Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-cEFknmJ7EHAiQOtjNVqidrovl0.cer
File: 1-cEFknmJ7EHAiQOtjNVqidrovl0.cer (raw, json)
Hash identifier: QM6xdndyFLqZyS/rcDbuP1JrQIZwOgikSh5/Oj9pE9k=
Subject key identifier: F9:C1:05:92:79:89:EC:41:C0:89:03:AD:8C:D5:6A:89:DA:E8:BE:5D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1C937FB2BA5D00EE2D98A6704C904
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/69/5f62ef-32ef-44f7-b412-1b186b6fcf41/1/1-cEFknmJ7EHAiQOtjNVqidrovl0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/69/5f62ef-32ef-44f7-b412-1b186b6fcf41/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:07 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 93.174.16.0/21
IP: 185.131.4.0/22
IP: 2a04:a2c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c9:37:fb:2b:a5:d0:0e:e2:d9:8a:67:04:c9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9c105927989ec41c08903ad8cd56a89dae8be5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:96:bd:a7:81:04:e8:54:85:86:1d:a5:d0:ad:
f4:15:f0:3e:3f:67:0c:ae:aa:39:38:38:79:da:05:
cd:e0:da:83:df:d8:6c:d2:49:00:69:7a:82:85:32:
78:d7:74:4d:1a:f1:8c:46:d0:ed:ee:a0:e4:84:cd:
25:ca:1a:7a:c4:ce:d8:de:f5:d5:05:f7:0d:ac:01:
60:cf:b4:1c:3b:13:a8:6b:63:c5:b8:8b:e8:df:7b:
8f:91:7d:ea:bf:09:16:29:a8:c8:9f:97:1d:9a:03:
74:a9:56:bf:4c:b0:a7:ed:aa:8d:30:eb:ff:ae:50:
6e:d1:e8:7f:21:d7:f1:48:4b:8c:17:79:24:4e:a1:
8d:5f:ce:55:ef:84:ed:92:b9:60:fa:ff:5f:64:d9:
f9:ef:2c:ec:92:61:64:26:5c:58:58:00:bb:94:78:
ef:2c:cf:8a:12:2f:12:c0:1e:f4:85:f0:fb:10:d7:
80:c1:f8:eb:f4:0b:23:2e:e2:58:88:82:1b:4d:10:
f5:be:bc:79:3e:00:21:e8:d1:31:dd:c7:5c:e9:c7:
67:0c:5b:92:29:fd:2d:01:64:31:7d:3a:7b:c5:e3:
19:6a:bd:e2:32:c5:a7:90:61:ca:e1:bd:43:f4:dc:
3f:f0:10:f4:35:7e:34:ab:53:03:23:a3:06:a0:d5:
44:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C1:05:92:79:89:EC:41:C0:89:03:AD:8C:D5:6A:89:DA:E8:BE:5D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f62ef-32ef-44f7-b412-1b186b6fcf41/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f62ef-32ef-44f7-b412-1b186b6fcf41/1/1-cEFknmJ7EHAiQOtjNVqidrovl0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.174.16.0/21
185.131.4.0/22
IPv6:
2a04:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
25:1f:6a:b9:e9:f6:e7:b6:a0:49:af:c9:6d:fe:74:66:14:63:
b9:94:a1:20:74:d6:ef:55:a6:14:18:3e:a3:aa:7b:51:6a:bf:
53:df:ae:19:72:6a:e3:a6:3e:9a:ee:a4:0a:7a:b2:47:79:69:
96:dc:72:a2:9d:ee:d2:63:44:3a:e4:73:32:6a:f0:3b:6d:16:
62:41:f2:77:0b:7f:2c:ef:16:37:34:c2:6f:22:03:00:b4:08:
b1:ca:ba:39:77:ba:bc:ac:52:01:47:64:14:5b:92:0b:3f:17:
6e:3a:23:89:7e:ec:04:80:9e:e1:ba:d9:2d:2d:ec:73:88:ce:
18:36:89:ca:ae:4a:82:4e:b4:fc:05:b3:c7:10:9f:f1:1e:0f:
4c:89:ec:fa:b1:b6:eb:ce:5f:c0:3d:3c:4b:19:b0:2d:d7:0a:
1a:ce:23:b4:ce:49:8f:8a:51:1a:d7:26:d5:69:1c:68:8d:54:
79:78:44:ac:ec:28:66:cd:c1:bd:1e:e5:ab:2b:cd:b7:6a:7b:
d6:e6:4c:63:82:d2:6b:d0:6e:67:36:93:58:89:ee:49:fd:d8:
d4:df:d5:0b:ab:41:f6:f2:55:8b:73:91:50:28:09:34:83:76:
75:f8:46:0a:28:02:f6:34:4f:6a:1e:20:36:78:a0:58:29:45:
da:8a:97:ad
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZQhsck3+yul0A7i2YpnBMkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWMxMDU5Mjc5ODllYzQxYzA4OTAzYWQ4Y2Q1NmE4OWRhZThiZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpa9p4EE6FSFhh2l0K30FfA+P2cM
rqo5ODh52gXN4NqD39hs0kkAaXqChTJ413RNGvGMRtDt7qDkhM0lyhp6xM7Y3vXV
BfcNrAFgz7QcOxOoa2PFuIvo33uPkX3qvwkWKajIn5cdmgN0qVa/TLCn7aqNMOv/
rlBu0eh/IdfxSEuMF3kkTqGNX85V74Ttkrlg+v9fZNn57yzskmFkJlxYWAC7lHjv
LM+KEi8SwB70hfD7ENeAwfjr9AsjLuJYiIIbTRD1vrx5PgAh6NEx3cdc6cdnDFuS
Kf0tAWQxfTp7xeMZar3iMsWnkGHK4b1D9Nw/8BD0NX40q1MDI6MGoNVEPQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFPnBBZJ5iexBwIkDrYzVaona6L5dMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY5LzVmNjJl
Zi0zMmVmLTQ0ZjctYjQxMi0xYjE4NmI2ZmNmNDEvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvNWY2MmVm
LTMyZWYtNDRmNy1iNDEyLTFiMTg2YjZmY2Y0MS8xLzEtY0VGa25tSjdFSEFpUU90
ak5WcWlkcm92bDAubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEF
BQcBBwEB/wQlMCMwEgQCAAEwDAMEA12uEAMEArmDBDANBAIAAjAHAwUDKgSiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJR9quen257agSa/Jbf50ZhRjuZShIHTW71WmFBg+
o6p7UWq/U9+uGXJq46Y+mu6kCnqyR3lpltxyop3u0mNEOuRzMmrwO20WYkHydwt/
LO8WNzTCbyIDALQIscq6OXe6vKxSAUdkFFuSCz8XbjojiX7sBICe4brZLS3sc4jO
GDaJyq5Kgk60/AWzxxCf8R4PTIns+rG2685fwD08SxmwLdcKGs4jtM5Jj4pRGtcm
1WkcaI1UeXhErOwoZs3BvR7lqyvNt2p71uZMY4LSa9BuZzaTWInuSf3Y1N/VC6tB
9vJVi3ORUCgJNIN2dfhGCigC9jRPah4gNnigWClF2oqXrQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:31:53 2025 by rpki-client