Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
File: JmXBf6AosxNI9jD2tW30Is4GKzs.cer (raw, json)
Hash identifier: QvJqizbsjqcqTgG4SXmA/Mf+YFDGGIZWBsPcnoUbm30=
Subject key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420686FFE7AF5BA742DE8AD50A835577A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:48:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197637
AS: 201840
IP: 31.25.152.0/21
IP: 37.99.200.0/21
IP: 37.123.120.0/21
IP: 109.75.96.0/20
IP: 153.92.32.0/21
IP: 185.8.84.0/22
IP: 185.62.88.0/22
IP: 185.65.196.0/22
IP: 185.68.76.0/22
IP: 185.211.16.0/22
IP: 193.57.0.0/22
IP: 195.42.244.0/22
IP: 195.178.0.0/23
IP: 2a03:160::/32
IP: 2a03:1da0::/29
IP: 2a03:3940::/29
IP: 2a04:6ec0::/29
IP: 2a0b:6240::/29
IP: 2a0c:90c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6f:fe:7a:f5:ba:74:2d:e8:ad:50:a8:35:57:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f8:4d:21:0f:3b:92:ed:eb:8a:ba:59:b9:f4:
df:c0:62:32:e2:4e:3f:9c:bd:70:5e:46:52:e3:ba:
f8:9b:84:5e:a2:19:6e:72:19:10:90:89:f8:41:42:
99:00:c2:78:1d:a6:a6:89:10:fb:85:cd:f8:84:ba:
2d:6e:7c:a3:8a:0c:09:00:63:86:96:59:0f:59:42:
27:c4:12:41:24:52:0d:53:ef:42:7b:dd:f3:ae:c2:
48:4c:f4:3f:6b:a0:2f:8d:7d:b8:bd:21:b5:58:95:
40:83:f7:22:61:c0:2a:8f:31:3a:af:58:7f:7f:19:
d9:1e:9d:02:71:1c:22:a4:24:97:92:e7:02:76:ea:
9c:70:3e:d7:e0:46:1c:30:c5:87:e1:c7:10:0d:41:
82:d5:63:9a:4a:45:fe:4d:72:79:cd:30:f6:28:5a:
5b:1c:b5:3b:5f:9c:4c:23:53:00:ab:1b:80:18:86:
89:be:54:c0:5b:3e:8d:9c:49:e4:f0:cb:8e:f0:cf:
96:78:70:e4:b7:a0:45:bd:6a:20:dd:5b:1e:0f:f9:
83:bf:0c:2c:8e:6e:fd:00:b3:98:da:cd:7c:3d:a7:
d4:62:06:ed:57:32:6b:5a:ca:50:09:2f:65:80:18:
84:f8:86:af:51:1c:cf:eb:8e:49:da:58:08:61:86:
b8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.96.0/20
153.92.32.0/21
185.8.84.0/22
185.62.88.0/22
185.65.196.0/22
185.68.76.0/22
185.211.16.0/22
193.57.0.0/22
195.42.244.0/22
195.178.0.0/23
IPv6:
2a03:160::/32
2a03:1da0::/29
2a03:3940::/29
2a04:6ec0::/29
2a0b:6240::/29
2a0c:90c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197637
201840
Signature Algorithm: sha256WithRSAEncryption
76:e5:64:cf:28:44:90:d9:70:8d:c6:86:79:c0:04:f6:86:51:
a8:51:8d:fe:e2:61:37:3a:80:9e:15:46:28:d8:53:35:2d:1a:
81:c6:19:24:95:ec:62:6c:6c:2e:05:8b:ae:54:ee:78:46:c9:
c6:72:2f:85:44:29:c4:76:42:52:ef:b0:c5:a2:b4:1d:09:b4:
