Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/q7lESdTSRidxdzvAimJFB9pRKw0.cer
File: q7lESdTSRidxdzvAimJFB9pRKw0.cer (raw, json)
Hash identifier: bmbHtyArUDSHjoYzxz7SIkNY8YDJH6bNFNs3zzpvXu4=
Subject key identifier: AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8DE975429713B8F3C0CFE3F869811E6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 06:31:20 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 62.70.0.0/16
IP: 212.125.160.0/19
IP: 213.203.0.0/18
IP: 2a02:2ac0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:97:54:29:71:3b:8f:3c:0c:fe:3f:86:98:11:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 06:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abb94449d4d2462771773bc08a624507da512b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:c7:be:a1:51:26:4c:b2:d3:83:ca:9b:37:
81:d0:03:7b:cb:41:5f:46:41:25:2f:55:7a:06:77:
dc:51:60:73:62:d6:75:e5:bd:6f:1a:e7:37:be:a4:
61:55:db:eb:ad:86:8f:99:f0:8b:55:35:94:f4:80:
b1:30:db:0c:e0:c4:c7:1c:0e:4a:29:36:2d:f2:00:
dd:f1:55:dd:dc:fe:47:23:4b:db:82:e3:ac:2e:2c:
d1:04:22:50:e7:0d:63:a9:a6:32:6c:18:30:d3:bc:
06:35:cd:8b:76:71:31:0b:ff:c5:1e:4c:13:79:e9:
05:cd:c4:e3:b4:a6:f0:4d:7c:67:93:04:f8:5d:37:
c0:0c:6c:43:96:19:c6:12:65:da:be:f6:f4:da:d2:
12:ac:ff:40:87:69:d1:4c:78:f0:d8:fb:e1:cd:a0:
c9:d0:de:7a:0c:fc:74:1b:43:5b:82:b7:cc:7b:98:
42:0a:ae:00:fe:d5:4f:28:89:ba:a7:6c:86:38:28:
8e:a4:10:47:26:11:b3:60:55:f4:a1:3b:ed:3a:77:
27:01:12:a0:c4:c9:fd:04:d7:11:4e:b3:3e:68:ca:
47:60:90:ee:bf:95:d4:94:34:b1:9a:77:0b:5b:5b:
b6:02:c1:38:db:7e:9b:56:44:b8:8a:cd:61:49:ed:
be:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B9:44:49:D4:D2:46:27:71:77:3B:C0:8A:62:45:07:DA:51:2B:0D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/625d78-019c-4301-ba78-70c0c15bc80a/1/q7lESdTSRidxdzvAimJFB9pRKw0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.70.0.0/16
212.125.160.0/19
213.203.0.0/18
IPv6:
2a02:2ac0::/32
Signature Algorithm: sha256WithRSAEncryption
35:b9:25:ed:bc:25:b8:e5:e2:af:45:f7:77:fc:58:61:0a:ee:
21:bb:14:55:70:ba:64:63:67:55:90:65:8e:e9:bd:80:73:bd:
a5:2b:df:e7:21:fa:9b:67:c1:5f:6a:a8:22:55:49:5b:c3:af:
d5:e4:8c:95:1c:dd:e4:08:77:03:2f:40:c0:9f:25:e6:45:f6:
3d:db:06:ec:28:27:ed:3b:ec:1c:9b:02:2f:43:3e:3d:d6:b0:
00:f8:3d:83:f5:74:60:ce:07:31:ab:a8:04:75:77:29:88:52:
99:a4:87:44:74:57:b2:f5:ea:6f:1c:cf:2a:9e:0a:04:a4:eb:
29:d5:2c:05:89:83:a4:e4:cd:b6:39:6e:5f:94:90:b9:3f:09:
5e:3c:e4:50:d3:0b:07:1a:43:db:a1:04:d8:55:26:fd:83:7d:
a8:af:8e:f6:2a:44:bd:94:72:96:3c:eb:7c:38:00:93:97:ae:
00:c5:92:7a:f1:df:e2:25:92:b3:94:ac:b6:e5:ed:0e:99:60:
60:07:71:bf:db:e1:51:f4:43:a3:95:78:43:ef:56:08:62:96:
6c:1d:38:41:e3:d8:01:57:f4:7d:67:0a:e6:16:7b:bd:ed:16:
18:ef:22:33:6b:aa:21:a3:12:8b:cd:de:27:34:ae:18:e7:b8:
c4:d3:01:b8
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzI3pdUKXE7jzwM/j+GmBHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDYzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI5NDQ0OWQ0ZDI0NjI3NzE3NzNiYzA4YTYyNDUwN2RhNTEyYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth/HvqFRJkyy04PKmzeB0AN7y0Ff
RkElL1V6BnfcUWBzYtZ15b1vGuc3vqRhVdvrrYaPmfCLVTWU9ICxMNsM4MTHHA5K
KTYt8gDd8VXd3P5HI0vbguOsLizRBCJQ5w1jqaYybBgw07wGNc2LdnExC//FHkwT
eekFzcTjtKbwTXxnkwT4XTfADGxDlhnGEmXavvb02tISrP9Ah2nRTHjw2PvhzaDJ
0N56DPx0G0NbgrfMe5hCCq4A/tVPKIm6p2yGOCiOpBBHJhGzYFX0oTvtOncnARKg
xMn9BNcRTrM+aMpHYJDuv5XUlDSxmncLW1u2AsE4236bVkS4is1hSe2+pwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFKu5REnU0kYncXc7wIpiRQfaUSsNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVlLzYyNWQ3
OC0wMTljLTQzMDEtYmE3OC03MGMwYzE1YmM4MGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUvNjI1ZDc4
LTAxOWMtNDMwMS1iYTc4LTcwYzBjMTViYzgwYS8xL3E3bEVTZFRTUmlkeGR6dkFp
bUpGQjlwUkt3MC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUF
BwEHAQH/BCowKDAXBAIAATARAwMAPkYDBAXUfaADBAbVywAwDQQCAAIwBwMFACoC
KsAwDQYJKoZIhvcNAQELBQADggEBADW5Je28Jbjl4q9F93f8WGEK7iG7FFVwumRj
Z1WQZY7pvYBzvaUr3+ch+ptnwV9qqCJVSVvDr9XkjJUc3eQIdwMvQMCfJeZF9j3b
BuwoJ+077BybAi9DPj3WsAD4PYP1dGDOBzGrqAR1dymIUpmkh0R0V7L16m8czyqe
CgSk6ynVLAWJg6TkzbY5bl+UkLk/CV485FDTCwcaQ9uhBNhVJv2DfaivjvYqRL2U
cpY863w4AJOXrgDFknrx3+IlkrOUrLbl7Q6ZYGAHcb/b4VH0Q6OVeEPvVghilmwd
OEHj2AFX9H1nCuYWe73tFhjvIjNrqiGjEovN3ic0rhjnuMTTAbg=
-----END CERTIFICATE-----
Generated at Fri May 3 08:19:18 2024 by rpki-client on console-fra.rpki-client.org