Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer
File: nGIPMbSZfHNFvGa0a0PWhr8Akxo.cer (raw, json)
Hash identifier: 9+a6UM0IMBKt6lmvQQMeWxnFL8803KJ557a1zcwOu/g=
Subject key identifier: 9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018F2EC03FED40859991D3853658BEF15A40
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 30 Apr 2024 11:25:02 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 20618
IP: 213.132.0.0/19
IP: 2a02:4bc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:c0:3f:ed:40:85:99:91:d3:85:36:58:be:f1:5a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Apr 30 11:25:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c620f31b4997c7345bc66b46b43d686bf00931a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:50:3d:af:95:ed:ad:2e:ef:09:08:70:61:
31:b4:d6:f7:4d:52:fb:be:56:72:9f:95:15:16:cc:
3f:a9:40:e3:63:5a:4e:64:e3:74:89:d3:6e:49:93:
e9:70:c8:3f:59:48:76:a2:2f:3f:16:f6:62:bd:96:
36:35:dc:85:11:18:84:01:a2:1e:9f:a4:b7:e4:6b:
97:5f:28:0f:05:7c:c8:4b:6a:a9:b6:6f:01:fc:5b:
e2:d6:7f:46:fe:38:25:0e:2b:7c:be:d5:ad:59:61:
a9:bd:ec:28:f6:fd:14:4b:b0:5e:00:a0:73:d3:17:
1f:14:5f:fe:54:d7:63:cc:b4:8a:89:aa:1d:68:f8:
64:ee:27:26:45:9a:cf:c4:08:7d:22:fa:5c:30:1d:
28:42:b1:87:8a:85:0b:55:02:f8:2a:52:66:de:3d:
ca:bb:6c:69:c0:58:59:06:10:44:bc:ad:02:19:ef:
d4:6d:5b:5d:d8:df:37:2b:b7:53:f5:9f:a2:0d:b6:
97:20:34:40:b4:c9:a0:68:22:b2:34:72:f1:82:0d:
73:b9:99:6b:cd:b4:2c:9a:a1:c5:e1:84:60:42:6c:
d6:75:e4:f1:bd:a3:a1:da:bf:c3:1a:c9:d2:63:66:
1f:a3:2c:f0:f5:d0:26:35:0b:ae:72:61:c3:66:c0:
05:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:62:0F:31:B4:99:7C:73:45:BC:66:B4:6B:43:D6:86:BF:00:93:1A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8928f1-8618-4c19-9f3d-4b8793db7460/1/nGIPMbSZfHNFvGa0a0PWhr8Akxo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.132.0.0/19
IPv6:
2a02:4bc0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20618
Signature Algorithm: sha256WithRSAEncryption
61:10:b6:90:46:92:96:5b:33:be:2b:fd:e5:f0:94:83:24:42:
f6:5a:cc:3f:1c:57:02:64:62:5c:54:af:da:c6:0f:13:22:62:
c0:0e:07:a9:9a:2b:48:5a:a5:1f:68:e4:c3:ac:92:49:c5:c1:
03:07:00:4e:13:9e:74:b5:5f:04:26:c0:9e:9a:32:8d:f6:64:
d3:9a:70:11:c0:64:f3:e6:79:46:2c:bc:b8:8d:50:14:5c:59:
bd:df:6d:74:95:b7:e6:12:55:c6:52:bc:bf:01:da:d7:db:b4:
e6:37:09:4e:dd:2f:27:66:34:3a:e9:9d:75:b8:5e:a2:b0:14:
05:5d:c2:c2:21:a9:b4:aa:b8:12:0c:fd:4e:f9:6b:38:a8:71:
5a:1e:1c:49:dd:f9:7d:62:64:fc:f0:f3:fc:4a:70:21:6a:67:
6f:e8:b9:61:29:a2:ba:93:61:f8:9a:61:1d:81:69:4b:41:3a:
77:96:49:82:de:f4:dc:92:c7:65:ff:ce:e1:c8:42:2c:ee:0b:
b3:23:95:ad:c5:db:39:9c:78:54:49:06:81:c8:0e:a8:e3:36:
75:9a:a6:0a:dc:e7:f4:f4:b1:fa:cb:9b:69:f5:70:ba:4e:6f:
d2:8a:3d:4c:96:ed:e8:0c:26:67:d4:dc:20:12:71:c3:df:e4:
c8:40:03:d4
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAY8uwD/tQIWZkdOFNli+8VpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwNDMwMTEyNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYyMGYzMWI0OTk3YzczNDViYzY2YjQ2YjQzZDY4NmJmMDA5MzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNBQPa+V7a0u7wkIcGExtNb3TVL7
vlZyn5UVFsw/qUDjY1pOZON0idNuSZPpcMg/WUh2oi8/FvZivZY2NdyFERiEAaIe
n6S35GuXXygPBXzIS2qptm8B/Fvi1n9G/jglDit8vtWtWWGpvewo9v0US7BeAKBz
0xcfFF/+VNdjzLSKiaodaPhk7icmRZrPxAh9IvpcMB0oQrGHioULVQL4KlJm3j3K
u2xpwFhZBhBEvK0CGe/UbVtd2N83K7dT9Z+iDbaXIDRAtMmgaCKyNHLxgg1zuZlr
zbQsmqHF4YRgQmzWdeTxvaOh2r/DGsnSY2Yfoyzw9dAmNQuucmHDZsAFfQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFJxiDzG0mXxzRbxmtGtD1oa/AJMaMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2Lzg5Mjhm
MS04NjE4LTRjMTktOWYzZC00Yjg3OTNkYjc0NjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYvODkyOGYx
LTg2MTgtNGMxOS05ZjNkLTRiODc5M2RiNzQ2MC8xL25HSVBNYlNaZkhORnZHYTBh
MFBXaHI4QWt4by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQF1YQAMA0EAgACMAcDBQMqAkvAMBkGCCsGAQUF
BwEIAQH/BAowCKAGMAQCAlCKMA0GCSqGSIb3DQEBCwUAA4IBAQBhELaQRpKWWzO+
K/3l8JSDJEL2Wsw/HFcCZGJcVK/axg8TImLADgepmitIWqUfaOTDrJJJxcEDBwBO
E550tV8EJsCemjKN9mTTmnARwGTz5nlGLLy4jVAUXFm93210lbfmElXGUry/AdrX
27TmNwlO3S8nZjQ66Z11uF6isBQFXcLCIam0qrgSDP1O+Ws4qHFaHhxJ3fl9YmT8
8PP8SnAhamdv6LlhKaK6k2H4mmEdgWlLQTp3lkmC3vTcksdl/87hyEIs7guzI5Wt
xds5nHhUSQaByA6o4zZ1mqYK3Of09LH6y5tp9XC6Tm/Sij1Mlu3oDCZn1NwgEnHD
3+TIQAPU
-----END CERTIFICATE-----
Generated at Fri May 3 10:57:24 2024 by rpki-client on console-fra.rpki-client.org