Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
File: 3QtmPEXXvCck0WhIUIdYHhREj7Y.cer (raw, json)
Hash identifier: myG9VZOW8Tfw7rJMQtOdyMPxLhShPaOZPhrNo2oAVLc=
Subject key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424459CF948CE72FC4278DDCB92A6B195
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 23:48:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 37.209.248.0/21
IP: 82.112.160.0/21
IP: 185.124.212.0/22
IP: 193.227.160.0/19
IP: 213.175.160.0/19
IP: 2a06:b540::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9c:f9:48:ce:72:fc:42:78:dd:cb:92:a6:b1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 23:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:11:7e:3a:4c:91:86:0d:c1:ba:d1:ce:0f:8f:
57:ab:df:ea:ba:37:63:4b:ba:81:b4:21:97:19:c9:
31:fd:17:2e:c1:94:36:86:c0:b3:7a:87:d8:53:95:
22:23:db:85:9a:06:c3:1d:d3:de:f4:62:c9:8b:f6:
79:91:99:be:a8:a5:10:8d:d8:97:f6:f9:fd:79:d7:
66:35:d6:eb:be:4d:44:db:6e:99:5b:a6:44:12:1d:
0e:56:ac:40:1f:fe:79:43:77:8c:87:0e:e9:15:35:
e9:8d:db:c0:a6:db:4f:19:dd:ee:19:0c:a0:7c:c9:
9d:42:e2:76:28:58:54:61:6e:96:e7:68:00:cb:37:
d9:30:31:a1:d0:fa:15:7d:7b:fd:81:20:cb:08:55:
6b:90:30:2d:61:ba:f9:ab:94:6d:82:d7:6c:cb:fb:
e9:ba:a0:35:1e:dc:2e:95:7d:0d:e5:aa:1f:18:1f:
12:12:aa:e1:8a:51:30:34:6a:c7:47:6a:91:7c:0f:
c0:9e:bb:04:6f:03:81:e0:6a:18:30:20:a2:dd:40:
3f:d3:e2:41:83:4b:aa:9c:96:ad:d2:2e:77:17:44:
c4:3e:b6:cf:f6:f4:7a:4b:79:34:31:67:01:b7:5b:
5d:11:74:76:79:78:aa:af:5d:6f:12:f8:f0:01:5d:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
57:7d:40:ad:b6:bb:08:41:42:c3:87:1e:d7:49:81:63:a9:05:
4d:c6:55:cc:e5:31:6d:08:d0:3f:92:7c:fb:e7:42:1f:03:80:
be:0e:0c:5d:82:8d:29:89:d0:79:2f:79:41:bc:9a:76:39:57:
32:ed:9f:f9:0c:85:56:68:2d:22:17:7c:a4:d4:b3:b0:52:19:
42:cd:17:c8:b8:70:51:6d:a6:21:36:df:54:b0:b6:a3:2e:9b:
4f:2a:5e:73:6a:8e:90:85:81:51:f3:d3:94:e9:8c:8d:84:d6:
5d:45:65:c4:56:ef:56:26:c8:cf:9c:e7:4a:90:d6:91:f8:2f:
fb:57:95:77:83:f7:1f:31:8f:a1:4e:53:f0:a9:71:35:ab:0e:
51:87:17:78:33:14:1b:6f:8a:dd:19:65:f4:80:dd:26:1a:93:
3d:0a:8e:84:ed:79:d6:1d:66:04:4d:63:d2:22:5d:be:d1:a5:
ee:c1:05:2b:3c:63:aa:74:92:23:92:4b:85:5b:da:bc:15:2e:
84:e5:70:e7:ec:1c:bc:ff:bf:bb:a0:54:44:9f:5a:14:48:07:
7d:7c:ce:88:df:cb:87:ef:62:65:dc:95:37:7c:80:43:f9:80:
fe:83:c2:ed:a0:ea:6d:78:ed:a2:e7:c5:52:e2:ee:0f:24:12:
c4:c8:91:e9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZQkRZz5SM5y/EJ43cuSprGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBiNjYzYzQ1ZDdiYzI3MjRkMTY4NDg1MDg3NTgxZTE0NDQ4ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhF+OkyRhg3ButHOD49Xq9/qujdj
S7qBtCGXGckx/RcuwZQ2hsCzeofYU5UiI9uFmgbDHdPe9GLJi/Z5kZm+qKUQjdiX
9vn9eddmNdbrvk1E226ZW6ZEEh0OVqxAH/55Q3eMhw7pFTXpjdvApttPGd3uGQyg
fMmdQuJ2KFhUYW6W52gAyzfZMDGh0PoVfXv9gSDLCFVrkDAtYbr5q5Rtgtdsy/vp
uqA1HtwulX0N5aofGB8SEqrhilEwNGrHR2qRfA/AnrsEbwOB4GoYMCCi3UA/0+JB
g0uqnJat0i53F0TEPrbP9vR6S3k0MWcBt1tdEXR2eXiqr11vEvjwAV1YXQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFN0LZjxF17wnJNFoSFCHWB4URI+2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4L2VkYzIz
OC00YzBhLTQ2ZWQtYmMyNC0zYjllM2M4YTJmY2EvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvZWRjMjM4
LTRjMGEtNDZlZC1iYzI0LTNiOWUzYzhhMmZjYS8xLzNRdG1QRVhYdkNjazBXaElV
SWRZSGhSRWo3WS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQDUnCgAwQCuXzUAwQFweOgAwQF1a+g
MA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEBCwUAA4IBAQBXfUCttrsIQULDhx7X
SYFjqQVNxlXM5TFtCNA/knz750IfA4C+Dgxdgo0pidB5L3lBvJp2OVcy7Z/5DIVW
aC0iF3yk1LOwUhlCzRfIuHBRbaYhNt9UsLajLptPKl5zao6QhYFR89OU6YyNhNZd
RWXEVu9WJsjPnOdKkNaR+C/7V5V3g/cfMY+hTlPwqXE1qw5Rhxd4MxQbb4rdGWX0
gN0mGpM9Co6E7XnWHWYETWPSIl2+0aXuwQUrPGOqdJIjkkuFW9q8FS6E5XDn7By8
/7+7oFREn1oUSAd9fM6I38uH72Jl3JU3fIBD+YD+g8LtoOpteO2i58VS4u4PJBLE
yJHp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:51 2025 by rpki-client