Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
File: GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer (raw, json)
Hash identifier: 6yB7wU9hG/GeJpRsMIGihyqTxohZhT1nMihX039FfYs=
Subject key identifier: 19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427488456467773ACFD7988CC5A7A6508
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 31.7.0.0/21
IP: 185.144.224.0/22
IP: 2a03:9700::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:84:56:46:77:73:ac:fd:79:88:cc:5a:7a:65:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:3b:38:d4:5b:10:f9:36:cf:2c:4c:2c:85:
0e:3a:6b:cb:6b:90:ee:2f:2c:ac:57:7c:b8:37:b0:
29:66:76:81:fa:ac:f8:94:91:8d:08:1b:92:fd:12:
fe:1c:fc:ba:a1:0b:b7:e7:25:7c:40:97:c2:42:8e:
a9:cf:18:4c:89:ff:d5:70:b2:51:29:53:92:0a:48:
dd:c5:eb:3c:18:0a:e3:62:32:c6:e7:c0:9f:a6:f3:
2e:14:41:49:5d:20:eb:f8:6a:a8:a7:d7:14:90:f7:
7f:54:f2:9e:bf:96:5d:4a:fd:00:fc:81:f4:b0:40:
53:1b:69:73:f6:c5:89:ad:fe:ad:f9:f5:53:e3:e6:
13:26:64:c1:ee:70:65:90:2a:3f:f5:eb:97:7a:cb:
b0:76:e7:96:07:30:25:7a:18:82:d6:f3:6c:ec:55:
8a:ae:6b:0b:c7:3e:44:30:6c:b6:83:2e:f1:37:b9:
b0:f5:41:47:8a:2b:af:e0:69:98:e2:b5:62:fc:22:
2e:54:8a:c4:ba:e6:34:26:59:8d:6f:06:f0:c1:ee:
e6:12:7f:e8:62:e8:4c:cc:82:8e:6f:d7:b2:df:32:
5b:f6:ee:70:a2:0e:20:55:f0:a9:53:e0:2e:32:0c:
8d:f6:93:b5:be:8a:4f:d5:c6:6b:38:14:f8:57:7a:
33:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.0.0/21
185.144.224.0/22
IPv6:
2a03:9700::/32
Signature Algorithm: sha256WithRSAEncryption
93:f8:ff:b1:33:ee:b0:39:17:52:8f:58:14:41:0e:21:91:79:
6c:8f:8f:ce:ec:ea:f9:ab:46:59:99:1f:e6:44:25:a9:f2:7e:
8c:17:5e:c0:f4:90:8b:36:d8:cf:84:0b:8b:13:3e:c9:3d:48:
33:c6:e1:41:95:c1:0a:b7:83:48:1c:66:42:2e:8e:02:fd:37:
f7:2e:44:d5:70:92:e7:0c:26:a5:2b:15:27:96:59:b3:4c:19:
d0:28:5f:6b:c6:cc:cf:8a:a6:f7:46:c9:93:0a:54:1f:d7:83:
1e:e3:3a:42:8a:66:2b:ae:e6:23:d2:82:5a:5d:de:7e:7b:e2:
48:5b:36:4a:14:16:26:57:08:31:01:1e:93:6d:0e:14:1e:da:
68:75:d4:c0:5a:fc:8e:dd:c7:07:e2:ab:87:93:4b:68:d0:7f:
1b:d3:d1:6f:69:60:f2:a0:1b:16:c7:a6:38:b9:53:2a:8b:cf:
5e:b4:4a:e1:dd:cd:ae:95:fe:79:b3:ac:7d:7f:58:c7:c9:4e:
4e:03:bf:67:05:94:da:ad:69:66:61:e2:13:f0:83:f3:df:6d:
55:d0:41:04:8f:17:dd:8b:d1:5a:ac:9a:d2:bc:f8:dc:51:f6:
40:8d:b8:ce:27:2f:79:91:b3:22:2a:96:f6:83:4a:e7:d7:3d:
b3:96:56:59
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQnSIRWRndzrP15iMxaemUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTBlYzdhYWIyMGZjNGM4MDFjNjc5NjNlNTllNGY5MzYwMGU0MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriA7ONRbEPk2zyxMLIUOOmvLa5Du
LyysV3y4N7ApZnaB+qz4lJGNCBuS/RL+HPy6oQu35yV8QJfCQo6pzxhMif/VcLJR
KVOSCkjdxes8GArjYjLG58CfpvMuFEFJXSDr+Gqop9cUkPd/VPKev5ZdSv0A/IH0
sEBTG2lz9sWJrf6t+fVT4+YTJmTB7nBlkCo/9euXesuwdueWBzAlehiC1vNs7FWK
rmsLxz5EMGy2gy7xN7mw9UFHiiuv4GmY4rVi/CIuVIrEuuY0JlmNbwbwwe7mEn/o
YuhMzIKOb9ey3zJb9u5wog4gVfCpU+AuMgyN9pO1vopP1cZrOBT4V3oz/wIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFBkOx6qyD8TIAcZ5Y+WeT5NgDkAdMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FiL2JhM2I2
OS02NWU1LTQ5OGUtYmEwOC1kYWI5YjQ4M2MxMjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIvYmEzYjY5
LTY1ZTUtNDk4ZS1iYTA4LWRhYjliNDgzYzEyMy8xL0dRN0hxcklQeE1nQnhubGo1
WjVQazJBT1FCMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDHwcAAwQCuZDgMA0EAgACMAcDBQAqA5cAMA0G
CSqGSIb3DQEBCwUAA4IBAQCT+P+xM+6wORdSj1gUQQ4hkXlsj4/O7Or5q0ZZmR/m
RCWp8n6MF17A9JCLNtjPhAuLEz7JPUgzxuFBlcEKt4NIHGZCLo4C/Tf3LkTVcJLn
DCalKxUnllmzTBnQKF9rxszPiqb3RsmTClQf14Me4zpCimYrruYj0oJaXd5+e+JI
WzZKFBYmVwgxAR6TbQ4UHtpoddTAWvyO3ccH4quHk0to0H8b09FvaWDyoBsWx6Y4
uVMqi89etErh3c2ulf55s6x9f1jHyU5OA79nBZTarWlmYeIT8IPz321V0EEEjxfd
i9FarJrSvPjcUfZAjbjOJy95kbMiKpb2g0rn1z2zllZZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:09:32 2025 by rpki-client