Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4OkqeIpBBX0ndk8W87HSo-9jRdY.cer
File: 4OkqeIpBBX0ndk8W87HSo-9jRdY.cer (raw, json)
Hash identifier: qdDqEQXZZJ9ja+M/4PJrjzUry6DHxEdLcLgS/nl8TcE=
Subject key identifier: E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D7527AC78D285589D5525E8025C9FA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:48:21 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35157
IP: 85.119.136.0/21
IP: 185.59.236.0/22
IP: 2a01:8d80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:52:7a:c7:8d:28:55:89:d5:52:5e:80:25:c9:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0e92a788a41057d27764f16f3b1d2a3ef6345d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ff:d4:a6:08:ae:b5:de:09:9a:eb:de:c6:60:
87:27:b4:40:30:e6:f9:06:fa:68:ae:4b:a5:1c:e0:
ae:9a:50:a3:96:f3:cb:c1:c5:fc:5f:2f:1f:53:17:
7b:20:ee:c2:96:5d:01:b7:ab:cf:3a:b9:2c:da:21:
ad:94:b0:2b:7f:a4:1a:59:eb:ce:ce:7f:23:a0:bc:
89:4e:18:ca:a7:4e:64:37:d2:f3:28:17:c0:5b:5c:
5b:fa:fb:97:5e:10:35:22:22:c9:22:c3:c4:03:3c:
37:15:2b:e9:ac:77:2b:20:e0:4c:0b:87:37:6b:dc:
38:b5:34:ef:1b:71:ae:8d:ee:3b:d9:bc:92:22:cc:
2b:8d:0c:46:37:57:83:2a:b3:72:60:fb:43:08:6d:
8d:8d:48:63:7c:8d:9a:67:a9:c8:c4:b5:f0:7a:3b:
50:71:3d:06:de:a7:9d:b5:e7:2c:f6:57:52:0a:4d:
54:59:3c:b0:a2:90:ff:46:43:21:7d:19:41:ef:92:
bc:49:61:e6:00:f4:2d:98:57:67:b7:2d:37:b6:79:
83:5e:85:ae:21:26:fc:eb:a0:af:a4:d5:aa:d5:e1:
b6:1d:a6:02:4e:23:8f:e1:6e:a4:9b:1f:54:ce:dc:
32:a2:da:5b:7f:ad:21:08:b9:64:61:b5:54:54:f2:
27:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E9:2A:78:8A:41:05:7D:27:76:4F:16:F3:B1:D2:A3:EF:63:45:D6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d46487-43ff-45ee-8228-ba59fb2c4610/1/4OkqeIpBBX0ndk8W87HSo-9jRdY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.136.0/21
185.59.236.0/22
IPv6:
2a01:8d80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35157
Signature Algorithm: sha256WithRSAEncryption
15:48:17:66:b7:d1:e2:6d:83:94:61:b7:0d:e3:ba:5b:c6:0d:
66:6f:b9:73:34:f1:e4:67:a5:5e:91:80:da:8c:a0:c1:df:3f:
2b:c7:a2:b0:9b:fb:5f:af:8a:bc:18:54:78:49:a6:c8:0e:a1:
d9:98:4c:08:c3:da:e7:d5:74:63:17:04:dc:4c:da:21:2d:df:
41:7c:27:ce:6c:dd:5f:f8:9b:b3:e3:ea:81:4f:43:82:7e:b9:
9a:e0:63:76:d2:20:02:36:e0:03:eb:db:02:26:bd:67:51:11:
ea:e6:dd:2e:9e:f9:9b:7e:c5:bb:df:d1:05:76:7a:26:dc:4e:
ed:51:75:9f:77:80:37:3f:10:e8:cb:0c:97:6c:7c:9e:6f:60:
0a:01:77:d8:54:4e:5e:cb:39:a4:83:d6:87:f9:26:52:4a:d2:
97:2d:24:99:8f:20:a6:b3:03:c8:21:c0:1b:2f:d5:ff:d2:f1:
5e:13:dc:db:22:b8:c0:d5:cc:d2:54:a4:fd:9b:70:85:22:57:
bc:f9:ae:50:33:bc:f3:dc:91:b0:16:bb:2a:32:32:a2:0d:19:
2a:dc:2f:b8:49:2b:46:67:52:35:f6:3c:aa:75:30:e1:d1:bc:
4e:a3:be:13:8f:d0:1b:c2:88:7a:ec:fd:3e:df:16:78:cf:7c:
e3:c9:c7:d7
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQj11J6x40oVYnVUl6AJcn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU5MmE3ODhhNDEwNTdkMjc3NjRmMTZmM2IxZDJhM2VmNjM0NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf/Upgiutd4JmuvexmCHJ7RAMOb5
BvporkulHOCumlCjlvPLwcX8Xy8fUxd7IO7Cll0Bt6vPOrks2iGtlLArf6QaWevO
zn8joLyJThjKp05kN9LzKBfAW1xb+vuXXhA1IiLJIsPEAzw3FSvprHcrIOBMC4c3
a9w4tTTvG3Guje472bySIswrjQxGN1eDKrNyYPtDCG2NjUhjfI2aZ6nIxLXwejtQ
cT0G3qedtecs9ldSCk1UWTywopD/RkMhfRlB75K8SWHmAPQtmFdnty03tnmDXoWu
ISb866CvpNWq1eG2HaYCTiOP4W6kmx9Uztwyotpbf60hCLlkYbVUVPInHQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFODpKniKQQV9J3ZPFvOx0qPvY0XWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEwL2Q0NjQ4
Ny00M2ZmLTQ1ZWUtODIyOC1iYTU5ZmIyYzQ2MTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAvZDQ2NDg3
LTQzZmYtNDVlZS04MjI4LWJhNTlmYjJjNDYxMC8xLzRPa3FlSXBCQlgwbmRrOFc4
N0hTby05alJkWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDVXeIAwQCuTvsMA0EAgACMAcDBQAqAY2AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJVTANBgkqhkiG9w0BAQsFAAOCAQEAFUgX
ZrfR4m2DlGG3DeO6W8YNZm+5czTx5GelXpGA2oygwd8/K8eisJv7X6+KvBhUeEmm
yA6h2ZhMCMPa59V0YxcE3EzaIS3fQXwnzmzdX/ibs+PqgU9Dgn65muBjdtIgAjbg
A+vbAia9Z1ER6ubdLp75m37Fu9/RBXZ6JtxO7VF1n3eANz8Q6MsMl2x8nm9gCgF3
2FROXss5pIPWh/kmUkrSly0kmY8gprMDyCHAGy/V/9LxXhPc2yK4wNXM0lSk/Ztw
hSJXvPmuUDO889yRsBa7KjIyog0ZKtwvuEkrRmdSNfY8qnUw4dG8TqO+E4/QG8KI
euz9Pt8WeM9848nH1w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:37:49 2025 by rpki-client