Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2YJ5FzbN3dEyjQ3Q3srpLAWNbyU.cer
File: 2YJ5FzbN3dEyjQ3Q3srpLAWNbyU.cer (raw, json)
Hash identifier: b9a52kHCMpVQAFyaLv0wprDNQ31FNrcSOdy3z1RUfr0=
Subject key identifier: D9:82:79:17:36:CD:DD:D1:32:8D:0D:D0:DE:CA:E9:2C:05:8D:6F:25
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01949F767B90AD242934FAA2139D9192F2C8
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d0/c213d4-3e4a-49e6-9b1f-ca6a1cc81a22/1/2YJ5FzbN3dEyjQ3Q3srpLAWNbyU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d0/c213d4-3e4a-49e6-9b1f-ca6a1cc81a22/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Sat 25 Jan 2025 21:55:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206389
IP: 185.173.216.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9f:76:7b:90:ad:24:29:34:fa:a2:13:9d:91:92:f2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 25 21:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d982791736cdddd1328d0dd0decae92c058d6f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ac:48:a7:da:64:c8:88:1b:91:4f:36:b7:44:
ab:1b:a5:23:25:d5:20:47:5f:6e:31:49:e9:7d:34:
46:30:6d:38:7f:81:da:93:e3:90:9a:45:cd:6a:c5:
10:5e:03:25:31:72:21:96:86:60:5e:01:dc:3b:3d:
97:43:d4:5a:a1:9f:d9:3f:eb:85:e3:1d:d6:88:c7:
b6:a8:a2:f0:06:93:0b:92:49:69:68:8b:79:55:2e:
00:9e:93:02:45:33:4f:07:48:e3:09:52:68:8f:37:
ad:18:cd:46:2a:80:ce:9e:98:58:56:bb:60:b9:78:
ef:41:01:c1:14:5b:38:50:53:ad:6e:6a:8b:14:02:
98:bb:6d:bd:8f:98:93:3b:8e:44:4d:2a:83:8b:41:
9f:fd:0d:80:10:17:8e:32:34:ac:e0:fd:bb:86:e7:
4d:3b:57:f8:ef:62:b4:c3:39:5c:f0:e9:42:ac:36:
96:7b:f6:ab:e8:78:48:f4:4f:b0:31:a7:f3:ff:41:
4c:4f:8f:bb:11:99:5d:96:81:80:d8:c6:df:24:4b:
bf:d1:cf:b4:a2:df:1a:88:4a:ce:90:b0:6f:eb:4c:
dd:84:07:6e:d7:45:b3:c3:4d:3d:4c:29:73:2e:7a:
e2:ec:10:ef:d2:5a:0c:9b:62:03:15:9a:05:d6:9c:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:82:79:17:36:CD:DD:D1:32:8D:0D:D0:DE:CA:E9:2C:05:8D:6F:25
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c213d4-3e4a-49e6-9b1f-ca6a1cc81a22/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c213d4-3e4a-49e6-9b1f-ca6a1cc81a22/1/2YJ5FzbN3dEyjQ3Q3srpLAWNbyU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.216.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206389
Signature Algorithm: sha256WithRSAEncryption
6b:18:d4:cd:f3:38:7a:fa:f0:06:02:ec:db:b4:e6:47:9a:1b:
71:67:a9:99:42:c6:46:d0:4b:1a:63:51:62:36:fe:19:39:8f:
1c:a1:6c:84:e6:f6:f1:56:00:e0:55:19:c3:7e:e8:6a:42:0b:
41:40:57:92:bc:20:e4:47:bb:0d:49:05:05:4c:38:df:06:c2:
80:71:75:77:77:0c:4e:ed:6f:d5:1d:eb:3e:d9:02:20:fc:b1:
9a:b1:30:78:30:76:d5:c3:91:23:2a:e8:56:41:e9:db:e5:90:
c9:85:a5:2f:15:4a:40:60:6c:69:b8:ae:7f:b6:c0:29:3b:81:
b7:c0:85:71:49:8c:53:0b:61:ec:5c:6b:35:75:1b:fa:26:40:
c4:49:17:69:15:33:8f:8f:bb:7e:11:61:1a:d6:07:59:ac:25:
f8:a7:23:d0:17:e3:b5:41:16:e0:a8:c9:1a:cd:01:91:83:5d:
55:94:33:5b:ef:8a:d7:59:22:6d:b1:d6:50:c5:c5:59:ca:50:
eb:14:4b:0a:73:7d:72:72:8f:f6:87:b1:73:d2:f1:d7:8f:0b:
b8:00:91:2b:55:d3:45:61:62:bb:5b:22:cf:18:e5:9d:74:97:
89:c1:97:0a:68:cc:78:14:08:f8:f1:61:1d:7f:07:39:73:45:
5c:81:8f:72
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZSfdnuQrSQpNPqiE52RkvLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTI1MjE1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTgyNzkxNzM2Y2RkZGQxMzI4ZDBkZDBkZWNhZTkyYzA1OGQ2ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1axIp9pkyIgbkU82t0SrG6UjJdUg
R19uMUnpfTRGMG04f4Hak+OQmkXNasUQXgMlMXIhloZgXgHcOz2XQ9RaoZ/ZP+uF
4x3WiMe2qKLwBpMLkklpaIt5VS4AnpMCRTNPB0jjCVJojzetGM1GKoDOnphYVrtg
uXjvQQHBFFs4UFOtbmqLFAKYu229j5iTO45ETSqDi0Gf/Q2AEBeOMjSs4P27hudN
O1f472K0wzlc8OlCrDaWe/ar6HhI9E+wMafz/0FMT4+7EZldloGA2MbfJEu/0c+0
ot8aiErOkLBv60zdhAdu10Wzw009TClzLnri7BDv0loMm2IDFZoF1pzO6QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNmCeRc2zd3RMo0N0N7K6SwFjW8lMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwL2MyMTNk
NC0zZTRhLTQ5ZTYtOWIxZi1jYTZhMWNjODFhMjIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAvYzIxM2Q0
LTNlNGEtNDllNi05YjFmLWNhNmExY2M4MWEyMi8xLzJZSjVGemJOM2RFeWpRM1Ez
c3JwTEFXTmJ5VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCua3YMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMmNTANBgkqhkiG9w0BAQsFAAOCAQEAaxjUzfM4evrwBgLs27TmR5obcWepmULG
RtBLGmNRYjb+GTmPHKFshOb28VYA4FUZw37oakILQUBXkrwg5Ee7DUkFBUw43wbC
gHF1d3cMTu1v1R3rPtkCIPyxmrEweDB21cORIyroVkHp2+WQyYWlLxVKQGBsabiu
f7bAKTuBt8CFcUmMUwth7FxrNXUb+iZAxEkXaRUzj4+7fhFhGtYHWawl+Kcj0Bfj
tUEW4KjJGs0BkYNdVZQzW++K11kibbHWUMXFWcpQ6xRLCnN9cnKP9oexc9Lx148L
uACRK1XTRWFiu1sizxjlnXSXicGXCmjMeBQI+PFhHX8HOXNFXIGPcg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:48:19 2025 by rpki-client