Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
File: o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer (raw, json)
Hash identifier: fheArFtzC5tvMVb31//d0H4tz0k6zqhYhkbQ5qi0b90=
Subject key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CCA96DF03D2EFA0BF4C885431747162AC
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 14:32:14 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 5.249.160.0/21
IP: 45.141.36.0/23
IP: 45.146.252.0/22
IP: 88.214.56.0/22
IP: 92.42.44.0/22
IP: 134.255.216.0/22
IP: 134.255.231.0 -- 134.255.234.255
IP: 147.189.168.0/21
IP: 185.223.28.0/22
IP: 185.239.236.0/22
IP: 185.249.196.0/22
IP: 193.23.126.0/23
IP: 193.23.160.0/23
IP: 193.34.69.0/24
IP: 193.203.238.0/24
IP: 194.156.88.0/22
IP: 2a0c:3580::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:df:03:d2:ef:a0:bf:4c:88:54:31:74:71:62:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 14:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d5:62:ed:af:c2:df:48:f9:52:21:48:56:e4:
0c:83:3a:5f:97:80:3c:d0:a2:e0:b5:79:f1:4e:cc:
16:94:bf:64:b4:e9:87:a0:59:8e:e4:ed:46:6d:eb:
a8:5d:b0:05:04:19:16:d3:29:00:4e:44:8e:1b:21:
67:28:f1:f4:38:02:c9:24:c5:94:50:5e:c1:35:fc:
9c:d1:45:53:71:82:b7:8f:2e:f1:91:83:21:8b:c0:
c8:bf:e6:7b:b3:bc:18:9e:3c:dc:89:d2:9d:73:af:
7f:34:8f:26:eb:5d:f1:3c:46:39:76:16:07:f1:92:
00:5e:a0:74:b1:7e:68:ed:1e:bd:58:0a:24:f3:b6:
1e:0e:5b:31:19:6d:3a:fd:6a:c6:6f:05:3e:52:84:
e9:0a:81:39:ba:37:07:5d:20:ee:8c:ce:e2:57:b3:
c6:f3:27:81:ba:d5:1b:c1:62:ce:75:8f:ef:cb:06:
af:4c:32:bd:fd:8e:97:06:c0:ca:71:1d:d3:06:f7:
a4:02:ff:04:a7:f3:01:82:6f:a8:8f:87:dc:83:72:
c2:d5:df:a2:c4:80:34:dc:88:a4:77:0a:ce:d4:73:
0a:24:27:d0:0b:65:f2:94:e5:24:57:08:3e:0f:53:
00:e9:81:88:14:b7:48:a6:56:9c:94:ab:be:e5:a5:
e3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.160.0/21
45.141.36.0/23
45.146.252.0/22
88.214.56.0/22
92.42.44.0/22
134.255.216.0/22
134.255.231.0-134.255.234.255
147.189.168.0/21
185.223.28.0/22
185.239.236.0/22
185.249.196.0/22
193.23.126.0/23
193.23.160.0/23
193.34.69.0/24
193.203.238.0/24
194.156.88.0/22
IPv6:
2a0c:3580::/29
Signature Algorithm: sha256WithRSAEncryption
a6:1d:bb:34:7b:e1:79:23:e9:90:93:53:34:23:ef:cc:d5:17:
8d:21:60:ef:bd:e6:4a:ee:c2:1a:fc:c7:44:7f:08:6d:98:f3:
58:c7:f2:1c:76:81:4f:c1:2f:76:f6:0c:c0:c2:0f:99:8b:c3:
