Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer
File: 1K_j8MnlVeUtNQXWFjJ43z2hjO4.cer (raw, json)
Hash identifier: tCaMVvnOL9sDZypLYxysiQMOG0OSafqY6Y1CbVUXpAQ=
Subject key identifier: D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0197CF1DE0701A8834484037C16DEC665A82
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/1K_j8MnlVeUtNQXWFjJ43z2hjO4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 03 Jul 2025 07:08:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 46.17.8.0/21
IP: 194.53.139.0/24
IP: 2a02:2870::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:1d:e0:70:1a:88:34:48:40:37:c1:6d:ec:66:5a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jul 3 07:08:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4afe3f0c9e555e52d3505d6163278df3da18cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:39:66:1b:51:a4:6c:fc:d8:63:fb:b6:85:dc:
14:fe:8b:8d:75:45:49:f1:f5:8e:fd:4b:05:f3:23:
b9:2b:03:d2:35:e4:25:61:e7:d7:19:e8:f7:56:c1:
0e:a2:05:32:56:bb:1b:5a:f0:7d:ae:2f:d9:5e:d7:
9a:c9:a7:f3:ad:eb:15:d3:25:73:1d:13:d7:b6:d8:
dc:d9:fa:fe:1b:ce:45:2c:80:d3:c6:d4:2a:fe:93:
20:f7:0e:08:5d:7b:94:ea:de:38:ba:cb:20:f3:b1:
c4:b4:d5:0f:ed:b0:c1:04:63:ed:4c:4e:d8:b9:0d:
ba:9b:66:93:84:5f:c0:25:ab:83:f6:5e:37:3c:87:
14:88:7a:59:ac:37:61:41:b4:41:70:b0:98:36:3f:
28:9f:9c:18:17:de:1b:c0:77:bf:c7:83:3b:6b:3a:
e8:6c:af:4e:19:d1:71:50:96:70:96:5e:67:88:c7:
f8:74:78:1e:ff:5f:a5:7a:20:27:e9:e0:3e:6d:54:
e4:9d:62:14:93:c7:53:59:f7:08:5d:2d:25:8b:94:
89:77:22:7f:7e:cc:06:b9:be:8a:f6:a8:83:42:f5:
b5:7e:9b:0a:55:43:5c:c1:28:82:de:28:76:11:13:
76:90:7a:2f:75:e5:86:c3:89:aa:ee:49:e0:df:08:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AF:E3:F0:C9:E5:55:E5:2D:35:05:D6:16:32:78:DF:3D:A1:8C:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1c67ef-e83d-4427-864b-c59825bbcb32/1/1K_j8MnlVeUtNQXWFjJ43z2hjO4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.8.0/21
194.53.139.0/24
IPv6:
2a02:2870::/29
Signature Algorithm: sha256WithRSAEncryption
3e:39:95:d6:c2:64:d9:ce:f3:80:37:b4:3b:68:4e:30:d5:0d:
f1:48:00:8c:cc:b0:be:6f:b3:22:3c:85:47:dd:ca:1d:4b:92:
69:01:ac:13:7a:93:56:9f:81:a9:e0:88:3d:bc:17:4d:f0:bf:
43:f7:64:b8:02:76:c6:ff:cf:4f:b3:eb:d8:b6:36:e7:8f:ce:
c6:44:e5:35:bf:51:91:b7:3d:2b:36:72:1a:96:fa:d9:d5:70:
cc:5b:89:c6:af:c3:84:1b:41:e8:2a:dc:2f:37:03:55:ec:07:
41:a6:74:0b:cb:89:ba:af:1c:99:75:4d:57:f0:61:de:3d:cd:
ce:83:1e:e4:d1:fd:05:fb:4a:92:ab:ac:9d:b8:07:32:4c:a7:
58:6d:6a:30:80:3a:15:4d:49:0f:57:ce:cc:62:80:31:44:d3:
48:1c:7a:87:1e:e9:f1:85:7d:24:50:ad:6f:68:c3:fb:44:8d:
67:6a:66:19:a1:1f:87:d4:79:ef:4e:c4:34:8f:6a:99:91:44:
05:d8:43:34:13:a9:69:b5:16:34:f7:ee:c4:b2:0a:ef:4a:b1:
2d:f5:d7:51:75:ad:1e:8e:76:8f:6c:45:16:06:d3:9f:92:35:
b5:8a:e8:c1:83:0f:9b:a3:15:dc:12:6d:72:ef:ef:db:2b:73:
b6:69:e4:ab
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZfPHeBwGog0SEA3wW3sZlqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNzAzMDcwODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFmZTNmMGM5ZTU1NWU1MmQzNTA1ZDYxNjMyNzhkZjNkYTE4Y2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDlmG1GkbPzYY/u2hdwU/ouNdUVJ
8fWO/UsF8yO5KwPSNeQlYefXGej3VsEOogUyVrsbWvB9ri/ZXteayafzresV0yVz
HRPXttjc2fr+G85FLIDTxtQq/pMg9w4IXXuU6t44ussg87HEtNUP7bDBBGPtTE7Y
uQ26m2aThF/AJauD9l43PIcUiHpZrDdhQbRBcLCYNj8on5wYF94bwHe/x4M7azro
bK9OGdFxUJZwll5niMf4dHge/1+leiAn6eA+bVTknWIUk8dTWfcIXS0li5SJdyJ/
fswGub6K9qiDQvW1fpsKVUNcwSiC3ih2ERN2kHovdeWGw4mq7kng3wjVIwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFNSv4/DJ5VXlLTUF1hYyeN89oYzuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNkLzFjNjdl
Zi1lODNkLTQ0MjctODY0Yi1jNTk4MjViYmNiMzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2QvMWM2N2Vm
LWU4M2QtNDQyNy04NjRiLWM1OTgyNWJiY2IzMi8xLzFLX2o4TW5sVmVVdE5RWFdG
ako0M3oyaGpPNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDLhEIAwQAwjWLMA0EAgACMAcDBQMqAihwMA0G
CSqGSIb3DQEBCwUAA4IBAQA+OZXWwmTZzvOAN7Q7aE4w1Q3xSACMzLC+b7MiPIVH
3codS5JpAawTepNWn4Gp4Ig9vBdN8L9D92S4AnbG/89Ps+vYtjbnj87GROU1v1GR
tz0rNnIalvrZ1XDMW4nGr8OEG0HoKtwvNwNV7AdBpnQLy4m6rxyZdU1X8GHePc3O
gx7k0f0F+0qSq6yduAcyTKdYbWowgDoVTUkPV87MYoAxRNNIHHqHHunxhX0kUK1v
aMP7RI1namYZoR+H1HnvTsQ0j2qZkUQF2EM0E6lptRY09+7EsgrvSrEt9ddRda0e
jnaPbEUWBtOfkjW1iujBgw+boxXcEm1y7+/bK3O2aeSr
-----END CERTIFICATE-----
Generated at Tue Jul 29 05:30:34 2025 by rpki-client