Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
File: OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer (raw, json)
Hash identifier: DcY0+Z9WPOHO9tsZNTF5FwvPtMzCEWnbXqQsx3ykVXM=
Subject key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420683BDA19365FE1A2D5CA4D24B9A110
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:48:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29656
AS: 39239
AS: 50389
AS: 57872
AS: 60558
AS: 207134
AS: 210266
IP: 37.140.232.0/21
IP: 185.28.188.0/22
IP: 2a00:8860::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3b:da:19:36:5f:e1:a2:d5:ca:4d:24:b9:a1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38203463eb944b25c65135ca47bdbdab646f3984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:63:9f:fd:fe:05:61:af:c2:24:fb:51:d3:7d:
52:21:1e:47:08:2f:3e:7a:4c:90:e4:6e:d7:81:9c:
73:35:73:20:ca:17:43:f1:72:71:f0:14:7d:f9:17:
5f:96:2b:10:25:64:45:88:bd:2d:47:0a:67:31:c4:
45:93:8c:40:f8:ed:0b:20:c7:84:c2:5c:3c:d4:4d:
31:03:b0:f4:cc:9c:1f:38:0b:ff:88:30:6c:22:bd:
d8:2b:e5:99:6a:ac:20:18:80:fe:de:ab:2d:bd:71:
9c:ed:43:57:22:de:51:06:6c:e3:73:ab:e0:47:45:
bc:09:a2:17:c1:3b:43:94:d4:c4:64:ac:b9:7b:06:
3f:7b:8f:1a:dd:a6:2a:1d:09:86:55:80:3f:14:6b:
a9:7e:6e:38:cd:87:46:bb:40:1e:eb:0c:40:d2:fd:
3a:e0:67:eb:4d:e7:c3:68:5f:3a:bc:ac:a8:d1:1a:
06:cb:28:8c:ae:e7:8b:b2:61:69:22:c7:18:fd:2a:
c2:c4:b8:8c:7e:a8:92:6b:79:4b:58:aa:d8:80:a5:
e9:9d:af:d3:60:0f:e9:83:11:6c:54:3d:39:07:53:
07:19:99:c3:21:c6:26:0f:7b:9f:86:20:78:28:d5:
d8:61:5f:86:3a:58:f2:67:d0:03:e2:a2:4a:02:c4:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.232.0/21
185.28.188.0/22
IPv6:
2a00:8860::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29656
39239
50389
57872
60558
207134
210266
Signature Algorithm: sha256WithRSAEncryption
01:ea:01:bc:6c:62:ee:43:61:20:b7:e5:d7:eb:83:ce:ec:91:
0e:29:2e:bd:fd:af:49:2b:f1:cc:5f:c7:98:cd:53:97:02:41:
5b:b9:92:48:bc:fd:4c:4f:96:d2:99:77:d1:32:87:ff:73:ef:
a6:db:ae:94:cb:83:0f:cc:9e:35:fe:f6:90:81:f0:3a:a4:73:
d2:0e:eb:f5:10:23:ed:00:ee:cf:c2:04:9a:77:9e:00:ac:6a:
90:d6:a3:be:23:94:dd:f6:75:b7:30:82:9b:39:77:76:5e:bf:
54:7b:9d:2f:6b:dc:5c:6c:d9:fb:9c:23:72:43:68:91:30:3b:
d2:17:dd:45:05:10:9e:75:c8:8c:5f:ce:ed:2c:ac:1b:c4:91:
75:0f:d9:16:50:f9:da:27:c3:48:ca:68:5a:b4:6f:ab:59:75:
20:2b:b4:75:27:09:6b:68:46:32:c4:60:7a:1f:61:85:fd:0b:
e2:f2:00:fa:4d:dc:e9:47:85:9f:48:2f:0a:91:cd:f0:30:7f:
f3:0f:14:24:5c:72:e9:53:88:5c:42:d0:7a:00:58:55:d2:2b:
45:c6:3b:3d:00:d8:45:a6:09:74:94:bf:ad:06:26:ea:de:8a:
ab:89:74:25:0e:44:bc:2d:1f:78:83:8f:8a:a5:a3:61:77:fb:
e2:e2:1e:8c
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZQgaDvaGTZf4aLVyk0kuaEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODIwMzQ2M2ViOTQ0YjI1YzY1MTM1Y2E0N2JkYmRhYjY0NmYzOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2Of/f4FYa/CJPtR031SIR5HCC8+
ekyQ5G7XgZxzNXMgyhdD8XJx8BR9+RdflisQJWRFiL0tRwpnMcRFk4xA+O0LIMeE
wlw81E0xA7D0zJwfOAv/iDBsIr3YK+WZaqwgGID+3qstvXGc7UNXIt5RBmzjc6vg
R0W8CaIXwTtDlNTEZKy5ewY/e48a3aYqHQmGVYA/FGupfm44zYdGu0Ae6wxA0v06
4GfrTefDaF86vKyo0RoGyyiMrueLsmFpIscY/SrCxLiMfqiSa3lLWKrYgKXpna/T
YA/pgxFsVD05B1MHGZnDIcYmD3ufhiB4KNXYYV+GOljyZ9AD4qJKAsQ7KwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFDggNGPrlEslxlE1yke9vatkbzmEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdmLzBhMjk4
NC1hODY5LTQ0MGQtYjU3OC01ODkzNTE3OWI5ODUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2YvMGEyOTg0
LWE4NjktNDQwZC1iNTc4LTU4OTM1MTc5Yjk4NS8xL09DQTBZLXVVU3lYR1VUWEtS
NzI5cTJSdk9ZUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDJYzoAwQCuRy8MA0EAgACMAcDBQMqAIhgMDcG
CCsGAQUFBwEIAQH/BCgwJqAkMCICAnPYAgMAmUcCAwDE1QIDAOIQAgMA7I4CAwMp
HgIDAzVaMA0GCSqGSIb3DQEBCwUAA4IBAQAB6gG8bGLuQ2Egt+XX64PO7JEOKS69
/a9JK/HMX8eYzVOXAkFbuZJIvP1MT5bSmXfRMof/c++m266Uy4MPzJ41/vaQgfA6
pHPSDuv1ECPtAO7PwgSad54ArGqQ1qO+I5Td9nW3MIKbOXd2Xr9Ue50va9xcbNn7
nCNyQ2iRMDvSF91FBRCedciMX87tLKwbxJF1D9kWUPnaJ8NIymhatG+rWXUgK7R1
JwlraEYyxGB6H2GF/Qvi8gD6TdzpR4WfSC8Kkc3wMH/zDxQkXHLpU4hcQtB6AFhV
0itFxjs9ANhFpgl0lL+tBibq3oqriXQlDkS8LR94g4+KpaNhd/vi4h6M
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:24:39 2025 by rpki-client