Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
File: 3g2da2l8ochlcMJWhi5oWLR5nIU.cer (raw, json)
Hash identifier: fwvBD8DpJea+gdrA3pH0JSl6ulIm0IyQT1ll+x++l/o=
Subject key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9C6BD19272AA561A49148E2A58DA5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:53 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 5.34.168.0/21
IP: 95.142.112.0/20
IP: 159.242.224.0/20
IP: 185.28.24.0/22
IP: 185.54.140.0/22
IP: 185.54.228.0/22
IP: 194.99.28.0/22
IP: 2a0d:8ec0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c6:bd:19:27:2a:a5:61:a4:91:48:e2:a5:8d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:98:20:82:a7:b6:ae:6a:53:f7:7a:bd:92:25:
9a:3d:03:37:10:36:27:a7:0e:a0:32:3b:b0:d6:5a:
ac:10:3f:40:ff:a0:67:ac:6b:e1:03:ea:bd:4d:a0:
40:9b:7e:a1:90:a6:43:94:eb:00:3c:5b:14:0b:c5:
26:01:4a:31:05:cc:d2:56:30:3c:47:64:0d:19:66:
89:d4:17:80:4a:28:8f:2b:e9:ab:b6:85:f1:e9:11:
c4:0c:6e:4f:a1:a1:8e:a9:54:79:f3:9a:8f:58:68:
f3:bf:03:bc:c2:cd:22:b1:aa:2b:49:67:e0:4a:c3:
26:4a:5b:eb:3d:91:8b:35:ff:76:48:72:f5:f1:1c:
1c:c6:63:9f:bd:22:ff:f8:fa:05:94:69:b7:76:e9:
e9:31:0e:a1:aa:73:1f:14:b7:45:a6:4b:12:87:4c:
61:22:bb:0f:09:41:a9:34:3f:1f:9e:56:45:48:a3:
22:1d:17:dc:90:34:59:6c:0e:24:c2:7f:ad:47:18:
95:65:dc:5e:d9:06:a2:6b:c7:15:6b:0c:52:27:cb:
f6:af:a0:93:09:84:b8:5b:fc:ce:49:e2:c0:0b:c4:
4a:2b:99:27:b2:6b:84:57:09:b0:c1:c2:4f:11:4c:
64:6f:a5:f4:f9:ff:50:f4:d5:cc:ee:88:49:d8:7f:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.168.0/21
95.142.112.0/20
159.242.224.0/20
185.28.24.0/22
185.54.140.0/22
185.54.228.0/22
194.99.28.0/22
IPv6:
2a0d:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:3b:58:cf:72:78:d6:ad:5a:ef:c9:25:41:03:43:45:81:ba:
5a:8c:21:06:37:28:25:f3:ce:01:5c:4d:ee:f7:86:a3:ed:9a:
93:d0:ac:9e:c1:e9:2e:2b:f7:27:1b:66:68:88:11:05:4e:e0:
6f:47:85:94:60:2c:b7:b9:cb:6a:81:9c:b4:67:e9:4c:f6:24:
f2:b1:78:81:fc:7c:09:b3:23:b8:9e:fc:9c:9d:17:c9:46:8a:
a7:ba:66:57:16:9e:e4:29:9b:e1:fb:72:7b:11:18:b8:5a:57:
29:40:a2:01:1a:73:3f:dd:ce:98:a9:7b:b0:53:39:c4:0a:84:
b9:b7:8d:ca:8e:57:68:d7:97:cb:72:06:7b:04:c8:09:da:d3:
01:4f:92:49:e3:df:7f:5a:13:89:d6:c8:06:f4:dc:c9:0f:4c:
29:16:56:44:e5:95:4b:90:d4:6c:8a:8f:6e:89:00:2e:1e:83:
b3:95:64:3d:a7:67:03:b8:1a:df:b6:fa:a4:74:0a:83:41:25:
14:a3:79:b4:ea:96:eb:9c:73:83:61:6f:44:67:3a:f4:18:87:
c0:67:51:88:5a:e3:19:4a:21:0e:20:2d:e4:3d:b8:5a:93:c8:
95:a4:05:21:60:26:72:26:e0:71:f4:ea:70:cd:78:e0:06:7a:
6c:97:3e:ef
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQm2ca9GScqpWGkkUjipY2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBkOWQ2YjY5N2NhMWM4NjU3MGMyNTY4NjJlNjg1OGI0Nzk5Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJgggqe2rmpT93q9kiWaPQM3EDYn
pw6gMjuw1lqsED9A/6BnrGvhA+q9TaBAm36hkKZDlOsAPFsUC8UmAUoxBczSVjA8
R2QNGWaJ1BeASiiPK+mrtoXx6RHEDG5PoaGOqVR585qPWGjzvwO8ws0isaorSWfg
SsMmSlvrPZGLNf92SHL18RwcxmOfvSL/+PoFlGm3dunpMQ6hqnMfFLdFpksSh0xh
IrsPCUGpND8fnlZFSKMiHRfckDRZbA4kwn+tRxiVZdxe2Qaia8cVawxSJ8v2r6CT
CYS4W/zOSeLAC8RKK5knsmuEVwmwwcJPEUxkb6X0+f9Q9NXM7ohJ2H/V4wIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFN4NnWtpfKHIZXDCVoYuaFi0eZyFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzLzY4ZGMz
Yy1kZjJlLTQ0NjEtYjdhNi0wMWNiZmMwZTk0ZTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMvNjhkYzNj
LWRmMmUtNDQ2MS1iN2E2LTAxY2JmYzBlOTRlNy8xLzNnMmRhMmw4b2NobGNNSldo
aTVvV0xSNW5JVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUF
BwEHAQH/BEMwQTAwBAIAATAqAwQDBSKoAwQEX45wAwQEn/LgAwQCuRwYAwQCuTaM
AwQCuTbkAwQCwmMcMA0EAgACMAcDBQMqDY7AMA0GCSqGSIb3DQEBCwUAA4IBAQA7
O1jPcnjWrVrvySVBA0NFgbpajCEGNygl884BXE3u94aj7ZqT0KyewekuK/cnG2Zo
iBEFTuBvR4WUYCy3uctqgZy0Z+lM9iTysXiB/HwJsyO4nvycnRfJRoqnumZXFp7k
KZvh+3J7ERi4WlcpQKIBGnM/3c6YqXuwUznECoS5t43Kjldo15fLcgZ7BMgJ2tMB
T5JJ499/WhOJ1sgG9NzJD0wpFlZE5ZVLkNRsio9uiQAuHoOzlWQ9p2cDuBrftvqk
dAqDQSUUo3m06pbrnHODYW9EZzr0GIfAZ1GIWuMZSiEOIC3kPbhak8iVpAUhYCZy
JuBx9OpwzXjgBnpslz7v
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:23:43 2025 by rpki-client