Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer
File: 9PZ6QM9ehcLStlWLQJmvEl0QUO4.cer (raw, json)
Hash identifier: bs7eVMS8WlVC6pvf4I0rlIDWaxdogxNI6sizuMk13t4=
Subject key identifier: F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427489038DBDEFCEC8407626296AC05E9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 13:50:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 43467
IP: 45.9.80.0/22
IP: 2a0e:de00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:90:38:db:de:fc:ec:84:07:62:62:96:ac:05:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 13:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4f67a40cf5e85c2d2b6558b4099af125d1050ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:a6:b6:38:a1:8e:bb:cf:ed:ed:ab:17:c8:
b2:d7:0e:5c:d9:5e:90:7a:7b:f9:96:57:ad:25:9a:
50:c8:47:8a:f9:97:f6:57:a8:f5:4f:b9:f1:c5:68:
23:25:b9:6e:b4:77:ce:2b:4d:08:7b:b4:cb:dd:6f:
ae:9a:6f:2b:d3:df:64:43:07:1d:02:5b:ea:43:0f:
fa:08:da:7a:78:ee:f7:81:82:83:d2:33:91:ab:d4:
37:68:71:35:a2:b3:63:fc:e8:23:3b:5a:56:c0:ce:
94:52:d2:08:17:64:65:4c:31:f9:e3:a5:e8:7c:48:
ce:16:b9:3c:21:38:3a:e0:3e:23:eb:ac:86:18:86:
3b:50:59:38:22:82:f5:f9:f8:5b:ac:f7:8a:06:22:
e4:89:7d:56:79:59:52:01:72:18:72:cc:58:c8:26:
3a:69:c5:82:4c:f0:0a:39:3a:cd:38:8b:75:04:43:
00:2a:66:23:45:cc:e5:f0:9f:6d:86:69:18:29:50:
76:25:11:e1:16:9c:d3:f1:b4:77:24:85:0a:a7:d9:
1c:9c:6d:74:60:d9:0e:19:7c:5c:93:b1:9e:d4:92:
e3:d1:6a:12:83:f6:ff:2d:9c:e8:78:ed:54:f8:79:
79:dd:53:ce:36:6f:ef:92:89:2c:84:de:83:d8:79:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F6:7A:40:CF:5E:85:C2:D2:B6:55:8B:40:99:AF:12:5D:10:50:EE
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/707b4f-6cd6-488a-8def-3a5c71f86821/1/9PZ6QM9ehcLStlWLQJmvEl0QUO4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.80.0/22
IPv6:
2a0e:de00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
43467
Signature Algorithm: sha256WithRSAEncryption
7d:0e:82:3d:4a:6e:3a:4f:32:86:08:b2:4c:87:01:50:3f:a5:
f7:fd:e9:b0:50:e3:55:9a:74:cd:b1:fa:be:6b:1e:c3:74:bf:
2f:01:28:2a:a4:49:8c:1e:9b:de:b6:31:bb:72:ff:5a:67:60:
01:28:6d:16:43:d1:c3:3d:8d:06:35:d5:70:bc:9c:67:0c:c2:
43:2c:36:6a:9f:09:ad:38:76:2c:28:28:8b:53:73:3a:1f:2a:
39:5a:77:8b:79:92:35:19:e2:aa:0b:ee:da:5d:ef:c2:69:c3:
85:f5:65:5c:d1:7c:51:a8:51:aa:95:c4:18:f9:93:13:34:f2:
21:bd:45:69:4c:43:dc:3f:dd:17:a3:59:f9:ea:8f:9e:e2:a5:
30:21:a0:ee:25:ff:7b:02:c0:42:b8:13:ef:80:7b:ee:4c:16:
b3:67:46:5b:0f:18:2f:11:52:b5:52:9d:4a:d8:de:82:d0:34:
2f:d0:9f:9f:d8:1f:90:be:8a:99:3b:4c:08:82:c5:2a:e4:bd:
b9:55:49:2e:59:d0:a4:6e:2e:88:cb:a6:fa:99:cb:9d:29:a6:
ef:e1:b8:cc:31:12:43:fa:d1:5c:d8:aa:8a:62:5e:5b:9f:16:
51:d0:a9:7e:63:e8:9e:53:3b:6d:29:eb:70:80:d7:ba:fb:d1:
28:ca:83:38
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQnSJA429787IQHYmKWrAXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTM1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY2N2E0MGNmNWU4NWMyZDJiNjU1OGI0MDk5YWYxMjVkMTA1MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPqmtjihjrvP7e2rF8iy1w5c2V6Q
env5lletJZpQyEeK+Zf2V6j1T7nxxWgjJblutHfOK00Ie7TL3W+umm8r099kQwcd
AlvqQw/6CNp6eO73gYKD0jORq9Q3aHE1orNj/OgjO1pWwM6UUtIIF2RlTDH546Xo
fEjOFrk8ITg64D4j66yGGIY7UFk4IoL1+fhbrPeKBiLkiX1WeVlSAXIYcsxYyCY6
acWCTPAKOTrNOIt1BEMAKmYjRczl8J9thmkYKVB2JRHhFpzT8bR3JIUKp9kcnG10
YNkOGXxck7Ge1JLj0WoSg/b/LZzoeO1U+Hl53VPONm/vkokshN6D2HkSGQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPT2ekDPXoXC0rZVi0CZrxJdEFDuMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIyLzcwN2I0
Zi02Y2Q2LTQ4OGEtOGRlZi0zYTVjNzFmODY4MjEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIvNzA3YjRm
LTZjZDYtNDg4YS04ZGVmLTNhNWM3MWY4NjgyMS8xLzlQWjZRTTllaGNMU3RsV0xR
Sm12RWwwUVVPNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCLQlQMA0EAgACMAcDBQMqDt4AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCpyzANBgkqhkiG9w0BAQsFAAOCAQEAfQ6CPUpuOk8y
hgiyTIcBUD+l9/3psFDjVZp0zbH6vmsew3S/LwEoKqRJjB6b3rYxu3L/WmdgASht
FkPRwz2NBjXVcLycZwzCQyw2ap8JrTh2LCgoi1NzOh8qOVp3i3mSNRniqgvu2l3v
wmnDhfVlXNF8UahRqpXEGPmTEzTyIb1FaUxD3D/dF6NZ+eqPnuKlMCGg7iX/ewLA
QrgT74B77kwWs2dGWw8YLxFStVKdStjegtA0L9Cfn9gfkL6KmTtMCILFKuS9uVVJ
LlnQpG4uiMum+pnLnSmm7+G4zDESQ/rRXNiqimJeW58WUdCpfmPonlM7bSnrcIDX
uvvRKMqDOA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:23:52 2025 by rpki-client