Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/lhebOdHB0o9QY8qSHWAH42Phxgs.cer
File: lhebOdHB0o9QY8qSHWAH42Phxgs.cer (raw, json)
Hash identifier: 6Jk3fRZVOF0wugk/GtQPz9ni4MbEm2lr3tHygQSST44=
Subject key identifier: 96:17:9B:39:D1:C1:D2:8F:50:63:CA:92:1D:60:07:E3:63:E1:C6:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942748434CB5EEA1869FCB515736A31383
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/0d/cddf94-8d51-41cd-8a5b-a0b4930cbd1e/1/lhebOdHB0o9QY8qSHWAH42Phxgs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/0d/cddf94-8d51-41cd-8a5b-a0b4930cbd1e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:34 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 209633
IP: 139.28.184.0/22
IP: 2a09:ac0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:43:4c:b5:ee:a1:86:9f:cb:51:57:36:a3:13:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96179b39d1c1d28f5063ca921d6007e363e1c60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3f:d6:9c:27:51:24:bc:4d:5f:18:44:63:95:
4e:bb:fc:56:f8:00:c6:6b:6d:71:a4:e5:51:03:5b:
50:c7:97:22:61:80:bc:07:db:99:dd:6b:77:a5:65:
cb:06:f6:88:eb:5b:7d:85:a6:2d:2c:97:dd:d8:4e:
07:00:a0:60:8f:56:44:bb:2f:a5:74:b6:36:92:ab:
27:5f:b8:13:ab:57:cf:b6:cb:3f:46:5d:80:4e:1d:
f4:1a:d7:df:a9:75:eb:f8:d9:dc:09:98:15:fe:77:
3c:26:83:ef:0b:42:7e:38:4c:99:17:3d:e5:fd:02:
e5:cf:a1:db:54:49:53:fd:84:df:75:b8:42:b3:7f:
3f:1a:91:16:41:16:1f:2c:ed:f7:5f:ca:de:fd:c1:
d2:9a:28:58:9d:9d:d0:b0:c9:87:37:9d:2b:1a:ee:
d5:29:88:1d:16:2e:08:41:45:16:96:a2:c5:4a:2c:
e3:d4:c9:80:91:74:7e:db:20:52:c9:e7:4a:f1:03:
4c:03:3e:06:f6:c3:39:62:aa:d6:ec:6a:28:41:b6:
f1:b5:25:15:93:b9:bc:fb:d9:e4:96:ab:04:47:af:
de:8a:1a:a5:d2:c0:11:a8:c8:44:ed:1d:ee:44:80:
48:c2:ee:a4:91:3b:60:7d:56:07:60:ac:10:52:80:
d6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:17:9B:39:D1:C1:D2:8F:50:63:CA:92:1D:60:07:E3:63:E1:C6:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/cddf94-8d51-41cd-8a5b-a0b4930cbd1e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/cddf94-8d51-41cd-8a5b-a0b4930cbd1e/1/lhebOdHB0o9QY8qSHWAH42Phxgs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.184.0/22
IPv6:
2a09:ac0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
209633
Signature Algorithm: sha256WithRSAEncryption
1c:dc:f4:61:f5:32:48:fe:a4:f8:0a:81:b0:18:c2:d3:4a:c1:
d6:a0:67:d1:3d:c2:da:cc:f9:e6:98:c7:f9:0c:b1:37:5e:bc:
31:8c:42:7c:1c:88:41:c9:e4:75:73:2d:95:c5:22:b6:c3:1f:
46:e0:a9:a8:59:b8:b1:26:e3:1a:5c:e8:5c:0a:35:b8:67:18:
27:c2:78:fb:e1:0d:d8:19:7d:c8:4d:cd:07:d9:c3:19:f6:5d:
72:50:19:05:59:d4:cb:ab:85:dc:39:7f:1f:2f:b8:8b:e1:8d:
db:14:0a:d9:38:db:4e:d1:c1:b1:9a:38:a3:23:89:ca:49:34:
75:d4:b1:63:ec:0b:6b:f2:98:78:e2:61:cc:e3:34:ec:c2:16:
a6:6d:0d:9f:28:18:0c:ca:7d:47:47:14:62:31:1a:2c:33:eb:
86:97:79:df:2f:6f:97:f5:e5:dc:21:b0:cd:15:86:5e:00:13:
cc:85:41:d9:f3:d6:43:99:9f:79:f4:ed:0c:be:16:05:a0:31:
f3:32:99:06:62:0b:a1:9a:aa:3c:7d:1a:53:28:de:57:9c:0e:
25:d6:d9:3f:8a:1a:87:b6:23:2d:53:63:81:ce:53:75:a4:99:
db:97:6c:11:e0:eb:71:a6:86:4e:1c:e6:fd:f6:f5:9a:42:5a:
d2:c4:cf:cc
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQnSENMte6hhp/LUVc2oxODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE3OWIzOWQxYzFkMjhmNTA2M2NhOTIxZDYwMDdlMzYzZTFjNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz/WnCdRJLxNXxhEY5VOu/xW+ADG
a21xpOVRA1tQx5ciYYC8B9uZ3Wt3pWXLBvaI61t9haYtLJfd2E4HAKBgj1ZEuy+l
dLY2kqsnX7gTq1fPtss/Rl2ATh30GtffqXXr+NncCZgV/nc8JoPvC0J+OEyZFz3l
/QLlz6HbVElT/YTfdbhCs38/GpEWQRYfLO33X8re/cHSmihYnZ3QsMmHN50rGu7V
KYgdFi4IQUUWlqLFSizj1MmAkXR+2yBSyedK8QNMAz4G9sM5YqrW7GooQbbxtSUV
k7m8+9nklqsER6/eihql0sARqMhE7R3uRIBIwu6kkTtgfVYHYKwQUoDWgQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFJYXmznRwdKPUGPKkh1gB+Nj4cYLMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBkL2NkZGY5
NC04ZDUxLTQxY2QtOGE1Yi1hMGI0OTMwY2JkMWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQvY2RkZjk0
LThkNTEtNDFjZC04YTViLWEwYjQ5MzBjYmQxZS8xL2xoZWJPZEhCMG85UVk4cVNI
V0FINDJQaHhncy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCixy4MA0EAgACMAcDBQMqCQrAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMy4TANBgkqhkiG9w0BAQsFAAOCAQEAHNz0YfUySP6k
+AqBsBjC00rB1qBn0T3C2sz55pjH+QyxN168MYxCfByIQcnkdXMtlcUitsMfRuCp
qFm4sSbjGlzoXAo1uGcYJ8J4++EN2Bl9yE3NB9nDGfZdclAZBVnUy6uF3Dl/Hy+4
i+GN2xQK2TjbTtHBsZo4oyOJykk0ddSxY+wLa/KYeOJhzOM07MIWpm0NnygYDMp9
R0cUYjEaLDPrhpd53y9vl/Xl3CGwzRWGXgATzIVB2fPWQ5mfefTtDL4WBaAx8zKZ
BmILoZqqPH0aUyjeV5wOJdbZP4oah7YjLVNjgc5TdaSZ25dsEeDrcaaGThzm/fb1
mkJa0sTPzA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:56:43 2025 by rpki-client