Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
File: 4BpLB7xMpvoFciL96uhg9kRAR-A.cer (raw, json)
Hash identifier: nHxPG9elPXkN6ZMbGwarRqQ9hF6nwgN68MY2Uc/t/iU=
Subject key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194214433E066EB49660D1F5B7A5DF51F3E
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 214708
IP: 194.146.94.0/24
IP: 2a13:eb80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:33:e0:66:eb:49:66:0d:1f:5b:7a:5d:f5:1f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:26:42:d4:35:d6:80:5b:c9:92:55:90:4d:94:
9e:38:4f:2f:2c:67:17:0a:56:45:89:0a:8f:e8:66:
8c:29:d0:8f:8b:4f:78:71:43:00:f4:c2:4d:c0:df:
7a:d4:18:7c:7f:ae:9e:7f:88:9e:8b:53:b5:74:cd:
13:2b:4b:6a:28:05:c0:43:4f:e8:29:69:2c:84:27:
0d:6a:ca:bd:c3:87:a0:8e:55:6e:4c:92:d7:19:d7:
cf:19:36:36:a7:1e:3c:7b:a0:94:71:14:3a:31:01:
9e:35:4d:f8:51:94:1e:c8:91:ab:12:23:c9:77:54:
62:c4:c0:df:d1:f0:de:25:0f:f9:61:26:73:b0:70:
1a:29:89:d9:d5:6d:38:ad:e4:db:ee:ed:d3:93:bb:
b9:a5:e9:ab:c8:b2:53:b1:23:cf:be:c1:40:e1:b4:
18:26:8d:9b:6d:ed:9e:78:6f:c8:ae:e2:06:87:23:
69:16:12:8b:52:78:66:9c:09:92:00:c3:8e:22:73:
54:f0:90:92:ad:ff:40:10:0c:fa:3a:4d:49:f3:9e:
8a:50:21:a2:95:2e:37:3f:3f:e9:d5:cc:10:30:df:
93:b0:df:f4:d9:69:e5:7a:31:8c:9a:ef:52:52:38:
65:d7:33:ad:b1:49:ff:f9:fe:35:cb:dd:03:73:f4:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.94.0/24
IPv6:
2a13:eb80::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
214708
Signature Algorithm: sha256WithRSAEncryption
8b:20:90:5a:95:14:65:12:72:6e:21:a1:61:4e:f1:cf:c8:65:
d1:b7:dd:f7:79:6a:84:7f:53:ce:a9:a1:a3:2e:a9:27:4e:1a:
08:73:2e:71:d3:f8:41:02:b3:fb:1b:2d:1c:d9:f2:a4:9a:66:
32:8f:fd:76:02:e0:2f:16:27:38:5a:e6:94:27:45:5d:ee:43:
13:05:cc:53:00:9b:e3:81:73:d9:5a:5a:b8:a4:e7:2b:94:de:
0f:47:ab:f7:63:79:4a:47:20:e0:5f:7b:3a:23:7c:45:6e:92:
e1:4a:a4:10:d6:01:32:0e:8f:dd:ac:54:81:dc:57:8e:b3:b4:
9d:de:d2:9a:c1:21:87:3d:0c:75:53:f4:b1:3a:21:b6:49:48:
94:8c:c3:ac:a1:92:5b:db:2b:38:3b:cb:ed:ec:b1:e9:88:53:
69:f5:a2:3c:7b:82:6a:df:76:9d:cb:09:34:49:56:d2:a0:b2:
ea:0a:11:5c:88:7c:ef:b3:bf:83:20:dc:3e:64:43:e5:39:a5:
b4:57:cc:06:93:42:6e:18:bd:5a:a8:c1:d3:b7:85:1f:67:d2:
3a:f8:88:3a:49:61:73:2c:bf:34:fb:e5:bb:5f:ee:54:e7:62:
1e:c8:61:c0:77:a2:71:72:3a:04:f3:4f:6a:15:25:96:7c:5b:
b3:8f:62:f7
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQhRDPgZutJZg0fW3pd9R8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDFhNGIwN2JjNGNhNmZhMDU3MjIyZmRlYWU4NjBmNjQ0NDA0N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiZC1DXWgFvJklWQTZSeOE8vLGcX
ClZFiQqP6GaMKdCPi094cUMA9MJNwN961Bh8f66ef4iei1O1dM0TK0tqKAXAQ0/o
KWkshCcNasq9w4egjlVuTJLXGdfPGTY2px48e6CUcRQ6MQGeNU34UZQeyJGrEiPJ
d1RixMDf0fDeJQ/5YSZzsHAaKYnZ1W04reTb7u3Tk7u5pemryLJTsSPPvsFA4bQY
Jo2bbe2eeG/IruIGhyNpFhKLUnhmnAmSAMOOInNU8JCSrf9AEAz6Ok1J856KUCGi
lS43Pz/p1cwQMN+TsN/02WnlejGMmu9SUjhl1zOtsUn/+f41y90Dc/RmRQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOAaSwe8TKb6BXIi/eroYPZEQEfgMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQzLzk0NGM4
Zi1mMGY4LTRjNzEtOWVkZS03YTNjNTMyZDNhNTUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMvOTQ0Yzhm
LWYwZjgtNGM3MS05ZWRlLTdhM2M1MzJkM2E1NS8xLzRCcExCN3hNcHZvRmNpTDk2
dWhnOWtSQVItQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAwpJeMA0EAgACMAcDBQMqE+uAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNGtDANBgkqhkiG9w0BAQsFAAOCAQEAiyCQWpUUZRJy
biGhYU7xz8hl0bfd93lqhH9Tzqmhoy6pJ04aCHMucdP4QQKz+xstHNnypJpmMo/9
dgLgLxYnOFrmlCdFXe5DEwXMUwCb44Fz2VpauKTnK5TeD0er92N5Skcg4F97OiN8
RW6S4UqkENYBMg6P3axUgdxXjrO0nd7SmsEhhz0MdVP0sTohtklIlIzDrKGSW9sr
ODvL7eyx6YhTafWiPHuCat92ncsJNElW0qCy6goRXIh877O/gyDcPmRD5TmltFfM
BpNCbhi9WqjB07eFH2fSOviIOklhcyy/NPvlu1/uVOdiHshhwHeicXI6BPNPahUl
lnxbs49i9w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:58:25 2025 by rpki-client