Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.cer
File: ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.cer (raw, json)
Hash identifier: OW6ak6l/IFwPNOc5beLu3E0tYvTVC51YN5GPbDjmxJY=
Subject key identifier: 64:2C:7A:4E:9F:02:B2:F4:E6:64:D7:D0:D7:2A:52:E5:12:61:DE:54
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FB75633BB6F5D4A7F3197D92B45E17
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:12 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57473
IP: 185.115.136.0/22
IP: 194.60.250.0/24
IP: 2a06:76c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:75:63:3b:b6:f5:d4:a7:f3:19:7d:92:b4:5e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=642c7a4e9f02b2f4e664d7d0d72a52e51261de54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b1:78:70:f2:55:a0:3b:14:5e:46:b4:67:d2:
c0:23:b3:6d:7b:21:c4:be:e2:3f:d2:4f:7e:2d:27:
5f:02:f0:56:75:1b:d0:4a:f4:7c:ac:c3:e9:4b:c0:
56:88:4a:5e:b3:cd:c0:e6:fc:c8:22:72:e8:bc:d4:
0e:cc:40:63:34:da:2e:29:87:b4:5c:23:50:33:67:
f8:49:53:43:1a:be:57:42:f5:13:73:16:89:1b:fc:
99:f2:ae:39:1f:1e:df:ad:b4:58:e5:1c:8e:b2:b8:
e2:bb:eb:8a:87:fc:5b:28:f7:a3:ea:3f:1d:3d:6d:
62:01:aa:e6:31:42:51:7c:3f:2f:cd:c5:a4:3c:7b:
a0:7a:37:13:c1:b8:00:2a:10:58:4d:34:53:2c:19:
e0:c7:6d:c5:7a:67:ae:72:e2:b2:ec:6c:fc:36:fd:
0f:b2:e7:b9:eb:56:db:cd:81:ee:5c:35:4b:b2:09:
02:9a:76:93:0b:92:a7:8e:60:a8:3f:21:ed:4f:f4:
4a:42:7e:08:5e:6e:9a:9e:44:97:df:64:41:df:d5:
79:a6:b9:82:f4:56:d1:31:f9:95:a7:e0:f5:94:23:
4e:fc:bc:4b:9f:2f:06:59:a4:32:6f:ed:6c:f1:de:
58:16:8e:35:5a:db:ec:7c:a9:08:cf:6b:14:27:6e:
20:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2C:7A:4E:9F:02:B2:F4:E6:64:D7:D0:D7:2A:52:E5:12:61:DE:54
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.136.0/22
194.60.250.0/24
IPv6:
2a06:76c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57473
Signature Algorithm: sha256WithRSAEncryption
40:9f:11:af:78:4d:d5:11:cd:40:59:96:62:1d:33:da:a6:0a:
cf:63:50:81:56:00:cf:9f:71:53:f2:2a:4c:05:38:ff:28:60:
b6:98:c7:7a:cd:a5:47:42:5b:a4:9f:43:72:85:cc:61:f4:c3:
36:23:bb:d9:be:dc:0a:75:d3:ec:97:22:65:b2:42:23:e0:1a:
c8:8d:6b:be:6b:91:87:44:58:e8:d0:a8:50:26:2d:1f:c2:0b:
61:7f:b8:1d:29:e6:7a:e2:06:86:61:d7:30:6b:c3:54:7b:02:
59:44:3c:a7:4f:ee:03:96:b2:63:c7:35:47:34:78:f6:c3:d9:
9d:f4:0c:7c:6c:c3:68:2d:fe:d4:80:fd:bc:f3:e7:b8:6e:0d:
72:b3:be:7d:05:fb:47:9c:e3:df:be:25:78:e7:c4:4c:17:f0:
2a:fa:27:ce:37:ff:d3:21:02:53:3c:8f:36:cd:e5:a5:90:4f:
31:1c:17:93:06:4d:76:7b:05:8b:28:5f:12:15:11:f8:6e:c5:
92:77:8e:1c:31:dd:32:01:9f:da:85:11:03:9e:22:28:ff:81:
e8:cf:13:a5:59:01:46:f1:9d:22:ed:a0:17:50:c0:17:ec:58:
0a:02:ef:1b:f4:47:35:a5:c8:65:7e:d9:3a:75:fd:bf:27:06:
af:88:98:b6
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQi+3VjO7b11KfzGX2StF4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJjN2E0ZTlmMDJiMmY0ZTY2NGQ3ZDBkNzJhNTJlNTEyNjFkZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bF4cPJVoDsUXka0Z9LAI7NteyHE
vuI/0k9+LSdfAvBWdRvQSvR8rMPpS8BWiEpes83A5vzIInLovNQOzEBjNNouKYe0
XCNQM2f4SVNDGr5XQvUTcxaJG/yZ8q45Hx7frbRY5RyOsrjiu+uKh/xbKPej6j8d
PW1iAarmMUJRfD8vzcWkPHugejcTwbgAKhBYTTRTLBngx23FemeucuKy7Gz8Nv0P
sue561bbzYHuXDVLsgkCmnaTC5KnjmCoPyHtT/RKQn4IXm6ankSX32RB39V5prmC
9FbRMfmVp+D1lCNO/LxLny8GWaQyb+1s8d5YFo41WtvsfKkIz2sUJ24g/wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGQsek6fArL05mTX0NcqUuUSYd5UMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3Lzk5MWZk
OC0yZDg1LTRjZjktOTAzNi01ZTAyYzQ2NTNlNTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcvOTkxZmQ4
LTJkODUtNGNmOS05MDM2LTVlMDJjNDY1M2U1MC8xL1pDeDZUcDhDc3ZUbVpOZlEx
eXBTNVJKaDNsUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuXOIAwQAwjz6MA0EAgACMAcDBQMqBnbAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwDggTANBgkqhkiG9w0BAQsFAAOCAQEAQJ8R
r3hN1RHNQFmWYh0z2qYKz2NQgVYAz59xU/IqTAU4/yhgtpjHes2lR0JbpJ9DcoXM
YfTDNiO72b7cCnXT7JciZbJCI+AayI1rvmuRh0RY6NCoUCYtH8ILYX+4HSnmeuIG
hmHXMGvDVHsCWUQ8p0/uA5ayY8c1RzR49sPZnfQMfGzDaC3+1ID9vPPnuG4NcrO+
fQX7R5zj374leOfETBfwKvonzjf/0yECUzyPNs3lpZBPMRwXkwZNdnsFiyhfEhUR
+G7FkneOHDHdMgGf2oURA54iKP+B6M8TpVkBRvGdIu2gF1DAF+xYCgLvG/RHNaXI
ZX7ZOnX9vycGr4iYtg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:34:41 2025 by rpki-client