Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/x9uZhsBTq3lIoSw9DITO65Om1j0.cer
File: x9uZhsBTq3lIoSw9DITO65Om1j0.cer (raw, json)
Hash identifier: FHN4oLTGyeCOFcc32XQNNiaDsKLWBnu8COtvecCIQ8I=
Subject key identifier: C7:DB:99:86:C0:53:AB:79:48:A1:2C:3D:0C:84:CE:EB:93:A6:D6:3D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC8016D5A305C676730DE3F29B3BDAA28
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/x9uZhsBTq3lIoSw9DITO65Om1j0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 02 Jan 2024 02:29:45 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 61001
IP: 185.19.40.0/22
IP: 2a04:1000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6d:5a:30:5c:67:67:30:de:3f:29:b3:bd:aa:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7db9986c053ab7948a12c3d0c84ceeb93a6d63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:05:0f:2e:5e:5e:93:7e:20:5a:37:df:e6:38:
32:23:54:59:6a:48:c4:47:d5:3b:70:16:9b:3f:15:
87:17:bb:4b:bf:75:8e:21:40:60:76:f1:57:bb:54:
c0:28:c8:35:4a:18:d7:a6:9b:b3:90:86:3c:2e:80:
da:d6:3c:bc:f7:c3:f3:3a:0c:db:99:51:1c:d9:e3:
e5:40:33:b3:61:3a:cf:de:3c:5b:f0:0c:29:65:36:
e6:11:bb:28:c4:f6:7c:89:a7:da:75:f7:a1:48:b6:
76:ca:fb:cf:52:2b:e3:ef:89:9d:66:b2:28:21:e5:
da:58:f8:3d:07:e8:d6:0e:9b:0e:7d:b1:1c:48:f6:
b4:54:cc:bf:3f:b3:85:90:dc:ad:ab:a7:60:e2:e9:
20:6c:75:b0:cd:74:4c:e8:73:f9:29:14:8f:92:23:
bd:bc:3b:df:01:f6:e0:e1:9c:59:49:c8:64:16:a1:
95:d1:f2:ab:97:eb:e3:38:95:b6:28:88:48:77:31:
41:d6:d5:16:13:25:cb:61:fa:87:28:25:a2:58:26:
43:0d:07:8d:26:68:db:fe:1d:e1:01:65:21:55:5c:
9f:d2:22:cb:e6:8d:0e:22:6b:60:67:ed:b0:97:71:
c3:dd:da:13:10:09:bc:0e:2a:1d:37:3a:26:c6:7c:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DB:99:86:C0:53:AB:79:48:A1:2C:3D:0C:84:CE:EB:93:A6:D6:3D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/67335c-362c-47af-9fb9-12c6b0fd7f73/1/x9uZhsBTq3lIoSw9DITO65Om1j0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.40.0/22
IPv6:
2a04:1000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
61001
Signature Algorithm: sha256WithRSAEncryption
97:5b:26:80:df:ed:21:78:fc:0a:a9:9f:49:dd:cd:5b:31:6c:
a0:b3:19:49:63:80:db:ab:cc:ec:ad:8e:61:ff:5b:36:36:bc:
bf:36:8d:a9:10:e5:3d:f7:98:83:e3:8b:8b:88:f6:d7:4f:08:
17:68:75:d0:af:8e:5e:4b:10:36:78:3f:ce:67:bf:c4:ab:d7:
68:de:63:e3:ee:bd:a4:91:b7:d8:1f:bd:3d:61:15:f1:3e:9a:
8e:b2:4e:5b:45:cf:a5:64:af:d5:40:a1:e0:0a:12:6f:14:fa:
25:99:46:c5:e7:a1:f3:75:7b:99:30:6f:e0:a0:ee:0c:59:60:
a9:2c:6b:3a:49:4a:18:b1:6d:4f:2d:fe:9f:0e:cc:6a:51:74:
e0:44:83:c3:84:d4:74:19:88:ce:ea:1d:b3:f2:89:d5:b9:fd:
1c:31:86:a4:83:cb:44:d2:24:74:5c:cf:a6:3e:c5:19:52:a0:
59:fb:3c:e3:a7:65:4e:ce:ee:9a:7a:b3:4d:c9:df:a1:16:64:
46:96:b2:28:13:07:7f:65:60:10:49:78:56:e6:f3:98:cf:0f:
3e:5f:ae:98:d0:bc:f6:6b:65:bb:67:a2:b6:f0:88:44:0c:3a:
a2:6a:18:ec:85:5d:4c:f3:78:f5:be:29:ed:d6:4b:fd:c4:62:
33:bc:58:f4
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzIAW1aMFxnZzDePymzvaooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RiOTk4NmMwNTNhYjc5NDhhMTJjM2QwYzg0Y2VlYjkzYTZkNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQUPLl5ek34gWjff5jgyI1RZakjE
R9U7cBabPxWHF7tLv3WOIUBgdvFXu1TAKMg1ShjXppuzkIY8LoDa1jy898PzOgzb
mVEc2ePlQDOzYTrP3jxb8AwpZTbmEbsoxPZ8iafadfehSLZ2yvvPUivj74mdZrIo
IeXaWPg9B+jWDpsOfbEcSPa0VMy/P7OFkNytq6dg4ukgbHWwzXRM6HP5KRSPkiO9
vDvfAfbg4ZxZSchkFqGV0fKrl+vjOJW2KIhIdzFB1tUWEyXLYfqHKCWiWCZDDQeN
Jmjb/h3hAWUhVVyf0iLL5o0OImtgZ+2wl3HD3doTEAm8DiodNzomxnwehQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMfbmYbAU6t5SKEsPQyEzuuTptY9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5LzY3MzM1
Yy0zNjJjLTQ3YWYtOWZiOS0xMmM2YjBmZDdmNzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvNjczMzVj
LTM2MmMtNDdhZi05ZmI5LTEyYzZiMGZkN2Y3My8xL3g5dVpoc0JUcTNsSW9TdzlE
SVRPNjVPbTFqMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuRMoMA0EAgACMAcDBQMqBBAAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDuSTANBgkqhkiG9w0BAQsFAAOCAQEAl1smgN/tIXj8
CqmfSd3NWzFsoLMZSWOA26vM7K2OYf9bNja8vzaNqRDlPfeYg+OLi4j2108IF2h1
0K+OXksQNng/zme/xKvXaN5j4+69pJG32B+9PWEV8T6ajrJOW0XPpWSv1UCh4AoS
bxT6JZlGxeeh83V7mTBv4KDuDFlgqSxrOklKGLFtTy3+nw7MalF04ESDw4TUdBmI
zuods/KJ1bn9HDGGpIPLRNIkdFzPpj7FGVKgWfs846dlTs7umnqzTcnfoRZkRpay
KBMHf2VgEEl4VubzmM8PPl+umNC89mtlu2eitvCIRAw6omoY7IVdTPN49b4p7dZL
/cRiM7xY9A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:05:05 2024 by rpki-client on console-ams.rpki-client.org