Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer
File: 1PkhKd96qnFX4VlzwkdT4RjJBX0.cer (raw, json)
Hash identifier: QbNlfi8CTpjaXlV6eVh29QjU1jsXXiDJuFLi0AEN0mg=
Subject key identifier: D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFA82C41BBA95618E095F2206FB5212
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204631
IP: 185.136.120.0/22
IP: 193.27.218.0/23
IP: 2001:67c:2c08::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:82:c4:1b:ba:95:61:8e:09:5f:22:06:fb:52:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4f92129df7aaa7157e15973c24753e118c9057d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:be:b9:99:c9:b5:f1:29:88:38:e4:b2:98:
15:11:6d:79:8d:cb:91:ef:ac:8f:8e:1c:0f:e8:8c:
62:a6:87:ea:89:00:a7:c1:fa:14:bf:7f:5c:d8:3e:
5f:57:1a:2c:21:c1:a6:e0:4d:67:69:7a:1d:9e:ea:
c1:dd:18:dd:77:34:d6:89:02:b2:26:d8:fb:5a:a2:
8f:48:b8:e7:a6:ab:c3:fa:61:fe:ba:55:f7:f0:f4:
cd:00:4a:cf:71:46:06:5f:ce:6d:ba:26:3c:56:0f:
cd:8f:10:00:cc:15:b2:7f:e0:81:5f:88:d8:75:05:
06:fe:56:b8:bd:81:d2:98:1e:42:a5:ff:e8:a2:b0:
73:87:66:bd:7f:20:3c:04:35:92:a9:09:87:42:7a:
f7:1d:b0:66:5d:b5:34:be:cd:fb:83:cd:86:68:e2:
2e:07:d5:f8:21:3e:45:14:9a:7f:fb:10:b2:b9:8d:
e2:51:5d:3e:fe:3d:fb:b0:2c:98:e0:23:f3:4d:e7:
80:a2:42:f3:08:1e:70:18:df:48:9d:ad:94:4b:3c:
97:cf:4c:9d:60:98:75:56:9a:9d:ee:d6:50:62:ff:
87:66:85:74:5d:fc:15:91:8a:66:0c:55:1c:50:cb:
80:e6:7c:c5:2a:97:22:5d:3f:ae:bf:04:77:12:a6:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.120.0/22
193.27.218.0/23
IPv6:
2001:67c:2c08::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204631
Signature Algorithm: sha256WithRSAEncryption
79:b2:03:c8:30:00:53:93:74:43:5d:3d:e7:f5:68:43:26:86:
d3:8d:ad:96:12:f1:ce:76:8b:38:26:df:b3:68:a8:db:c1:65:
f6:39:73:f6:f8:0d:33:b5:db:73:8b:67:ed:9b:f0:1e:b1:0c:
9d:27:85:24:8d:89:dc:58:03:6e:56:b1:40:4b:fe:19:29:b0:
ad:19:44:97:e7:1c:12:40:87:91:f9:17:65:1e:7d:c9:9e:e2:
d3:cf:93:ef:2d:ed:46:39:27:10:d9:ff:e0:84:0d:01:8b:b4:
9a:9b:0b:67:62:d1:ee:dc:2a:4a:d3:1b:ea:1f:50:ff:54:4f:
05:ef:87:a1:22:f5:8c:ff:b0:62:54:6b:4e:b5:23:eb:29:ca:
19:86:d8:94:0a:80:7e:95:4a:6d:2a:7f:e0:2c:07:a6:d5:79:
0e:4a:6a:73:4d:31:28:dd:b7:fc:94:fe:25:e5:c6:bc:7c:ea:
29:2b:b7:1d:13:b2:bb:78:c9:1a:aa:1d:1e:af:2e:d5:60:0f:
bf:0b:13:f3:1a:62:fc:9a:74:c5:63:7a:2e:88:55:39:03:ec:
4e:d7:2f:df:52:2b:9c:de:da:c4:e0:ba:d5:4a:fa:78:5f:90:
4b:77:c3:6f:69:5a:73:58:fd:88:57:49:3f:bd:9b:36:f0:49:
22:4c:b2:05
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQf+oLEG7qVYY4JXyIG+1ISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY5MjEyOWRmN2FhYTcxNTdlMTU5NzNjMjQ3NTNlMTE4YzkwNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJi+uZnJtfEpiDjkspgVEW15jcuR
76yPjhwP6IxipofqiQCnwfoUv39c2D5fVxosIcGm4E1naXodnurB3RjddzTWiQKy
Jtj7WqKPSLjnpqvD+mH+ulX38PTNAErPcUYGX85tuiY8Vg/NjxAAzBWyf+CBX4jY
dQUG/la4vYHSmB5Cpf/oorBzh2a9fyA8BDWSqQmHQnr3HbBmXbU0vs37g82GaOIu
B9X4IT5FFJp/+xCyuY3iUV0+/j37sCyY4CPzTeeAokLzCB5wGN9Ina2USzyXz0yd
YJh1Vpqd7tZQYv+HZoV0XfwVkYpmDFUcUMuA5nzFKpciXT+uvwR3EqbYpQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFNT5ISnfeqpxV+FZc8JHU+EYyQV9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4LzljZmU1
ZC01NzcwLTRiNWQtODkzNS05ZjM4YzhiOGE5MjgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvOWNmZTVk
LTU3NzAtNGI1ZC04OTM1LTlmMzhjOGI4YTkyOC8xLzFQa2hLZDk2cW5GWDRWbHp3
a2RUNFJqSkJYMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQCuYh4AwQBwRvaMA8EAgACMAkDBwAgAQZ8LAgw
GgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAx9XMA0GCSqGSIb3DQEBCwUAA4IBAQB5
sgPIMABTk3RDXT3n9WhDJobTja2WEvHOdos4Jt+zaKjbwWX2OXP2+A0ztdtzi2ft
m/AesQydJ4UkjYncWANuVrFAS/4ZKbCtGUSX5xwSQIeR+RdlHn3JnuLTz5PvLe1G
OScQ2f/ghA0Bi7SamwtnYtHu3CpK0xvqH1D/VE8F74ehIvWM/7BiVGtOtSPrKcoZ
htiUCoB+lUptKn/gLAem1XkOSmpzTTEo3bf8lP4l5ca8fOopK7cdE7K7eMkaqh0e
ry7VYA+/CxPzGmL8mnTFY3ouiFU5A+xO1y/fUiuc3trE4LrVSvp4X5BLd8NvaVpz
WP2IV0k/vZs28EkiTLIF
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:40:32 2025 by rpki-client