Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4pDpzDt-Nj1ya9cCdQtT8psFCn0.cer
File: 4pDpzDt-Nj1ya9cCdQtT8psFCn0.cer (raw, json)
Hash identifier: Kq4FpizopBAYiImfmzaocpH+Q9ywghy/jiQ9+hqJPAY=
Subject key identifier: E2:90:E9:CC:3B:7E:36:3D:72:6B:D7:02:75:0B:53:F2:9B:05:0A:7D
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFA0DEA1539E0316565FEA33C93EF95
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fd/55354e-bce7-4a5d-b561-9113fd7afd6c/1/4pDpzDt-Nj1ya9cCdQtT8psFCn0.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fd/55354e-bce7-4a5d-b561-9113fd7afd6c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:47:48 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 62201
IP: 185.149.200.0/22
IP: 2a07:6a00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0d:ea:15:39:e0:31:65:65:fe:a3:3c:93:ef:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e290e9cc3b7e363d726bd702750b53f29b050a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c2:39:62:a7:de:07:2f:5f:c1:97:b6:78:f7:
7e:c0:38:3c:00:ba:29:6b:aa:90:eb:11:e8:f6:14:
1f:da:09:ed:59:77:3a:fb:09:54:4e:3e:4f:37:ff:
3e:2e:b7:8c:8e:c7:75:74:0e:2e:93:21:c1:20:b1:
61:f2:b8:ba:58:dc:6b:47:b1:7c:dc:62:14:2a:6c:
3f:fc:41:a1:2d:4f:c2:e4:ed:6b:0b:a8:d4:6d:de:
a4:04:2a:da:e1:ac:15:c3:08:8c:76:7f:c1:51:e1:
46:fe:43:a9:e0:c7:fc:fb:94:4d:37:13:4a:ad:94:
40:38:99:9e:37:54:0b:19:2d:c5:64:fc:85:ab:2b:
7f:50:f5:ce:7e:d7:10:16:11:fc:97:21:d5:5b:26:
79:42:8e:6b:77:39:4c:04:d7:c1:3c:c6:7a:4f:ee:
72:15:53:72:b0:e0:f2:17:e8:6c:7f:48:a8:2a:2f:
62:70:69:7c:c5:d6:75:3a:63:eb:77:42:f8:69:b8:
e7:74:c0:ac:1f:70:b6:f4:cc:f8:ff:1f:26:b1:16:
1f:3c:bc:64:29:7c:8c:e0:37:a2:be:ee:b2:e9:ef:
4f:b4:ca:e1:0a:1d:e1:e7:f7:07:de:5d:fd:ae:45:
7f:a3:50:9a:ac:a6:b5:83:6f:6c:c4:6c:48:dc:aa:
ce:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:90:E9:CC:3B:7E:36:3D:72:6B:D7:02:75:0B:53:F2:9B:05:0A:7D
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/55354e-bce7-4a5d-b561-9113fd7afd6c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/55354e-bce7-4a5d-b561-9113fd7afd6c/1/4pDpzDt-Nj1ya9cCdQtT8psFCn0.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.200.0/22
IPv6:
2a07:6a00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
62201
Signature Algorithm: sha256WithRSAEncryption
0c:ad:95:b2:14:d7:49:2c:3e:cb:f7:98:5f:1e:44:67:31:24:
da:0f:1f:1c:a1:17:be:05:37:e1:1f:f0:ff:19:5d:ea:99:e6:
23:eb:ac:15:c3:ed:a9:29:19:dd:e0:4d:9e:79:b3:fa:3d:70:
39:0f:5d:7b:a4:5b:9b:6f:a6:ba:a2:8e:4f:ea:83:1d:88:85:
9c:0d:b9:68:b8:84:1a:4b:88:7d:f2:7d:95:c9:47:e6:1b:b5:
45:ba:e4:3c:31:02:50:5c:40:64:34:8b:17:d9:64:04:87:b8:
87:cc:11:0b:0a:95:3a:27:eb:d4:a7:56:57:86:89:ec:33:b9:
e0:72:e8:e2:f7:08:87:25:7c:e5:5a:0c:43:87:ea:72:0c:8d:
f3:53:5b:61:88:3f:64:ff:26:8f:d1:62:a9:7d:37:ee:50:77:
aa:3f:01:b7:9a:80:f9:6d:6c:a6:1b:16:d5:9d:2f:05:6a:d1:
5b:cc:48:34:aa:58:6c:b9:bc:07:68:ac:77:5d:69:a7:44:bd:
f7:fd:96:75:e6:c6:ae:6f:8c:4a:57:8a:e9:54:cb:3d:26:30:
2d:e5:ba:7f:b7:18:ab:8f:90:96:6e:1a:f8:37:39:f1:b0:54:
68:e8:b0:0a:91:89:38:49:23:60:c4:e6:a3:6e:7e:94:9e:05:
83:fa:5f:28
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQf+g3qFTngMWVl/qM8k++VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjkwZTljYzNiN2UzNjNkNzI2YmQ3MDI3NTBiNTNmMjliMDUwYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncI5YqfeBy9fwZe2ePd+wDg8ALop
a6qQ6xHo9hQf2gntWXc6+wlUTj5PN/8+LreMjsd1dA4ukyHBILFh8ri6WNxrR7F8
3GIUKmw//EGhLU/C5O1rC6jUbd6kBCra4awVwwiMdn/BUeFG/kOp4Mf8+5RNNxNK
rZRAOJmeN1QLGS3FZPyFqyt/UPXOftcQFhH8lyHVWyZ5Qo5rdzlMBNfBPMZ6T+5y
FVNysODyF+hsf0ioKi9icGl8xdZ1OmPrd0L4abjndMCsH3C29Mz4/x8msRYfPLxk
KXyM4Deivu6y6e9PtMrhCh3h5/cH3l39rkV/o1CarKa1g29sxGxI3KrOywIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOKQ6cw7fjY9cmvXAnULU/KbBQp9MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZkLzU1MzU0
ZS1iY2U3LTRhNWQtYjU2MS05MTEzZmQ3YWZkNmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQvNTUzNTRl
LWJjZTctNGE1ZC1iNTYxLTkxMTNmZDdhZmQ2Yy8xLzRwRHB6RHQtTmoxeWE5Y0Nk
UXRUOHBzRkNuMC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuZXIMA0EAgACMAcDBQMqB2oAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDy+TANBgkqhkiG9w0BAQsFAAOCAQEADK2VshTXSSw+
y/eYXx5EZzEk2g8fHKEXvgU34R/w/xld6pnmI+usFcPtqSkZ3eBNnnmz+j1wOQ9d
e6Rbm2+muqKOT+qDHYiFnA25aLiEGkuIffJ9lclH5hu1RbrkPDECUFxAZDSLF9lk
BIe4h8wRCwqVOifr1KdWV4aJ7DO54HLo4vcIhyV85VoMQ4fqcgyN81NbYYg/ZP8m
j9FiqX037lB3qj8Bt5qA+W1sphsW1Z0vBWrRW8xINKpYbLm8B2isd11pp0S99/2W
debGrm+MSleK6VTLPSYwLeW6f7cYq4+Qlm4a+Dc58bBUaOiwCpGJOEkjYMTmo25+
lJ4Fg/pfKA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:23 2025 by rpki-client