Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ml8NkStedHrlaNgIoEAptOvGbkc.cer
File: ml8NkStedHrlaNgIoEAptOvGbkc.cer (raw, json)
Hash identifier: 1agK/Z+nKg2XcNHQ3AHjes6VYKmzNA6fDDsuTbd5kHY=
Subject key identifier: 9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F8B77248B25AEFC63FDCB9F8F6AC8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/ml8NkStedHrlaNgIoEAptOvGbkc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:30:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 176.56.128.0/20
IP: 185.228.250.0/24
IP: 2a00:9f80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:8b:77:24:8b:25:ae:fc:63:fd:cb:9f:8f:6a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a5f0d912b5e747ae568d808a04029b4ebc66e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:55:37:98:c7:f5:27:ce:55:ec:e7:b3:e1:
fc:29:30:af:6e:72:1b:c0:ba:b7:b0:2b:fd:dd:0c:
a8:9a:b3:01:d9:fc:c1:2d:b7:f5:29:5e:7a:c9:44:
de:9a:70:40:bc:6d:e9:c4:9c:4d:da:58:d3:ec:db:
4f:44:dd:26:bb:3b:91:94:c5:b9:8b:83:3f:93:b8:
72:33:d0:80:89:36:f2:41:59:7e:d0:13:dc:ff:31:
d7:dd:62:25:22:6b:8a:f7:b5:7f:7c:ad:10:1d:92:
26:a0:de:4a:4e:9b:bd:6e:6e:88:8d:8b:fe:b5:ba:
3e:5f:71:64:9b:6f:e5:3a:be:80:e0:13:91:8e:ed:
6e:7e:d5:b6:2e:f0:b6:41:67:de:af:6a:9e:e7:c3:
c7:10:47:27:fd:4e:1c:6c:85:73:b8:49:a9:83:59:
10:8f:12:d4:48:89:90:0c:de:a6:ff:4d:a2:4c:77:
ff:ef:7b:c1:2b:1a:ce:19:ae:07:1b:9c:78:d7:36:
bd:07:6d:ec:cd:02:99:67:fd:ba:99:c5:a6:91:7b:
3b:c3:6b:bf:9e:76:0d:b0:00:9f:90:cf:78:d0:a0:
f4:82:02:2f:f1:8b:ff:6f:83:74:fa:1e:d7:cc:f1:
60:b9:21:6e:bb:08:23:d5:11:57:66:45:41:8b:46:
41:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/ml8NkStedHrlaNgIoEAptOvGbkc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.128.0/20
185.228.250.0/24
IPv6:
2a00:9f80::/32
Signature Algorithm: sha256WithRSAEncryption
58:22:e2:5a:eb:d2:e6:af:e2:69:c9:97:43:e0:0e:57:d3:f5:
4a:a8:8a:6e:05:d9:6d:b5:d8:dd:cc:4a:02:ef:0a:b8:07:22:
1d:70:ac:19:36:4d:1b:a4:fd:32:c5:41:71:ec:db:ec:80:a6:
a1:b2:b7:19:4c:3d:f7:e2:ca:17:e3:ae:3b:54:36:8c:b9:c7:
89:33:ed:65:48:70:59:3c:f4:e4:d5:d7:ee:24:32:4c:53:01:
6a:d9:51:9c:0e:ab:ae:54:7a:81:b5:1b:99:69:ed:30:d8:b6:
a6:da:b6:fa:bd:46:db:d1:a7:72:c0:30:54:fb:76:fb:76:6f:
86:e6:38:b6:36:ae:80:aa:4c:b5:5a:ac:5a:9e:e5:63:61:2c:
58:d8:80:f2:72:9a:de:a5:c2:2e:ae:72:bf:6f:dd:29:cb:ee:
80:de:bc:e0:70:ce:b1:0c:ab:02:37:a1:2a:37:6c:63:ba:79:
aa:e0:d8:25:af:11:ab:51:dc:66:50:a9:e9:62:2c:4d:a3:5b:
b3:fd:40:2c:64:58:a9:d1:7a:a2:0a:70:dd:5e:f9:26:92:1b:
e0:c2:f9:cb:a0:d8:a9:52:33:b6:d3:69:7a:9d:58:ed:39:b7:
85:2a:d6:80:48:1d:42:bf:2b:c2:83:9b:aa:ab:ed:02:2e:6c:
27:45:28:e9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzIb4t3JIslrvxj/cufj2rIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTVmMGQ5MTJiNWU3NDdhZTU2OGQ4MDhhMDQwMjliNGViYzY2ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmRVN5jH9SfOVezns+H8KTCvbnIb
wLq3sCv93QyomrMB2fzBLbf1KV56yUTemnBAvG3pxJxN2ljT7NtPRN0muzuRlMW5
i4M/k7hyM9CAiTbyQVl+0BPc/zHX3WIlImuK97V/fK0QHZImoN5KTpu9bm6IjYv+
tbo+X3Fkm2/lOr6A4BORju1uftW2LvC2QWfer2qe58PHEEcn/U4cbIVzuEmpg1kQ
jxLUSImQDN6m/02iTHf/73vBKxrOGa4HG5x41za9B23szQKZZ/26mcWmkXs7w2u/
nnYNsACfkM940KD0ggIv8Yv/b4N0+h7XzPFguSFuuwgj1RFXZkVBi0ZBdQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFJpfDZErXnR65WjYCKBAKbTrxm5HMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q2L2M1MzNi
Mi1hZTlkLTQ0NzAtYjk4Mi1mNTQwNDM5YTRhZTIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYvYzUzM2Iy
LWFlOWQtNDQ3MC1iOTgyLWY1NDA0MzlhNGFlMi8xL21sOE5rU3RlZEhybGFOZ0lv
RUFwdE92R2JrYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEsDiAAwQAueT6MA0EAgACMAcDBQAqAJ+AMA0G
CSqGSIb3DQEBCwUAA4IBAQBYIuJa69Lmr+JpyZdD4A5X0/VKqIpuBdlttdjdzEoC
7wq4ByIdcKwZNk0bpP0yxUFx7NvsgKahsrcZTD334soX4647VDaMuceJM+1lSHBZ
PPTk1dfuJDJMUwFq2VGcDquuVHqBtRuZae0w2Lam2rb6vUbb0adywDBU+3b7dm+G
5ji2Nq6Aqky1WqxanuVjYSxY2IDycprepcIurnK/b90py+6A3rzgcM6xDKsCN6Eq
N2xjunmq4NglrxGrUdxmUKnpYixNo1uz/UAsZFip0XqiCnDdXvkmkhvgwvnLoNip
UjO202l6nVjtObeFKtaASB1CvyvCg5uqq+0CLmwnRSjp
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:32:50 2024 by rpki-client on console-ams.rpki-client.org