Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/qY7r7ZdT9YC-p1s1LnBjJaGNFEc.cer
File: qY7r7ZdT9YC-p1s1LnBjJaGNFEc.cer (raw, json)
Hash identifier: SKdl49vLOXDIK1mFkSGul8ZFHWiD4R4FbcBQ79ammpY=
Subject key identifier: A9:8E:EB:ED:97:53:F5:80:BE:A7:5B:35:2E:70:63:25:A1:8D:14:47
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4934CDDF9C2C0115244A8430C0C1FF2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/a74744-ed48-4707-a63e-52f6919139c4/1/qY7r7ZdT9YC-p1s1LnBjJaGNFEc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/a74744-ed48-4707-a63e-52f6919139c4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:37 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 185.57.136.0/22
IP: 2a04:ddc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4c:dd:f9:c2:c0:11:52:44:a8:43:0c:0c:1f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a98eebed9753f580bea75b352e706325a18d1447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:62:65:1e:ad:d7:50:92:da:52:dc:ce:4e:12:
72:b8:f7:17:75:46:75:8a:58:08:b6:eb:cf:6c:1b:
e3:6b:82:7c:f1:e8:ed:a1:c2:5e:cd:4f:73:74:e4:
af:09:8e:bf:e0:e1:3f:da:36:c6:d7:0c:43:00:ba:
24:78:8b:ae:60:e2:17:b0:be:e3:da:66:3e:64:8c:
ad:0c:f4:91:c1:8e:3f:30:da:d3:73:69:2e:35:68:
b1:f8:20:43:2e:7e:b9:c7:ca:f1:e0:ba:9e:95:59:
ab:e9:b1:b0:d9:6e:a9:17:ae:50:c6:9d:d3:1f:08:
39:a5:0c:97:32:e4:27:8a:d5:b2:fa:0e:36:30:62:
1b:1c:c9:64:5c:6b:57:f2:87:7d:d7:f2:0e:8e:43:
1e:19:de:55:c5:44:3e:4b:02:7b:49:4a:de:62:6a:
73:30:9c:ed:92:ce:13:b2:02:ff:76:37:5d:45:45:
0c:b1:c4:5c:d8:a6:97:0c:3a:b4:e2:ef:d8:06:70:
97:02:9b:56:2b:4c:4b:1f:90:78:8b:2a:82:23:81:
d8:94:c1:f7:06:f4:ef:7e:0d:e6:76:c9:5c:80:cc:
e4:33:90:d8:da:f2:ab:ab:87:cf:8b:49:5a:d3:d5:
8c:25:36:6e:dd:da:fc:e8:a4:a9:7b:e2:98:ee:4b:
68:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:EB:ED:97:53:F5:80:BE:A7:5B:35:2E:70:63:25:A1:8D:14:47
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a74744-ed48-4707-a63e-52f6919139c4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a74744-ed48-4707-a63e-52f6919139c4/1/qY7r7ZdT9YC-p1s1LnBjJaGNFEc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.136.0/22
IPv6:
2a04:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:31:2b:c1:53:70:11:c7:b6:86:86:2d:3b:80:aa:90:7d:6f:
50:1e:c0:0f:96:04:cb:7c:cf:50:5b:30:ca:32:33:80:a5:6a:
b1:4b:bb:99:b8:d4:97:01:f5:5f:db:c1:03:35:bf:a9:d6:8c:
0c:b0:c9:7f:7b:d5:48:ad:67:28:fd:fb:28:12:db:05:e5:79:
de:f9:30:95:5d:b3:be:1e:2e:0f:04:61:0e:c7:53:1f:c8:34:
88:55:49:50:70:e7:a4:5d:58:aa:82:c1:fc:cf:40:17:fa:45:
f3:34:dd:15:5d:ca:34:e0:da:18:2f:83:d5:58:8c:49:6f:9b:
5b:6a:34:a1:a9:23:35:4c:9a:18:5e:92:1a:ea:37:3f:14:32:
9b:18:71:7d:b6:63:3c:7b:bc:7a:4f:1b:28:ab:dc:c0:cc:96:
25:3b:6e:72:d4:29:4c:c4:72:1a:7e:c5:e1:d1:14:5b:85:97:
21:15:f5:ef:38:5d:f5:f8:4b:6d:9d:c1:dc:d7:4f:39:a8:dd:
54:42:2e:bd:c8:79:17:73:53:9f:8e:a9:96:95:db:8a:12:42:
d7:98:03:4a:f3:96:3a:4b:10:65:6f:15:e0:e9:6e:20:57:be:
5d:95:64:98:86:9c:ec:1a:a6:11:bd:43:cb:e1:83:9a:b4:0a:
79:e8:44:34
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYzEk0zd+cLAEVJEqEMMDB/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlZWJlZDk3NTNmNTgwYmVhNzViMzUyZTcwNjMyNWExOGQxNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWJlHq3XUJLaUtzOThJyuPcXdUZ1
ilgItuvPbBvja4J88ejtocJezU9zdOSvCY6/4OE/2jbG1wxDALokeIuuYOIXsL7j
2mY+ZIytDPSRwY4/MNrTc2kuNWix+CBDLn65x8rx4LqelVmr6bGw2W6pF65Qxp3T
Hwg5pQyXMuQnitWy+g42MGIbHMlkXGtX8od91/IOjkMeGd5VxUQ+SwJ7SUreYmpz
MJztks4TsgL/djddRUUMscRc2KaXDDq04u/YBnCXAptWK0xLH5B4iyqCI4HYlMH3
BvTvfg3mdslcgMzkM5DY2vKrq4fPi0la09WMJTZu3dr86KSpe+KY7ktoxwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFKmO6+2XU/WAvqdbNS5wYyWhjRRHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhL2E3NDc0
NC1lZDQ4LTQ3MDctYTYzZS01MmY2OTE5MTM5YzQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvYTc0NzQ0
LWVkNDgtNDcwNy1hNjNlLTUyZjY5MTkxMzljNC8xL3FZN3I3WmRUOVlDLXAxczFM
bkJqSmFHTkZFYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTmIMA0EAgACMAcDBQMqBN3AMA0GCSqGSIb3
DQEBCwUAA4IBAQBsMSvBU3ARx7aGhi07gKqQfW9QHsAPlgTLfM9QWzDKMjOApWqx
S7uZuNSXAfVf28EDNb+p1owMsMl/e9VIrWco/fsoEtsF5Xne+TCVXbO+Hi4PBGEO
x1MfyDSIVUlQcOekXViqgsH8z0AX+kXzNN0VXco04NoYL4PVWIxJb5tbajShqSM1
TJoYXpIa6jc/FDKbGHF9tmM8e7x6Txsoq9zAzJYlO25y1ClMxHIafsXh0RRbhZch
FfXvOF31+EttncHc1085qN1UQi69yHkXc1OfjqmWlduKEkLXmANK85Y6SxBlbxXg
6W4gV75dlWSYhpzsGqYRvUPL4YOatAp56EQ0
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:04:15 2024 by rpki-client on console-ams.rpki-client.org