Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
File: 2D73FCmY5OZWYFPixjpwgIxuojc.cer (raw, json)
Hash identifier: IMKX0C+gD+LoDxQctTSbsMdvYFAK0e1KnellGQmrF/w=
Subject key identifier: D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019566E067B4800A72365C96DC1760FAA49E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 05 Mar 2025 15:15:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 48099
IP: 91.213.176.0/24
IP: 2a12:8c40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:e0:67:b4:80:0a:72:36:5c:96:dc:17:60:fa:a4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Mar 5 15:15:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b2:6e:66:19:3f:d6:17:c8:dc:e6:45:14:17:
e0:a5:41:88:f5:59:32:f0:60:71:26:9f:30:7c:14:
0a:c0:c2:55:e2:ca:48:9e:f6:5b:0f:4d:0b:c2:e7:
f6:3c:cb:cc:8c:7d:83:8b:d9:b8:a3:94:8e:e7:d0:
8e:d5:27:09:76:2e:bc:ce:af:41:41:af:00:40:72:
ed:ed:4d:76:21:0e:9c:20:3d:b4:29:ba:d4:86:79:
7e:fe:aa:83:1e:c3:6f:81:3b:72:22:5a:8a:02:f7:
30:53:a7:48:c4:ec:65:04:db:a1:b4:51:ae:5b:62:
14:f7:b3:26:1c:e1:0a:52:0e:73:ce:de:8a:f1:46:
35:16:36:47:b8:24:b7:61:d2:64:cb:0c:bc:0a:86:
e6:ac:7a:0e:78:ad:16:9b:01:12:5e:c5:9f:30:32:
52:66:57:23:d2:42:ef:96:c4:2a:51:f9:f6:f6:30:
6e:3d:1d:b4:be:62:69:c0:5d:66:36:fc:c3:2f:c6:
b9:5a:ad:4d:d6:28:66:7d:8a:f1:6e:83:e2:d6:0b:
da:d9:c4:91:71:6c:ff:45:8f:cf:1f:be:72:a6:e4:
9a:0f:df:05:f9:eb:69:cf:dd:e3:1f:dc:07:a0:3b:
2d:fa:d5:3e:d1:f8:73:fd:99:5c:fe:71:76:9a:16:
db:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.176.0/24
IPv6:
2a12:8c40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
48099
Signature Algorithm: sha256WithRSAEncryption
16:09:fc:46:8e:09:42:99:04:81:9c:49:97:48:dc:df:e9:bd:
8f:c7:43:09:0e:89:05:e7:7c:c1:f4:c7:3d:19:46:9d:95:e3:
cd:0f:12:6b:89:e7:83:77:5c:2b:97:f9:59:69:9c:7b:04:b2:
42:8c:86:76:08:8b:78:d2:05:dd:e2:c6:5a:ed:5b:76:1a:ef:
39:f9:75:e8:be:f9:83:7b:64:bd:f4:cd:ae:cd:8b:c7:d6:2c:
66:7b:62:2a:aa:39:cc:3c:f1:0a:b9:bd:b1:21:0a:1b:c2:d3:
a0:b8:2c:0f:4d:43:2c:04:c1:2a:74:21:a9:1f:f4:03:a0:54:
df:e5:7b:de:b1:72:6e:14:ca:8e:95:7b:1e:91:b8:49:d7:39:
f9:85:8c:a2:14:62:92:7b:37:4e:2b:07:39:f8:c4:e9:c9:0a:
d8:b1:e4:30:00:2e:b6:11:3e:b2:49:94:bb:2a:2b:3d:4a:d6:
a7:a6:aa:19:72:ea:f7:db:f1:b6:9e:93:84:e4:ba:55:ad:96:
07:5a:90:24:25:ac:f8:2d:bc:7f:28:c7:a3:b8:81:82:df:6d:
0a:a9:25:06:5d:1b:df:e4:ea:2e:2b:ab:a0:2f:d6:dc:a7:26:
ae:ca:89:14:59:0c:0f:6f:c1:48:05:28:fa:b4:13:ae:ee:6e:
53:9d:1a:0e
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZVm4Ge0gApyNlyW3Bdg+qSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMzA1MTUxNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNlZjcxNDI5OThlNGU2NTY2MDUzZTJjNjNhNzA4MDhjNmVhMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLJuZhk/1hfI3OZFFBfgpUGI9Vky
8GBxJp8wfBQKwMJV4spInvZbD00Lwuf2PMvMjH2Di9m4o5SO59CO1ScJdi68zq9B
Qa8AQHLt7U12IQ6cID20KbrUhnl+/qqDHsNvgTtyIlqKAvcwU6dIxOxlBNuhtFGu
W2IU97MmHOEKUg5zzt6K8UY1FjZHuCS3YdJkywy8CobmrHoOeK0WmwESXsWfMDJS
Zlcj0kLvlsQqUfn29jBuPR20vmJpwF1mNvzDL8a5Wq1N1ihmfYrxboPi1gva2cSR
cWz/RY/PH75ypuSaD98F+etpz93jH9wHoDst+tU+0fhz/Zlc/nF2mhbbywIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNg+9xQpmOTmVmBT4sY6cICMbqI3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljLzdmY2Iz
NS00NDA4LTQyMTgtOTg2Mi03Zjc1YTFiMTBlYzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvN2ZjYjM1
LTQ0MDgtNDIxOC05ODYyLTdmNzVhMWIxMGVjMy8xLzJENzNGQ21ZNU9aV1lGUGl4
anB3Z0l4dW9qYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAW9WwMA0EAgACMAcDBQMqEoxAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwC74zANBgkqhkiG9w0BAQsFAAOCAQEAFgn8Ro4JQpkE
gZxJl0jc3+m9j8dDCQ6JBed8wfTHPRlGnZXjzQ8Sa4nng3dcK5f5WWmcewSyQoyG
dgiLeNIF3eLGWu1bdhrvOfl16L75g3tkvfTNrs2Lx9YsZntiKqo5zDzxCrm9sSEK
G8LToLgsD01DLATBKnQhqR/0A6BU3+V73rFybhTKjpV7HpG4Sdc5+YWMohRikns3
TisHOfjE6ckK2LHkMAAuthE+skmUuyorPUrWp6aqGXLq99vxtp6ThOS6Va2WB1qQ
JCWs+C28fyjHo7iBgt9tCqklBl0b3+TqLiuroC/W3KcmrsqJFFkMD2/BSAUo+rQT
ru5uU50aDg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:05 2025 by rpki-client