Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/x3_gBdfljsAzypq6h-BgYCFTNhc.cer
File: x3_gBdfljsAzypq6h-BgYCFTNhc.cer (raw, json)
Hash identifier: bXQj4XKuLI4X5T96cp368MOxHfFuo/k0Tr5MpoRinZQ=
Subject key identifier: C7:7F:E0:05:D7:E5:8E:C0:33:CA:9A:BA:87:E0:60:60:21:53:36:17
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC49325D8DF24D4B2ABC4A3AB5CC37739
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/x3_gBdfljsAzypq6h-BgYCFTNhc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 10:30:27 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 49840
IP: 95.142.128.0/20
IP: 185.235.44.0/22
IP: 2a02:26c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:25:d8:df:24:d4:b2:ab:c4:a3:ab:5c:c3:77:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 10:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c77fe005d7e58ec033ca9aba87e0606021533617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f5:73:7f:6c:23:b4:fa:44:d4:63:60:eb:1f:
38:53:0a:c4:36:80:32:ae:03:d6:a6:28:4d:36:17:
52:c5:2e:20:1f:97:17:f7:02:9f:c5:b7:c4:4e:17:
e5:f8:13:ab:cf:56:18:41:79:39:81:b7:fd:1c:6e:
1d:19:e6:a5:0e:06:8d:ff:8f:6f:8c:b4:81:87:dd:
ee:c6:98:40:3b:65:ba:5d:14:dc:dd:08:80:f1:d5:
d9:37:25:83:60:3e:d1:97:30:ae:9d:e4:3c:b4:03:
0b:c3:9e:9c:77:49:8f:95:19:8c:17:47:d4:4d:78:
6a:14:01:03:00:87:c6:82:36:a9:30:dd:6d:7e:0d:
8d:ad:7b:c3:b5:d2:5c:f6:dc:18:30:58:bd:49:04:
b5:66:af:13:62:aa:c7:9c:ba:86:15:32:32:60:26:
66:6f:44:3a:58:bd:0e:42:33:33:3b:74:51:3d:29:
b4:48:9e:88:ec:a5:2d:2b:ea:79:71:24:e3:95:69:
15:4b:b7:e8:16:b2:66:ef:c6:23:91:e5:86:f6:4d:
99:94:b5:bd:75:42:bc:37:8e:6c:dd:a8:81:c9:1d:
9d:15:37:7f:a4:81:e2:00:aa:b2:4d:e5:c9:77:1f:
4f:71:c4:59:6a:c4:da:4a:fd:e6:ba:2e:6c:27:67:
f4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7F:E0:05:D7:E5:8E:C0:33:CA:9A:BA:87:E0:60:60:21:53:36:17
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/e32df8-3a1e-42fc-b351-0ed24ebc4ed8/1/x3_gBdfljsAzypq6h-BgYCFTNhc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.128.0/20
185.235.44.0/22
IPv6:
2a02:26c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49840
Signature Algorithm: sha256WithRSAEncryption
2f:cd:7d:6f:90:b2:6d:e3:e7:bc:36:17:4a:d7:3c:ca:c6:ce:
9f:84:93:5a:aa:af:46:9b:47:20:21:ae:03:e3:7a:dd:cb:cd:
aa:a6:a5:92:0f:ca:e4:e2:86:fd:b7:65:da:20:12:2d:07:09:
19:8a:a7:8e:1e:e1:9b:2f:3d:9e:21:d9:1e:b3:df:e4:29:f1:
e0:f6:ed:d2:07:01:70:ca:fc:f4:e5:9d:e1:6a:9f:e3:33:37:
cc:38:22:3d:91:bf:39:b4:a0:26:c7:08:ce:5f:f7:46:a1:3e:
14:b7:af:d1:37:e1:c2:f4:d2:64:e6:70:5f:02:c5:f3:c3:3a:
8a:d9:d6:0f:c8:3d:fb:dc:96:bf:67:3e:91:79:59:ba:30:46:
89:aa:00:51:2b:7d:c0:32:78:70:f5:c1:af:b3:11:7e:4a:64:
09:2a:fb:50:c9:d1:90:48:e2:fb:a1:c6:1f:c5:0b:e3:c9:0e:
22:97:50:8b:63:c3:84:c0:7e:9a:81:2e:45:4b:70:7a:46:44:
20:fe:30:53:00:93:c6:83:7b:25:59:b4:32:7d:b5:a6:49:ae:
82:4a:82:bf:44:8c:75:a6:4d:a8:e9:d0:04:20:3c:ab:74:85:
85:65:00:72:1f:3b:91:ff:58:53:8e:ae:be:5d:ba:b9:5d:dc:
ef:12:c8:7a
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzEkyXY3yTUsqvEo6tcw3c5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMTAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdmZTAwNWQ3ZTU4ZWMwMzNjYTlhYmE4N2UwNjA2MDIxNTMzNjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fVzf2wjtPpE1GNg6x84UwrENoAy
rgPWpihNNhdSxS4gH5cX9wKfxbfEThfl+BOrz1YYQXk5gbf9HG4dGealDgaN/49v
jLSBh93uxphAO2W6XRTc3QiA8dXZNyWDYD7RlzCuneQ8tAMLw56cd0mPlRmMF0fU
TXhqFAEDAIfGgjapMN1tfg2NrXvDtdJc9twYMFi9SQS1Zq8TYqrHnLqGFTIyYCZm
b0Q6WL0OQjMzO3RRPSm0SJ6I7KUtK+p5cSTjlWkVS7foFrJm78YjkeWG9k2ZlLW9
dUK8N45s3aiByR2dFTd/pIHiAKqyTeXJdx9PccRZasTaSv3mui5sJ2f0gwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMd/4AXX5Y7AM8qauofgYGAhUzYXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjL2UzMmRm
OC0zYTFlLTQyZmMtYjM1MS0wZWQyNGViYzRlZDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMvZTMyZGY4
LTNhMWUtNDJmYy1iMzUxLTBlZDI0ZWJjNGVkOC8xL3gzX2dCZGZsanNBenlwcTZo
LUJnWUNGVE5oYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEX46AAwQCuessMA0EAgACMAcDBQAqAibAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDCsDANBgkqhkiG9w0BAQsFAAOCAQEAL819
b5CybePnvDYXStc8ysbOn4STWqqvRptHICGuA+N63cvNqqalkg/K5OKG/bdl2iAS
LQcJGYqnjh7hmy89niHZHrPf5Cnx4Pbt0gcBcMr89OWd4Wqf4zM3zDgiPZG/ObSg
JscIzl/3RqE+FLev0TfhwvTSZOZwXwLF88M6itnWD8g9+9yWv2c+kXlZujBGiaoA
USt9wDJ4cPXBr7MRfkpkCSr7UMnRkEji+6HGH8UL48kOIpdQi2PDhMB+moEuRUtw
ekZEIP4wUwCTxoN7JVm0Mn21pkmugkqCv0SMdaZNqOnQBCA8q3SFhWUAch87kf9Y
U46uvl26uV3c7xLIeg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:23:35 2024 by rpki-client on console-fra.rpki-client.org