Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
File: NZpLbG03E8_zY2IH3pg5BYtRgVs.cer (raw, json)
Hash identifier: RS0sOgSURQeKcPZYezTxfXsurwMjnZCwE8YzL2chs5w=
Subject key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D650B5D28DC9630E6C571DB1239310
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
caRepository: rsync://rsync.rp.ki/repo/misakaio/2/
Notify URL: https://rrdp.rp.ki/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35487
AS: 47553
AS: 48386
AS: 50069
AS: 57578
AS: 57695
AS: 58313
AS: 58342
IP: 45.11.104.0/22
IP: 45.131.68.0/22
IP: 45.142.244.0/22
IP: 45.150.240.0/22
IP: 93.93.244.0/22
IP: 146.19.3.0/24
IP: 185.189.72.0/24
IP: 185.209.84.0/22
IP: 185.234.212.0/22
IP: 188.244.96.0/22
IP: 194.45.101.0/24
IP: 194.156.154.0/23
IP: 194.156.162.0/23
IP: 2a0b:4340::/29
IP: 2a0d:2900::/29
IP: 2a0d:5640::/29
IP: 2a0e:5c40::/29
IP: 2a0e:6900::/29
IP: 2a0f:3b00::/29
IP: 2a11:6e00::/29
IP: 2a12:1700::/29
IP: 2a12:8d00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:50:b5:d2:8d:c9:63:0e:6c:57:1d:b1:23:93:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=359a4b6c6d3713cff3636207de9839058b51815b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e0:9b:ff:b7:6a:1b:60:50:19:be:18:8c:21:
45:e9:8d:92:42:dc:58:af:e9:03:ab:06:86:b5:bb:
98:98:ac:b5:5d:50:6e:12:2f:b4:63:77:5d:b7:90:
e9:b0:12:1e:25:38:33:47:92:37:61:ee:97:e2:6e:
a0:d0:20:11:67:b4:72:59:82:ff:6e:f3:30:5a:a5:
5a:f9:02:23:9a:29:e8:72:12:01:e7:36:60:55:19:
f3:8f:c2:c9:67:6f:82:66:0e:6d:a8:cf:58:0f:e5:
d3:01:12:88:36:29:94:86:c4:9d:6a:5e:54:04:9b:
2c:6b:fc:a6:90:3e:62:11:80:2c:95:d3:f2:ec:04:
a5:eb:55:6f:2c:90:e8:19:3b:b7:8d:48:be:29:25:
a2:a8:3e:ac:cc:2d:63:ba:06:6e:b7:65:b1:5c:1d:
6a:8c:a8:4a:2e:a7:d6:9f:f5:92:8d:2d:7c:fc:c3:
15:e8:82:be:59:c5:2c:1d:c6:58:d3:0d:3a:7b:f9:
eb:20:7b:9e:8a:c8:e2:ea:be:53:ec:91:bd:c5:83:
b1:6f:33:ef:52:72:86:e2:78:e4:11:26:41:46:d4:
7b:5c:f9:1c:6f:eb:cd:74:1f:e7:54:41:a4:72:65:
f7:33:3d:91:b9:23:5d:c5:5e:0b:af:cb:52:2e:ee:
03:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.rp.ki/repo/misakaio/2/
RPKI Manifest - URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
RPKI Notify - URI:https://rrdp.rp.ki/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.104.0/22
45.131.68.0/22
45.142.244.0/22
45.150.240.0/22
93.93.244.0/22
146.19.3.0/24
185.189.72.0/24
185.209.84.0/22
185.234.212.0/22
188.244.96.0/22
194.45.101.0/24
194.156.154.0/23
194.156.162.0/23
IPv6:
2a0b:4340::/29
2a0d:2900::/29
2a0d:5640::/29
2a0e:5c40::/29
2a0e:6900::/29
2a0f:3b00::/29
2a11:6e00::/29
2a12:1700::/29
2a12:8d00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35487
47553
48386
50069
57578
57695
58313
58342
Signature Algorithm: sha256WithRSAEncryption
