Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
File: lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer (raw, json)
Hash identifier: fISti8Iuka1TgZeipNAjNJ+4nRgR4oa1Fhc3SiB6TpY=
Subject key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC34946C266F3C486C1980393D402290E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 04:30:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.201.199.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:46:c2:66:f3:c4:86:c1:98:03:93:d4:02:29:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:89:3e:f8:85:55:7f:02:cf:2c:b8:0b:48:b1:
dc:03:be:60:bf:0f:10:81:88:d8:d3:24:13:79:ff:
53:74:37:dc:17:7c:3d:0e:6b:cb:dc:d1:cc:60:b1:
cc:59:07:92:06:54:10:f1:63:1e:82:54:ca:cd:35:
21:b4:2d:54:92:fc:cb:9b:3d:df:93:0d:91:e3:1c:
78:bc:b8:ac:62:fa:06:e9:33:0a:9f:13:5d:b8:32:
90:83:16:2a:a2:b3:8a:da:5a:6d:7b:22:58:12:f0:
ae:4b:4a:48:e2:7d:52:cc:96:0e:ce:fe:86:14:3c:
c9:fd:f2:ba:60:cc:72:6f:26:1c:de:23:8c:d0:8e:
38:eb:db:92:77:a9:a3:1b:52:1b:22:32:ad:bb:43:
e9:87:13:3e:9c:e7:8b:ac:99:39:ed:30:29:e3:2e:
c1:ec:80:b8:94:a7:f0:57:72:e6:98:b7:7b:c2:ea:
57:60:fd:36:a1:83:c2:bb:e4:d8:1f:51:0e:18:73:
64:47:7d:6c:b9:72:db:4d:fe:d4:1b:1d:8a:33:2a:
72:61:4d:6f:61:c8:1c:12:12:1f:75:1d:eb:b6:6f:
07:ed:2a:93:24:9f:50:e9:1c:a0:10:4b:9d:53:6e:
81:ad:a5:6f:75:bd:25:d6:27:f5:8f:00:dd:1e:e5:
2e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.199.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:89:6d:04:78:fd:d4:0b:a5:7a:15:74:e8:7c:c1:46:48:52:
03:e7:bb:1c:40:3a:ab:8c:76:7d:e6:a7:92:67:05:9c:7a:f3:
c0:b4:68:41:84:2b:3e:c5:5b:29:e3:3b:61:c8:80:fa:28:3c:
c0:0b:69:9d:4a:c1:b6:df:be:90:4e:2e:e6:2d:d5:e3:05:ae:
26:3a:b1:97:72:64:62:b0:60:ad:b9:fb:f1:20:1e:fc:06:f6:
1b:f0:27:80:7b:ff:5f:2f:ad:c8:11:eb:0c:8f:50:70:b9:d3:
97:b9:13:99:0b:6d:78:3a:7c:e8:d0:44:fd:99:1f:aa:16:b1:
05:0b:bb:82:66:ec:86:18:fa:60:0f:73:e2:21:fa:e5:18:a5:
85:d2:07:83:cc:e4:4b:c2:da:7d:3d:6b:33:d8:cf:11:3c:35:
16:3d:17:d8:6e:61:fb:0c:dd:42:bc:7e:d8:b7:c2:2e:72:73:
0e:01:d3:24:3f:d0:05:8e:ae:65:db:48:80:41:d0:21:ac:67:
76:28:c3:c8:a5:89:82:7e:d0:fc:f3:2c:4a:e8:bd:d7:97:92:
43:bd:14:65:c7:00:b5:66:ae:da:88:ae:bc:49:d5:f0:b2:e1:
6b:e2:29:e9:cb:3a:6e:01:86:47:79:35:8a:e4:3c:44:db:a5:
aa:56:6e:ec
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzDSUbCZvPEhsGYA5PUAikOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmMwY2U5Zjg3ZDlkMjc1ZjZjYWU0ZGM5Y2RmYjVkNDQzN2Q4Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4k++IVVfwLPLLgLSLHcA75gvw8Q
gYjY0yQTef9TdDfcF3w9DmvL3NHMYLHMWQeSBlQQ8WMeglTKzTUhtC1UkvzLmz3f
kw2R4xx4vLisYvoG6TMKnxNduDKQgxYqorOK2lpteyJYEvCuS0pI4n1SzJYOzv6G
FDzJ/fK6YMxybyYc3iOM0I4469uSd6mjG1IbIjKtu0PphxM+nOeLrJk57TAp4y7B
7IC4lKfwV3LmmLd7wupXYP02oYPCu+TYH1EOGHNkR31suXLbTf7UGx2KMypyYU1v
YcgcEhIfdR3rtm8H7SqTJJ9Q6RygEEudU26BraVvdb0l1if1jwDdHuUunwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFJbAzp+H2dJ19srk3JzftdRDfYzrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUwLzNhYTM4
Ni05MDU3LTQ5YTAtYTIyOS01ZTc3ZmEwMzMzYTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAvM2FhMzg2
LTkwNTctNDlhMC1hMjI5LTVlNzdmYTAzMzNhMy8xL2xzRE9uNGZaMG5YMnl1VGNu
Ti0xMUVOOWpPcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAW8nHMA0GCSqGSIb3DQEBCwUAA4IBAQChiW0E
eP3UC6V6FXTofMFGSFID57scQDqrjHZ95qeSZwWcevPAtGhBhCs+xVsp4zthyID6
KDzAC2mdSsG2376QTi7mLdXjBa4mOrGXcmRisGCtufvxIB78BvYb8CeAe/9fL63I
EesMj1BwudOXuROZC214Onzo0ET9mR+qFrEFC7uCZuyGGPpgD3PiIfrlGKWF0geD
zORLwtp9PWsz2M8RPDUWPRfYbmH7DN1CvH7Yt8IucnMOAdMkP9AFjq5l20iAQdAh
rGd2KMPIpYmCftD88yxK6L3Xl5JDvRRlxwC1Zq7aiK68SdXwsuFr4inpyzpuAYZH
eTWK5DxE26WqVm7s
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:21:02 2024 by rpki-client on console-fra.rpki-client.org