Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/BSAFu2w9aGW4nBDzOwuZS3Svljs.cer
File: BSAFu2w9aGW4nBDzOwuZS3Svljs.cer (raw, json)
Hash identifier: 5aOkjkR6CaHqUPslP3MeS6QffxXHsZnkSMRe7momKx8=
Subject key identifier: 05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194252174DECCFD9D2B324410A5B8372678
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:48:57 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 57527
IP: 185.98.124.0/22
IP: 2a06:e00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:74:de:cc:fd:9d:2b:32:44:10:a5:b8:37:26:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=052005bb6c3d6865b89c10f33b0b994b74af963b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:74:3f:aa:ab:d4:0f:59:e4:14:ab:ef:09:
82:f5:89:7c:1d:cc:9a:10:a7:2e:e0:b3:6e:ce:63:
e3:7c:2f:bd:dc:1e:18:78:63:5f:f4:32:32:9c:94:
d8:e8:0b:e1:68:8a:db:07:fa:00:af:3a:93:16:b4:
40:95:de:82:c7:0a:3d:b6:55:32:97:3f:76:e8:ea:
58:fa:ea:e9:74:8d:5d:b4:26:f6:9e:14:d6:5b:b4:
e1:c0:97:eb:6c:f1:e4:fa:45:43:06:dc:ac:77:58:
cf:83:84:c4:93:2f:da:d6:07:46:23:fa:17:8b:3b:
f8:78:25:74:a5:b4:59:c3:8f:17:70:16:8d:bd:fc:
2d:2e:a3:61:4f:7b:31:92:51:bd:b9:01:2f:d7:41:
73:9d:f3:e0:3d:42:a6:9f:ed:36:75:a3:76:19:d7:
28:e7:92:47:4c:ab:07:6c:07:0e:c2:86:b0:ce:13:
65:00:9d:d1:84:8e:0e:2b:7b:f2:d2:0f:d7:4e:6a:
a5:39:9f:b4:d6:b6:26:f4:9e:d8:94:0c:82:e6:59:
5a:e3:d5:ab:16:85:99:7d:69:55:aa:e3:f5:c8:b5:
fc:a5:e4:23:2e:70:9e:44:9f:95:a9:ee:c7:2e:7f:
c6:5d:99:63:b6:13:79:5c:33:93:af:dc:cc:23:d4:
4f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:20:05:BB:6C:3D:68:65:B8:9C:10:F3:3B:0B:99:4B:74:AF:96:3B
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/83eb09-3a14-455b-8895-ba0a76f43704/1/BSAFu2w9aGW4nBDzOwuZS3Svljs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.124.0/22
IPv6:
2a06:e00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
57527
Signature Algorithm: sha256WithRSAEncryption
90:28:b3:f2:4f:8b:4c:75:d0:78:91:d7:01:04:de:8c:60:ed:
0c:ae:68:dd:36:64:59:f8:98:a3:cb:23:ad:8c:24:e4:18:67:
86:86:3a:dc:3b:98:9a:17:d5:bb:12:7b:cd:a3:23:4f:1c:9c:
57:53:2b:54:fc:ff:28:8f:d3:44:50:b6:1f:cd:e3:db:29:8a:
9e:15:3c:fd:62:68:ee:8c:24:1b:1d:54:b9:80:50:50:8b:b3:
10:78:31:dd:f2:6f:1a:d5:c4:b0:0b:7b:26:31:de:cf:54:41:
14:36:bf:ad:93:05:7e:bb:bf:c5:77:c8:56:28:e6:62:ac:8f:
3a:d2:18:95:d3:a9:0c:c7:68:e3:bb:f8:26:9f:b2:50:a8:fa:
f1:f5:da:a3:1e:fd:ad:60:fe:55:36:e6:5b:24:97:e9:23:e9:
15:20:5d:d9:59:90:f5:91:7e:d0:9a:c9:02:79:eb:f4:70:71:
8a:a2:93:00:9b:8e:66:94:38:69:c5:e6:7d:53:80:8c:7c:93:
01:df:55:e8:41:54:7e:05:2b:39:e3:f1:2d:be:38:44:f0:b1:
0e:2a:70:45:ce:e9:4a:1f:ab:0c:22:4a:48:ab:95:4a:3d:4a:
a0:05:ae:c7:ef:f1:26:1a:b7:d8:1e:13:50:b8:7c:03:81:54:
3b:10:67:f0
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQlIXTezP2dKzJEEKW4NyZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTIwMDViYjZjM2Q2ODY1Yjg5YzEwZjMzYjBiOTk0Yjc0YWY5NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6J0P6qr1A9Z5BSr7wmC9Yl8Hcya
EKcu4LNuzmPjfC+93B4YeGNf9DIynJTY6AvhaIrbB/oArzqTFrRAld6Cxwo9tlUy
lz926OpY+urpdI1dtCb2nhTWW7ThwJfrbPHk+kVDBtysd1jPg4TEky/a1gdGI/oX
izv4eCV0pbRZw48XcBaNvfwtLqNhT3sxklG9uQEv10FznfPgPUKmn+02daN2Gdco
55JHTKsHbAcOwoawzhNlAJ3RhI4OK3vy0g/XTmqlOZ+01rYm9J7YlAyC5lla49Wr
FoWZfWlVquP1yLX8peQjLnCeRJ+Vqe7HLn/GXZljthN5XDOTr9zMI9RP6wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFAUgBbtsPWhluJwQ8zsLmUt0r5Y7MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzliLzgzZWIw
OS0zYTE0LTQ1NWItODg5NS1iYTBhNzZmNDM3MDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvODNlYjA5
LTNhMTQtNDU1Yi04ODk1LWJhMGE3NmY0MzcwNC8xL0JTQUZ1Mnc5YUdXNG5CRHpP
d3VaUzNTdmxqcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuWJ8MA0EAgACMAcDBQMqBg4AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDgtzANBgkqhkiG9w0BAQsFAAOCAQEAkCiz8k+LTHXQ
eJHXAQTejGDtDK5o3TZkWfiYo8sjrYwk5BhnhoY63DuYmhfVuxJ7zaMjTxycV1Mr
VPz/KI/TRFC2H83j2ymKnhU8/WJo7owkGx1UuYBQUIuzEHgx3fJvGtXEsAt7JjHe
z1RBFDa/rZMFfru/xXfIVijmYqyPOtIYldOpDMdo47v4Jp+yUKj68fXaox79rWD+
VTbmWySX6SPpFSBd2VmQ9ZF+0JrJAnnr9HBxiqKTAJuOZpQ4acXmfVOAjHyTAd9V
6EFUfgUrOePxLb44RPCxDipwRc7pSh+rDCJKSKuVSj1KoAWux+/xJhq32B4TULh8
A4FUOxBn8A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:43 2025 by rpki-client