Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/nfToC0ytTlC3iO3xaXZxLe7_bA0.cer
File: nfToC0ytTlC3iO3xaXZxLe7_bA0.cer (raw, json)
Hash identifier: V5eAHEbkfEcVPlCGHJDMn33JgSGLOYLwHmCAg2/ovdA=
Subject key identifier: 9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DC15D599F184571EC20ED517B24A3F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:44 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 206321
IP: 2001:67c:2d2c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:15:d5:99:f1:84:57:1e:c2:0e:d5:17:b2:4a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9df4e80b4cad4e50b788edf16976712deeff6c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:16:a8:61:ad:04:32:6a:1c:63:e4:a1:96:cd:
91:0c:4c:b1:64:84:cd:26:1a:59:b4:de:45:1c:99:
3a:8c:1d:5d:5a:56:b3:b4:13:a9:06:91:c0:48:b0:
85:d2:86:f5:87:0a:14:5d:1f:74:c8:27:6d:3d:05:
29:d0:e1:48:0f:85:dd:50:3a:a7:7e:63:b6:06:a2:
2c:98:61:d6:95:2d:f7:d0:d3:84:1a:93:64:1f:16:
c3:3e:46:d6:3b:97:32:87:ed:13:06:7f:53:98:f8:
ac:9a:6b:9a:66:ab:f8:09:a3:40:f5:6b:82:77:d2:
bb:45:69:1c:a4:1a:cf:5a:81:3c:9e:c1:fd:5d:14:
a5:b9:81:3a:5a:30:2b:01:d3:f6:88:8d:09:bb:fe:
d9:94:3d:5f:cd:e1:3f:82:93:e8:5b:66:72:ee:f9:
74:9a:a3:43:62:d3:b3:2d:de:69:bb:be:9b:25:05:
c0:89:e8:9f:5b:21:db:7f:8a:94:ba:e4:e4:c3:1c:
40:d1:40:88:df:cc:b5:d8:72:6b:45:5e:e4:3b:5d:
a2:39:cf:16:da:5c:97:9a:18:87:7e:4b:41:18:be:
be:90:39:5c:43:91:d3:3b:18:c3:72:d9:5d:7a:e4:
fa:76:f6:c2:ed:3c:d9:e0:b0:63:02:40:92:75:ac:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F4:E8:0B:4C:AD:4E:50:B7:88:ED:F1:69:76:71:2D:EE:FF:6C:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/34011d-01bf-48a1-a8c3-c9fc5f452995/1/nfToC0ytTlC3iO3xaXZxLe7_bA0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d2c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206321
Signature Algorithm: sha256WithRSAEncryption
72:07:5e:a6:2a:bb:67:94:27:8e:ad:f3:6c:4f:ab:ca:ad:02:
ad:c2:f5:47:d6:c5:f3:0e:4f:33:4e:dc:6e:4c:1f:38:2d:30:
df:3c:c8:a8:da:fd:ab:0a:0f:df:4a:6f:5e:bd:82:bb:7b:59:
83:c5:08:6f:1d:9b:9c:56:94:47:1d:cd:58:10:96:c8:9f:5f:
c8:3b:a7:51:df:a7:7d:95:8a:23:92:95:60:b9:51:ac:07:3a:
9a:34:23:9c:05:f2:a9:26:2e:7f:42:9f:d3:6a:3c:65:3e:9f:
4a:68:5a:27:72:c4:cd:f7:08:d8:60:10:e6:41:99:a0:4d:75:
1e:2a:31:8b:b7:1a:59:64:5d:5a:5b:4d:d9:d3:c7:65:2c:d0:
43:05:85:92:69:1b:5d:de:01:bd:f5:31:08:92:1e:b3:15:69:
ff:ee:bb:e4:8a:5a:9b:68:f5:ef:64:92:c8:41:94:aa:8f:18:
68:c8:ca:ff:af:80:20:29:ed:76:87:14:67:31:6a:91:e3:1f:
e7:2e:89:b0:34:e3:45:cf:94:8a:81:36:c0:df:ad:47:55:56:
2c:ab:d4:e1:30:46:d9:50:1d:0e:b2:be:51:d6:7a:37:55:01:
8d:0a:30:73:30:d0:d4:99:d7:d4:0f:d6:c0:ee:00:91:bb:84:
8c:dc:ed:c8
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzF3BXVmfGEVx7CDtUXsko/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY0ZTgwYjRjYWQ0ZTUwYjc4OGVkZjE2OTc2NzEyZGVlZmY2YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BaoYa0EMmocY+Shls2RDEyxZITN
JhpZtN5FHJk6jB1dWlaztBOpBpHASLCF0ob1hwoUXR90yCdtPQUp0OFID4XdUDqn
fmO2BqIsmGHWlS330NOEGpNkHxbDPkbWO5cyh+0TBn9TmPismmuaZqv4CaNA9WuC
d9K7RWkcpBrPWoE8nsH9XRSluYE6WjArAdP2iI0Ju/7ZlD1fzeE/gpPoW2Zy7vl0
mqNDYtOzLd5pu76bJQXAieifWyHbf4qUuuTkwxxA0UCI38y12HJrRV7kO12iOc8W
2lyXmhiHfktBGL6+kDlcQ5HTOxjDctldeuT6dvbC7TzZ4LBjAkCSday6pwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFJ306AtMrU5Qt4jt8Wl2cS3u/2wNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUwLzM0MDEx
ZC0wMWJmLTQ4YTEtYThjMy1jOWZjNWY0NTI5OTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAvMzQwMTFk
LTAxYmYtNDhhMS1hOGMzLWM5ZmM1ZjQ1Mjk5NS8xL25mVG9DMHl0VGxDM2lPM3hh
WFp4TGU3X2JBMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0sMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwMl8TANBgkqhkiG9w0BAQsFAAOCAQEAcgdepiq7Z5Qnjq3zbE+ryq0CrcL1
R9bF8w5PM07cbkwfOC0w3zzIqNr9qwoP30pvXr2Cu3tZg8UIbx2bnFaURx3NWBCW
yJ9fyDunUd+nfZWKI5KVYLlRrAc6mjQjnAXyqSYuf0Kf02o8ZT6fSmhaJ3LEzfcI
2GAQ5kGZoE11Hioxi7caWWRdWltN2dPHZSzQQwWFkmkbXd4BvfUxCJIesxVp/+67
5Ipam2j172SSyEGUqo8YaMjK/6+AICntdocUZzFqkeMf5y6JsDTjRc+UioE2wN+t
R1VWLKvU4TBG2VAdDrK+UdZ6N1UBjQowczDQ1JnX1A/WwO4AkbuEjNztyA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:03:51 2024 by rpki-client on console-ams.rpki-client.org