Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer
File: lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer (raw, json)
Hash identifier: eifnfKTMtJKt/09DfPLksPXTGLa7Lz0Tz251S+WDKvY=
Subject key identifier: 95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8013E9C478C4E5FA890A28047FF8E0D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:33 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.66.196.0/22
IP: 2a03:21e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3e:9c:47:8c:4e:5f:a8:90:a2:80:47:ff:8e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95461fbee1c06e3eafac0f2f95253ca8603accf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:dc:66:c5:e1:5a:8c:f7:b3:50:0c:f5:7d:
58:d3:92:a5:d9:d2:03:c3:8f:e7:ac:ae:1f:02:29:
cf:32:fa:de:c7:74:4f:42:b2:af:60:38:52:a5:74:
87:73:15:8e:43:20:3c:96:5c:e9:de:cb:34:b2:f8:
f2:6d:ec:8f:10:a3:29:39:21:7e:e0:35:15:6b:59:
34:b9:70:bc:fc:47:e8:7a:97:dd:29:e9:5e:28:80:
1a:f0:79:1a:53:b0:c5:d2:04:da:03:99:23:92:8d:
a1:71:f8:80:f0:8f:f6:42:3b:9d:39:39:96:7e:ca:
e6:f9:f1:b2:e2:cf:9b:f0:e4:83:25:ac:cb:07:3b:
3e:e9:5e:48:e0:b8:e0:27:b0:cb:1e:33:ab:df:f6:
41:c1:82:17:e9:97:2a:40:70:5f:a9:6b:6f:d9:bc:
7b:d7:35:44:6f:ea:5e:d8:21:8c:e6:4d:23:d9:6b:
32:17:ca:70:da:c6:6c:23:3a:19:f3:64:c5:16:54:
f3:95:ee:be:78:c0:3e:9a:f2:2e:09:33:27:1c:fd:
8d:dd:79:16:9e:2a:e8:12:03:9c:74:06:c0:90:88:
14:b6:39:37:e6:d3:9c:77:36:91:8d:a2:89:50:f5:
1f:a4:72:c7:13:c9:87:a7:e4:23:f4:7b:74:4e:7f:
af:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.196.0/22
IPv6:
2a03:21e0::/32
Signature Algorithm: sha256WithRSAEncryption
5c:85:55:4b:38:17:d5:35:bf:eb:c5:17:f9:1a:7b:8d:2b:e4:
7f:d3:e1:19:2e:81:d3:33:39:f6:e4:3d:a4:2c:4f:59:80:e7:
60:74:ea:60:16:40:c6:dc:39:48:de:1a:9f:6e:c6:e7:42:77:
46:a4:ab:3e:ef:80:ed:3f:91:a7:f0:c2:9b:16:31:b0:d7:fb:
0b:5d:80:e9:92:9d:7e:6b:9e:e3:3e:01:01:72:7a:dd:d8:b9:
a6:2d:a0:55:71:e1:73:15:36:ab:52:e7:aa:26:2e:2e:54:68:
ae:db:14:2d:d5:59:25:35:c8:5f:25:91:dd:f0:b4:ff:ec:4d:
31:37:e8:96:ad:e0:40:cc:4b:a4:bf:dc:b7:74:58:e8:e3:01:
51:ce:89:55:f4:59:81:86:ea:93:0b:3b:4e:8b:92:57:bb:57:
f7:98:26:34:9b:c1:84:9f:7f:d1:72:da:bd:ba:8c:be:f6:3e:
74:9f:66:ef:ae:11:25:08:88:40:f9:d9:25:d1:aa:db:a7:a6:
fd:11:24:61:82:67:5b:d8:92:bf:e3:7e:f5:76:12:76:f7:b7:
1d:cb:bb:8c:72:fe:a2:21:af:97:18:c1:57:b1:74:98:e9:86:
35:11:82:a9:bc:43:8b:c5:74:38:d7:8f:6e:39:a3:3f:b6:14:
02:59:9a:e3
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzIAT6cR4xOX6iQooBH/44NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQ2MWZiZWUxYzA2ZTNlYWZhYzBmMmY5NTI1M2NhODYwM2FjY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ncZsXhWoz3s1AM9X1Y05Kl2dID
w4/nrK4fAinPMvrex3RPQrKvYDhSpXSHcxWOQyA8llzp3ss0svjybeyPEKMpOSF+
4DUVa1k0uXC8/EfoepfdKeleKIAa8HkaU7DF0gTaA5kjko2hcfiA8I/2QjudOTmW
fsrm+fGy4s+b8OSDJazLBzs+6V5I4LjgJ7DLHjOr3/ZBwYIX6ZcqQHBfqWtv2bx7
1zVEb+pe2CGM5k0j2WsyF8pw2sZsIzoZ82TFFlTzle6+eMA+mvIuCTMnHP2N3XkW
niroEgOcdAbAkIgUtjk35tOcdzaRjaKJUPUfpHLHE8mHp+Qj9Ht0Tn+viQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFJVGH77hwG4+r6wPL5UlPKhgOszyMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzL2U1Y2U4
Zi01ZWEwLTQ3OWYtOTNlOS04OWQ1YzYwZjUwMWYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZTVjZThm
LTVlYTAtNDc5Zi05M2U5LTg5ZDVjNjBmNTAxZi8xL2xVWWZ2dUhBYmo2dnJBOHZs
U1U4cUdBNnpQSS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuULEMA0EAgACMAcDBQAqAyHgMA0GCSqGSIb3
DQEBCwUAA4IBAQBchVVLOBfVNb/rxRf5GnuNK+R/0+EZLoHTMzn25D2kLE9ZgOdg
dOpgFkDG3DlI3hqfbsbnQndGpKs+74DtP5Gn8MKbFjGw1/sLXYDpkp1+a57jPgEB
cnrd2LmmLaBVceFzFTarUueqJi4uVGiu2xQt1VklNchfJZHd8LT/7E0xN+iWreBA
zEukv9y3dFjo4wFRzolV9FmBhuqTCztOi5JXu1f3mCY0m8GEn3/Rctq9uoy+9j50
n2bvrhElCIhA+dkl0arbp6b9ESRhgmdb2JK/4371dhJ297cdy7uMcv6iIa+XGMFX
sXSY6YY1EYKpvEOLxXQ4149uOaM/thQCWZrj
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:13:29 2024 by rpki-client on console-ams.rpki-client.org