Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
File: 8qJTzfUHoD4fV50gLY3xHWj1w9c.cer (raw, json)
Hash identifier: PbSRW/KCtbczR8OCtiYjCXbZCFLoSBG+g6Ak1cD6Cyc=
Subject key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019424B3E87FE5862DA952E80713C825A451
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 01:49:17 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 45.88.228.0/22
IP: 2001:3500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e8:7f:e5:86:2d:a9:52:e8:07:13:c8:25:a4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:f5:bf:14:df:fd:19:cb:36:a8:b7:15:c1:
c4:42:7d:b6:f5:ba:76:0c:a0:c3:1d:d7:ec:e8:62:
38:19:81:1a:f7:25:3b:3c:bc:20:02:27:d5:91:bf:
6b:26:ef:76:e4:00:58:7d:45:a4:4e:fd:b2:61:2a:
d9:0b:b1:b4:ca:9e:b6:03:2c:65:96:e8:00:7c:3f:
fb:1f:a3:72:10:db:1e:bb:18:45:43:66:7a:e9:bf:
d0:e5:33:fc:b7:64:2d:3c:9b:00:86:5d:11:14:e3:
52:1d:fe:02:e4:6f:b4:86:05:5f:f4:0e:76:37:ab:
b0:8f:70:3c:df:60:09:74:da:98:0e:ff:1a:1d:f9:
93:f5:92:29:c4:0b:d0:ee:65:42:43:18:e0:da:f1:
ff:de:81:80:fd:26:3f:4d:90:9c:6c:f0:d3:cc:f1:
7a:3c:f2:f6:28:58:46:72:ae:e5:3d:1f:02:d9:ee:
e6:ca:8c:5a:41:a2:ee:ae:1f:46:b7:bf:03:9c:4b:
cc:91:d6:32:75:55:48:b1:12:d8:69:f8:93:66:e1:
53:1d:a4:32:32:ab:c4:6e:32:92:c2:b6:a2:61:ff:
f8:50:fd:ba:23:94:ca:19:ea:c3:85:c1:b3:8d:8a:
cb:76:99:69:5f:b5:71:93:fa:7a:d5:ba:e9:00:9a:
67:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.228.0/22
IPv6:
2001:3500::/29
Signature Algorithm: sha256WithRSAEncryption
71:aa:0c:a4:2a:40:a5:b3:6f:f6:e7:db:52:ef:a7:be:39:b7:
c5:71:a2:78:f7:50:82:0a:57:af:d8:23:31:f6:af:fe:00:4b:
ca:5c:04:5b:52:0d:7d:5b:c3:4c:87:38:5d:2e:7b:53:fa:5f:
3f:58:eb:00:72:6d:81:be:15:4c:9b:48:83:91:24:25:ae:cd:
dc:41:d6:aa:99:9f:84:ab:5f:0e:43:1f:e0:96:d0:57:6f:47:
ab:f9:44:a9:0c:13:14:53:d1:4a:d8:68:a5:90:6b:e6:18:fb:
08:fc:8b:b2:b6:4c:82:b8:17:a5:63:17:5f:23:41:d0:aa:d3:
32:e4:cc:93:50:04:87:b4:5d:5e:f9:cd:aa:51:b9:ec:41:20:
87:93:fe:b9:01:16:00:62:b6:52:7c:c2:0d:5d:9d:12:d2:ff:
e9:71:f9:25:a1:b0:32:99:a0:69:6c:f6:dd:15:d1:de:8b:ef:
6d:fd:32:ab:6a:33:e2:de:a3:50:95:ba:fe:67:29:5b:af:4b:
7c:46:d4:a1:0c:8b:7d:15:ce:10:96:ed:f6:c9:43:f8:25:48:
6c:dd:79:14:c9:6c:f0:ee:b3:16:99:bd:6d:32:2f:90:a3:19:
d8:24:d6:71:25:ea:ea:ce:70:17:e7:fd:43:9a:b0:68:b5:de:
6d:15:71:2e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZQks+h/5YYtqVLoBxPIJaRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmEyNTNjZGY1MDdhMDNlMWY1NzlkMjAyZDhkZjExZDY4ZjVjM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGD1vxTf/RnLNqi3FcHEQn229bp2
DKDDHdfs6GI4GYEa9yU7PLwgAifVkb9rJu925ABYfUWkTv2yYSrZC7G0yp62Ayxl
lugAfD/7H6NyENseuxhFQ2Z66b/Q5TP8t2QtPJsAhl0RFONSHf4C5G+0hgVf9A52
N6uwj3A832AJdNqYDv8aHfmT9ZIpxAvQ7mVCQxjg2vH/3oGA/SY/TZCcbPDTzPF6
PPL2KFhGcq7lPR8C2e7myoxaQaLurh9Gt78DnEvMkdYydVVIsRLYafiTZuFTHaQy
MqvEbjKSwraiYf/4UP26I5TKGerDhcGzjYrLdplpX7Vxk/p61brpAJpnKQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFPKiU831B6A+H1edIC2N8R1o9cPXMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUxLzEwZWJl
Yy0yNzg0LTRkYWEtOGRmNy1iZTRkNWQwOWQ3MTAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvMTBlYmVj
LTI3ODQtNGRhYS04ZGY3LWJlNGQ1ZDA5ZDcxMC8xLzhxSlR6ZlVIb0Q0ZlY1MGdM
WTN4SFdqMXc5Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLVjkMA0EAgACMAcDBQMgATUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBxqgykKkCls2/259tS76e+ObfFcaJ491CCClev2CMx9q/+AEvK
XARbUg19W8NMhzhdLntT+l8/WOsAcm2BvhVMm0iDkSQlrs3cQdaqmZ+Eq18OQx/g
ltBXb0er+USpDBMUU9FK2GilkGvmGPsI/IuytkyCuBelYxdfI0HQqtMy5MyTUASH
tF1e+c2qUbnsQSCHk/65ARYAYrZSfMINXZ0S0v/pcfklobAymaBpbPbdFdHei+9t
/TKrajPi3qNQlbr+Zylbr0t8RtShDIt9Fc4Qlu32yUP4JUhs3XkUyWzw7rMWmb1t
Mi+QoxnYJNZxJerqznAX5/1DmrBotd5tFXEu
-----END CERTIFICATE-----
Generated at Wed Apr 9 20:00:24 2025 by rpki-client