Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
File: 1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer (raw, json)
Hash identifier: LF/mkOI/QWE1aigPZV+W+kykdnxQ6Wj2STMm+4jLsBY=
Subject key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D61D9E2F551ACBA9D3FE3BA2BBE459
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57621
AS: 60721
IP: 45.136.104.0/23
IP: 45.136.107.0/24
IP: 185.26.144.0/22
IP: 185.126.176.0/24
IP: 185.153.228.0/22
IP: 185.162.144.0/24
IP: 185.162.147.0/24
IP: 185.171.24.0/22
IP: 185.247.136.0/24
IP: 185.247.138.0/23
IP: 2a04:3880::/30
IP: 2a05:100::/29
IP: 2a06:c380::/29
IP: 2a0b:6000::/29
IP: 2a0d:a2c0::/29
IP: 2a0d:c480::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1d:9e:2f:55:1a:cb:a9:d3:fe:3b:a2:bb:e4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c3:e3:50:a2:1e:29:37:44:91:75:76:7a:da:
5f:77:05:a1:b0:f6:78:ad:c8:18:a4:b9:bc:09:a9:
69:17:b9:a9:e1:86:a2:85:00:a1:52:af:95:2e:cd:
93:8c:0d:11:27:21:19:76:0e:56:e3:7a:34:9f:2e:
6c:1f:67:17:94:a9:46:2d:45:43:27:cb:df:ad:8e:
fb:2a:ee:c0:e6:92:87:f4:53:47:0a:7d:b5:a8:a1:
49:94:2c:45:06:e5:ce:07:3c:b4:a6:6a:1e:ed:5a:
94:a1:43:bc:32:7e:e4:94:61:00:62:38:69:de:bc:
2f:5f:02:b4:3e:06:b9:0a:86:0f:b9:69:8b:aa:ad:
cc:05:a0:4c:d6:81:cd:5a:f7:77:83:14:ca:c9:09:
1b:fd:38:2c:bd:b7:f5:ba:0b:84:a4:7c:0d:3e:56:
fa:e0:18:ee:9c:3a:f8:ed:9b:92:42:ed:d8:a0:d5:
12:70:a3:4f:48:32:9e:3e:97:7f:c8:c6:54:ca:12:
b1:c0:dc:10:6b:16:b2:56:0a:dc:c8:81:57:73:7b:
4c:45:8a:2d:47:3a:d2:31:89:fa:23:99:29:4e:88:
4e:57:e3:76:50:b4:80:dc:ce:76:84:76:73:11:af:
c4:13:b1:a9:95:c3:4b:24:44:d7:c3:63:b3:ee:de:
65:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/23
45.136.107.0/24
185.26.144.0/22
185.126.176.0/24
185.153.228.0/22
185.162.144.0/24
185.162.147.0/24
185.171.24.0/22
185.247.136.0/24
185.247.138.0/23
IPv6:
2a04:3880::/30
2a05:100::/29
2a06:c380::/29
2a0b:6000::/29
2a0d:a2c0::/29
2a0d:c480::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57621
60721
Signature Algorithm: sha256WithRSAEncryption
5f:85:e9:57:d1:3f:45:fb:27:8e:ea:8e:9a:9e:d9:1d:0d:9c:
a0:79:8e:f1:2f:9f:dd:b8:b3:29:99:a0:dc:82:51:a1:bd:9d:
07:25:df:4a:78:25:03:10:5d:91:e1:40:99:42:9d:e2:28:fb:
d1:05:7c:2a:d7:d3:90:c4:9b:1d:a5:c2:62:3b:16:9d:d2:0a:
3e:b1:f7:0a:0e:3d:cb:e8:ba:77:1b:59:7c:0e:9b:fd:d6:86:
87:33:72:49:a9:e8:2f:1d:7a:1d:0f:60:26:fb:7f:0f:0b:d8:
3f:33:04:58:8e:68:d1:7d:6f:cb:80:a1:74:50:28:da:6b:8e:
d0:3a:45:6e:7d:2b:f6:79:4e:3d:2e:bf:fe:f9:3e:35:61:b7:
08:6f:fd:b4:7f:28:1f:03:ea:9d:33:38:96:09:c9:8a:31:63:
35:e8:fd:14:2f:b0:40:c6:de:0e:0f:ed:e8:6f:ae:a7:53:29:
e5:d0:45:d7:65:b5:95:46:d4:22:3e:72:34:e0:fa:8f:68:cd:
4a:62:f6:6a:43:ac:73:f7:15:82:bf:5a:8b:87:d6:d6:b1:44:
3e:c6:d2:b4:2e:ca:8e:f1:13:7a:ec:f1:1b:ed:ee:04:15:dc:
2b:a7:47:d9:df:75:26:e5:09:f0:89:4f:5f:67:70:f9:81:a3:
6c:5b:a2:75
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZQg1h2eL1Uay6nT/juiu+RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIwM2EwYzA0YjgxZmUxNzY2ZmE0MWJkMzFiNzNiNTg4MTg4YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cPjUKIeKTdEkXV2etpfdwWhsPZ4
rcgYpLm8CalpF7mp4YaihQChUq+VLs2TjA0RJyEZdg5W43o0ny5sH2cXlKlGLUVD
J8vfrY77Ku7A5pKH9FNHCn21qKFJlCxFBuXOBzy0pmoe7VqUoUO8Mn7klGEAYjhp
3rwvXwK0Pga5CoYPuWmLqq3MBaBM1oHNWvd3gxTKyQkb/Tgsvbf1uguEpHwNPlb6
4BjunDr47ZuSQu3YoNUScKNPSDKePpd/yMZUyhKxwNwQaxayVgrcyIFXc3tMRYot
RzrSMYn6I5kpTohOV+N2ULSA3M52hHZzEa/EE7GplcNLJETXw2Oz7t5lGwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFPggOgwEuB/hdm+kG9Mbc7WIGIrHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2UxNGNh
My1kYThlLTRiNTgtODYzYS0zMzg5NjIwYzFiZDcvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2Ez
LWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJkNy8xLzEtQ0E2REFTNEgtRjJiNlFi
MHh0enRZZ1lpc2MubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYB
BQUHAQcBAf8EeDB2MEIEAgABMDwDBAEtiGgDBAAtiGsDBAK5GpADBAC5frADBAK5
meQDBAC5opADBAC5opMDBAK5qxgDBAC594gDBAG594owMAQCAAIwKgMFAioEOIAD
BQMqBQEAAwUDKgbDgAMFAyoLYAADBQMqDaLAAwUDKg3EgDAfBggrBgEFBQcBCAEB
/wQQMA6gDDAKAgMA4RUCAwDtMTANBgkqhkiG9w0BAQsFAAOCAQEAX4XpV9E/Rfsn
juqOmp7ZHQ2coHmO8S+f3bizKZmg3IJRob2dByXfSnglAxBdkeFAmUKd4ij70QV8
KtfTkMSbHaXCYjsWndIKPrH3Cg49y+i6dxtZfA6b/daGhzNySanoLx16HQ9gJvt/
DwvYPzMEWI5o0X1vy4ChdFAo2muO0DpFbn0r9nlOPS6//vk+NWG3CG/9tH8oHwPq
nTM4lgnJijFjNej9FC+wQMbeDg/t6G+up1Mp5dBF12W1lUbUIj5yNOD6j2jNSmL2
akOsc/cVgr9ai4fW1rFEPsbStC7KjvETeuzxG+3uBBXcK6dH2d91JuUJ8IlPX2dw
+YGjbFuidQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:39 2025 by rpki-client