Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5OF-B7BNx2ydbJH6_C1ahALGS44.cer
File: 5OF-B7BNx2ydbJH6_C1ahALGS44.cer (raw, json)
Hash identifier: 4gJtg/A8Cna57xReckQUkfUxF9O5Mk2nIfUZutKvEsQ=
Subject key identifier: E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228DB873F3B7652705CD1B0B720943FD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:48:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206141
IP: 147.28.48.0/20
IP: 185.155.188.0/22
IP: 2a07:9540::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b8:73:f3:b7:65:27:05:cd:1b:0b:72:09:43:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4e17e07b04dc76c9d6c91fafc2d5a8402c64b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b5:e4:16:54:43:32:1a:c9:4a:4b:69:be:91:
eb:29:f2:ec:7e:4a:7f:64:d0:1e:98:fb:f9:d3:36:
bf:71:69:e4:22:ea:39:c8:1c:9d:53:97:4e:a0:83:
09:00:b2:f2:04:29:4f:f2:84:ad:f9:4d:94:ab:7f:
23:cd:2f:b4:c3:b7:de:46:b0:fc:e7:f1:41:b4:67:
dd:cc:4a:a8:3f:e5:ae:57:77:0c:13:88:3f:c5:54:
02:d1:a5:3f:29:4d:c8:8a:a8:50:52:03:6a:e7:3e:
17:0a:06:c7:3b:37:71:4c:82:f6:74:0b:1c:d7:70:
25:f7:31:26:5b:1d:7d:52:f1:4c:dc:31:a4:7f:13:
1e:25:bf:15:50:f0:d2:76:01:01:7c:f3:70:e5:d4:
43:2e:69:7f:2c:61:c7:df:65:43:72:55:9f:9f:4b:
d4:8e:45:6e:96:a5:c9:7e:74:c8:9b:a8:d9:c1:7b:
64:34:fb:3f:4a:f6:0d:28:53:77:a3:54:c6:f1:d3:
d3:5a:46:84:a7:c7:c2:ed:02:19:33:9e:93:a2:6d:
8b:64:52:2d:ff:2f:f7:47:aa:4a:8f:55:3d:58:c2:
d9:8b:6e:af:04:53:70:39:bb:fe:b8:f0:98:7c:bd:
6c:24:00:ec:f2:8b:6c:e4:60:aa:5d:2e:92:d1:d9:
3b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E1:7E:07:B0:4D:C7:6C:9D:6C:91:FA:FC:2D:5A:84:02:C6:4B:8E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/42be5f-2432-4899-a4ff-198adda5a281/1/5OF-B7BNx2ydbJH6_C1ahALGS44.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.48.0/20
185.155.188.0/22
IPv6:
2a07:9540::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206141
Signature Algorithm: sha256WithRSAEncryption
92:c5:a3:f3:66:0e:d4:1a:62:c8:f5:cd:6f:f4:38:ea:43:2d:
b0:ad:58:89:5c:e0:a0:c3:7a:03:68:59:6e:5f:fa:c6:58:d5:
64:df:2a:f0:2d:0d:ba:3c:88:98:41:98:c4:8b:7b:d2:dc:91:
75:e1:64:46:3b:09:8c:d2:e7:ce:69:de:c1:27:cc:93:9a:77:
94:86:db:f4:1b:7e:ae:f3:9d:b6:5b:b9:81:14:12:9c:5d:ea:
c6:bb:e3:3f:2b:4f:f3:ca:2b:e4:27:93:a1:88:78:b3:f3:98:
5d:56:1f:7d:05:4b:14:28:7d:cb:6a:5d:e3:57:af:3e:09:7a:
c0:df:7e:e9:5f:59:8e:4d:5c:84:58:02:7c:bb:bf:41:f8:9f:
b7:84:64:6e:67:4e:e2:fe:80:48:35:8c:46:6d:86:47:5c:15:
81:78:d8:c3:73:d1:e1:0d:e8:7d:f5:9d:51:32:03:f5:20:43:
39:67:b7:94:71:b4:12:b1:79:c0:c8:9d:04:69:7c:45:26:80:
2e:f3:50:b3:4d:f4:ac:db:3f:bd:4f:da:d2:a4:81:ca:30:96:
8d:fa:74:9e:ad:21:75:bf:a5:88:a4:52:3f:cd:59:c2:53:f1:
97:04:82:2b:28:09:16:e8:da:c4:86:dc:ce:0a:6e:5b:42:75:
5f:fb:80:6f
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQijbhz87dlJwXNGwtyCUP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUxN2UwN2IwNGRjNzZjOWQ2YzkxZmFmYzJkNWE4NDAyYzY0YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bXkFlRDMhrJSktpvpHrKfLsfkp/
ZNAemPv50za/cWnkIuo5yBydU5dOoIMJALLyBClP8oSt+U2Uq38jzS+0w7feRrD8
5/FBtGfdzEqoP+WuV3cME4g/xVQC0aU/KU3IiqhQUgNq5z4XCgbHOzdxTIL2dAsc
13Al9zEmWx19UvFM3DGkfxMeJb8VUPDSdgEBfPNw5dRDLml/LGHH32VDclWfn0vU
jkVulqXJfnTIm6jZwXtkNPs/SvYNKFN3o1TG8dPTWkaEp8fC7QIZM56Tom2LZFIt
/y/3R6pKj1U9WMLZi26vBFNwObv+uPCYfL1sJADs8ots5GCqXS6S0dk7TQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFOThfgewTcdsnWyR+vwtWoQCxkuOMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzQyYmU1
Zi0yNDMyLTQ4OTktYTRmZi0xOThhZGRhNWEyODEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNDJiZTVm
LTI0MzItNDg5OS1hNGZmLTE5OGFkZGE1YTI4MS8xLzVPRi1CN0JOeDJ5ZGJKSDZf
QzFhaEFMR1M0NC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEkxwwAwQCuZu8MA0EAgACMAcDBQMqB5VAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMlPTANBgkqhkiG9w0BAQsFAAOCAQEAksWj
82YO1BpiyPXNb/Q46kMtsK1YiVzgoMN6A2hZbl/6xljVZN8q8C0NujyImEGYxIt7
0tyRdeFkRjsJjNLnzmnewSfMk5p3lIbb9Bt+rvOdtlu5gRQSnF3qxrvjPytP88or
5CeToYh4s/OYXVYffQVLFCh9y2pd41evPgl6wN9+6V9Zjk1chFgCfLu/Qfift4Rk
bmdO4v6ASDWMRm2GR1wVgXjYw3PR4Q3offWdUTID9SBDOWe3lHG0ErF5wMidBGl8
RSaALvNQs030rNs/vU/a0qSByjCWjfp0nq0hdb+liKRSP81ZwlPxlwSCKygJFuja
xIbczgpuW0J1X/uAbw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:56:59 2025 by rpki-client