Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
File: we5gO3itcrp4VWgsorgGrA5-mP0.cer (raw, json)
Hash identifier: S98M/67BC0b2qCcBjDFlkNPMxqIwErejoofSl2601CU=
Subject key identifier: C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC2DAEC58502C061A581CCEA4D3527C7E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 02:29:36 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: IP: 37.60.192.0/21
IP: 85.90.64.0/19
IP: 185.33.68.0/22
IP: 2001:4d60::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:58:50:2c:06:1a:58:1c:ce:a4:d3:52:7c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c8:22:b6:5a:6d:1b:43:4c:0e:dc:96:64:f3:
01:99:89:b6:ca:df:a6:50:aa:6a:c0:31:bb:80:5f:
4c:7d:13:98:ec:7d:02:c4:a5:16:90:2f:d4:f2:c4:
6d:59:7b:c9:5f:3d:2a:79:c4:74:3a:cc:a7:0e:9f:
16:f3:ff:73:78:7c:81:8f:7a:e8:95:c6:a3:4f:4b:
8f:a4:f2:70:df:82:e8:12:1f:b7:a0:11:cc:2f:76:
0e:9b:fb:ed:95:62:66:e2:20:aa:86:54:7e:97:74:
b4:cc:83:d0:a7:fb:2f:5b:cb:b9:37:5c:f0:23:1b:
8c:94:6c:91:e0:9e:f3:b3:35:ef:09:56:26:e8:91:
fb:e6:38:47:79:37:58:1f:28:a6:75:23:6e:05:f4:
89:b5:7f:35:59:65:d3:57:61:0f:d5:85:07:ac:ef:
e8:04:61:d8:f4:09:e3:ec:99:34:1b:76:59:34:23:
de:f2:47:04:81:cc:35:04:38:19:1d:7a:43:9b:c8:
8b:93:ff:14:c5:7b:7c:96:cb:d9:40:4e:91:84:2b:
66:14:37:d9:62:c3:be:f8:ed:60:1a:b2:5f:5f:c9:
93:d1:4a:ac:0f:01:60:82:ef:66:e3:94:a2:5a:ed:
13:92:1f:6c:7b:67:a2:48:49:48:5d:db:0b:80:7f:
fa:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.192.0/21
85.90.64.0/19
185.33.68.0/22
IPv6:
2001:4d60::/32
Signature Algorithm: sha256WithRSAEncryption
2c:9d:dc:47:22:b5:08:30:44:34:ca:c8:1e:10:80:cc:43:05:
4a:f7:58:2a:79:41:0d:5b:f7:f3:76:f0:b4:02:7c:61:17:81:
fa:dc:84:86:d5:27:80:6c:fe:91:8e:7e:55:d1:3a:70:b2:e7:
b3:65:03:ef:33:37:f5:bf:9a:03:0f:6f:24:da:55:78:be:ed:
3c:5a:d4:68:f2:ba:52:ba:7a:23:97:5f:d4:4e:84:b0:e1:1e:
6c:aa:e6:87:35:3b:11:00:ec:f4:03:ec:4a:0c:7b:be:d6:6e:
fd:bb:28:65:40:0e:47:eb:25:33:17:b8:60:53:07:4c:16:f6:
54:91:ad:b2:df:3c:a5:84:49:4a:95:59:2b:2c:bf:30:58:c3:
9e:92:6f:82:53:02:9c:c8:5a:77:15:e9:1d:bd:3e:21:8b:8b:
0d:2f:9e:85:a6:34:07:9d:a7:7a:9b:f5:93:94:b6:6c:73:da:
ce:6c:fa:9b:81:ed:71:36:4c:ed:15:09:5a:e2:2e:2a:c0:89:
53:3f:85:57:fd:76:71:49:84:ce:f5:98:ee:70:e8:47:28:cd:
39:cc:16:11:68:7b:ed:c0:a5:00:9b:6e:c1:7f:a4:9f:00:aa:
6e:36:9d:0a:c8:02:1d:da:e0:02:16:7f:6f:66:bb:a0:16:01:
10:61:87:e8
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzC2uxYUCwGGlgczqTTUnx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWVlNjAzYjc4YWQ3MmJhNzg1NTY4MmNhMmI4MDZhYzBlN2U5OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cgitlptG0NMDtyWZPMBmYm2yt+m
UKpqwDG7gF9MfROY7H0CxKUWkC/U8sRtWXvJXz0qecR0OsynDp8W8/9zeHyBj3ro
lcajT0uPpPJw34LoEh+3oBHML3YOm/vtlWJm4iCqhlR+l3S0zIPQp/svW8u5N1zw
IxuMlGyR4J7zszXvCVYm6JH75jhHeTdYHyimdSNuBfSJtX81WWXTV2EP1YUHrO/o
BGHY9Anj7Jk0G3ZZNCPe8kcEgcw1BDgZHXpDm8iLk/8UxXt8lsvZQE6RhCtmFDfZ
YsO++O1gGrJfX8mT0UqsDwFggu9m45SiWu0Tkh9se2eiSElIXdsLgH/68QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFMHuYDt4rXK6eFVoLKK4BqwOfpj9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjLzliNmQ5
Yi04NTQxLTQ0YmMtOTYxYS1jZWU1YmU4N2E0NmIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMvOWI2ZDli
LTg1NDEtNDRiYy05NjFhLWNlZTViZTg3YTQ2Yi8xL3dlNWdPM2l0Y3JwNFZXZ3Nv
cmdHckE1LW1QMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDJTzAAwQFVVpAAwQCuSFEMA0EAgACMAcDBQAg
AU1gMA0GCSqGSIb3DQEBCwUAA4IBAQAsndxHIrUIMEQ0ysgeEIDMQwVK91gqeUEN
W/fzdvC0AnxhF4H63ISG1SeAbP6Rjn5V0TpwsuezZQPvMzf1v5oDD28k2lV4vu08
WtRo8rpSunojl1/UToSw4R5squaHNTsRAOz0A+xKDHu+1m79uyhlQA5H6yUzF7hg
UwdMFvZUka2y3zylhElKlVkrLL8wWMOekm+CUwKcyFp3FekdvT4hi4sNL56FpjQH
nad6m/WTlLZsc9rObPqbge1xNkztFQla4i4qwIlTP4VX/XZxSYTO9ZjucOhHKM05
zBYRaHvtwKUAm27Bf6SfAKpuNp0KyAId2uACFn9vZrugFgEQYYfo
-----END CERTIFICATE-----
Generated at Fri May 3 03:50:24 2024 by rpki-client on console-fra.rpki-client.org