Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3XGhKciwiZWUIZnqbRsigmU1DQs.cer
File: 3XGhKciwiZWUIZnqbRsigmU1DQs.cer (raw, json)
Hash identifier: Oam6DALCrS3FVwpCmPiLQHewPO1Pssbk+nopMXwqtgs=
Subject key identifier: DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FC1825C9AF6DE6484839C5983E28E1
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:47:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200127
IP: 185.36.236.0/22
IP: 185.76.244.0/22
IP: 2a04:6700::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:18:25:c9:af:6d:e6:48:48:39:c5:98:3e:28:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd71a129c8b08995942199ea6d1b228265350d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:3a:ba:be:57:88:02:e2:0a:54:61:d5:24:
03:be:e3:80:c3:30:e4:f3:40:9e:42:4e:d3:64:dd:
4d:98:6c:78:fd:b1:20:ce:fc:20:b1:c1:77:cb:0b:
21:2b:59:dd:c8:12:18:1b:98:e5:57:1c:74:2a:99:
3d:fa:44:80:9b:b2:03:fc:4b:78:34:e3:e0:29:9a:
d9:56:6e:ac:59:a2:01:5e:60:ed:56:d0:85:ea:6a:
c2:83:87:a8:33:d1:f8:d8:da:3d:a7:2c:e6:5e:26:
b1:38:4f:0a:db:ca:6b:a9:fb:f1:49:6d:89:93:ba:
4c:a1:92:20:67:29:a6:5a:58:fc:c7:c5:9f:c4:90:
d3:96:9e:e8:99:21:62:4e:1c:4b:b9:f5:f9:e8:39:
bd:d5:9e:b2:9b:a4:d3:75:a3:ca:00:43:2f:35:d4:
93:b5:93:a3:11:39:8e:bc:e9:37:78:d4:54:ee:86:
ff:fa:55:4a:87:08:8c:05:7e:a7:5f:4b:e0:dc:e4:
f0:db:a4:8e:63:df:ba:3b:fc:97:f8:2b:b9:06:e8:
4e:c6:ed:38:ec:22:16:18:f4:f8:95:29:43:3b:bf:
4e:ef:1a:e4:2a:dd:d9:54:ba:db:49:e5:a6:e3:e0:
31:17:e5:f2:5e:fa:ee:84:ab:bf:67:7a:45:27:ad:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:A1:29:C8:B0:89:95:94:21:99:EA:6D:1B:22:82:65:35:0D:0B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b499b6-01f4-442c-be76-c0d8c866893f/1/3XGhKciwiZWUIZnqbRsigmU1DQs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.236.0/22
185.76.244.0/22
IPv6:
2a04:6700::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200127
Signature Algorithm: sha256WithRSAEncryption
88:fd:5c:52:6a:1a:15:c7:b8:26:a5:55:69:12:77:ff:e6:7c:
f5:f3:c8:f3:d9:13:b6:b4:c7:7d:be:f0:03:95:5c:3c:c0:85:
4a:23:26:d8:66:88:70:9d:d9:cd:db:7d:2b:4e:d7:f1:1b:fe:
fd:a6:14:d3:c1:c6:8f:a5:07:a9:78:69:5a:23:11:23:7c:5a:
9b:d7:fa:8c:26:57:7e:87:e0:33:72:a8:cc:ba:8a:58:a5:24:
5a:09:e7:c8:23:fc:95:e9:cc:b0:be:e1:f2:0c:bb:48:fc:94:
b0:90:03:12:54:bf:c1:04:e9:a8:d3:f0:97:21:0e:8c:11:f3:
eb:4b:fa:a0:7d:2e:e2:4b:29:a1:2e:a7:57:06:5b:4b:bb:40:
4c:a1:e9:d2:94:92:6d:a4:4d:4f:d4:9d:7e:4d:fa:54:a2:be:
c5:4e:62:9d:36:30:0d:43:51:b8:dd:b1:d5:82:63:44:75:19:
ad:f1:bd:45:08:ee:b6:23:e1:7a:ae:0b:f3:63:8c:f9:5a:ff:
9f:76:45:91:8d:1c:b4:5e:9f:2b:74:d7:9f:90:65:a3:e3:31:
f8:9b:46:3b:7c:2b:db:0b:2f:4d:1f:a1:58:64:3c:51:6a:07:
49:5f:d1:9a:86:63:94:71:71:f0:fe:eb:66:6b:f0:5d:f9:2e:
77:fc:64:a1
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQl/Bglya9t5khIOcWYPijhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcxYTEyOWM4YjA4OTk1OTQyMTk5ZWE2ZDFiMjI4MjY1MzUwZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwc6ur5XiALiClRh1SQDvuOAwzDk
80CeQk7TZN1NmGx4/bEgzvwgscF3ywshK1ndyBIYG5jlVxx0Kpk9+kSAm7ID/Et4
NOPgKZrZVm6sWaIBXmDtVtCF6mrCg4eoM9H42No9pyzmXiaxOE8K28prqfvxSW2J
k7pMoZIgZymmWlj8x8WfxJDTlp7omSFiThxLufX56Dm91Z6ym6TTdaPKAEMvNdST
tZOjETmOvOk3eNRU7ob/+lVKhwiMBX6nX0vg3OTw26SOY9+6O/yX+Cu5BuhOxu04
7CIWGPT4lSlDO79O7xrkKt3ZVLrbSeWm4+AxF+XyXvruhKu/Z3pFJ63rjwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFN1xoSnIsImVlCGZ6m0bIoJlNQ0LMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2I0OTli
Ni0wMWY0LTQ0MmMtYmU3Ni1jMGQ4Yzg2Njg5M2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvYjQ5OWI2
LTAxZjQtNDQyYy1iZTc2LWMwZDhjODY2ODkzZi8xLzNYR2hLY2l3aVpXVUlabnFi
UnNpZ21VMURRcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuSTsAwQCuUz0MA0EAgACMAcDBQMqBGcAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMNvzANBgkqhkiG9w0BAQsFAAOCAQEAiP1c
UmoaFce4JqVVaRJ3/+Z89fPI89kTtrTHfb7wA5VcPMCFSiMm2GaIcJ3Zzdt9K07X
8Rv+/aYU08HGj6UHqXhpWiMRI3xam9f6jCZXfofgM3KozLqKWKUkWgnnyCP8lenM
sL7h8gy7SPyUsJADElS/wQTpqNPwlyEOjBHz60v6oH0u4kspoS6nVwZbS7tATKHp
0pSSbaRNT9Sdfk36VKK+xU5inTYwDUNRuN2x1YJjRHUZrfG9RQjutiPheq4L82OM
+Vr/n3ZFkY0ctF6fK3TXn5Blo+Mx+JtGO3wr2wsvTR+hWGQ8UWoHSV/RmoZjlHFx
8P7rZmvwXfkud/xkoQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:46 2025 by rpki-client