38:ed:aa:5f:06:5e:8a:6c:93:20:dc:c7:3b:6b:59:1f:23:71:
8d:89:27:ab:2a:71:a0:bf:60:c7:55:7f:b3:9b:5b:96:4f:6f:
42:5b:22:86:6c:ad:67:b9:9d:20:4a:66:a9:df:dc:72:a3:58:
12:ef:44:91:b4:7b:d0:42:cc:34:c0:f6:99:06:fe:43:3f:81:
36:1a:ef:33:59:8a:73:c6:0b:f7:90:a7:b0:e6:83:2b:6b:a4:
b1:18:ca:97:76:d3:18:0c:b6:b7:8d:67:44:b2:58:db:b5:92:
95:ac:04:7d:5b:66:40:0b:40:62:04:4c:22:53:63:a9:d9:03:
79:91:2b:1a:36:29:0b:bb:51:8f:28:ec:2c:43:ee:63:03:d9:
84:a0:dd:03:69:99:66:b1:7f:5a:6a:3e:fd:e3:98:70:fc:6f:
2f:1e:1f:5d:57:c2:60:1f:5d:c1:99:43:52:eb:3d:bd:61:b1:
42:fb:9b:eb
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZQgaG/+evW6dC3orVCoNVd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjY1YzE3ZmEwMjhiMzEzNDhmNjMwZjZiNTZkZjQyMmNlMDYyYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufhNIQ87ku3rirpZufTfwGIy4k4/
nL1wXkZS47r4m4ReohluchkQkIn4QUKZAMJ4HaamiRD7hc34hLotbnyjigwJAGOG
llkPWUInxBJBJFINU+9Ce93zrsJITPQ/a6AvjX24vSG1WJVAg/ciYcAqjzE6r1h/
fxnZHp0CcRwipCSXkucCduqccD7X4EYcMMWH4ccQDUGC1WOaSkX+TXJ5zTD2KFpb
HLU7X5xMI1MAqxuAGIaJvlTAWz6NnEnk8MuO8M+WeHDkt6BFvWog3VseD/mDvwws
jm79ALOY2s18PafUYgbtVzJrWspQCS9lgBiE+IavURzP645J2lgIYYa4tQIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFCZlwX+gKLMTSPYw9rVt9CLOBis7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEyL2ZjOTBh
MC04MDRjLTQwZmEtYjI3YS1jMzgzYTkwMTAwMDUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIvZmM5MGEw
LTgwNGMtNDBmYS1iMjdhLWMzODNhOTAxMDAwNS8xL0ptWEJmNkFvc3hOSTlqRDJ0
VzMwSXM0R0t6cy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGbBggrBgEF
BQcBBwEB/wSBizCBiDBUBAIAATBOAwQDHxmYAwQDJWPIAwQDJXt4AwQEbUtgAwQD
mVwgAwQCuQhUAwQCuT5YAwQCuUHEAwQCuURMAwQCudMQAwQCwTkAAwQCwyr0AwQB
w7IAMDAEAgACMCoDBQAqAwFgAwUDKgMdoAMFAyoDOUADBQMqBG7AAwUDKgtiQAMF
AyoMkMAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAwQFAgMDFHAwDQYJKoZIhvcN
AQELBQADggEBAHblZM8oRJDZcI3GhnnABPaGUahRjf7iYTc6gJ4VRijYUzUtGoHG
GSSV7GJsbC4Fi65U7nhGycZyL4VEKcR2QlLvsMWitB0JtDjtql8GXopskyDcxztr
WR8jcY2JJ6sqcaC/YMdVf7ObW5ZPb0JbIoZsrWe5nSBKZqnf3HKjWBLvRJG0e9BC
zDTA9pkG/kM/gTYa7zNZinPGC/eQp7DmgytrpLEYypd20xgMtreNZ0SyWNu1kpWs
BH1bZkALQGIETCJTY6nZA3mRKxo2KQu7UY8o7CxD7mMD2YSg3QNpmWaxf1pqPv3j
mHD8by8eH11XwmAfXcGZQ1LrPb1hsUL7m+s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:46 2025 by rpki-client