Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
File: 1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer (raw, json)
Hash identifier: 3H9j+iC7aZEnZR0LoylJqyuC+z5HLIyGGa9b4O0l7CI=
Subject key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FDBB0E8BA37E9294147F59053B1041
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 91.208.0.0/24
IP: 91.208.16.0/24
IP: 91.208.19.0/24
IP: 91.208.21.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bb:0e:8b:a3:7e:92:94:14:7f:59:05:3b:10:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:b1:b3:bd:89:64:66:1f:6b:4f:21:b9:63:
6c:94:d7:b3:d2:4e:2d:e3:25:0d:88:32:24:28:17:
64:d8:05:f1:4a:e2:d9:56:d3:f5:5f:d9:86:af:7a:
d2:d5:6f:85:f7:b3:46:12:33:2b:88:59:a0:59:95:
60:9a:a4:8b:09:86:15:50:4b:5c:74:c4:03:af:61:
ab:27:83:17:dc:56:a1:44:2d:c1:da:7d:8a:26:5e:
43:ff:7c:8b:e8:f6:e1:d9:41:95:fa:87:b4:7c:d2:
09:f8:f0:9a:48:1c:74:87:b6:65:e8:62:3a:f6:ae:
31:2f:f9:60:98:b4:f8:cb:71:bd:b2:fe:10:ce:bb:
f4:b6:df:4c:07:b8:2d:c1:f7:1c:f9:57:df:48:23:
de:1c:ef:3e:a3:4c:7d:9f:1c:64:a6:22:f7:92:10:
61:7e:0b:fb:5f:b9:bc:af:88:9b:c5:44:2c:6b:09:
b1:d7:02:01:3b:83:9d:75:44:8b:f0:5c:13:2e:70:
45:d7:5f:7b:da:17:eb:6e:c1:47:dc:dc:c5:e8:9c:
04:81:34:c8:bc:c2:be:ad:68:01:b8:9b:ad:aa:da:
d5:d7:65:eb:90:7b:54:6e:77:ba:77:af:ad:4f:a1:
49:03:ec:28:6c:51:d7:7d:12:7b:94:46:7a:88:c1:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.0.0/24
91.208.16.0/24
91.208.19.0/24
91.208.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:38:b9:9e:47:90:ae:3d:b3:df:86:96:e1:3a:b9:6e:22:a5:
d4:6f:bf:db:26:58:c0:44:e0:5c:0c:11:46:54:bd:f6:a2:37:
f9:93:bd:67:d8:92:27:e1:b2:5a:49:c1:18:1c:9c:f0:b7:19:
7a:e6:38:8d:38:47:7b:08:e4:97:c9:97:cd:aa:f5:41:ea:98:
9c:e5:5b:c7:6b:2d:25:95:79:ba:0f:75:b2:c9:e3:ee:fc:81:
54:2c:34:86:99:f4:04:71:fd:88:a5:10:56:63:a5:68:a8:48:
85:71:09:55:d1:60:ef:83:af:dc:0f:9e:66:0e:4c:e2:6d:3b:
c7:0e:86:61:f9:09:78:8c:31:fd:ac:e2:9b:cd:64:86:30:5c:
46:2c:97:f6:1b:33:2b:cd:ce:96:90:fe:e2:65:40:fd:3e:71:
c0:05:c6:99:2f:9b:a2:d7:b6:0a:bb:86:ca:11:21:67:ae:98:
a4:7b:ff:1f:24:2b:c2:52:18:8c:4f:04:66:94:cd:c2:56:d7:
42:00:18:bb:8f:39:6e:78:ee:dc:9a:a0:ff:3e:09:4a:fc:aa:
6b:52:b2:56:9d:bb:89:8e:8e:5d:23:fb:67:63:22:fb:8a:6a:
2d:56:40:c8:cd:b7:75:ec:bb:64:ab:d3:67:98:ee:30:a8:c2:
84:f5:a7:96
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZQl/bsOi6N+kpQUf1kFOxBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmRiYWExYjUyZjNhNzMyODlmZjc2OGFjYjdiYWE3ZjM4N2Y5NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvOxs72JZGYfa08huWNslNez0k4t
4yUNiDIkKBdk2AXxSuLZVtP1X9mGr3rS1W+F97NGEjMriFmgWZVgmqSLCYYVUEtc
dMQDr2GrJ4MX3FahRC3B2n2KJl5D/3yL6Pbh2UGV+oe0fNIJ+PCaSBx0h7Zl6GI6
9q4xL/lgmLT4y3G9sv4Qzrv0tt9MB7gtwfcc+VffSCPeHO8+o0x9nxxkpiL3khBh
fgv7X7m8r4ibxUQsawmx1wIBO4OddUSL8FwTLnBF11972hfrbsFH3NzF6JwEgTTI
vMK+rWgBuJutqtrV12XrkHtUbne6d6+tT6FJA+wobFHXfRJ7lEZ6iMHHBQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFNbbqhtS86cyif92ist7qn84f5VfMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YwL2IwYjZl
Ny0zZTIzLTQ0MjYtOGM4NC1mYWI4M2Q0MDM1NTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAvYjBiNmU3
LTNlMjMtNDQyNi04Yzg0LWZhYjgzZDQwMzU1OC8xLzF0dXFHMUx6cHpLSl8zYUt5
M3VxZnpoX2xWOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUF
BwEHAQH/BCIwIDAeBAIAATAYAwQAW9AAAwQAW9AQAwQAW9ATAwQAW9AVMA0GCSqG
SIb3DQEBCwUAA4IBAQCxOLmeR5CuPbPfhpbhOrluIqXUb7/bJljAROBcDBFGVL32
ojf5k71n2JIn4bJaScEYHJzwtxl65jiNOEd7COSXyZfNqvVB6pic5VvHay0llXm6
D3WyyePu/IFULDSGmfQEcf2IpRBWY6VoqEiFcQlV0WDvg6/cD55mDkzibTvHDoZh
+Ql4jDH9rOKbzWSGMFxGLJf2GzMrzc6WkP7iZUD9PnHABcaZL5ui17YKu4bKESFn
rpike/8fJCvCUhiMTwRmlM3CVtdCABi7jzlueO7cmqD/PglK/KprUrJWnbuJjo5d
I/tnYyL7imotVkDIzbd17Ltkq9NnmO4wqMKE9aeW
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:36:18 2025 by rpki-client