Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
File: ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer (raw, json)
Hash identifier: EN3fGi5+Be6J2YKSz0uN6+WbMoxf4KeAjZoEEx2Hq1k=
Subject key identifier: B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC9B88D2B098100F8FBAE99BE8591CF56
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 10:29:24 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 203949
IP: 94.126.80.0/21
IP: 193.111.148.0/22
IP: 2a0c:5ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:b8:8d:2b:09:81:00:f8:fb:ae:99:be:85:91:cf:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9af19f4a60daf15efb7ec41fc59f5da655972e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:b9:ce:0c:a9:e4:f2:44:5a:81:39:f1:43:a5:
dd:35:17:36:71:f9:67:ae:7e:56:36:c6:a3:f7:9b:
05:52:68:e1:d2:a1:3f:16:14:a4:12:33:c6:cf:44:
d4:6d:29:cf:ee:2d:54:e9:cd:1e:ab:e6:49:89:16:
f8:28:34:28:ea:00:17:28:61:81:52:2f:de:bc:84:
56:15:5c:8d:88:b6:76:be:9e:f6:d5:4a:88:d6:5a:
85:e8:01:a3:98:a9:86:17:8e:90:6b:44:3d:b9:9f:
5f:07:19:2a:6f:a3:5d:57:91:ab:04:85:ff:94:45:
67:79:7a:fc:76:a3:b6:67:cf:73:b6:28:bf:e3:46:
2c:0d:70:44:b4:99:f8:30:5a:e7:dc:77:d9:6d:3b:
3e:50:95:07:6e:9f:ce:03:98:df:f5:56:c7:96:f1:
eb:e9:a0:b6:0a:22:25:4b:82:ff:29:e1:3f:94:dc:
3e:96:61:cb:4f:88:ce:8f:e4:9e:c0:5a:82:4b:2d:
d3:96:16:67:3d:a8:43:9c:3f:45:af:fc:53:37:1b:
ab:fa:2d:51:d0:33:e0:df:23:d2:1b:74:fc:76:dc:
f9:87:1c:76:c8:e8:22:e7:5a:9f:4f:e3:36:b1:f8:
a0:cd:dd:9b:0c:6c:5d:e6:e1:ee:d2:bd:eb:ee:bf:
a0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.80.0/21
193.111.148.0/22
IPv6:
2a0c:5ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203949
Signature Algorithm: sha256WithRSAEncryption
9e:14:a9:b1:8c:94:f2:15:6d:93:6a:98:dc:9b:4e:3a:4b:ea:
94:0f:c3:cb:f2:25:eb:05:01:22:00:8d:ec:88:b5:c6:96:25:
23:0d:ca:cb:af:62:5d:de:9d:9b:c5:dd:10:3a:9e:e0:aa:da:
0a:40:49:91:38:20:62:f3:e0:d3:0a:aa:31:26:f4:78:1e:52:
d4:e2:e7:ae:d9:28:e4:f6:a9:a1:32:f1:e1:8f:07:b4:76:5c:
bd:35:d2:ac:c9:56:53:78:fa:47:73:e4:82:05:e2:f6:2e:5f:
d9:55:a9:72:4d:80:22:0b:ab:84:84:7e:ee:7b:d8:fa:42:4f:
ab:c5:24:3c:7e:9f:2d:4d:1f:d3:8d:7e:a5:4a:e3:02:31:26:
8d:45:18:b3:3c:2e:a1:2d:56:c9:49:b7:c0:a4:ac:36:0a:74:
b0:16:d7:a3:c4:6f:cf:38:04:e3:6e:e0:b0:50:d7:a0:78:c9:
ee:58:6b:35:26:ca:12:f7:ea:19:f0:50:0f:a7:b7:68:72:33:
a2:f7:c9:69:9c:55:6a:ec:ee:b3:a0:bc:5b:f5:ab:82:4e:62:
20:f2:be:71:e9:e2:10:24:9f:50:4a:fb:25:bf:cc:8b:d5:bc:
c9:56:f7:49:29:22:9d:9d:36:af:a2:fd:bb:8b:1d:1b:6f:70:
75:d9:90:a1
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzJuI0rCYEA+Puumb6Fkc9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFmMTlmNGE2MGRhZjE1ZWZiN2VjNDFmYzU5ZjVkYTY1NTk3MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9rnODKnk8kRagTnxQ6XdNRc2cfln
rn5WNsaj95sFUmjh0qE/FhSkEjPGz0TUbSnP7i1U6c0eq+ZJiRb4KDQo6gAXKGGB
Ui/evIRWFVyNiLZ2vp721UqI1lqF6AGjmKmGF46Qa0Q9uZ9fBxkqb6NdV5GrBIX/
lEVneXr8dqO2Z89ztii/40YsDXBEtJn4MFrn3HfZbTs+UJUHbp/OA5jf9VbHlvHr
6aC2CiIlS4L/KeE/lNw+lmHLT4jOj+SewFqCSy3TlhZnPahDnD9Fr/xTNxur+i1R
0DPg3yPSG3T8dtz5hxx2yOgi51qfT+M2sfigzd2bDGxd5uHu0r3r7r+gSwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFLmvGfSmDa8V77fsQfxZ9dplWXLmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZjLzE0ZjQ2
Yy0wYTM2LTRjYzMtYjA5MS03NDI1YjEzZDVjZjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMvMTRmNDZj
LTBhMzYtNGNjMy1iMDkxLTc0MjViMTNkNWNmOC8xL3VhOFo5S1lOcnhYdnQteEJf
Rm4xMm1WWmN1WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDXn5QAwQCwW+UMA0EAgACMAcDBQMqDFrAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMcrTANBgkqhkiG9w0BAQsFAAOCAQEAnhSp
sYyU8hVtk2qY3JtOOkvqlA/Dy/Il6wUBIgCN7Ii1xpYlIw3Ky69iXd6dm8XdEDqe
4KraCkBJkTggYvPg0wqqMSb0eB5S1OLnrtko5PapoTLx4Y8HtHZcvTXSrMlWU3j6
R3PkggXi9i5f2VWpck2AIgurhIR+7nvY+kJPq8UkPH6fLU0f041+pUrjAjEmjUUY
szwuoS1WyUm3wKSsNgp0sBbXo8RvzzgE427gsFDXoHjJ7lhrNSbKEvfqGfBQD6e3
aHIzovfJaZxVauzus6C8W/Wrgk5iIPK+ceniECSfUEr7Jb/Mi9W8yVb3SSkinZ02
r6L9u4sdG29wddmQoQ==
-----END CERTIFICATE-----
Generated at Fri May 3 07:33:24 2024 by rpki-client on console-ams.rpki-client.org