Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer
File: 3bewAZ4Z8RL00rz9bqEtkIH8WH4.cer (raw, json)
Hash identifier: KXQmSHtahuqy6ruuYz3KvmNXisitxkv2ZfGQJv+Tsr8=
Subject key identifier: DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421446CBC2DDC24095EDB02170D7B19AD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:39 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 208383
IP: 45.141.32.0/22
IP: 2a0e:ca40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6c:bc:2d:dc:24:09:5e:db:02:17:0d:7b:19:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddb7b0019e19f112f4d2bcfd6ea12d9081fc587e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7d:63:27:58:1a:0f:ea:f6:48:0c:c9:10:d5:
2c:e1:aa:56:5d:38:e1:2c:a6:53:c6:6a:d4:0f:f6:
e8:0d:fe:50:8e:bd:42:59:59:37:ce:15:c3:15:58:
0f:25:ae:bd:03:08:01:b4:06:24:3c:d9:1f:f6:4d:
cd:53:e5:b4:05:f0:eb:b7:38:57:55:30:33:1b:3d:
bc:a0:8d:a1:ab:f9:7d:49:83:94:e7:ac:bd:34:b7:
e7:93:20:e2:7b:7c:39:dd:45:9c:ee:29:93:9e:8f:
75:db:04:03:0d:66:56:4b:13:9e:a6:a1:b2:64:77:
fd:0c:15:5a:2f:89:67:9c:13:c1:6a:76:97:dd:99:
32:79:7d:b6:64:d8:c8:30:f4:f7:10:f9:e6:32:55:
34:ea:3d:ff:3d:dd:e8:df:a1:71:f6:4e:75:fe:57:
34:52:f5:d1:f6:0b:9f:54:bf:20:a1:ce:4f:3e:f9:
c8:be:34:94:73:ba:fb:7c:cc:ba:76:e7:35:e8:9e:
b3:98:53:7a:40:a4:53:8f:e6:b2:e1:02:b0:ed:09:
6e:eb:cb:5f:7e:de:25:e5:43:e3:48:92:c8:72:67:
38:d4:43:62:64:f3:ed:aa:b7:86:c9:fd:6a:aa:d1:
93:4b:90:e1:3e:41:79:a7:45:e1:58:72:91:3c:b3:
05:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B7:B0:01:9E:19:F1:12:F4:D2:BC:FD:6E:A1:2D:90:81:FC:58:7E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/efa3f1-7671-4ce3-9fe1-a86df983a74c/1/3bewAZ4Z8RL00rz9bqEtkIH8WH4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.32.0/22
IPv6:
2a0e:ca40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
208383
Signature Algorithm: sha256WithRSAEncryption
25:40:f1:1a:40:fb:a3:6d:64:b4:ea:d1:a5:80:f9:25:85:bd:
4b:65:6c:d8:c9:80:ad:5a:7d:3a:3f:51:ef:02:f6:38:c8:ad:
a0:48:de:c7:45:74:b9:44:22:a4:18:f2:ce:e2:91:03:9f:59:
de:fc:8c:6c:db:1c:6c:44:e2:19:ba:3b:43:d6:5f:c7:8b:6a:
b8:4c:5b:85:24:8b:1c:cf:dc:53:e7:3b:0c:79:ee:6d:fc:b5:
d4:9b:34:bc:7b:28:61:ca:af:17:1f:c1:59:35:c6:4e:84:42:
82:31:65:57:b2:e3:8b:e4:d2:39:56:b3:1f:3f:09:91:99:7d:
9a:ff:a4:71:c5:81:be:32:ea:f7:d1:62:a3:f4:08:52:66:5c:
73:0d:0a:f9:38:33:b4:9d:5e:34:12:1b:c8:d9:f0:b7:92:46:
20:2a:53:8d:43:6f:79:d3:43:dd:e1:60:41:97:6e:d7:7e:e4:
d8:c4:54:16:23:fb:4e:cd:84:e6:aa:08:38:ce:a5:89:70:1e:
c4:d5:b2:3c:e9:61:37:46:8b:86:1a:0d:d2:45:41:6a:47:09:
b5:76:51:a4:0d:96:eb:6f:21:e5:c6:e9:b3:e9:87:6c:da:b4:
a8:30:86:97:0c:86:2f:f3:93:34:14:c7:aa:99:2e:97:b6:9d:
28:40:be:f1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQhRGy8LdwkCV7bAhcNexmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGI3YjAwMTllMTlmMTEyZjRkMmJjZmQ2ZWExMmQ5MDgxZmM1ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H1jJ1gaD+r2SAzJENUs4apWXTjh
LKZTxmrUD/boDf5Qjr1CWVk3zhXDFVgPJa69AwgBtAYkPNkf9k3NU+W0BfDrtzhX
VTAzGz28oI2hq/l9SYOU56y9NLfnkyDie3w53UWc7imTno912wQDDWZWSxOepqGy
ZHf9DBVaL4lnnBPBanaX3ZkyeX22ZNjIMPT3EPnmMlU06j3/Pd3o36Fx9k51/lc0
UvXR9gufVL8goc5PPvnIvjSUc7r7fMy6duc16J6zmFN6QKRTj+ay4QKw7Qlu68tf
ft4l5UPjSJLIcmc41ENiZPPtqreGyf1qqtGTS5DhPkF5p0XhWHKRPLMFsQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFN23sAGeGfES9NK8/W6hLZCB/Fh+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc2L2VmYTNm
MS03NjcxLTRjZTMtOWZlMS1hODZkZjk4M2E3NGMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvZWZhM2Yx
LTc2NzEtNGNlMy05ZmUxLWE4NmRmOTgzYTc0Yy8xLzNiZXdBWjRaOFJMMDByejli
cUV0a0lIOFdINC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLY0gMA0EAgACMAcDBQMqDspAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMt/zANBgkqhkiG9w0BAQsFAAOCAQEAJUDxGkD7o21k
tOrRpYD5JYW9S2Vs2MmArVp9Oj9R7wL2OMitoEjex0V0uUQipBjyzuKRA59Z3vyM
bNscbETiGbo7Q9Zfx4tquExbhSSLHM/cU+c7DHnubfy11Js0vHsoYcqvFx/BWTXG
ToRCgjFlV7Lji+TSOVazHz8JkZl9mv+kccWBvjLq99Fio/QIUmZccw0K+TgztJ1e
NBIbyNnwt5JGICpTjUNvedND3eFgQZdu137k2MRUFiP7Ts2E5qoIOM6liXAexNWy
POlhN0aLhhoN0kVBakcJtXZRpA2W628h5cbps+mHbNq0qDCGlwyGL/OTNBTHqpku
l7adKEC+8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:28:51 2025 by rpki-client