61:7a:36:1e:b2:5e:90:98:db:a0:6c:3e:69:0a:9b:2e:ef:f0:
07:62:10:cf:87:8e:96:71:e5:51:50:60:c1:a7:30:3f:9d:52:
1d:d9:02:78:c2:de:95:17:ee:a9:c2:09:a7:58:d9:f8:da:7f:
56:46:53:b5:4e:5e:9d:83:78:d9:56:06:8d:74:6d:96:2f:ea:
a5:29:24:cc:e7:ef:55:3d:20:c3:90:10:84:3f:f8:c4:e2:8d:
05:cd:6e:64:15:db:05:f6:1a:01:41:78:ae:a4:81:a8:72:d2:
74:57:5a:03:6d:49:eb:f5:df:9e:52:b4:f7:77:bf:b3:05:26:
90:55:6d:53:e6:76:c7:75:f1:09:26:cc:60:8b:f3:55:a4:91:
60:3d:7c:dd:b9:5d:1d:fa:19:35:1d:d6:d0:df:3d:07:e5:a3:
c7:31:da:41:86:4c:8a:46:fa:6f:a9:da:ef:88:e0:ed:11:e4:
96:de:26:80:31:d4:6b:ef:74:ac:97:7c:c7:52:9d:db:34:91:
54:ea:3e:9b
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYzKlt8D0u+gv0yIVDF0cWKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTQzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUxM2QyODhkYWJkZTdkZWUwNjliZGI2MzY1NzNjZTljM2VjYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9Vi7a/C30j5UiFIVuQMgzpfl4A8
0KLgtXnxTswWlL9ktOmHoFmO5O1GbeuoXbAFBBkW0ykATkSOGyFnKPH0OALJJMWU
UF7BNfyc0UVTcYK3jy7xkYMhi8DIv+Z7s7wYnjzcidKdc69/NI8m613xPEY5dhYH
8ZIAXqB0sX5o7R69WAok87YeDlsxGW06/WrGbwU+UoTpCoE5ujcHXSDujM7iV7PG
8yeButUbwWLOdY/vywavTDK9/Y6XBsDKcR3TBvekAv8Ep/MBgm+oj4fcg3LC1d+i
xIA03IikdwrO1HMKJCfQC2XylOUkVwg+D1MA6YGIFLdIplaclKu+5aXjgQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFKNRPSiNq9597gab22Nlc86cPstgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U5Lzc5MjEx
My1lMTNjLTQzZWUtODRkNy1lMGQ3ZGQ1ZTJlNmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkvNzkyMTEz
LWUxM2MtNDNlZS04NGQ3LWUwZDdkZDVlMmU2Zi8xL28xRTlLSTJyM24zdUJwdmJZ
MlZ6enB3LXkyQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGRBggrBgEF
BQcBBwEB/wSBgTB/MG4EAgABMGgDBAMF+aADBAEtjSQDBAItkvwDBAJY1jgDBAJc
KiwDBAKG/9gwDAMEAIb/5wMEAIb/6gMEA5O9qAMEArnfHAMEArnv7AMEArn5xAME
AcEXfgMEAcEXoAMEAMEiRQMEAMHL7gMEAsKcWDANBAIAAjAHAwUDKgw1gDANBgkq
hkiG9w0BAQsFAAOCAQEAph27NHvheSPpkJNTNCPvzNUXjSFg773mSu7CGvzHRH8I
bZjzWMfyHHaBT8EvdvYMwMIPmYvDYXo2HrJekJjboGw+aQqbLu/wB2IQz4eOlnHl
UVBgwacwP51SHdkCeMLelRfuqcIJp1jZ+Np/VkZTtU5enYN42VYGjXRtli/qpSkk
zOfvVT0gw5AQhD/4xOKNBc1uZBXbBfYaAUF4rqSBqHLSdFdaA21J6/XfnlK093e/
swUmkFVtU+Z2x3XxCSbMYIvzVaSRYD183bldHfoZNR3W0N89B+WjxzHaQYZMikb6
b6na74jg7RHklt4mgDHUa+90rJd8x1Kd2zSRVOo+mw==
-----END CERTIFICATE-----
Generated at Fri May 3 07:29:26 2024 by rpki-client on console-ams.rpki-client.org