Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qHxnPzWntwWmtCTTORT6OS07li4.cer
File: qHxnPzWntwWmtCTTORT6OS07li4.cer (raw, json)
Hash identifier: E1G8ADB2aqCWKYxElnZ/YgEVFwFZdkFga+wLfdHzD0Q=
Subject key identifier: A8:7C:67:3F:35:A7:B7:05:A6:B4:24:D3:39:14:FA:39:2D:3B:96:2E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8010CCC2D301B100EE9975326E5F9F3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 91.232.124.0/23
IP: 95.215.224.0/22
IP: 178.216.247.0/24
IP: 2a0c:a940::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0c:cc:2d:30:1b:10:0e:e9:97:53:26:e5:f9:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a87c673f35a7b705a6b424d33914fa392d3b962e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:94:52:53:55:67:96:c7:31:98:dd:9d:bf:
d9:03:70:1b:d8:89:14:5a:03:64:5a:61:99:ff:b3:
fe:e5:1b:4c:06:e2:05:16:59:cf:25:a4:85:39:46:
b3:05:e1:bb:84:25:aa:59:1d:b5:b9:81:05:ff:5a:
63:8e:ca:42:63:95:1b:e2:64:b2:c8:02:a8:23:60:
b1:33:56:83:17:32:08:06:4d:63:a9:f2:2f:87:75:
ab:2f:fb:a6:22:66:49:4f:df:79:ec:13:4a:a4:8b:
08:1b:59:84:e5:e5:27:44:24:54:a0:28:ca:ab:40:
2c:c1:0d:a8:7a:dc:29:d5:25:72:65:57:ce:8d:4c:
44:46:46:1e:d8:94:d9:2c:cc:a4:e0:6c:8c:c1:8a:
30:61:fb:2b:31:e5:1e:93:78:e0:24:cd:fd:a8:4c:
91:5f:af:2f:ab:a8:b8:20:2a:98:71:2a:09:a4:18:
d3:be:6c:8b:92:82:6c:fc:2c:0d:80:89:55:f0:98:
c7:01:e2:0b:cf:cd:06:3d:06:cc:10:1e:dd:8e:3a:
ac:45:97:eb:d0:bd:bf:1e:ae:53:e2:16:df:6f:b0:
a5:20:11:76:d0:c8:be:fc:aa:87:50:55:81:78:b6:
5d:45:74:47:8c:e7:9d:9d:b7:45:30:bd:e6:e2:6e:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:7C:67:3F:35:A7:B7:05:A6:B4:24:D3:39:14:FA:39:2D:3B:96:2E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/aa1af4-9256-46c8-ab02-94e647262160/1/qHxnPzWntwWmtCTTORT6OS07li4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.124.0/23
95.215.224.0/22
178.216.247.0/24
IPv6:
2a0c:a940::/29
Signature Algorithm: sha256WithRSAEncryption
5b:14:b3:c4:9d:a9:0d:1b:e1:ef:b3:6e:fc:32:90:af:11:c3:
45:32:ac:f8:5c:66:d8:3c:00:18:0b:76:c2:0d:91:5a:d8:e7:
5c:d4:47:0b:7b:a0:69:d6:e0:3d:7f:48:b9:ed:e4:f2:18:ff:
95:96:89:64:e9:53:ef:df:07:44:c7:0b:6d:8d:0a:bc:ce:de:
56:fd:f7:95:51:26:5b:a7:67:04:48:8d:d9:91:76:52:fc:97:
64:7a:93:3f:47:61:70:72:0b:f3:7f:a5:58:49:59:b7:80:07:
ad:68:b3:cd:8a:ae:7e:a9:31:32:b4:4f:42:51:a8:d7:3a:3f:
42:7f:ca:a6:8d:32:4e:dc:12:5e:30:f5:c2:f2:1b:90:2b:4e:
23:53:e3:23:6a:f5:2b:5e:90:05:92:3d:bb:dd:fd:d5:6d:40:
d7:b9:c2:0a:26:c1:f9:48:f3:6b:29:76:09:ac:cf:0c:ea:5c:
63:77:54:69:8d:a8:ec:ea:cc:78:1c:85:e2:35:f2:44:0f:08:
1a:3e:e1:02:5f:ad:7b:6d:fc:8a:d5:9a:54:2c:3c:d7:1f:f5:
bf:55:e1:39:25:3b:dc:21:fd:ce:30:b5:7c:a0:63:dc:86:c3:
6e:e1:74:19:f3:16:33:a8:92:c3:a8:69:84:23:b7:fb:90:60:
05:e1:d9:98
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzIAQzMLTAbEA7pl1Mm5fnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODdjNjczZjM1YTdiNzA1YTZiNDI0ZDMzOTE0ZmEzOTJkM2I5NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF+UUlNVZ5bHMZjdnb/ZA3Ab2IkU
WgNkWmGZ/7P+5RtMBuIFFlnPJaSFOUazBeG7hCWqWR21uYEF/1pjjspCY5Ub4mSy
yAKoI2CxM1aDFzIIBk1jqfIvh3WrL/umImZJT9957BNKpIsIG1mE5eUnRCRUoCjK
q0AswQ2oetwp1SVyZVfOjUxERkYe2JTZLMyk4GyMwYowYfsrMeUek3jgJM39qEyR
X68vq6i4ICqYcSoJpBjTvmyLkoJs/CwNgIlV8JjHAeILz80GPQbMEB7djjqsRZfr
0L2/Hq5T4hbfb7ClIBF20Mi+/KqHUFWBeLZdRXRHjOednbdFML3m4m46hwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFKh8Zz81p7cFprQk0zkU+jktO5YuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3L2FhMWFm
NC05MjU2LTQ2YzgtYWIwMi05NGU2NDcyNjIxNjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvYWExYWY0
LTkyNTYtNDZjOC1hYjAyLTk0ZTY0NzI2MjE2MC8xL3FIeG5QeldudHdXbXRDVFRP
UlQ2T1MwN2xpNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQBW+h8AwQCX9fgAwQAstj3MA0EAgACMAcDBQMq
DKlAMA0GCSqGSIb3DQEBCwUAA4IBAQBbFLPEnakNG+Hvs278MpCvEcNFMqz4XGbY
PAAYC3bCDZFa2Odc1EcLe6Bp1uA9f0i57eTyGP+Vlolk6VPv3wdExwttjQq8zt5W
/feVUSZbp2cESI3ZkXZS/JdkepM/R2Fwcgvzf6VYSVm3gAetaLPNiq5+qTEytE9C
UajXOj9Cf8qmjTJO3BJeMPXC8huQK04jU+MjavUrXpAFkj273f3VbUDXucIKJsH5
SPNrKXYJrM8M6lxjd1Rpjajs6sx4HIXiNfJEDwgaPuECX617bfyK1ZpULDzXH/W/
VeE5JTvcIf3OMLV8oGPchsNu4XQZ8xYzqJLDqGmEI7f7kGAF4dmY
-----END CERTIFICATE-----
Generated at Fri May 3 11:00:10 2024 by rpki-client on console-fra.rpki-client.org