Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer
File: tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer (raw, json)
Hash identifier: 6v1NR7OSZIX1ZHoJbf+92+lSZj3OwvP68Jwd9xzyMr0=
Subject key identifier: B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC6B8886CC6DDEB8403627B4E65F3D228
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 20:30:31 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 21009
IP: 91.220.158.0/24
IP: 193.8.216.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:88:6c:c6:dd:eb:84:03:62:7b:4e:65:f3:d2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 20:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66c4985cd60643220e064a2e114d78f5b039c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9f:e8:13:74:f5:3d:98:6a:1c:f7:37:5f:55:
ce:2e:ec:e1:38:29:de:90:98:31:1e:e1:d1:b6:8b:
10:bf:39:af:f3:de:8c:26:c8:4b:ab:cc:d2:79:6d:
8a:47:f6:1f:c2:4c:04:6b:de:fb:dc:2c:f1:2f:66:
17:59:eb:e8:ed:82:70:8c:9b:0e:3e:13:b6:0e:5d:
f0:8c:ee:bd:ff:0b:94:d8:5e:93:d7:03:9a:88:e2:
27:e4:16:a4:ef:f4:bc:cc:d2:8a:76:8b:2d:dd:f7:
0d:be:33:ff:be:40:c8:54:3b:87:61:5c:6e:a3:15:
64:ad:a9:6c:60:4a:f9:58:be:92:c8:15:3f:d9:c7:
9c:84:25:b1:87:e8:44:69:58:e5:5a:1f:da:32:26:
95:dc:e0:a0:bf:6f:1e:62:03:3a:67:67:28:00:d6:
d9:be:4b:a1:aa:f5:bf:20:de:bd:10:4f:03:92:84:
6c:f3:fb:c9:52:0f:f0:85:d4:05:32:69:c3:1f:c4:
40:4e:68:bb:62:e2:89:02:78:06:82:54:8f:1f:ae:
19:16:25:3e:19:44:3c:aa:2d:7f:26:31:85:2b:23:
c3:f6:4a:7c:a3:d9:d9:2b:8e:1a:71:5e:cc:74:67:
aa:bd:11:74:47:37:1c:09:b6:15:54:e7:1f:dc:e1:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.158.0/24
193.8.216.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
21009
Signature Algorithm: sha256WithRSAEncryption
a8:74:e0:45:95:61:4d:1e:3a:41:88:2c:e9:b3:ee:63:84:d2:
a9:df:78:ac:45:35:26:17:17:cd:27:11:10:f9:ab:fb:76:f3:
0f:73:f3:65:1f:34:bd:d5:7e:c6:d4:69:f3:ce:95:12:cf:ce:
09:af:27:7a:82:03:f3:43:95:75:e0:ee:2b:65:e9:5c:a5:fd:
bf:d3:53:78:8d:79:df:b5:cf:83:df:99:f0:c5:61:a9:0d:df:
2a:fe:8a:7b:c5:f4:87:7b:39:b8:a7:27:9f:92:47:59:bd:b9:
18:5e:81:86:d5:4b:d6:5a:40:60:17:f3:c3:fa:94:f8:54:13:
75:67:dc:e8:82:71:3e:4c:00:6d:e9:df:f6:2a:cd:a7:35:67:
80:d2:cb:d6:02:bc:85:8a:5c:f0:8d:bc:34:f9:bf:ac:db:c3:
64:45:d7:9c:c6:cd:93:aa:ea:c2:cb:79:0e:1c:73:8c:7a:40:
4f:bd:9a:8c:e5:6a:64:c1:01:25:2a:52:09:f0:af:d3:78:6f:
b2:ca:ef:5d:6f:6c:de:61:e0:e5:7d:31:75:67:f8:af:2d:f7:
17:dd:b6:34:72:3c:ef:67:91:dc:6d:aa:b8:d4:a3:2a:47:5a:
3e:9d:61:38:da:07:9d:27:36:ec:63:5d:50:a5:1b:85:06:32:
d0:b2:61:1a
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYzGuIhsxt3rhANie05l89IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMjAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZjNDk4NWNkNjA2NDMyMjBlMDY0YTJlMTE0ZDc4ZjViMDM5YzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp/oE3T1PZhqHPc3X1XOLuzhOCne
kJgxHuHRtosQvzmv896MJshLq8zSeW2KR/YfwkwEa9773CzxL2YXWevo7YJwjJsO
PhO2Dl3wjO69/wuU2F6T1wOaiOIn5Bak7/S8zNKKdost3fcNvjP/vkDIVDuHYVxu
oxVkralsYEr5WL6SyBU/2cechCWxh+hEaVjlWh/aMiaV3OCgv28eYgM6Z2coANbZ
vkuhqvW/IN69EE8DkoRs8/vJUg/whdQFMmnDH8RATmi7YuKJAngGglSPH64ZFiU+
GUQ8qi1/JjGFKyPD9kp8o9nZK44acV7MdGeqvRF0RzccCbYVVOcf3OE7FQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFLZsSYXNYGQyIOBkouEU149bA5wrMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc5LzFkMGMz
OS0yNTU1LTQ2OGYtYmU2Ni1mZjliYWI5MGFmMTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkvMWQwYzM5
LTI1NTUtNDY4Zi1iZTY2LWZmOWJhYjkwYWYxOC8xL3RteEpoYzFnWkRJZzRHU2k0
UlRYajFzRG5Dcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUF
BwEHAQH/BBYwFDASBAIAATAMAwQAW9yeAwQCwQjYMBkGCCsGAQUFBwEIAQH/BAow
CKAGMAQCAlIRMA0GCSqGSIb3DQEBCwUAA4IBAQCodOBFlWFNHjpBiCzps+5jhNKp
33isRTUmFxfNJxEQ+av7dvMPc/NlHzS91X7G1GnzzpUSz84Jryd6ggPzQ5V14O4r
Zelcpf2/01N4jXnftc+D35nwxWGpDd8q/op7xfSHezm4pyefkkdZvbkYXoGG1UvW
WkBgF/PD+pT4VBN1Z9zognE+TABt6d/2Ks2nNWeA0svWAryFilzwjbw0+b+s28Nk
Rdecxs2TqurCy3kOHHOMekBPvZqM5WpkwQElKlIJ8K/TeG+yyu9db2zeYeDlfTF1
Z/ivLfcX3bY0cjzvZ5Hcbaq41KMqR1o+nWE42gedJzbsY11QpRuFBjLQsmEa
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:06 2024 by rpki-client on console-fra.rpki-client.org