Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
File: zRCMIl8keM1CMBeYkNByhL4WNs0.cer (raw, json)
Hash identifier: FvcxVhY1bmgB3u0/4SYK2I3z1E6UgCONGxb6x8Wdw5Q=
Subject key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019428254E58CA3BBD52211D0936957DD050
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:52:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205960
AS: 212921
IP: 2.59.152.0/22
IP: 45.91.224.0/22
IP: 45.142.152.0/22
IP: 91.204.224.0/22
IP: 185.202.100.0/22
IP: 193.239.150.0/23
IP: 193.239.154.0/23
IP: 194.126.202.0/24
IP: 194.126.215.0/24
IP: 194.126.219.0/24
IP: 194.126.227.0/24
IP: 2a0e:1840::/29
IP: 2a0e:a0c0::/29
IP: 2a0f:aec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:4e:58:ca:3b:bd:52:21:1d:09:36:95:7d:d0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:52:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd108c225f2478cd4230179890d07284be1636cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:26:80:e2:ae:2b:30:fd:3a:10:ae:91:a8:f2:
e5:6d:e2:7a:c7:34:da:7c:3c:75:a3:7f:fa:1d:21:
3e:e1:cb:f6:9d:9d:cc:39:4d:ae:39:07:0d:a1:05:
5d:c3:ac:4c:f0:c3:b7:96:e9:56:3b:05:29:19:e6:
81:b2:87:da:3e:25:5a:33:16:86:bf:77:fa:5b:7e:
40:9c:62:04:9e:ca:75:b6:b9:a5:37:ac:04:98:dc:
34:60:41:fe:bd:31:f6:07:7b:bc:0e:28:cf:27:f4:
37:4b:80:df:67:46:8a:fc:c9:48:45:b6:55:35:f2:
55:df:7b:5f:ef:25:be:4d:99:f5:d0:95:6d:04:f1:
30:d9:e0:a0:33:25:7b:cd:b9:ac:d9:47:99:91:b8:
0c:d4:d0:98:fb:8e:f6:ec:26:e5:b7:1c:7e:a7:85:
9f:80:17:41:ee:83:ed:22:60:89:07:cf:2d:c2:e8:
30:2c:f0:5a:dc:c1:97:87:34:0e:01:be:de:94:cc:
bc:65:16:cd:8c:dc:35:f1:52:c7:49:c2:51:f2:54:
64:0b:51:94:6f:13:28:61:47:27:7f:e7:00:c2:98:
6f:09:66:d1:5e:d8:b0:07:cb:b4:9f:c0:81:c3:37:
5c:af:c9:6d:a5:d1:38:4a:15:f3:67:97:85:b8:56:
6f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.224.0/22
45.142.152.0/22
91.204.224.0/22
185.202.100.0/22
193.239.150.0/23
193.239.154.0/23
194.126.202.0/24
194.126.215.0/24
194.126.219.0/24
194.126.227.0/24
IPv6:
2a0e:1840::/29
2a0e:a0c0::/29
2a0f:aec0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205960
212921
Signature Algorithm: sha256WithRSAEncryption
6f:a5:61:c7:75:ff:b0:4d:02:c3:c0:ff:b5:87:62:d8:ba:23:
22:d4:77:2f:d1:d4:fa:15:d5:25:49:7a:0b:4d:9b:c1:a0:d0:
38:54:41:14:8b:af:31:18:a2:f4:5d:19:99:34:ed:c2:aa:1d:
c3:ec:82:0c:d7:0b:03:81:ed:63:ba:7f:2c:2c:c1:07:03:51:
64:07:f6:62:7a:fa:a1:c4:03:8d:aa:5a:ce:95:af:30:e2:f1:
41:d1:97:a6:0e:f5:e3:64:99:f2:14:07:f6:e9:20:03:65:54:
2e:d5:11:98:47:c7:58:22:5e:90:4e:3a:f4:b0:02:63:6f:2d:
0d:3f:3e:1a:e3:3c:27:11:b1:60:9c:a3:3b:51:c9:b0:59:6b:
7a:ea:bc:da:ce:49:3f:48:dd:6a:85:9c:42:d1:7b:44:58:02:
ec:e9:06:78:f8:37:b3:db:d0:2a:77:d5:c0:ed:60:95:91:db:
82:84:4a:d1:c1:35:3b:49:46:0f:30:a3:2e:f8:91:53:03:99:
df:09:d8:9a:00:59:86:4d:4a:dd:07:46:a2:88:aa:e6:ff:2d:
a1:ae:22:1e:69:1a:39:7c:ef:bb:d5:8c:e1:57:e3:9f:03:58:
00:3c:48:de:76:c9:e9:0a:8b:f0:8c:a3:73:5f:7c:6d:64:3f:
2d:55:94:24
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZQoJU5Yyju9UiEdCTaVfdBQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1MjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEwOGMyMjVmMjQ3OGNkNDIzMDE3OTg5MGQwNzI4NGJlMTYzNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiaA4q4rMP06EK6RqPLlbeJ6xzTa
fDx1o3/6HSE+4cv2nZ3MOU2uOQcNoQVdw6xM8MO3lulWOwUpGeaBsofaPiVaMxaG
v3f6W35AnGIEnsp1trmlN6wEmNw0YEH+vTH2B3u8DijPJ/Q3S4DfZ0aK/MlIRbZV
NfJV33tf7yW+TZn10JVtBPEw2eCgMyV7zbms2UeZkbgM1NCY+4727Cbltxx+p4Wf
gBdB7oPtImCJB88twugwLPBa3MGXhzQOAb7elMy8ZRbNjNw18VLHScJR8lRkC1GU
bxMoYUcnf+cAwphvCWbRXtiwB8u0n8CBwzdcr8ltpdE4ShXzZ5eFuFZv5wIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFM0QjCJfJHjNQjAXmJDQcoS+FjbNMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3LzM0OGNl
NS1jYTIwLTQ4NDgtODg0NC1hZTUwMjczNjgxYTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvMzQ4Y2U1
LWNhMjAtNDg0OC04ODQ0LWFlNTAyNzM2ODFhNy8xL3pSQ01JbDhrZU0xQ01CZVlr
TkJ5aEw0V05zMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHgGCCsGAQUF
BwEHAQH/BGkwZzBIBAIAATBCAwQCAjuYAwQCLVvgAwQCLY6YAwQCW8zgAwQCucpk
AwQBwe+WAwQBwe+aAwQAwn7KAwQAwn7XAwQAwn7bAwQAwn7jMBsEAgACMBUDBQMq
DhhAAwUDKg6gwAMFAyoPrsAwHwYIKwYBBQUHAQgBAf8EEDAOoAwwCgIDAySIAgMD
P7kwDQYJKoZIhvcNAQELBQADggEBAG+lYcd1/7BNAsPA/7WHYti6IyLUdy/R1PoV
1SVJegtNm8Gg0DhUQRSLrzEYovRdGZk07cKqHcPsggzXCwOB7WO6fywswQcDUWQH
9mJ6+qHEA42qWs6VrzDi8UHRl6YO9eNkmfIUB/bpIANlVC7VEZhHx1giXpBOOvSw
AmNvLQ0/PhrjPCcRsWCcoztRybBZa3rqvNrOST9I3WqFnELRe0RYAuzpBnj4N7Pb
0Cp31cDtYJWR24KEStHBNTtJRg8woy74kVMDmd8J2JoAWYZNSt0HRqKIqub/LaGu
Ih5pGjl877vVjOFX458DWAA8SN52yekKi/CMo3NffG1kPy1VlCQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:06 2025 by rpki-client