Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer
File: 9Y4MO5Mzy2_UE55FWlq7r9VpUyo.cer (raw, json)
Hash identifier: ryViLs6BteLjNlR4zy4t2e+XFG9qfnkpDOJZWxE6hGI=
Subject key identifier: F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194258EC0BC04EE9FC7F0ED0D9E7018A1BB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 05:48:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 213811
IP: 193.143.16.0/23
IP: 2a14:b000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:c0:bc:04:ee:9f:c7:f0:ed:0d:9e:70:18:a1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f58e0c3b9333cb6fd4139e455a5abbafd569532a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:26:ff:e9:c0:94:19:e6:cb:35:c9:30:72:cd:
dd:61:d5:0f:80:d4:55:3c:8a:b1:35:26:a1:98:d9:
bc:cb:a4:9b:75:ed:28:98:95:d8:88:90:38:6a:d0:
82:07:3b:4b:14:6c:54:22:84:a0:bb:97:07:9d:c3:
b6:d2:9b:b1:63:a5:d9:69:1f:58:35:1b:e3:b5:02:
df:f2:54:2f:ab:75:93:bf:47:f2:a0:99:b4:e9:20:
42:a7:8c:85:74:1a:61:d0:aa:53:63:57:b8:11:db:
27:b7:05:d0:c3:1c:c3:a3:34:1e:14:ff:70:a5:59:
dc:29:3b:bd:f2:0d:07:c2:ff:9e:7f:d3:17:73:30:
10:33:48:d7:ee:0d:ff:ce:08:f4:47:f2:5e:5c:79:
a0:b7:c6:84:1d:1b:96:bf:b5:f6:dc:26:9b:f0:e4:
42:26:1a:f8:60:e6:15:b1:45:88:5f:df:2e:cc:38:
a4:4e:47:57:b2:0d:5a:19:2e:33:24:b0:f3:5c:5f:
a4:7a:2f:38:ec:4e:a5:e1:39:45:e5:10:66:3c:c9:
f7:37:2d:89:f4:29:1f:3f:ae:f1:5b:ca:80:13:fe:
b4:05:42:7b:4e:1a:e4:20:aa:dd:9c:16:13:4e:ba:
aa:f7:5d:1c:a5:28:0a:fd:5d:60:c0:5b:07:22:6e:
47:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8E:0C:3B:93:33:CB:6F:D4:13:9E:45:5A:5A:BB:AF:D5:69:53:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1ca51-75dd-41c9-9484-2bc1ae3dbdbe/1/9Y4MO5Mzy2_UE55FWlq7r9VpUyo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.16.0/23
IPv6:
2a14:b000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
213811
Signature Algorithm: sha256WithRSAEncryption
9f:c0:70:2a:a0:d3:26:ca:5a:bd:14:a2:1a:35:44:ea:42:e4:
37:03:01:d0:44:4c:62:04:36:0b:7b:3c:f9:74:28:66:73:2f:
32:a0:1b:76:50:e3:77:89:ed:13:db:5f:e3:ff:44:36:fc:6f:
d6:ce:71:ee:ee:4c:06:79:61:b3:51:84:f8:d6:39:26:ec:5b:
e9:03:e2:d7:2c:72:af:7b:e6:25:c4:59:c0:86:ca:8a:29:b6:
f1:6c:95:f8:bc:05:74:41:0b:4c:42:cc:60:be:b8:79:35:6c:
c0:c7:85:bf:e1:67:da:e2:61:37:4d:57:9b:fe:c5:e9:49:fe:
cb:d6:4e:b2:86:da:84:b7:4d:ef:93:f1:32:77:ba:be:8b:2d:
4e:26:cf:db:03:fe:60:07:3f:30:1b:23:d2:ab:e1:ba:43:75:
38:a8:65:a5:7b:ab:d5:ee:38:26:bc:b6:0a:e9:90:a0:6d:98:
b2:f0:f7:c7:2a:24:5e:7b:e8:18:bd:7f:e0:8e:40:f5:1f:ff:
bb:dd:01:32:f1:83:a6:dc:39:4f:e6:2e:c5:47:c7:74:50:d8:
31:59:2d:ee:72:10:ce:52:6f:bd:40:b6:04:3b:5c:21:e9:ad:
62:8e:3c:e9:8d:b3:6b:0c:02:ce:49:50:7b:59:6b:16:14:f9:
1d:d9:b4:8a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQljsC8BO6fx/DtDZ5wGKG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThlMGMzYjkzMzNjYjZmZDQxMzllNDU1YTVhYmJhZmQ1Njk1MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Cb/6cCUGebLNckwcs3dYdUPgNRV
PIqxNSahmNm8y6Sbde0omJXYiJA4atCCBztLFGxUIoSgu5cHncO20puxY6XZaR9Y
NRvjtQLf8lQvq3WTv0fyoJm06SBCp4yFdBph0KpTY1e4EdsntwXQwxzDozQeFP9w
pVncKTu98g0Hwv+ef9MXczAQM0jX7g3/zgj0R/JeXHmgt8aEHRuWv7X23Cab8ORC
Jhr4YOYVsUWIX98uzDikTkdXsg1aGS4zJLDzXF+kei847E6l4TlF5RBmPMn3Ny2J
9CkfP67xW8qAE/60BUJ7ThrkIKrdnBYTTrqq910cpSgK/V1gwFsHIm5H9wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPWODDuTM8tv1BOeRVpau6/VaVMqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZmL2IxY2E1
MS03NWRkLTQxYzktOTQ4NC0yYmMxYWUzZGJkYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYvYjFjYTUx
LTc1ZGQtNDFjOS05NDg0LTJiYzFhZTNkYmRiZS8xLzlZNE1PNU16eTJfVUU1NUZX
bHE3cjlWcFV5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQBwY8QMA0EAgACMAcDBQMqFLAAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwNDMzANBgkqhkiG9w0BAQsFAAOCAQEAn8BwKqDTJspa
vRSiGjVE6kLkNwMB0ERMYgQ2C3s8+XQoZnMvMqAbdlDjd4ntE9tf4/9ENvxv1s5x
7u5MBnlhs1GE+NY5Juxb6QPi1yxyr3vmJcRZwIbKiim28WyV+LwFdEELTELMYL64
eTVswMeFv+Fn2uJhN01Xm/7F6Un+y9ZOsobahLdN75PxMne6vostTibP2wP+YAc/
MBsj0qvhukN1OKhlpXur1e44Jry2CumQoG2YsvD3xyokXnvoGL1/4I5A9R//u90B
MvGDptw5T+YuxUfHdFDYMVkt7nIQzlJvvUC2BDtcIemtYo486Y2zawwCzklQe1lr
FhT5Hdm0ig==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:47:17 2025 by rpki-client