Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tHFL_Zgu0pflxz7OdNIi5SdMH7U.cer
File: tHFL_Zgu0pflxz7OdNIi5SdMH7U.cer (raw, json)
Hash identifier: 71OlQZJX42lMTfLNVCdzqu4E3d48IMPFDzp1P52zKqA=
Subject key identifier: B4:71:4B:FD:98:2E:D2:97:E5:C7:3E:CE:74:D2:22:E5:27:4C:1F:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC86F1129A65B9F08E9070BF707E2A2B4
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 04:29:31 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 212430
IP: 2001:67c:209c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:11:29:a6:5b:9f:08:e9:07:0b:f7:07:e2:a2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4714bfd982ed297e5c73ece74d222e5274c1fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:26:5b:92:6e:23:98:89:6d:5d:20:c5:23:a1:
10:5f:2f:f9:b0:c1:87:30:70:4e:8d:83:72:1c:ca:
e2:c3:bf:c4:64:8f:88:c2:bc:09:a1:08:9d:49:b6:
4b:e4:f5:98:e4:d2:ce:d0:d3:68:d3:26:7f:29:d8:
a8:6c:10:ad:2a:f1:6f:48:b5:78:4a:2d:d0:8a:e3:
92:64:b8:73:0e:e7:ec:7c:5c:3b:84:e9:60:46:a9:
9b:ae:45:b1:9e:30:c6:01:0f:42:ba:23:aa:5f:31:
f7:30:6c:2d:d5:7f:5f:0d:b3:ee:38:52:83:e4:d7:
9b:5c:37:04:d6:7f:c1:c0:2e:be:ab:f8:65:9c:1f:
14:63:3d:bd:fe:9d:e6:34:7d:c6:8b:f7:af:75:12:
bc:ec:89:df:7e:aa:1c:e7:73:04:80:af:3b:3d:65:
67:51:7d:1c:70:ac:f4:84:e4:70:c8:f1:45:9e:12:
8d:a6:8e:d4:f0:1d:24:0b:94:5d:05:f1:3c:fe:b3:
c3:28:c2:3f:88:bb:87:cb:33:1e:cd:39:ee:05:9d:
08:41:69:dd:cf:43:c7:9b:69:85:19:5b:65:62:25:
05:cb:4e:b6:8a:46:02:62:85:46:71:72:b4:b6:09:
3e:55:31:bb:86:e7:be:df:04:56:46:a2:b9:4d:6d:
74:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:71:4B:FD:98:2E:D2:97:E5:C7:3E:CE:74:D2:22:E5:27:4C:1F:B5
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/cf7718-274d-412b-b755-62ea1e7e8fc6/1/tHFL_Zgu0pflxz7OdNIi5SdMH7U.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:209c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212430
Signature Algorithm: sha256WithRSAEncryption
87:19:6d:7f:41:d8:45:d6:1d:ee:d0:e1:80:ee:f6:7e:c9:1f:
0f:6d:06:89:e3:eb:c1:d2:78:06:83:e1:13:fa:dc:18:b3:12:
c2:2f:78:af:27:d0:d7:9d:98:47:0f:e5:78:52:50:e6:cd:d3:
0d:b5:67:b3:e9:6c:15:26:26:dc:5a:1a:40:fa:e4:08:53:a5:
c7:03:53:27:62:73:3d:9e:05:ce:35:07:b7:7b:3e:93:f6:33:
6a:e3:21:1b:9f:1b:78:53:90:aa:48:02:78:69:eb:f7:a9:0a:
f5:c9:4e:e1:fb:50:a9:13:50:0a:34:15:39:fc:ce:16:3f:c5:
16:eb:a7:68:6e:44:5f:4a:74:e5:e8:cd:37:2b:56:50:30:73:
05:78:f8:6f:ef:68:71:8c:94:d8:f2:44:52:df:ba:e3:55:72:
68:ec:17:60:4e:83:81:28:72:8b:c8:2c:8d:61:e3:9e:30:a0:
e8:29:50:ec:7f:24:4c:2b:01:5b:17:55:f1:ca:d0:e1:ab:a7:
62:4d:3b:1d:19:d4:91:14:ca:14:fc:f8:99:15:e1:09:ad:e7:
25:d2:30:82:e9:f7:21:03:0f:0a:42:d1:df:6f:1c:60:59:20:
72:78:ac:25:e4:83:e0:8b:46:be:02:64:d4:fe:57:ae:5b:f0:
1c:e3:72:6f
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYzIbxEpplufCOkHC/cH4qK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcxNGJmZDk4MmVkMjk3ZTVjNzNlY2U3NGQyMjJlNTI3NGMxZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryZbkm4jmIltXSDFI6EQXy/5sMGH
MHBOjYNyHMriw7/EZI+IwrwJoQidSbZL5PWY5NLO0NNo0yZ/KdiobBCtKvFvSLV4
Si3QiuOSZLhzDufsfFw7hOlgRqmbrkWxnjDGAQ9CuiOqXzH3MGwt1X9fDbPuOFKD
5NebXDcE1n/BwC6+q/hlnB8UYz29/p3mNH3Gi/evdRK87Inffqoc53MEgK87PWVn
UX0ccKz0hORwyPFFnhKNpo7U8B0kC5RdBfE8/rPDKMI/iLuHyzMezTnuBZ0IQWnd
z0PHm2mFGVtlYiUFy062ikYCYoVGcXK0tgk+VTG7hue+3wRWRqK5TW10QwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFLRxS/2YLtKX5cc+znTSIuUnTB+1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAxL2NmNzcx
OC0yNzRkLTQxMmItYjc1NS02MmVhMWU3ZThmYzYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEvY2Y3NzE4
LTI3NGQtNDEyYi1iNzU1LTYyZWExZTdlOGZjNi8xL3RIRkxfWmd1MHBmbHh6N09k
TklpNVNkTUg3VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCCcMBoGCCsGAQUFBwEIAQH/BAswCaAH
MAUCAwM9zjANBgkqhkiG9w0BAQsFAAOCAQEAhxltf0HYRdYd7tDhgO72fskfD20G
iePrwdJ4BoPhE/rcGLMSwi94ryfQ152YRw/leFJQ5s3TDbVns+lsFSYm3FoaQPrk
CFOlxwNTJ2JzPZ4FzjUHt3s+k/YzauMhG58beFOQqkgCeGnr96kK9clO4ftQqRNQ
CjQVOfzOFj/FFuunaG5EX0p05ejNNytWUDBzBXj4b+9ocYyU2PJEUt+641VyaOwX
YE6DgShyi8gsjWHjnjCg6ClQ7H8kTCsBWxdV8crQ4aunYk07HRnUkRTKFPz4mRXh
Ca3nJdIwgun3IQMPCkLR328cYFkgcnisJeSD4ItGvgJk1P5XrlvwHONybw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:07:55 2024 by rpki-client on console-fra.rpki-client.org