Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/pX8pGBjYcZc4Jo2ESZSi4Qgk1Mk.cer
File: pX8pGBjYcZc4Jo2ESZSi4Qgk1Mk.cer (raw, json)
Hash identifier: 4KMGJAffAra8TueNZcsr/GqeeFvGF5AtaOtbdX9JTkY=
Subject key identifier: A5:7F:29:18:18:D8:71:97:38:26:8D:84:49:94:A2:E1:08:24:D4:C9
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC5DBFAB3CF2D7350028863D49B0C3B58
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c7/963a83-d2d1-464c-bdb0-b1a9793ee324/1/pX8pGBjYcZc4Jo2ESZSi4Qgk1Mk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c7/963a83-d2d1-464c-bdb0-b1a9793ee324/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 16:29:37 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 209993
IP: 45.90.192.0/22
IP: 2a0e:240::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fa:b3:cf:2d:73:50:02:88:63:d4:9b:0c:3b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a57f291818d8719738268d844994a2e10824d4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3c:12:48:c3:60:54:8e:9e:d3:ec:1e:b8:7b:
bb:8c:e7:83:f4:79:7d:93:fc:18:83:68:69:55:94:
b4:d1:51:9e:e0:47:eb:9d:e7:ae:61:27:65:8a:82:
05:71:fd:78:fc:e8:c8:87:d6:ba:fb:47:70:7f:d0:
2d:1f:aa:67:10:b5:b1:b8:3a:4f:3a:6d:fa:84:3c:
9b:3d:eb:5e:a3:ca:77:9e:ac:97:5f:d8:f3:7c:d3:
3c:52:fc:3f:67:b3:d2:00:d8:c3:ea:fc:60:49:15:
01:d0:c4:20:d7:32:d8:2b:d6:57:fd:87:19:63:77:
d9:44:3e:3b:59:29:72:c3:83:31:7e:7a:a1:2a:ee:
ee:b7:10:4e:27:53:05:2a:2a:6b:06:4b:09:7c:01:
51:5c:7d:41:96:9e:92:56:49:9e:34:d7:c4:48:11:
cb:ed:71:dc:52:a7:75:f8:1b:3d:1f:44:93:1d:61:
fa:a2:bf:7d:2a:c3:5e:9b:6b:0a:42:5f:f3:06:12:
6f:04:ae:49:b2:1a:15:50:4b:97:d0:4f:5e:e8:b8:
0c:00:ac:98:18:54:97:fa:01:b4:0e:cb:37:c1:e4:
91:28:ce:72:b5:8b:7f:75:df:1f:8b:ca:11:5e:22:
11:52:30:b8:a5:a2:e9:d9:19:a2:61:b9:1e:f0:72:
b3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7F:29:18:18:D8:71:97:38:26:8D:84:49:94:A2:E1:08:24:D4:C9
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/963a83-d2d1-464c-bdb0-b1a9793ee324/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/963a83-d2d1-464c-bdb0-b1a9793ee324/1/pX8pGBjYcZc4Jo2ESZSi4Qgk1Mk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.192.0/22
IPv6:
2a0e:240::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209993
Signature Algorithm: sha256WithRSAEncryption
ac:43:18:fe:db:f6:40:78:4f:4a:01:36:44:ce:b4:f3:4b:f3:
53:2d:a4:fe:53:29:38:0b:73:b8:40:52:46:ac:5b:9b:88:73:
dd:f6:4a:ee:4c:54:ed:39:d6:06:97:70:ea:74:e6:7f:5d:f1:
3a:95:d4:64:a4:32:37:9c:0f:46:83:fe:ad:1f:e8:be:db:3e:
39:5f:d7:b2:af:89:82:80:8e:da:af:e5:83:ab:e7:07:25:0b:
9e:87:06:f0:e7:5e:00:d9:b5:29:97:37:a2:d5:28:6c:77:a9:
2b:1f:72:9f:a0:69:d4:43:c0:d6:bc:7a:a8:f6:f3:7e:42:db:
1f:eb:f3:34:d2:e1:c8:4c:a3:39:30:f4:7a:4a:f2:87:d9:49:
43:bb:bf:26:c0:2a:ff:fb:db:31:b8:ba:46:0c:e6:19:cc:c5:
7f:92:f9:24:83:31:74:51:6e:19:fd:28:39:48:31:96:b2:23:
f5:73:07:49:2d:d9:52:aa:1e:0d:c8:35:f6:53:50:a1:c6:19:
db:c5:40:ad:da:98:4c:2b:ed:04:a9:6f:f2:9b:fa:0f:47:9a:
0c:03:53:1c:d4:96:32:26:a3:c4:25:f5:13:13:e0:e9:8f:43:
92:fd:ae:30:95:d2:7e:89:e0:a5:69:a3:28:2c:01:c3:e6:62:
f7:fe:e6:af
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzF2/qzzy1zUAKIY9SbDDtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTdmMjkxODE4ZDg3MTk3MzgyNjhkODQ0OTk0YTJlMTA4MjRkNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDwSSMNgVI6e0+weuHu7jOeD9Hl9
k/wYg2hpVZS00VGe4EfrneeuYSdlioIFcf14/OjIh9a6+0dwf9AtH6pnELWxuDpP
Om36hDybPeteo8p3nqyXX9jzfNM8Uvw/Z7PSANjD6vxgSRUB0MQg1zLYK9ZX/YcZ
Y3fZRD47WSlyw4MxfnqhKu7utxBOJ1MFKiprBksJfAFRXH1Blp6SVkmeNNfESBHL
7XHcUqd1+Bs9H0STHWH6or99KsNem2sKQl/zBhJvBK5JshoVUEuX0E9e6LgMAKyY
GFSX+gG0Dss3weSRKM5ytYt/dd8fi8oRXiIRUjC4paLp2RmiYbke8HKz7QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFKV/KRgY2HGXOCaNhEmUouEIJNTJMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M3Lzk2M2E4
My1kMmQxLTQ2NGMtYmRiMC1iMWE5NzkzZWUzMjQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcvOTYzYTgz
LWQyZDEtNDY0Yy1iZGIwLWIxYTk3OTNlZTMyNC8xL3BYOHBHQmpZY1pjNEpvMkVT
WlNpNFFnazFNay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVrAMA0EAgACMAcDBQMqDgJAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwM0STANBgkqhkiG9w0BAQsFAAOCAQEArEMY/tv2QHhP
SgE2RM6080vzUy2k/lMpOAtzuEBSRqxbm4hz3fZK7kxU7TnWBpdw6nTmf13xOpXU
ZKQyN5wPRoP+rR/ovts+OV/Xsq+JgoCO2q/lg6vnByULnocG8OdeANm1KZc3otUo
bHepKx9yn6Bp1EPA1rx6qPbzfkLbH+vzNNLhyEyjOTD0ekryh9lJQ7u/JsAq//vb
Mbi6RgzmGczFf5L5JIMxdFFuGf0oOUgxlrIj9XMHSS3ZUqoeDcg19lNQocYZ28VA
rdqYTCvtBKlv8pv6D0eaDANTHNSWMiajxCX1ExPg6Y9Dkv2uMJXSfongpWmjKCwB
w+Zi9/7mrw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:21:59 2024 by rpki-client on console-fra.rpki-client.org