Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qGBDVsdQGuIQSyzO087cXb3BFjs.cer
File: qGBDVsdQGuIQSyzO087cXb3BFjs.cer (raw, json)
Hash identifier: 8Nmy1nv6/HoRlukqY29F2LsEaZqp7fZCwa4/jDh+nwc=
Subject key identifier: A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC50043965E534B3B996FDFE6384961E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/qGBDVsdQGuIQSyzO087cXb3BFjs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 12:29:38 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.68.152.0/22
IP: 185.94.32.0/22
IP: 2a04:3840::/29
IP: 2a05:1900::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:43:96:5e:53:4b:3b:99:6f:df:e6:38:49:61:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 12:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8604356c7501ae2104b2cced3cedc5dbdc1163b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6e:80:1d:4a:8d:6f:2e:8c:e7:a9:e8:33:28:
ac:51:c5:02:a5:28:6d:97:92:cf:fa:e3:ed:c5:b8:
6a:9c:1c:a2:f7:84:21:7d:59:fc:d1:ae:1e:12:0f:
a6:c6:29:ea:f7:5b:33:87:b7:c7:01:00:54:0c:d3:
a3:9d:2d:e8:f4:c7:07:09:4a:e0:ff:1a:e9:00:c1:
47:43:d4:f2:e1:be:a4:5d:7f:b9:60:b0:8e:78:11:
88:9e:19:6e:34:b7:32:b0:ef:1a:31:a1:f9:62:6d:
a9:ae:cf:b3:62:c5:cb:a5:55:62:b8:83:28:aa:4b:
7d:ca:97:1c:57:a9:f6:7b:e5:de:cb:09:81:a1:c5:
2a:c9:ca:cd:ea:bd:95:c9:b2:bb:23:a5:f9:dd:1c:
8f:9c:66:9e:84:64:15:32:22:f0:b7:06:b3:e7:5b:
57:37:fb:87:76:21:e5:e5:3f:d0:32:7b:43:ce:c5:
16:41:47:cc:f7:94:83:17:b7:f1:45:1c:c9:ef:22:
a0:9d:92:d0:5d:87:a2:a0:fc:42:7d:2f:a8:ce:e8:
35:ab:c2:65:c6:dd:18:21:07:5c:76:d3:cf:d8:63:
71:52:49:c6:4d:23:47:3a:b6:f7:47:a2:1d:8f:48:
be:43:d4:1b:2e:cc:4b:90:87:8a:f4:02:7c:e1:41:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:60:43:56:C7:50:1A:E2:10:4B:2C:CE:D3:CE:DC:5D:BD:C1:16:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/458501-acab-42ed-8a6a-7bebbb70c050/1/qGBDVsdQGuIQSyzO087cXb3BFjs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.152.0/22
185.94.32.0/22
IPv6:
2a04:3840::/29
2a05:1900::/29
Signature Algorithm: sha256WithRSAEncryption
ac:2c:5a:91:7b:e4:d4:bc:8c:9c:ef:7f:80:e5:c7:63:5f:5d:
f4:bf:fc:66:98:0b:81:37:74:9f:49:21:c9:1e:3e:6e:e8:35:
45:7e:d9:91:4a:4b:d0:58:ad:42:39:0d:b0:16:d8:40:e5:08:
d4:a4:b2:eb:2c:b0:e0:05:7b:ac:9f:9e:26:21:16:7e:53:63:
c6:19:38:4f:25:72:12:e5:fb:45:d7:3f:bf:9a:29:12:3f:e2:
d8:e5:e4:55:d0:35:4a:62:8a:73:7f:09:b4:1e:8b:1f:65:65:
53:62:74:64:f4:cd:33:cb:34:04:69:5e:c3:da:26:2d:37:81:
b9:28:95:65:51:1a:65:15:39:70:09:68:6a:85:a0:0c:04:e5:
31:23:a4:04:dd:d0:c6:93:bf:36:d0:32:b8:76:2b:c9:90:50:
95:e1:3e:e0:4e:c8:f0:e6:70:ea:98:da:e9:e8:d6:96:0b:b7:
99:f6:91:ae:4f:1a:2f:22:67:a5:5d:41:4f:cf:d1:b5:78:af:
77:1e:7a:03:b2:69:c3:5d:b6:78:62:28:51:89:1a:8a:24:09:
e6:33:f7:6b:71:b9:aa:d2:94:83:96:5b:c1:5b:4f:f2:6a:ae:
22:98:4c:ed:66:bc:98:0d:7c:dc:7f:62:1f:92:9d:68:f7:2a:
47:dc:e6:8c
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzFAEOWXlNLO5lv3+Y4SWHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYwNDM1NmM3NTAxYWUyMTA0YjJjY2VkM2NlZGM1ZGJkYzExNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm6AHUqNby6M56noMyisUcUCpSht
l5LP+uPtxbhqnByi94QhfVn80a4eEg+mxinq91szh7fHAQBUDNOjnS3o9McHCUrg
/xrpAMFHQ9Ty4b6kXX+5YLCOeBGInhluNLcysO8aMaH5Ym2prs+zYsXLpVViuIMo
qkt9ypccV6n2e+XeywmBocUqycrN6r2VybK7I6X53RyPnGaehGQVMiLwtwaz51tX
N/uHdiHl5T/QMntDzsUWQUfM95SDF7fxRRzJ7yKgnZLQXYeioPxCfS+ozug1q8Jl
xt0YIQdcdtPP2GNxUknGTSNHOrb3R6Idj0i+Q9QbLsxLkIeK9AJ84UGywQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKhgQ1bHUBriEEssztPO3F29wRY7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzQ1ODUw
MS1hY2FiLTQyZWQtOGE2YS03YmViYmI3MGMwNTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNDU4NTAx
LWFjYWItNDJlZC04YTZhLTdiZWJiYjcwYzA1MC8xL3FHQkRWc2RRR3VJUVN5ek8w
ODdjWGIzQkZqcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsGCCsGAQUF
BwEHAQH/BCwwKjASBAIAATAMAwQCuUSYAwQCuV4gMBQEAgACMA4DBQMqBDhAAwUD
KgUZADANBgkqhkiG9w0BAQsFAAOCAQEArCxakXvk1LyMnO9/gOXHY19d9L/8ZpgL
gTd0n0khyR4+bug1RX7ZkUpL0FitQjkNsBbYQOUI1KSy6yyw4AV7rJ+eJiEWflNj
xhk4TyVyEuX7Rdc/v5opEj/i2OXkVdA1SmKKc38JtB6LH2VlU2J0ZPTNM8s0BGle
w9omLTeBuSiVZVEaZRU5cAloaoWgDATlMSOkBN3QxpO/NtAyuHYryZBQleE+4E7I
8OZw6pja6ejWlgu3mfaRrk8aLyJnpV1BT8/RtXivdx56A7Jpw122eGIoUYkaiiQJ
5jP3a3G5qtKUg5ZbwVtP8mquIphM7Wa8mA183H9iH5KdaPcqR9zmjA==
-----END CERTIFICATE-----
Generated at Fri May 3 11:00:09 2024 by rpki-client on console-fra.rpki-client.org