Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/suTT3a_E97-6XbYHoDPzYhCMqFA.cer
File: suTT3a_E97-6XbYHoDPzYhCMqFA.cer (raw, json)
Hash identifier: mJ0VPNo3KEB4lyiRmhprjsjzJypD7y4ZeRuJVngWjvs=
Subject key identifier: B2:E4:D3:DD:AF:C4:F7:BF:BA:5D:B6:07:A0:33:F3:62:10:8C:A8:50
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019265C564BC8339A6CB3115A9C2C197C374
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/e292649c-2f1e-4e3a-9731-5b4a6e276845/0/B2E4D3DDAFC4F7BFBA5DB607A033F362108CA850.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/e292649c-2f1e-4e3a-9731-5b4a6e276845/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Mon 07 Oct 2024 06:58:08 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 214819
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:c5:64:bc:83:39:a6:cb:31:15:a9:c2:c1:97:c3:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Oct 7 06:58:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2e4d3ddafc4f7bfba5db607a033f362108ca850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:58:e9:ff:7b:63:d4:fc:58:78:4e:da:e8:
f0:68:75:29:5f:c5:cd:87:76:6c:17:cd:5c:c3:58:
fe:d7:0a:02:7f:96:55:ff:82:39:7a:a4:4b:d7:db:
1b:5f:d9:6d:4f:9c:8e:1d:78:0d:4b:63:89:ba:f5:
7c:a5:8e:82:23:ea:8e:64:0a:2d:1f:f5:46:e9:f3:
aa:7c:4f:08:b2:21:ec:41:50:c3:9f:d8:4c:33:bc:
fa:d1:e8:74:7f:7c:c7:cc:cd:94:d0:d9:eb:84:83:
14:49:92:2d:bd:f7:8f:fa:db:55:5a:50:af:0e:e9:
4a:47:89:f0:6d:cb:fb:80:f6:95:a9:03:a1:d6:31:
97:94:74:59:ef:4e:30:ac:bf:4d:16:b9:9d:ae:e6:
68:34:df:ba:b7:b9:10:06:38:7f:73:48:92:64:7f:
b1:0d:35:5d:7c:44:13:e1:09:b3:f4:a3:96:fa:19:
37:39:b2:3f:42:1b:4d:20:40:31:23:a8:cc:59:d4:
fc:48:21:be:68:1d:6a:39:cb:ee:41:65:d9:2a:f1:
10:cf:d1:cf:5d:26:0b:1c:a6:ef:49:2e:59:19:47:
3b:ac:d8:b4:2f:31:0a:b6:07:72:d6:4b:37:ed:f9:
f4:40:88:92:c2:21:f5:42:2a:c1:e6:b9:07:25:6e:
69:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E4:D3:DD:AF:C4:F7:BF:BA:5D:B6:07:A0:33:F3:62:10:8C:A8:50
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/e292649c-2f1e-4e3a-9731-5b4a6e276845/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/e292649c-2f1e-4e3a-9731-5b4a6e276845/0/B2E4D3DDAFC4F7BFBA5DB607A033F362108CA850.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214819
Signature Algorithm: sha256WithRSAEncryption
4d:15:ab:1d:cf:64:cf:d6:e4:83:24:55:63:e2:9d:fd:49:64:
f6:1e:f8:22:52:af:24:c2:95:ea:78:ef:03:ed:65:1f:ec:6b:
4a:f8:83:f7:d7:73:a8:70:72:5b:94:56:62:b9:97:f2:4d:d8:
fa:f7:22:a7:18:96:dd:d1:f8:4c:0c:18:d7:74:8f:73:51:76:
6e:f3:ad:6b:50:88:8e:c5:25:c2:2b:da:a5:1c:d0:e0:f0:74:
6f:3e:b7:88:eb:f7:18:a6:a9:e0:1e:f4:e4:99:b8:24:1a:28:
13:33:71:c3:15:fe:73:b0:80:3a:39:b6:2d:2c:0e:ff:50:76:
70:9e:22:45:73:c6:3c:d4:27:2b:24:a0:c6:50:f6:8a:24:06:
60:20:85:23:65:1a:f5:38:e9:35:41:a0:14:7e:6b:e5:ef:9b:
66:a2:22:06:9d:db:5f:a0:26:e1:ea:37:a2:49:a1:eb:8d:be:
e9:38:2a:d8:6a:ae:06:43:f4:1b:3f:09:b4:88:9c:0a:39:da:
94:23:43:9e:79:d3:de:82:ad:a5:dd:ba:9c:7b:fe:fd:14:43:
44:6d:a7:be:26:c6:8f:85:b1:3f:36:63:b6:d7:da:c1:ef:16:
2f:2c:2c:66:73:75:ce:fd:4e:61:96:4b:42:89:dc:55:79:7c:
8d:4d:fa:ff
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZJlxWS8gzmmyzEVqcLBl8N0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQxMDA3MDY1ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU0ZDNkZGFmYzRmN2JmYmE1ZGI2MDdhMDMzZjM2MjEwOGNhODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqydY6f97Y9T8WHhO2ujwaHUpX8XN
h3ZsF81cw1j+1woCf5ZV/4I5eqRL19sbX9ltT5yOHXgNS2OJuvV8pY6CI+qOZAot
H/VG6fOqfE8IsiHsQVDDn9hMM7z60eh0f3zHzM2U0NnrhIMUSZItvfeP+ttVWlCv
DulKR4nwbcv7gPaVqQOh1jGXlHRZ704wrL9NFrmdruZoNN+6t7kQBjh/c0iSZH+x
DTVdfEQT4Qmz9KOW+hk3ObI/QhtNIEAxI6jMWdT8SCG+aB1qOcvuQWXZKvEQz9HP
XSYLHKbvSS5ZGUc7rNi0LzEKtgdy1ks37fn0QIiSwiH1QirB5rkHJW5pvwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFLLk092vxPe/ul22B6Az82IQjKhQMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2UyOTI2
NDljLTJmMWUtNGUzYS05NzMxLTViNGE2ZTI3Njg0NS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTI5
MjY0OWMtMmYxZS00ZTNhLTk3MzEtNWI0YTZlMjc2ODQ1LzAvQjJFNEQzRERBRkM0
RjdCRkJBNURCNjA3QTAzM0YzNjIxMDhDQTg1MC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDRyMw
DQYJKoZIhvcNAQELBQADggEBAE0Vqx3PZM/W5IMkVWPinf1JZPYe+CJSryTClep4
7wPtZR/sa0r4g/fXc6hwcluUVmK5l/JN2Pr3IqcYlt3R+EwMGNd0j3NRdm7zrWtQ
iI7FJcIr2qUc0ODwdG8+t4jr9ximqeAe9OSZuCQaKBMzccMV/nOwgDo5ti0sDv9Q
dnCeIkVzxjzUJyskoMZQ9ookBmAghSNlGvU46TVBoBR+a+Xvm2aiIgad21+gJuHq
N6JJoeuNvuk4KthqrgZD9Bs/CbSInAo52pQjQ555096CraXdupx7/v0UQ0Rtp74m
xo+FsT82Y7bX2sHvFi8sLGZzdc79TmGWS0KJ3FV5fI1N+v8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:31:49 2024 by rpki-client on console-fra.rpki-client.org