:8e:5c:24:
21:5b:e0:24:21:77:05:77:f1:f8:50:c3:79:b4:24:
20:8a:13:12:cd:36:02:52:5a:38:97:f3:6f:93:c5:
bf:ce:aa:50:7c:cc:90:79:20:97:dc:df:b1:9f:b6:
63:f9:d5:70:7c:13:ea:00:75:58:b5:e8:26:c7:58:
1e:59:c3:32:57:c6:db:01:32:27:37:12:05:fd:97:
80:f4:33:b0:f1:3c:d0:c4:17:cf:74:7b:35:96:94:
3f:e6:2d:a9:55:0e:fa:d1:7e:e9:6f:4f:37:aa:c6:
b6:7a:c6:e2:f0:d2:33:5c:43:5e:1d:19:f8:af:ab:
6c:50:aa:86:24:6d:f3:30:ae:d3:41:16:79:85:55:
a5:a0:64:ec:67:77:9e:e5:42:95:cc:0a:25:5c:5d:
08:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:27:96:22:A0:CD:7D:58:AA:2B:A4:36:FB:E3:F2:0B:17:EB:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b24bdb-a604-4b2a-908f-c98b88e71948/1/krknliKgzX1YqiukNvvj8gsX6z0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.229.0/24
IPv6:
2a09:5ec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209428
Signature Algorithm: sha256WithRSAEncryption
9c:14:85:d0:2e:24:73:e4:c9:94:35:dc:6d:31:46:33:f3:96:
8c:69:82:15:3b:26:7b:ad:d1:df:8a:b5:df:5d:c0:4c:8a:55:
03:2a:fc:41:38:82:4f:9e:3f:94:ca:ae:48:25:1c:ad:df:33:
62:7a:67:35:dd:a9:2f:94:0f:d6:1d:39:5e:bb:55:54:b2:4e:
8a:f3:4b:95:21:a6:e0:83:53:29:0f:2f:13:0e:f2:a0:1f:40:
a5:db:58:ce:fb:b1:5c:24:2d:72:aa:10:1a:c2:fe:04:5f:41:
f9:e0:12:93:90:81:01:fc:16:ba:55:63:98:3a:09:75:99:99:
d1:2b:d1:92:d3:b9:3d:bd:c1:50:bc:08:c6:d3:c2:d9:66:92:
f2:eb:ce:1f:89:85:cc:50:ff:14:95:19:5f:6a:76:1e:95:06:
6b:88:49:bb:36:59:27:79:04:96:9e:e6:65:69:f4:0a:19:d3:
92:8b:d2:a4:02:75:e1:61:ae:a9:18:bc:f2:21:66:96:26:5b:
5f:af:34:18:5b:08:49:83:5c:e6:b3:44:e6:d9:e8:2f:5d:be:
4a:43:dd:87:4d:1b:70:06:42:9c:c3:09:c6:1e:0a:b2:60:b8:
cd:d3:ca:db:28:a6:e0:75:43:58:3e:54:8f:e8:7d:27:75:f4:
a0:66:2f:5b
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzC2teSuXCb7Ts6x7rwL2H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI5Mjc5NjIyYTBjZDdkNThhYTJiYTQzNmZiZTNmMjBiMTdlYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygOUxShEoyRmVL1cB06FsuO28zYX
8APiGt3Ac4lw0QAJHXB20ZHo6S2vJOUZUn3dKRzcbYuYgUb4A71GYaqhyc4YdnxV
wL+bcqyMUEi/vyVvpb8tkfpYk8cd4mX4Rm6K/t3um/iOXCQhW+AkIXcFd/H4UMN5
tCQgihMSzTYCUlo4l/Nvk8W/zqpQfMyQeSCX3N+xn7Zj+dVwfBPqAHVYtegmx1ge
WcMyV8bbATInNxIF/ZeA9DOw8TzQxBfPdHs1lpQ/5i2pVQ760X7pb083qsa2esbi
8NIzXENeHRn4r6tsUKqGJG3zMK7TQRZ5hVWloGTsZ3ee5UKVzAolXF0IbQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJK5J5YioM19WKorpDb74/ILF+s9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2IyNGJk
Yi1hNjA0LTRiMmEtOTA4Zi1jOThiODhlNzE5NDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvYjI0YmRi
LWE2MDQtNGIyYS05MDhmLWM5OGI4OGU3MTk0OC8xL2tya25saUtnelgxWXFpdWtO
dnZqOGdzWDZ6MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW87lMA0EAgACMAcDBQMqCV7AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMyFDANBgkqhkiG9w0BAQsFAAOCAQEAnBSF0C4kc+TJ
lDXcbTFGM/OWjGmCFTsme63R34q1313ATIpVAyr8QTiCT54/lMquSCUcrd8zYnpn
Nd2pL5QP1h05XrtVVLJOivNLlSGm4INTKQ8vEw7yoB9ApdtYzvuxXCQtcqoQGsL+
BF9B+eASk5CBAfwWulVjmDoJdZmZ0SvRktO5Pb3BULwIxtPC2WaS8uvOH4mFzFD/
FJUZX2p2HpUGa4hJuzZZJ3kElp7mZWn0ChnTkovSpAJ14WGuqRi88iFmliZbX680
GFsISYNc5rNE5tnoL12+SkPdh00bcAZCnMMJxh4KsmC4zdPK2yim4HVDWD5Uj+h9
J3X0oGYvWw==
-----END CERTIFICATE-----
Generated at Fri May 3 13:57:29 2024 by rpki-client on console-fra.rpki-client.org