Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2hpSHsEwMVJ9Lyys_IXrmeSEElY.cer
File: 2hpSHsEwMVJ9Lyys_IXrmeSEElY.cer (raw, json)
Hash identifier: j1pU7akqGJLtkTUQ/zQwZUYJecNrxYzZEj2IpHdeedw=
Subject key identifier: DA:1A:52:1E:C1:30:31:52:7D:2F:2C:AC:FC:85:EB:99:E4:84:12:56
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942220188319E6CA70A4267F5391987A89
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/27/fead16-dd2f-4d66-8503-5d5aec20fc9a/1/2hpSHsEwMVJ9Lyys_IXrmeSEElY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/27/fead16-dd2f-4d66-8503-5d5aec20fc9a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:36 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 46.18.184.0/21
IP: 91.209.81.0/24
IP: 195.189.236.0/23
IP: 2a02:2840::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:83:19:e6:ca:70:a4:26:7f:53:91:98:7a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da1a521ec13031527d2f2cacfc85eb99e4841256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:62:5f:3f:21:d5:c7:b7:32:5a:df:4b:9d:
3b:ac:03:70:f4:49:b4:11:22:2f:64:c2:3c:73:3a:
bc:6e:78:27:1c:c7:2b:82:17:00:90:ce:89:52:0c:
44:fc:e0:85:90:d8:e1:82:9e:46:7c:24:34:e2:74:
fa:83:46:d6:8c:e2:92:46:18:7b:b6:82:12:03:01:
94:b7:a4:b3:d9:a1:27:91:2d:5a:a3:46:08:8c:73:
9f:e9:82:40:55:af:5c:84:98:74:ef:83:3c:0c:f9:
4c:b2:c1:f8:5b:b4:40:2a:07:d7:c4:cf:7b:1b:1b:
bb:d1:d2:68:ac:ff:23:36:05:13:fb:ba:36:0c:8c:
7e:dd:c2:8f:d0:9f:f4:2b:4b:99:2b:9a:47:3a:0b:
19:dc:46:3a:b8:ab:91:90:e6:20:4b:a4:42:7e:e6:
e3:64:fb:0b:c4:03:fb:94:1e:da:01:4f:9a:ec:ea:
17:20:5c:c2:f9:74:da:80:dc:98:8f:74:3e:90:73:
1b:b2:85:5f:23:1e:88:83:05:38:72:42:bb:f6:c1:
5a:39:d3:21:3d:a0:ff:a4:a4:d6:60:43:18:a9:2d:
33:b8:b6:6a:79:5f:d4:7c:12:1d:57:c0:e3:d5:43:
28:06:64:ef:20:28:55:c7:e1:94:66:4d:a9:ca:49:
96:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1A:52:1E:C1:30:31:52:7D:2F:2C:AC:FC:85:EB:99:E4:84:12:56
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fead16-dd2f-4d66-8503-5d5aec20fc9a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fead16-dd2f-4d66-8503-5d5aec20fc9a/1/2hpSHsEwMVJ9Lyys_IXrmeSEElY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.184.0/21
91.209.81.0/24
195.189.236.0/23
IPv6:
2a02:2840::/32
Signature Algorithm: sha256WithRSAEncryption
22:6d:2a:51:4d:3e:b2:11:04:0f:46:b1:44:ab:08:a9:cb:85:
1f:80:ab:fb:3a:ad:ea:c8:bc:df:fd:77:c3:ae:3e:f1:4c:4c:
d3:95:0f:be:84:08:37:d6:4c:ce:e3:b1:2e:9c:cd:ea:ba:f6:
44:c3:ed:82:ca:d2:0c:ea:9d:e4:76:c9:c3:0d:ef:ad:22:6b:
bf:fe:76:da:27:bf:cc:1a:ae:65:3f:75:f3:e1:7e:04:c9:66:
41:9e:d5:5b:65:ee:b2:4e:a2:e7:43:5b:42:af:57:6c:91:f1:
fa:9e:71:21:26:31:57:fb:af:e0:29:c1:09:95:3e:73:71:ad:
f3:0c:1e:23:73:38:94:d6:4d:aa:ac:5a:1b:93:62:0d:22:71:
de:e2:94:16:26:6e:a9:0a:42:54:8d:ef:83:d5:9f:2b:74:e5:
6d:f7:b8:fe:b6:35:e9:48:ab:b1:19:2e:96:3a:b2:8f:5b:26:
a4:26:55:56:d3:a4:df:72:ad:26:ed:41:e6:72:9e:78:9c:73:
65:c4:d7:fe:29:b4:61:23:c9:72:8c:36:8a:a8:b5:5e:d3:e4:
bd:74:6d:4d:90:19:d3:94:4e:64:c9:24:37:28:dc:f8:79:29:
d9:7b:18:7a:34:28:98:98:7f:39:59:2a:67:4e:19:fc:77:c1:
4a:4b:c9:ee
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQiIBiDGebKcKQmf1ORmHqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFhNTIxZWMxMzAzMTUyN2QyZjJjYWNmYzg1ZWI5OWU0ODQxMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZBiXz8h1ce3MlrfS507rANw9Em0
ESIvZMI8czq8bngnHMcrghcAkM6JUgxE/OCFkNjhgp5GfCQ04nT6g0bWjOKSRhh7
toISAwGUt6Sz2aEnkS1ao0YIjHOf6YJAVa9chJh074M8DPlMssH4W7RAKgfXxM97
Gxu70dJorP8jNgUT+7o2DIx+3cKP0J/0K0uZK5pHOgsZ3EY6uKuRkOYgS6RCfubj
ZPsLxAP7lB7aAU+a7OoXIFzC+XTagNyYj3Q+kHMbsoVfIx6IgwU4ckK79sFaOdMh
PaD/pKTWYEMYqS0zuLZqeV/UfBIdV8Dj1UMoBmTvIChVx+GUZk2pykmW8QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFNoaUh7BMDFSfS8srPyF65nkhBJWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzI3L2ZlYWQx
Ni1kZDJmLTRkNjYtODUwMy01ZDVhZWMyMGZjOWEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcvZmVhZDE2
LWRkMmYtNGQ2Ni04NTAzLTVkNWFlYzIwZmM5YS8xLzJocFNIc0V3TVZKOUx5eXNf
SVhybWVTRUVsWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDLhK4AwQAW9FRAwQBw73sMA0EAgACMAcDBQAq
AihAMA0GCSqGSIb3DQEBCwUAA4IBAQAibSpRTT6yEQQPRrFEqwipy4UfgKv7Oq3q
yLzf/XfDrj7xTEzTlQ++hAg31kzO47EunM3quvZEw+2CytIM6p3kdsnDDe+tImu/
/nbaJ7/MGq5lP3Xz4X4EyWZBntVbZe6yTqLnQ1tCr1dskfH6nnEhJjFX+6/gKcEJ
lT5zca3zDB4jcziU1k2qrFobk2INInHe4pQWJm6pCkJUje+D1Z8rdOVt97j+tjXp
SKuxGS6WOrKPWyakJlVW06Tfcq0m7UHmcp54nHNlxNf+KbRhI8lyjDaKqLVe0+S9
dG1NkBnTlE5kySQ3KNz4eSnZexh6NCiYmH85WSpnThn8d8FKS8nu
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:45 2025 by rpki-client