Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dI6Zox81gkAKtd-nd8YNFqyu3bM.cer
File: dI6Zox81gkAKtd-nd8YNFqyu3bM.cer (raw, json)
Hash identifier: P3deqlTWRierlQeBbUPg/xPuthVDapYDKRLV2QHnioQ=
Subject key identifier: 74:8E:99:A3:1F:35:82:40:0A:B5:DF:A7:77:C6:0D:16:AC:AE:DD:B3
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFA845D82914D4882E5551D972044B8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c4/437ae5-c2ab-4c71-9d06-fec6c2701eda/1/dI6Zox81gkAKtd-nd8YNFqyu3bM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c4/437ae5-c2ab-4c71-9d06-fec6c2701eda/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:19 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41174
IP: 185.84.52.0/22
IP: 2a05:a140::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:84:5d:82:91:4d:48:82:e5:55:1d:97:20:44:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=748e99a31f3582400ab5dfa777c60d16acaeddb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:99:12:18:fa:fb:24:b1:f3:2a:83:1b:3f:91:
a8:10:4a:f8:4d:f3:06:bb:a1:de:15:8e:d2:8d:f9:
e7:81:76:45:97:de:9c:8e:e5:fc:a0:2c:48:6a:f5:
d2:7f:ea:1b:ed:e2:f0:9d:01:aa:de:da:36:66:17:
12:bd:d1:76:5c:71:ea:bf:a6:22:55:58:e5:92:6d:
b9:73:56:84:7a:42:e6:b0:16:04:69:b2:2b:a1:75:
b1:94:a2:4a:89:1a:37:d0:83:bd:73:6b:9b:af:4e:
bb:01:10:78:07:7d:ae:85:34:c5:1d:2c:c6:8b:0e:
d5:29:c6:23:f8:d3:33:32:2c:b9:1c:46:19:21:c6:
32:e0:38:9b:c5:07:60:eb:18:b1:54:e9:5b:02:a0:
d7:67:37:79:42:10:1b:4b:cb:ea:fd:84:55:2a:ac:
1c:90:37:8a:aa:e9:c6:81:0d:ad:26:2f:77:eb:09:
3c:5b:69:a3:69:15:ae:54:a1:03:a4:13:26:3c:01:
6d:f2:a4:68:47:d6:f2:55:37:95:bb:7d:e9:8e:58:
f6:f4:93:23:ff:66:34:2d:47:26:f8:6d:3f:ee:8a:
a4:b5:4a:b4:42:2f:9f:5b:69:91:ba:32:d4:82:aa:
b0:2b:b1:df:42:98:94:b2:9f:b0:98:15:75:94:c6:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8E:99:A3:1F:35:82:40:0A:B5:DF:A7:77:C6:0D:16:AC:AE:DD:B3
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/437ae5-c2ab-4c71-9d06-fec6c2701eda/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/437ae5-c2ab-4c71-9d06-fec6c2701eda/1/dI6Zox81gkAKtd-nd8YNFqyu3bM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.52.0/22
IPv6:
2a05:a140::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41174
Signature Algorithm: sha256WithRSAEncryption
58:a3:c1:0e:bc:65:f7:f1:be:4b:7c:11:e5:75:c7:f4:72:6a:
c0:89:29:93:98:cf:60:8d:e1:92:4e:0b:9d:13:9b:61:c9:99:
17:d0:9e:0e:f2:04:71:d1:f4:1d:69:ec:aa:be:36:0a:24:50:
bf:a5:51:60:a8:3e:34:47:76:c3:01:2f:d8:9a:c5:62:32:99:
ac:29:ba:5a:34:6c:c8:ea:57:5f:af:d6:6f:34:82:3f:f3:12:
1b:f0:36:3a:1d:63:0b:71:e5:e0:66:05:1c:c8:38:be:5e:65:
3d:f4:bc:c0:b0:01:a5:1c:e4:99:4d:40:15:40:67:61:75:0a:
3d:00:b1:df:0a:7a:57:06:92:b2:13:50:30:67:16:bb:de:a0:
d3:92:a3:4b:f8:37:76:f5:14:4b:2c:9c:ad:26:57:47:78:4d:
60:bf:c9:aa:af:06:a7:b0:2d:5a:7e:34:77:d3:15:9a:21:e1:
6c:f7:25:6b:b9:49:86:90:de:3c:fc:f2:8a:82:93:fb:82:34:
4b:07:33:7f:ec:82:7e:a2:45:e3:78:e6:1c:74:da:71:b6:f8:
95:3b:01:35:94:b8:b6:c0:58:04:70:23:51:d9:8a:e3:59:90:
ec:a1:87:0a:38:ce:d9:de:b9:91:88:b2:e1:a0:76:01:d6:c2:
2f:25:1c:33
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQf+oRdgpFNSILlVR2XIES4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhlOTlhMzFmMzU4MjQwMGFiNWRmYTc3N2M2MGQxNmFjYWVkZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJkSGPr7JLHzKoMbP5GoEEr4TfMG
u6HeFY7SjfnngXZFl96cjuX8oCxIavXSf+ob7eLwnQGq3to2ZhcSvdF2XHHqv6Yi
VVjlkm25c1aEekLmsBYEabIroXWxlKJKiRo30IO9c2ubr067ARB4B32uhTTFHSzG
iw7VKcYj+NMzMiy5HEYZIcYy4DibxQdg6xixVOlbAqDXZzd5QhAbS8vq/YRVKqwc
kDeKqunGgQ2tJi936wk8W2mjaRWuVKEDpBMmPAFt8qRoR9byVTeVu33pjlj29JMj
/2Y0LUcm+G0/7oqktUq0Qi+fW2mRujLUgqqwK7HfQpiUsp+wmBV1lMa3RwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFHSOmaMfNYJACrXfp3fGDRasrt2zMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M0LzQzN2Fl
NS1jMmFiLTRjNzEtOWQwNi1mZWM2YzI3MDFlZGEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQvNDM3YWU1
LWMyYWItNGM3MS05ZDA2LWZlYzZjMjcwMWVkYS8xL2RJNlpveDgxZ2tBS3RkLW5k
OFlORnF5dTNiTS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuVQ0MA0EAgACMAcDBQMqBaFAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCg1jANBgkqhkiG9w0BAQsFAAOCAQEAWKPBDrxl9/G+
S3wR5XXH9HJqwIkpk5jPYI3hkk4LnRObYcmZF9CeDvIEcdH0HWnsqr42CiRQv6VR
YKg+NEd2wwEv2JrFYjKZrCm6WjRsyOpXX6/WbzSCP/MSG/A2Oh1jC3Hl4GYFHMg4
vl5lPfS8wLABpRzkmU1AFUBnYXUKPQCx3wp6VwaSshNQMGcWu96g05KjS/g3dvUU
SyycrSZXR3hNYL/Jqq8Gp7AtWn40d9MVmiHhbPcla7lJhpDePPzyioKT+4I0Swcz
f+yCfqJF43jmHHTacbb4lTsBNZS4tsBYBHAjUdmK41mQ7KGHCjjO2d65kYiy4aB2
AdbCLyUcMw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:46:55 2025 by rpki-client