Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1mc4qNrawtDTrt25NPggBmufX-s.cer
File: 1mc4qNrawtDTrt25NPggBmufX-s.cer (raw, json)
Hash identifier: V1ErkE4XeaGzurelYcAFsKmn7n2H2cpDgt6IA4wyq0M=
Subject key identifier: D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FC4E91F547C7A412C883C7095771C3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:47:59 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 20771
AS: 28751
IP: 37.233.128.0/17
IP: 78.139.128.0/18
IP: 80.241.176.0/20
IP: 80.241.244.0/22
IP: 80.241.252.0/24
IP: 85.117.32.0/19
IP: 88.210.192.0/18
IP: 89.232.0.0/19
IP: 134.90.0.0/17
IP: 176.73.0.0/16
IP: 185.19.96.0/22
IP: 212.72.130.0/24
IP: 212.72.155.0/24
IP: 2a02:23f0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4e:91:f5:47:c7:a4:12:c8:83:c7:09:57:71:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d66738a8dadac2d0d3aeddb934f820066b9f5feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:6a:67:f7:8d:5d:78:25:68:5a:70:a2:94:
96:0f:c2:85:f1:70:f9:4a:29:37:ce:d9:d9:67:2b:
1e:9e:35:53:9f:82:f7:21:cf:2e:e6:3d:c3:74:3b:
c9:ba:6f:37:0b:d3:a5:3b:50:dd:29:0d:40:e1:c4:
4e:07:51:24:6f:06:35:19:fa:26:e4:66:ed:c5:18:
a6:f0:73:ba:09:12:e7:fc:56:08:74:68:4d:51:a3:
e5:7d:36:bd:99:03:84:3d:9c:be:98:67:f1:8b:73:
7b:c0:8e:8b:63:7f:71:09:78:5d:d6:2f:37:a7:b5:
e7:1a:8b:eb:00:9e:00:58:de:dc:23:f9:2c:12:3a:
37:5c:c8:06:9e:3c:d8:ed:1d:06:90:6a:4d:af:9a:
36:6c:e9:06:80:4e:0d:5d:07:c2:57:74:aa:c0:b9:
bf:21:3e:14:40:25:29:c9:ba:30:92:22:cc:47:93:
d6:25:1c:43:43:c9:17:3b:be:dc:e2:e9:fa:86:c6:
2c:06:ce:ee:ad:7f:da:86:5c:37:b6:3e:d4:07:62:
47:37:84:4c:12:09:d4:0d:cd:18:a8:0d:10:60:8d:
9a:ea:43:59:fe:4b:c9:70:36:31:a4:ad:02:7e:a2:
f9:a2:31:e3:14:99:10:35:96:f2:20:be:9b:e4:97:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:67:38:A8:DA:DA:C2:D0:D3:AE:DD:B9:34:F8:20:06:6B:9F:5F:EB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c57727-9396-4bf8-b25d-6a1e0ec71da8/1/1mc4qNrawtDTrt25NPggBmufX-s.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.128.0/17
78.139.128.0/18
80.241.176.0/20
80.241.244.0/22
80.241.252.0/24
85.117.32.0/19
88.210.192.0/18
89.232.0.0/19
134.90.0.0/17
176.73.0.0/16
185.19.96.0/22
212.72.130.0/24
212.72.155.0/24
IPv6:
2a02:23f0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
20771
28751
Signature Algorithm: sha256WithRSAEncryption
39:ac:e1:53:be:2a:af:da:22:30:ea:e8:8d:7c:71:48:35:e1:
