Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer
File: 5iMpnuR7T2EtuQoU-V5AdnrgZlc.cer (raw, json)
Hash identifier: +C0amrJq4WiodH5fVf4ChiPykMt3uYwIRVxyQJXyMrk=
Subject key identifier: E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C6EAF2204BF6C99CCEC7469C29D2B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5iMpnuR7T2EtuQoU-V5AdnrgZlc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:04 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 2001:67c:484::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6e:af:22:04:bf:6c:99:cc:ec:74:69:c2:9d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e623299ee47b4f612db90a14f95e40767ae06657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ce:d9:26:6c:d5:44:5a:8e:c4:97:ff:ea:87:
80:ca:64:ac:25:0a:8e:41:db:45:38:9b:fd:f0:eb:
ac:87:a3:a5:06:5d:b2:7f:0b:a8:c3:66:25:6f:37:
0c:db:0d:af:fa:67:65:89:f0:e1:f3:09:23:f9:fb:
18:2b:26:6d:de:a0:e2:c3:c3:a4:c4:8f:35:29:fd:
de:31:ab:71:4a:da:31:fa:3a:81:25:2b:6b:a1:a7:
4e:2d:8d:2f:b9:ae:ea:5d:a1:94:6c:18:c6:81:e5:
b5:8f:1e:2d:5b:93:42:7e:d8:6b:73:ea:6c:82:21:
8e:01:45:5c:95:f5:30:14:aa:f3:7f:93:08:f8:76:
cc:78:73:c6:d7:d7:fd:69:f1:fe:8a:2a:bb:48:8c:
45:8f:c6:ae:95:0e:cf:27:54:aa:4f:e4:d3:df:67:
a3:f4:cc:c6:9a:96:0c:f9:3d:30:3e:3c:2c:7c:13:
58:35:26:b4:55:9c:34:1e:ea:3a:87:75:c1:16:3b:
dc:5a:6c:ec:e9:b7:a7:ef:6a:9d:e8:81:79:f9:a7:
f0:91:4e:5e:6a:fc:ed:66:4b:cd:14:86:a6:78:19:
26:a1:11:04:a1:f0:8c:57:34:74:50:53:91:be:e9:
17:a9:f4:a3:ca:17:a9:5f:ca:22:66:f4:64:94:16:
c5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:23:29:9E:E4:7B:4F:61:2D:B9:0A:14:F9:5E:40:76:7A:E0:66:57
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f37203-f172-459f-8315-82f25ac6887f/1/5iMpnuR7T2EtuQoU-V5AdnrgZlc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:484::/48
Signature Algorithm: sha256WithRSAEncryption
a9:2b:94:0f:e3:bf:10:d6:3c:79:e5:3a:6d:1f:41:45:fe:2f:
fb:65:6c:2c:c9:41:ed:f5:d4:64:cb:5e:dc:4d:3b:f7:7f:e8:
de:eb:1d:e4:26:43:2a:1f:31:65:7e:55:51:90:07:f2:43:03:
2a:d9:4e:24:9a:f2:ab:b5:05:57:bf:ea:bb:46:c4:6b:0e:70:
a0:e6:79:fe:b5:52:40:b8:ef:9e:71:98:71:59:22:1d:74:28:
e7:84:27:88:1e:8d:f4:37:a8:a8:37:a3:c6:47:bc:5a:e0:7a:
7f:aa:85:73:d8:46:3a:4d:8c:e6:f4:4c:53:e2:d7:d6:49:94:
23:b3:41:75:c6:3c:ed:be:e2:1a:7e:f3:3f:67:bc:19:a4:9f:
36:01:f0:58:aa:60:4e:41:d5:1c:d3:b4:45:95:94:86:36:4a:
31:69:cc:68:e2:35:a2:0b:cc:ca:41:f2:3c:3e:b4:1c:97:b2:
89:d8:f4:2a:a5:06:bc:9a:33:1a:5c:6e:c2:5f:41:82:6e:72:
35:c5:f6:a1:37:ad:0a:de:5b:0f:95:00:d2:89:c1:6a:66:92:
4e:da:88:fe:ee:4a:00:8e:f0:f8:f0:9f:17:f3:31:d3:23:99:
be:18:36:f5:e8:8a:0a:e3:75:cd:66:8b:0b:7b:3c:30:76:f9:
7c:4a:c6:a6
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZQfjG6vIgS/bJnM7HRpwp0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIzMjk5ZWU0N2I0ZjYxMmRiOTBhMTRmOTVlNDA3NjdhZTA2NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M7ZJmzVRFqOxJf/6oeAymSsJQqO
QdtFOJv98Oush6OlBl2yfwuow2YlbzcM2w2v+mdlifDh8wkj+fsYKyZt3qDiw8Ok
xI81Kf3eMatxStox+jqBJStroadOLY0vua7qXaGUbBjGgeW1jx4tW5NCfthrc+ps
giGOAUVclfUwFKrzf5MI+HbMeHPG19f9afH+iiq7SIxFj8aulQ7PJ1SqT+TT32ej
9MzGmpYM+T0wPjwsfBNYNSa0VZw0Huo6h3XBFjvcWmzs6ben72qd6IF5+afwkU5e
avztZkvNFIameBkmoREEofCMVzR0UFORvukXqfSjyhepX8oiZvRklBbFZQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFOYjKZ7ke09hLbkKFPleQHZ64GZXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxL2YzNzIw
My1mMTcyLTQ1OWYtODMxNS04MmYyNWFjNjg4N2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEvZjM3MjAz
LWYxNzItNDU5Zi04MzE1LTgyZjI1YWM2ODg3Zi8xLzVpTXBudVI3VDJFdHVRb1Ut
VjVBZG5yZ1psYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfASEMA0GCSqGSIb3DQEBCwUAA4IBAQCp
K5QP478Q1jx55TptH0FF/i/7ZWwsyUHt9dRky17cTTv3f+je6x3kJkMqHzFlflVR
kAfyQwMq2U4kmvKrtQVXv+q7RsRrDnCg5nn+tVJAuO+ecZhxWSIddCjnhCeIHo30
N6ioN6PGR7xa4Hp/qoVz2EY6TYzm9ExT4tfWSZQjs0F1xjztvuIafvM/Z7wZpJ82
AfBYqmBOQdUc07RFlZSGNkoxacxo4jWiC8zKQfI8PrQcl7KJ2PQqpQa8mjMaXG7C
X0GCbnI1xfahN60K3lsPlQDSicFqZpJO2oj+7koAjvD48J8X8zHTI5m+GDb16IoK
43XNZosLezwwdvl8Ssam
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:19:07 2025 by rpki-client