42:53:00:d5:eb:f2:8a:6c:92:b5:5f:2a:fc:92:ff:f7:c0:06:
38:bd:3d:3a:d4:47:99:c5:fa:f0:42:f1:d9:eb:18:d5:81:51:
85:7d:bb:68:77:82:38:8b:f8:bd:02:13:1d:e8:42:c9:04:57:
b8:cd:12:15:d5:15:bd:f8:2f:10:d5:84:cc:08:2c:9a:eb:45:
04:92:4c:a9:41:eb:07:03:88:fa:75:06:6b:f6:95:1f:1a:39:
ce:ca:bd:fd:52:4f:d8:c4:ab:b3:e9:7e:c9:32:ae:59:e1:3f:
3f:bd:b7:fe:a2:db:a1:e9:22:49:f1:4b:35:24:c1:2b:fc:66:
24:fa:21:4a:72:ae:f5:ab:b7:82:61:1d:f2:60:3a:4a:94:0a:
0d:a4:05:09:cb:94:cc:37:67:11:41:29:a2:3d:e3:c6:5b:82:
0f:22:de:ca:e0:6c:8f:6e:bb:b2:dd:4b:85:a4:bd:9a:c3:8a:
03:23:b0:27:e5:61:85:db:d2:66:29:01:d1:76:5f:3f:3c:8f:
1a:fe:17:70:91:75:b2:22:d6:b2:0a:d5:71:33:74:8c:1d:63:
56:66:1f:33:88:83:fa:ad:d1:86:4e:a9:e4:bd:2e:05:c4:be:
32:78:dd:08:1b:54:b1:f6:a6:3d:d7:ab:be:46:e5:a8:5c:4e:
9f:08:47:7d
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZQg1lC10o3JYw5sVx2xI5MQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTlhNGI2YzZkMzcxM2NmZjM2MzYyMDdkZTk4MzkwNThiNTE4MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOCb/7dqG2BQGb4YjCFF6Y2SQtxY
r+kDqwaGtbuYmKy1XVBuEi+0Y3ddt5DpsBIeJTgzR5I3Ye6X4m6g0CARZ7RyWYL/
bvMwWqVa+QIjminochIB5zZgVRnzj8LJZ2+CZg5tqM9YD+XTARKINimUhsSdal5U
BJssa/ymkD5iEYAsldPy7ASl61VvLJDoGTu3jUi+KSWiqD6szC1jugZut2WxXB1q
jKhKLqfWn/WSjS18/MMV6IK+WcUsHcZY0w06e/nrIHueisji6r5T7JG9xYOxbzPv
UnKG4njkESZBRtR7XPkcb+vNdB/nVEGkcmX3Mz2RuSNdxV4Lr8tSLu4DiwIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFDWaS2xtNxPP82NiB96YOQWLUYFbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwgdEGCCsGAQUFBwELBIHEMIHBMDAGCCsGAQUFBzAFhiRyc3lu
YzovL3JzeW5jLnJwLmtpL3JlcG8vbWlzYWthaW8vMi8wXAYIKwYBBQUHMAqGUHJz
eW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8yLzM1OUE0QjZDNkQzNzEz
Q0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIubWZ0MC8GCCsGAQUFBzANhiNodHRw
czovL3JyZHAucnAua2kvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBK
hkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28z
VlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjCBsAYIKwYBBQUHAQcBAf8EgaAwgZ0wVAQCAAEwTgMEAi0LaAMEAi2DRAME
Ai2O9AMEAi2W8AMEAl1d9AMEAJITAwMEALm9SAMEArnRVAMEArnq1AMEArz0YAME
AMItZQMEAcKcmgMEAcKcojBFBAIAAjA/AwUDKgtDQAMFAyoNKQADBQMqDVZAAwUD
Kg5cQAMFAyoOaQADBQMqDzsAAwUDKhFuAAMFAyoSFwADBQMqEo0AMD0GCCsGAQUF
BwEIAQH/BC4wLKAqMCgCAwCKnwIDALnBAgMAvQICAwDDlQIDAODqAgMA4V8CAwDj
yQIDAOPmMA0GCSqGSIb3DQEBCwUAA4IBAQBCUwDV6/KKbJK1Xyr8kv/3wAY4vT06
1EeZxfrwQvHZ6xjVgVGFfbtod4I4i/i9AhMd6ELJBFe4zRIV1RW9+C8Q1YTMCCya
60UEkkypQesHA4j6dQZr9pUfGjnOyr39Uk/YxKuz6X7JMq5Z4T8/vbf+otuh6SJJ
8Us1JMEr/GYk+iFKcq71q7eCYR3yYDpKlAoNpAUJy5TMN2cRQSmiPePGW4IPIt7K
4GyPbruy3UuFpL2aw4oDI7An5WGF29JmKQHRdl8/PI8a/hdwkXWyItayCtVxM3SM
HWNWZh8ziIP6rdGGTqnkvS4FxL4yeN0IG1Sx9qY916u+RuWoXE6fCEd9
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:09:59 2025 by rpki-client