Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
File: XwImpwTPYg6yAA8n56kZznMJkb4.cer (raw, json)
Hash identifier: 0wzhweV0o6xHrvPPahhjLYRR/ybWNuhSC1ttL5CBMgQ=
Subject key identifier: 5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143F466C06BCAFB0827242F74D6C123
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:09 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 202602
IP: 31.25.10.0/24
IP: 109.70.236.0/24
IP: 194.127.192.0/23
IP: 195.85.19.0/24
IP: 213.170.133.0/24
IP: 2a0c:b840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f4:66:c0:6b:ca:fb:08:27:24:2f:74:d6:c1:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f0226a704cf620eb2000f27e7a919ce730991be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:36:ed:80:a9:0c:68:4f:ae:6c:34:e6:44:7b:
67:21:ad:67:6d:60:1b:4c:bf:7e:67:fa:34:61:f8:
2b:ac:0d:1e:11:4b:f6:cd:d1:da:a0:11:0d:d6:d9:
c0:da:7f:23:44:05:b0:15:82:6f:92:7d:86:cf:5f:
67:df:ca:c0:5e:f3:d4:52:89:37:33:30:79:65:31:
49:81:2f:67:e7:1e:f7:1c:09:6e:0f:39:54:36:2a:
4f:0c:36:21:35:cc:12:aa:07:84:d2:b4:7c:1b:86:
d0:c0:17:55:c7:a9:8a:e1:2c:c9:12:7c:4a:7e:55:
68:09:29:97:ce:df:11:17:a0:5f:9f:9c:88:b5:b4:
19:be:61:e3:e5:e5:25:69:90:4f:74:ac:66:5c:17:
33:ac:f0:c2:b5:fc:74:5b:ce:fb:75:aa:25:eb:68:
50:e2:1e:b0:69:ce:2d:30:b8:91:5c:c9:d3:93:44:
8d:77:0e:12:c2:13:ea:91:97:20:c8:84:2e:b3:11:
8b:e8:10:30:1e:ac:86:3a:74:4f:79:cb:86:3d:13:
cd:59:d6:ab:56:bf:8c:63:5b:43:6d:86:04:45:b7:
49:90:cd:5c:53:4e:60:d3:32:a6:97:7a:9f:52:18:
fc:f3:da:09:7c:a6:61:ef:86:e1:6a:f6:9f:93:79:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.10.0/24
109.70.236.0/24
194.127.192.0/23
195.85.19.0/24
213.170.133.0/24
IPv6:
2a0c:b840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202602
Signature Algorithm: sha256WithRSAEncryption
8d:9c:79:a2:37:bc:e9:d4:d8:f7:88:ee:dc:78:d9:0a:ff:50:
07:95:cd:a7:14:5e:e8:81:4b:f4:2c:2e:04:45:f2:da:c6:2b:
44:b3:09:e4:ea:89:2b:00:0b:8f:1c:ef:ab:a0:e2:22:07:65:
2a:f5:8f:b8:84:68:41:b4:e9:8a:98:d0:1a:29:0a:72:60:bd:
a7:0b:d1:61:bc:0b:b5:98:a7:32:58:bc:4a:fc:92:e8:47:c0:
93:1d:5d:7e:a9:b0:b6:6d:4d:86:e7:41:48:40:aa:2d:51:87:
a3:bb:9b:1a:0b:06:71:f0:48:21:35:69:95:28:49:f1:8a:3c:
22:98:4a:7d:3a:69:e4:02:34:d6:f4:8c:d5:40:35:95:53:53:
16:8c:5f:ba:c4:5e:0a:0e:e9:cb:2e:8a:ff:b3:42:0b:ea:5a:
ac:12:29:3b:c4:e7:0d:08:cc:cb:6b:0e:8f:d0:bd:e5:ed:55:
55:a1:33:48:3d:a9:5d:83:77:94:26:5e:fc:09:4b:6c:c2:27:
a1:fd:7e:1e:18:fa:07:d6:80:cc:2c:b2:02:11:71:ef:c0:70:
a6:1f:bd:9d:c4:6b:aa:98:b7:a4:7d:10:0d:16:71:d8:d6:a8:
45:31:80:dc:b2:df:8f:03:55:37:04:21:9a:ed:bc:13:21:e3:
39:1d:46:9a
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZQhQ/RmwGvK+wgnJC901sEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjAyMjZhNzA0Y2Y2MjBlYjIwMDBmMjdlN2E5MTljZTczMDk5MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jbtgKkMaE+ubDTmRHtnIa1nbWAb
TL9+Z/o0YfgrrA0eEUv2zdHaoBEN1tnA2n8jRAWwFYJvkn2Gz19n38rAXvPUUok3
MzB5ZTFJgS9n5x73HAluDzlUNipPDDYhNcwSqgeE0rR8G4bQwBdVx6mK4SzJEnxK
flVoCSmXzt8RF6Bfn5yItbQZvmHj5eUlaZBPdKxmXBczrPDCtfx0W877daol62hQ
4h6wac4tMLiRXMnTk0SNdw4SwhPqkZcgyIQusxGL6BAwHqyGOnRPecuGPRPNWdar
Vr+MY1tDbYYERbdJkM1cU05g0zKml3qfUhj889oJfKZh74bhavafk3lwbQIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFF8CJqcEz2IOsgAPJ+epGc5zCZG+MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q0LzYzZWZi
OC1iZjI0LTQ4YzItOGM1MC03NWQ5Y2U1YjhkOWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNjNlZmI4
LWJmMjQtNDhjMi04YzUwLTc1ZDljZTViOGQ5Yy8xL1h3SW1wd1RQWWc2eUFBOG41
Nmtaem5NSmtiNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQAHxkKAwQAbUbsAwQBwn/AAwQAw1UTAwQA1aqF
MA0EAgACMAcDBQMqDLhAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMXajANBgkq
hkiG9w0BAQsFAAOCAQEAjZx5oje86dTY94ju3HjZCv9QB5XNpxRe6IFL9CwuBEXy
2sYrRLMJ5OqJKwALjxzvq6DiIgdlKvWPuIRoQbTpipjQGikKcmC9pwvRYbwLtZin
Mli8SvyS6EfAkx1dfqmwtm1NhudBSECqLVGHo7ubGgsGcfBIITVplShJ8Yo8IphK
fTpp5AI01vSM1UA1lVNTFoxfusReCg7pyy6K/7NCC+parBIpO8TnDQjMy2sOj9C9
5e1VVaEzSD2pXYN3lCZe/AlLbMInof1+Hhj6B9aAzCyyAhFx78Bwph+9ncRrqpi3
pH0QDRZx2NaoRTGA3LLfjwNVNwQhmu28EyHjOR1Gmg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:35:48 2025 by rpki-client