Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.cer (raw, json)
Hash identifier: HRIPtcn8d3AR0OKCfkJzoXw5Gw/GldI7xmxy3dQKvkM=
Subject key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C66D4A3CF53B335D949777B10290B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:02 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 49639
IP: 91.213.61.0/24
IP: 2001:67c:52c::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:66:d4:a3:cf:53:b3:35:d9:49:77:7b:10:29:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c3:aa:4f:b1:25:c0:ed:52:ef:3a:8e:f4:65:
8c:b5:21:2b:2f:cb:41:d4:7b:f3:34:7f:cd:2e:f1:
f8:56:2d:84:68:7b:a8:e8:71:f1:50:31:1a:72:c8:
0b:76:91:9f:1d:0f:51:ea:44:0b:1b:6b:6a:31:1a:
85:0b:f3:0d:b5:2f:72:9b:8b:0b:3e:02:64:79:b7:
99:fa:85:a8:d5:23:43:4a:1b:e3:1c:d2:4c:d1:3d:
fb:b4:48:3f:58:a8:92:e0:98:b9:fd:57:27:88:f3:
96:95:8f:19:bd:fb:37:8f:cb:ec:d5:1b:15:09:b6:
91:55:05:10:ae:ee:f3:89:f4:af:f2:44:5e:be:74:
aa:74:19:e7:b5:2b:b0:d2:33:9f:4c:13:c6:0d:12:
2e:56:c0:34:0c:0b:33:24:21:e9:18:43:f5:02:99:
09:f2:15:5d:71:ae:a6:d6:15:ac:57:78:cf:33:00:
5a:21:25:0d:67:da:f9:12:2d:82:76:87:ff:54:77:
65:ef:44:28:88:5f:cf:61:f0:59:9b:4c:c9:05:f3:
70:9b:0c:a3:6c:cd:6b:74:80:c9:cd:31:87:6a:f0:
39:6d:a4:8c:f4:59:1c:2c:c4:2b:b6:7a:b0:31:47:
e4:24:f4:f0:85:a8:8c:f7:c2:5a:be:e2:dd:af:d6:
49:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.61.0/24
IPv6:
2001:67c:52c::/48
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
49639
Signature Algorithm: sha256WithRSAEncryption
0c:38:50:25:e5:77:27:d7:d7:5e:77:3e:26:10:cc:d8:6c:33:
c2:d7:11:f0:40:07:b3:64:9b:0e:48:22:13:a2:64:f0:37:8d:
29:7e:70:b5:4e:b6:52:8b:2c:46:53:ae:1d:cf:8c:6d:55:3b:
94:49:d7:ae:45:66:3f:d4:ce:32:26:45:ec:63:d6:d2:f6:17:
47:a4:07:6e:39:ed:50:d6:ad:f0:db:b8:3e:11:66:ae:0f:dd:
42:0f:35:26:6e:24:42:09:97:f1:73:0b:6f:44:da:c0:dc:98:
97:59:b0:cb:cc:9b:01:11:ff:f3:eb:2e:3c:d9:8b:9d:42:9d:
b8:9f:bd:fd:01:b5:a6:96:eb:2d:2f:66:21:3e:2f:93:36:ad:
6e:2d:05:19:fa:4b:e6:0f:1d:72:2d:37:3a:2b:8c:44:6a:33:
88:d4:01:5c:af:47:f6:d5:47:cc:e0:70:63:93:2b:c1:d1:a7:
9a:60:d9:9a:f6:e5:fb:37:96:44:20:d5:09:3d:ca:9d:30:d0:
f9:8f:f1:fb:6f:82:34:3f:97:71:3c:0c:0f:4a:c6:60:54:ae:
10:65:f4:23:f3:c6:26:1e:4e:04:b1:d6:a2:7c:ee:7d:4b:38:
13:00:77:ef:a7:1d:64:a8:a8:f9:02:35:80:af:8e:13:b6:9c:
9d:d3:47:65
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZQfjGbUo89TszXZSXd7ECkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODcxOTk4YWExNDBhYjdjMWZmMjQwZWFiMGM5MjM1OTEzYzk2ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsOqT7ElwO1S7zqO9GWMtSErL8tB
1HvzNH/NLvH4Vi2EaHuo6HHxUDEacsgLdpGfHQ9R6kQLG2tqMRqFC/MNtS9ym4sL
PgJkebeZ+oWo1SNDShvjHNJM0T37tEg/WKiS4Ji5/VcniPOWlY8Zvfs3j8vs1RsV
CbaRVQUQru7zifSv8kRevnSqdBnntSuw0jOfTBPGDRIuVsA0DAszJCHpGEP1ApkJ
8hVdca6m1hWsV3jPMwBaISUNZ9r5Ei2Cdof/VHdl70QoiF/PYfBZm0zJBfNwmwyj
bM1rdIDJzTGHavA5baSM9FkcLMQrtnqwMUfkJPTwhaiM98JavuLdr9ZJJQIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFNhxmYqhQKt8H/JA6rDJI1kTyW6KMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzMzYWEy
NC0zNWVhLTRhZGMtOGMwNS01YTM0ZTUyYjBiMTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMzNhYTI0
LTM1ZWEtNGFkYy04YzA1LTVhMzRlNTJiMGIxMC8xLzJIR1ppcUZBcTN3ZjhrRHFz
TWtqV1JQSmJvby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUF
BwEHAQH/BCEwHzAMBAIAATAGAwQAW9U9MA8EAgACMAkDBwAgAQZ8BSwwGgYIKwYB
BQUHAQgBAf8ECzAJoAcwBQIDAMHnMA0GCSqGSIb3DQEBCwUAA4IBAQAMOFAl5Xcn
19dedz4mEMzYbDPC1xHwQAezZJsOSCITomTwN40pfnC1TrZSiyxGU64dz4xtVTuU
SdeuRWY/1M4yJkXsY9bS9hdHpAduOe1Q1q3w27g+EWauD91CDzUmbiRCCZfxcwtv
RNrA3JiXWbDLzJsBEf/z6y482YudQp24n739AbWmlustL2YhPi+TNq1uLQUZ+kvm
Dx1yLTc6K4xEajOI1AFcr0f21UfM4HBjkyvB0aeaYNma9uX7N5ZEINUJPcqdMND5
j/H7b4I0P5dxPAwPSsZgVK4QZfQj88YmHk4EsdaifO59SzgTAHfvpx1kqKj5AjWA
r44Ttpyd00dl
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:11 2025 by rpki-client