41:0a:61:33:e6:dc:07:8f:32:a2:b8:f1:e3:cd:d4:b0:60:d5:
6c:60:9f:af:f3:90:b6:9a:59:46:3b:ab:75:ff:14:5c:ff:1b:
8d:ba:60:5f:8b:c4:1a:aa:53:49:f0:94:b2:c4:20:3c:74:3e:
be:a5:7e:96:33:f1:e2:a4:85:85:25:dc:4f:4c:e1:36:41:7c:
47:c8:28:11:fc:9b:15:1e:2b:9e:a5:49:ed:88:7a:bb:ec:6c:
47:0c:45:c1:8c:03:99:64:19:20:2c:c3:b3:30:11:77:d3:2b:
a4:4a:e5:30:17:0a:e4:a6:b5:0b:4a:3d:f9:e5:84:76:4a:14:
ec:7c:ec:2f:b0:2a:6a:65:6b:82:02:6b:71:41:ec:d3:65:3e:
1c:d8:8c:7e:67:bd:d8:a7:87:8a:14:2b:e8:56:b6:90:dd:46:
59:50:92:5a:40:f8:d4:48:5b:6a:7d:21:6b:58:72:2d:99:2c:
60:d7:81:d3:34:fa:c6:b5:28:17:89:24:80:c9:a3:09:41:35:
90:23:33:55:ef:7f:04:e9:bc:09:de:83:9b:df:c0:a7:b4:62:
dc:6f:7e:0c:e5:d2:8f:fa:37:d4:fa:f3:ec:02:1a:a0:34:ee:
2a:36:57:54
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZQl/E6R9UfHpBLIg8cJV3HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY3MzhhOGRhZGFjMmQwZDNhZWRkYjkzNGY4MjAwNjZiOWY1ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWpqZ/eNXXglaFpwopSWD8KF8XD5
Sik3ztnZZysenjVTn4L3Ic8u5j3DdDvJum83C9OlO1DdKQ1A4cROB1EkbwY1Gfom
5GbtxRim8HO6CRLn/FYIdGhNUaPlfTa9mQOEPZy+mGfxi3N7wI6LY39xCXhd1i83
p7XnGovrAJ4AWN7cI/ksEjo3XMgGnjzY7R0GkGpNr5o2bOkGgE4NXQfCV3SqwLm/
IT4UQCUpybowkiLMR5PWJRxDQ8kXO77c4un6hsYsBs7urX/ahlw3tj7UB2JHN4RM
EgnUDc0YqA0QYI2a6kNZ/kvJcDYxpK0CfqL5ojHjFJkQNZbyIL6b5JdS9QIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFNZnOKja2sLQ067duTT4IAZrn1/rMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZiL2M1Nzcy
Ny05Mzk2LTRiZjgtYjI1ZC02YTFlMGVjNzFkYTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIvYzU3NzI3
LTkzOTYtNGJmOC1iMjVkLTZhMWUwZWM3MWRhOC8xLzFtYzRxTnJhd3REVHJ0MjVO
UGdnQm11Zlgtcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUF
BwEHAQH/BGYwZDBTBAIAATBNAwQHJemAAwQGTouAAwQEUPGwAwQCUPH0AwQAUPH8
AwQFVXUgAwQGWNLAAwQFWegAAwQHhloAAwMAsEkDBAK5E2ADBADUSIIDBADUSJsw
DQQCAAIwBwMFACoCI/AwHQYIKwYBBQUHAQgBAf8EDjAMoAowCAICUSMCAnBPMA0G
CSqGSIb3DQEBCwUAA4IBAQA5rOFTviqv2iIw6uiNfHFINeFBCmEz5twHjzKiuPHj
zdSwYNVsYJ+v85C2mllGO6t1/xRc/xuNumBfi8QaqlNJ8JSyxCA8dD6+pX6WM/Hi
pIWFJdxPTOE2QXxHyCgR/JsVHiuepUntiHq77GxHDEXBjAOZZBkgLMOzMBF30yuk
SuUwFwrkprULSj355YR2ShTsfOwvsCpqZWuCAmtxQezTZT4c2Ix+Z73Yp4eKFCvo
VraQ3UZZUJJaQPjUSFtqfSFrWHItmSxg14HTNPrGtSgXiSSAyaMJQTWQIzNV738E
6bwJ3oOb38CntGLcb34M5dKP+jfU+vPsAhqgNO4qNldU
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:10:18 2025 by rpki-client