Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer
File: 1-qbl6GAjybMU7mUSkfr-jG3WmoM.cer (raw, json)
Hash identifier: K83dzudBCsrSkMnl7Sk/fNDCZa5HiBYYmJjNUuUBSVE=
Subject key identifier: FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019489650F874A3C8E7AC21BFF7B99CC07BA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Tue 21 Jan 2025 15:04:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 212994
IP: 91.211.212.0/22
IP: 194.187.255.0/24
IP: 2a13:f9c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:65:0f:87:4a:3c:8e:7a:c2:1b:ff:7b:99:cc:07:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 21 15:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faa6e5e86023c9b314ee651291fafe8c6dd69a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6d:f5:6c:39:f1:e2:8f:ce:c4:e4:2a:a5:45:
a0:ba:e9:df:fb:5f:54:3f:13:5a:e5:03:e0:a3:0d:
e7:9b:73:59:83:cf:90:44:fe:f4:f6:51:83:76:ab:
40:6f:5d:7f:42:57:6e:2d:78:05:73:82:27:92:a5:
18:50:2e:ad:aa:d1:db:7b:48:2d:d1:e6:02:7a:10:
57:06:8d:4f:53:40:54:78:e0:30:cb:96:53:52:94:
79:88:d5:27:2e:03:4b:00:49:87:69:e7:85:4c:40:
37:75:19:ba:a2:93:07:66:ab:11:04:d2:be:4a:c1:
cc:ca:70:91:72:75:ae:72:d6:f1:0c:31:46:a6:97:
48:9d:60:ec:85:4c:ab:21:39:b2:6b:16:5f:f3:8e:
a9:09:f9:cf:3b:98:76:2c:70:c8:b7:b9:86:68:fb:
6a:e0:3e:6e:9f:d8:55:42:4c:d4:94:ee:52:b9:42:
5a:e7:e9:8b:89:d5:44:ee:56:01:dc:c4:c4:2e:69:
3b:c1:e7:08:ba:43:ac:8f:4c:97:e8:f5:60:d8:aa:
88:57:c7:96:63:5d:c1:6f:0a:80:6a:9d:03:fe:bb:
85:a7:5e:e6:67:16:af:e1:58:ee:de:2a:f3:58:2d:
82:e7:32:c0:4e:d4:27:44:25:6e:d1:b9:36:05:5f:
07:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A6:E5:E8:60:23:C9:B3:14:EE:65:12:91:FA:FE:8C:6D:D6:9A:83
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c04d99-de44-40ab-a2c0-08279455f941/1/1-qbl6GAjybMU7mUSkfr-jG3WmoM.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.212.0/22
194.187.255.0/24
IPv6:
2a13:f9c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
212994
Signature Algorithm: sha256WithRSAEncryption
5e:e5:7f:4d:f3:11:b4:89:26:43:01:a7:32:c3:59:bf:be:68:
ea:6c:28:fe:79:98:b9:b9:7a:69:92:72:38:5d:21:a6:d9:65:
2e:3e:f8:29:8b:8e:49:37:cc:01:cd:34:da:95:4e:d1:73:e7:
88:cd:1c:4b:f2:fe:ff:65:fb:44:9d:e1:4f:05:23:2f:fe:42:
91:50:0c:1f:cc:c4:be:7a:4f:b6:3d:f0:e0:d4:8f:85:84:78:
49:9a:38:8d:08:e8:ab:e2:f2:8b:55:2d:36:fd:52:dd:63:ad:
c7:bd:da:82:a0:cd:6d:41:ff:7e:1b:38:53:99:08:16:fa:23:
fa:4b:d7:61:b6:47:bd:23:f1:f0:8e:7a:3c:14:60:35:1d:86:
8e:ee:32:81:0d:97:04:73:d3:31:a3:e7:fa:37:d8:ab:4f:a6:
0b:19:c9:2d:9f:63:92:d1:88:4b:59:fe:92:49:3d:43:80:2a:
6b:f2:8b:a0:d9:4c:d0:f9:0c:c1:24:a8:b2:6c:b8:32:e1:2a:
a6:ac:0f:fa:cf:fe:14:2d:f7:1a:3c:1f:62:0f:9a:00:31:cc:
d0:53:c3:b6:7b:2b:30:c8:b5:a5:eb:6a:1f:f4:10:fd:a6:ad:
a9:1a:22:85:b3:4a:37:52:48:7c:95:a6:5c:be:d8:52:dc:d6:
27:dc:58:91
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZSJZQ+HSjyOesIb/3uZzAe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTIxMTUwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE2ZTVlODYwMjNjOWIzMTRlZTY1MTI5MWZhZmU4YzZkZDY5YTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G31bDnx4o/OxOQqpUWguunf+19U
PxNa5QPgow3nm3NZg8+QRP709lGDdqtAb11/QlduLXgFc4InkqUYUC6tqtHbe0gt
0eYCehBXBo1PU0BUeOAwy5ZTUpR5iNUnLgNLAEmHaeeFTEA3dRm6opMHZqsRBNK+
SsHMynCRcnWuctbxDDFGppdInWDshUyrITmyaxZf846pCfnPO5h2LHDIt7mGaPtq
4D5un9hVQkzUlO5SuUJa5+mLidVE7lYB3MTELmk7wecIukOsj0yX6PVg2KqIV8eW
Y13BbwqAap0D/ruFp17mZxav4Vju3irzWC2C5zLATtQnRCVu0bk2BV8HjQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFPqm5ehgI8mzFO5lEpH6/oxt1pqDMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEkBggrBgEFBQcBCwSCARYwggESMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzAwL2MwNGQ5
OS1kZTQ0LTQwYWItYTJjMC0wODI3OTQ1NWY5NDEvMS8wfQYIKwYBBQUHMAqGcXJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvYzA0ZDk5
LWRlNDQtNDBhYi1hMmMwLTA4Mjc5NDU1Zjk0MS8xLzEtcWJsNkdBanliTVU3bVVT
a2ZyLWpHM1dtb00ubWZ0MDIGCCsGAQUFBzANhiZodHRwczovL3JyZHAucmlwZS5u
ZXQvbm90aWZpY2F0aW9uLnhtbDBZBgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhD
MlFIVlYzZDVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEF
BQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvT1AMEAMK7/zANBAIAAjAHAwUDKhP5wDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDQAIwDQYJKoZIhvcNAQELBQADggEBAF7l
f03zEbSJJkMBpzLDWb++aOpsKP55mLm5emmScjhdIabZZS4++CmLjkk3zAHNNNqV
TtFz54jNHEvy/v9l+0Sd4U8FIy/+QpFQDB/MxL56T7Y98ODUj4WEeEmaOI0I6Kvi
8otVLTb9Ut1jrce92oKgzW1B/34bOFOZCBb6I/pL12G2R70j8fCOejwUYDUdho7u
MoENlwRz0zGj5/o32KtPpgsZyS2fY5LRiEtZ/pJJPUOAKmvyi6DZTND5DMEkqLJs
uDLhKqasD/rP/hQt9xo8H2IPmgAxzNBTw7Z7KzDItaXrah/0EP2mrakaIoWzSjdS
SHyVply+2FLc1ifcWJE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:19:43 2025 by rpki-client