Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
File: 6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer (raw, json)
Hash identifier: ehGxTiOUjWDsc63IWecMTyt7dE6hNfYqcgCzyUx1vlM=
Subject key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D61EE7A603F1EB8B2854A67F74CAF0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:11 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 48526
AS: 56665
AS: 204313
IP: 31.204.88.0/21
IP: 94.252.0.0/17
IP: 185.3.44.0/22
IP: 185.40.60.0/22
IP: 212.66.64.0/19
IP: 2a00:4180::/32
IP: 2a04:81c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1e:e7:a6:03:f1:eb:8b:28:54:a6:7f:74:ca:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:63:0d:cb:50:1b:38:78:f8:7a:13:3f:c5:
bd:19:01:40:94:64:3d:99:17:64:3e:5c:c6:c9:e9:
e8:4f:9d:5a:75:22:a7:0c:ea:7d:dc:55:d6:34:28:
1c:68:0b:16:e4:d0:e1:33:43:0c:53:f1:3c:7c:14:
df:ab:26:f1:6c:9a:81:70:f8:cd:5a:7b:83:d6:5e:
b0:94:c7:63:b3:19:03:fd:aa:c0:9e:d7:ee:a7:0d:
66:87:df:62:16:e4:35:ac:42:c3:ed:2f:ee:db:39:
c5:c5:d3:a6:f3:1d:b2:ca:62:e6:44:ee:dd:bf:ac:
4c:e0:6a:4d:98:60:9d:06:c1:d4:8c:5c:7f:58:12:
70:90:c3:d5:d7:7f:59:26:20:34:a6:1a:a3:83:37:
76:88:15:b2:4a:f5:6d:da:e4:79:22:7e:1c:51:3d:
a4:21:f4:05:a1:01:2f:25:7f:bc:b3:e1:71:ae:e5:
26:40:b7:0c:4a:58:35:cd:7a:bc:3e:7f:ae:c2:75:
dd:b5:52:92:5b:3a:b0:ce:c5:19:39:14:0e:9c:04:
da:a4:1f:b6:32:c6:ae:80:00:72:04:27:96:2a:ed:
d9:02:84:1f:78:62:29:59:48:e9:e6:c7:92:99:cc:
64:fd:17:45:e9:56:d3:92:9b:1d:73:ba:3e:83:f8:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/21
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180::/32
2a04:81c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
48526
56665
204313
Signature Algorithm: sha256WithRSAEncryption
3a:eb:e3:0f:a1:51:08:0f:5d:d9:a2:02:f4:48:d2:22:d7:b3:
ae:d6:d2:c5:0c:b8:d8:dd:41:9e:10:ad:ff:f6:ed:73:bf:18:
14:38:7d:e0:de:40:c4:be:33:0c:78:b8:56:00:78:58:2c:76:
0e:01:de:9f:a9:9b:2f:66:a6:d5:59:8a:06:bf:df:33:59:56:
42:b9:74:6c:07:c0:37:a3:41:04:9e:ab:d4:72:40:c9:ed:46:
f4:84:2c:5e:d9:cb:40:fe:14:57:7b:21:49:e0:2b:3a:b9:84:
b3:c4:cd:dc:17:66:c3:a5:52:8f:d3:6a:e8:c6:89:96:1a:46:
48:f9:28:aa:b5:df:98:e4:e0:0f:cb:3f:6b:f2:60:96:31:5f:
1a:2e:73:9d:f6:03:9c:66:68:3b:65:40:10:c4:27:a3:7d:8f:
f8:7c:fb:a2:3c:c5:73:36:67:6f:6c:c0:ae:bc:94:09:f0:18:
c6:91:85:d8:e2:97:b6:f6:0d:e9:b4:94:95:0f:0f:a4:c9:8f:
bf:55:86:e5:18:50:0f:de:84:90:f5:20:cd:63:70:d2:f6:9e:
67:9d:aa:97:6a:5d:72:b0:27:aa:95:43:0d:28:aa:1c:e3:98:
cd:2f:2f:c8:20:cd:12:be:10:fd:1a:1f:4c:fa:d7:ec:af:b3:
ff:47:dc:b7
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZQg1h7npgPx64soVKZ/dMrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIyZjRmYjk1NWQ3OWYwOTNkN2U4N2IxODJjMzQ0MGFjNGJlMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNpjDctQGzh4+HoTP8W9GQFAlGQ9
mRdkPlzGyenoT51adSKnDOp93FXWNCgcaAsW5NDhM0MMU/E8fBTfqybxbJqBcPjN
WnuD1l6wlMdjsxkD/arAntfupw1mh99iFuQ1rELD7S/u2znFxdOm8x2yymLmRO7d
v6xM4GpNmGCdBsHUjFx/WBJwkMPV139ZJiA0phqjgzd2iBWySvVt2uR5In4cUT2k
IfQFoQEvJX+8s+FxruUmQLcMSlg1zXq8Pn+uwnXdtVKSWzqwzsUZORQOnATapB+2
MsaugAByBCeWKu3ZAoQfeGIpWUjp5seSmcxk/RdF6VbTkpsdc7o+g/iIeQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFOoi9PuVXXnwk9foexgsNECsS+BsMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA3L2ZjODAz
Ny0yYjdjLTQxZmMtOWRiZi05M2QxZmI3MmQzODMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvZmM4MDM3
LTJiN2MtNDFmYy05ZGJmLTkzZDFmYjcyZDM4My8xLzZpTDAtNVZkZWZDVDEtaDdH
Q3cwUUt4TDRHdy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUF
BwEHAQH/BD4wPDAkBAIAATAeAwQDH8xYAwQHXvwAAwQCuQMsAwQCuSg8AwQF1EJA
MBQEAgACMA4DBQAqAEGAAwUDKgSBwDAkBggrBgEFBQcBCAEB/wQVMBOgETAPAgMA
vY4CAwDdWQIDAx4ZMA0GCSqGSIb3DQEBCwUAA4IBAQA66+MPoVEID13ZogL0SNIi
17Ou1tLFDLjY3UGeEK3/9u1zvxgUOH3g3kDEvjMMeLhWAHhYLHYOAd6fqZsvZqbV
WYoGv98zWVZCuXRsB8A3o0EEnqvUckDJ7Ub0hCxe2ctA/hRXeyFJ4Cs6uYSzxM3c
F2bDpVKP02roxomWGkZI+Siqtd+Y5OAPyz9r8mCWMV8aLnOd9gOcZmg7ZUAQxCej
fY/4fPuiPMVzNmdvbMCuvJQJ8BjGkYXY4pe29g3ptJSVDw+kyY+/VYblGFAP3oSQ
9SDNY3DS9p5nnaqXal1ysCeqlUMNKKoc45jNLy/IIM0SvhD9Gh9M+tfsr7P/R9y3
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:00:14 2025 by rpki-client