Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
File: tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer (raw, json)
Hash identifier: Gfiz/iVc3UmrHQ7ZsFJAC97atUzHoAq8m9kPooD00WM=
Subject key identifier: B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC3B676481E6D304864EEAC1A80E330C7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 06:29:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 213216
IP: 2a13:7fc0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:76:48:1e:6d:30:48:64:ee:ac:1a:80:e3:30:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:ea:d6:5e:4c:22:3d:da:0a:56:8c:71:19:
04:68:d7:87:0d:f7:e4:2a:5d:a0:ea:92:95:a7:ce:
9d:8e:fd:ac:26:09:18:88:7d:99:7c:81:43:df:ee:
25:48:04:bc:dd:d1:15:0c:09:5c:52:f9:9d:45:3b:
a8:f3:26:e4:99:5a:3c:53:81:15:05:d7:2b:bd:ec:
7f:98:e4:cb:db:38:27:3e:84:f6:ca:e8:0b:c1:64:
8a:30:f1:03:a5:0d:76:60:a6:26:96:e9:56:da:e1:
df:cf:b2:b7:9a:77:71:1a:55:34:ef:c2:ee:c0:ea:
86:e5:16:ed:fc:9a:4c:35:3d:ba:8a:8a:32:be:b8:
26:9a:73:76:48:f1:c1:99:3d:22:f5:54:c0:b4:df:
66:c5:2c:9f:e0:11:4c:3a:13:a2:aa:2f:f7:56:f8:
c6:eb:ad:06:11:f0:3e:14:31:25:41:76:08:ec:65:
e3:6f:32:94:68:28:0f:d8:90:fd:fd:41:08:37:95:
e4:df:0b:1f:f1:87:cd:af:7f:26:d9:20:36:a3:78:
7a:cd:b8:a4:a7:e0:d9:4b:da:00:11:a7:d0:b1:8e:
2c:d2:1c:02:fd:19:8d:f3:e4:aa:21:92:45:fc:81:
cc:36:5a:aa:65:b4:b6:ca:1a:40:a6:5d:fa:9c:22:
24:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7fc0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213216
Signature Algorithm: sha256WithRSAEncryption
3f:21:90:77:2a:0c:61:77:f2:23:30:1a:9d:06:73:19:ed:1f:
ad:41:8d:ff:cd:10:be:b7:4d:4c:2c:f4:bf:39:1d:bd:5e:ef:
b3:46:81:90:bf:b3:1b:6d:50:15:94:3e:46:3b:47:16:57:51:
2c:5e:c2:60:a1:40:6a:a8:60:d6:be:d8:07:f0:34:83:68:e5:
45:54:0b:5d:0d:e6:94:92:7c:88:3c:47:a8:3a:24:c7:86:e2:
3c:16:d2:6b:89:0f:5d:d7:30:d0:d1:b9:c3:36:ab:cc:17:75:
a8:92:74:02:5c:3d:6b:93:98:92:fd:11:cd:6c:59:d6:99:dc:
ec:30:08:ee:f7:0a:e3:a0:a4:f6:8e:6f:36:77:15:ea:9e:cc:
87:7c:d2:50:9f:d8:d6:03:a3:96:ef:51:ba:b5:b7:86:0f:82:
04:1e:d1:e9:5e:cd:5b:65:81:5d:1f:3d:0f:5f:e4:bc:e3:d7:
8a:cc:81:eb:f1:9c:79:e8:2a:a0:10:d2:7f:01:a7:8e:7b:fb:
06:33:91:b2:2c:6d:b6:5e:08:13:28:88:d1:d3:ce:a7:e7:7c:
75:e1:4d:a0:66:cc:b0:60:59:5d:05:7a:0d:bd:1d:d7:d0:ea:
50:11:8b:8a:47:5e:08:eb:fb:c1:8d:61:4b:02:b0:18:2d:c2:
bd:63:b7:d9
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYzDtnZIHm0wSGTurBqA4zDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA0YmNjZWI5YzM2M2YxM2UzYWRhYTRjMGZhNTI3ODBmMDY0Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zbq1l5MIj3aClaMcRkEaNeHDffk
Kl2g6pKVp86djv2sJgkYiH2ZfIFD3+4lSAS83dEVDAlcUvmdRTuo8ybkmVo8U4EV
Bdcrvex/mOTL2zgnPoT2yugLwWSKMPEDpQ12YKYmlulW2uHfz7K3mndxGlU078Lu
wOqG5Rbt/JpMNT26iooyvrgmmnN2SPHBmT0i9VTAtN9mxSyf4BFMOhOiqi/3VvjG
660GEfA+FDElQXYI7GXjbzKUaCgP2JD9/UEIN5Xk3wsf8YfNr38m2SA2o3h6zbik
p+DZS9oAEafQsY4s0hwC/RmN8+SqIZJF/IHMNlqqZbS2yhpApl36nCIkQwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFLUEvM65w2PxPjrapMD6UngPBkaEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzFkM2Nk
Yy1kMDRiLTRhZGItYjA2OS0yYTM1MWFiM2I4ZjYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEvMWQzY2Rj
LWQwNGItNGFkYi1iMDY5LTJhMzUxYWIzYjhmNi8xL3RRUzh6cm5EWV9FLU90cWt3
UHBTZUE4R1JvUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUAKhN/wDAaBggrBgEFBQcBCAEB/wQLMAmgBzAF
AgMDQOAwDQYJKoZIhvcNAQELBQADggEBAD8hkHcqDGF38iMwGp0GcxntH61Bjf/N
EL63TUws9L85Hb1e77NGgZC/sxttUBWUPkY7RxZXUSxewmChQGqoYNa+2AfwNINo
5UVUC10N5pSSfIg8R6g6JMeG4jwW0muJD13XMNDRucM2q8wXdaiSdAJcPWuTmJL9
Ec1sWdaZ3OwwCO73CuOgpPaObzZ3FeqezId80lCf2NYDo5bvUbq1t4YPggQe0ele
zVtlgV0fPQ9f5Lzj14rMgevxnHnoKqAQ0n8Bp457+wYzkbIsbbZeCBMoiNHTzqfn
fHXhTaBmzLBgWV0Feg29HdfQ6lARi4pHXgjr+8GNYUsCsBgtwr1jt9k=
-----END CERTIFICATE-----
Generated at Fri May 3 12:05:37 2024 by rpki-client on console-ams.rpki-client.org