Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tAI8jFGPpCn_yiWXe2qPhD-PDEo.cer
File: tAI8jFGPpCn_yiWXe2qPhD-PDEo.cer (raw, json)
Hash identifier: 3CnfdR3jVxazylsYJ1i4WzP5AjP0ulY56U4s7ZkeOWw=
Subject key identifier: B4:02:3C:8C:51:8F:A4:29:FF:CA:25:97:7B:6A:8F:84:3F:8F:0C:4A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC49341B149025B3C448CC05A6A070270
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/46/52f5ad-850d-4a7e-9946-3b745dd8e21e/1/tAI8jFGPpCn_yiWXe2qPhD-PDEo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/46/52f5ad-850d-4a7e-9946-3b745dd8e21e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:34 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 57977
IP: 185.39.156.0/22
IP: 192.166.140.0/22
IP: 2a04:7200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:41:b1:49:02:5b:3c:44:8c:c0:5a:6a:07:02:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4023c8c518fa429ffca25977b6a8f843f8f0c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e4:06:f3:eb:8c:e3:24:14:57:86:8a:8c:b2:
92:92:42:cb:1d:32:da:30:af:bd:60:f0:6f:a9:fd:
6f:91:f7:29:a1:9e:53:ba:28:63:6a:88:8d:9e:7d:
3e:97:3e:78:90:60:6a:30:4f:31:e7:23:5c:20:f1:
45:7a:15:79:9d:50:7c:63:b2:14:c8:f8:3a:ac:97:
d9:1f:b2:e8:94:8b:73:03:c8:a8:ab:c2:d2:15:75:
ea:26:cd:b6:cc:d1:03:39:58:a9:de:d5:f2:97:21:
e1:1e:e8:15:b1:e1:7f:74:7b:f5:f4:4e:e6:ad:7e:
fc:60:2f:f5:d8:5a:fc:49:2c:8e:69:f7:08:32:ed:
7c:6d:e9:e9:62:fd:51:2d:a0:20:08:15:ff:02:eb:
45:ce:4f:f7:e5:ef:0f:21:3a:99:32:aa:f9:a2:81:
2b:84:a0:20:85:1c:e8:d4:75:49:d9:5e:73:c8:92:
ec:cb:e2:9c:61:dd:a4:6a:83:e7:b2:b9:c9:63:d0:
be:97:a1:ad:27:55:a0:e6:96:53:67:bc:55:76:7d:
e9:7d:59:e8:a6:65:a9:69:23:cf:94:1c:19:b7:48:
37:fa:1f:6d:fc:a1:36:10:73:c6:34:2a:c7:c3:c7:
cb:76:69:fb:7d:3a:0c:bb:3e:f6:a5:df:75:81:8c:
3b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:02:3C:8C:51:8F:A4:29:FF:CA:25:97:7B:6A:8F:84:3F:8F:0C:4A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52f5ad-850d-4a7e-9946-3b745dd8e21e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52f5ad-850d-4a7e-9946-3b745dd8e21e/1/tAI8jFGPpCn_yiWXe2qPhD-PDEo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.156.0/22
192.166.140.0/22
IPv6:
2a04:7200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57977
Signature Algorithm: sha256WithRSAEncryption
97:31:20:7c:86:ee:a6:45:11:ba:70:51:05:39:96:3d:64:1d:
e3:71:27:d5:38:b3:3f:5e:e1:6f:0f:65:20:96:69:2a:5f:46:
8d:28:fb:1d:ac:be:ce:3f:3b:58:85:40:6c:27:e9:39:30:24:
ae:f4:74:cd:39:6c:e0:f3:69:3d:8f:cf:fa:21:b7:de:81:0a:
de:a9:a8:d5:3c:39:f1:11:fb:99:87:94:5a:ec:aa:fd:7f:ed:
3c:c8:ce:cf:55:9c:ef:93:f1:75:94:d0:4d:14:3c:b7:aa:4f:
04:ce:1a:66:44:c3:b2:d1:36:ff:74:09:73:c3:e2:38:71:90:
92:99:5c:5f:fa:1f:a6:c9:e0:50:69:42:9c:1e:07:c5:5b:35:
1f:0e:be:f9:cc:0b:95:d6:5a:23:29:5e:d5:be:45:c9:d3:f9:
23:92:82:31:c3:38:8e:1c:d8:40:2d:d7:c6:bb:57:04:99:77:
1d:b0:c9:c2:da:e6:ad:74:c0:ac:c0:93:58:b9:3c:c0:1d:34:
4a:1f:54:a5:6b:eb:b0:ff:21:68:84:8f:0c:ce:84:25:30:0d:
df:46:23:fd:91:65:ec:81:fb:0a:2f:be:14:83:bc:4e:92:d4:
69:45:90:02:cd:d7:57:55:26:82:62:5f:03:0b:5d:3c:d9:e2:
0d:3a:21:56
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzEk0GxSQJbPESMwFpqBwJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAyM2M4YzUxOGZhNDI5ZmZjYTI1OTc3YjZhOGY4NDNmOGYwYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneQG8+uM4yQUV4aKjLKSkkLLHTLa
MK+9YPBvqf1vkfcpoZ5TuihjaoiNnn0+lz54kGBqME8x5yNcIPFFehV5nVB8Y7IU
yPg6rJfZH7LolItzA8ioq8LSFXXqJs22zNEDOVip3tXylyHhHugVseF/dHv19E7m
rX78YC/12Fr8SSyOafcIMu18benpYv1RLaAgCBX/AutFzk/35e8PITqZMqr5ooEr
hKAghRzo1HVJ2V5zyJLsy+KcYd2kaoPnsrnJY9C+l6GtJ1Wg5pZTZ7xVdn3pfVno
pmWpaSPPlBwZt0g3+h9t/KE2EHPGNCrHw8fLdmn7fToMuz72pd91gYw7CwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFLQCPIxRj6Qp/8oll3tqj4Q/jwxKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ2LzUyZjVh
ZC04NTBkLTRhN2UtOTk0Ni0zYjc0NWRkOGUyMWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvNTJmNWFk
LTg1MGQtNGE3ZS05OTQ2LTNiNzQ1ZGQ4ZTIxZS8xL3RBSThqRkdQcENuX3lpV1hl
MnFQaEQtUERFby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuSecAwQCwKaMMA0EAgACMAcDBQMqBHIAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDieTANBgkqhkiG9w0BAQsFAAOCAQEAlzEg
fIbupkURunBRBTmWPWQd43En1TizP17hbw9lIJZpKl9GjSj7Hay+zj87WIVAbCfp
OTAkrvR0zTls4PNpPY/P+iG33oEK3qmo1Tw58RH7mYeUWuyq/X/tPMjOz1Wc75Px
dZTQTRQ8t6pPBM4aZkTDstE2/3QJc8PiOHGQkplcX/ofpsngUGlCnB4HxVs1Hw6+
+cwLldZaIyle1b5FydP5I5KCMcM4jhzYQC3XxrtXBJl3HbDJwtrmrXTArMCTWLk8
wB00Sh9UpWvrsP8haISPDM6EJTAN30Yj/ZFl7IH7Ci++FIO8TpLUaUWQAs3XV1Um
gmJfAwtdPNniDTohVg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:22:58 2024 by rpki-client on console-fra.rpki-client.org