Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer
File: CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer (raw, json)
Hash identifier: 3qppWEU0YXFU+3ev2Mjx09IXsk7zBgHD3TbxTTR98lM=
Subject key identifier: 09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194258ED9C284118E33CD148D2FD135BA9A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 05:48:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 47474
IP: 37.130.248.0/21
IP: 46.18.216.0/21
IP: 62.64.140.0/22
IP: 62.64.160.0 -- 62.64.255.255
IP: 79.98.160.0/21
IP: 89.197.0.0/16
IP: 95.138.200.0/21
IP: 128.127.24.0/21
IP: 185.20.60.0/22
IP: 193.115.192.0/18
IP: 193.117.128.0/17
IP: 2a01:a000::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d9:c2:84:11:8e:33:cd:14:8d:2f:d1:35:ba:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097b5d1490b385a2f80c2a0324fe98e351091490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:75:ea:ab:4f:ff:10:ee:83:b0:d9:1b:a7:82:
48:af:b4:d9:fb:5d:46:99:9b:95:0c:6b:1a:ca:2a:
a2:43:00:23:fd:0f:b5:10:79:fa:88:0a:5f:ec:3f:
b5:97:75:30:1e:ab:38:52:a9:3c:05:42:d4:b3:60:
a0:94:cf:66:95:bb:77:a2:f1:0d:88:7e:14:aa:f0:
22:a6:0f:1f:5e:a1:f8:ad:7c:f7:76:e7:aa:13:9a:
7f:cb:00:4d:1f:df:20:5e:0d:7f:be:03:56:2b:e3:
76:8d:0b:75:0a:3a:da:f3:1d:a6:ce:74:c4:91:0a:
30:d0:8a:d0:e9:6c:56:90:32:fe:69:bf:2f:3f:2c:
74:85:ad:45:10:c3:4f:4b:44:c6:94:3b:59:e8:40:
31:72:06:1d:8f:48:92:a3:56:27:b6:8b:60:33:05:
f9:e7:dc:82:79:d4:4d:46:51:f2:a9:01:b7:0c:a9:
ee:73:09:9a:88:82:1a:01:ca:ef:46:3e:bf:02:ba:
3d:44:e3:4c:10:a4:16:11:eb:fc:b1:bb:9a:90:26:
87:d5:48:f6:d6:3b:c8:89:e1:13:1b:20:ae:8f:b4:
cc:9a:16:47:0f:8c:5b:67:10:5c:f8:82:0d:48:4e:
8a:12:17:e7:2c:6e:86:0f:30:98:ed:4b:88:c0:12:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.248.0/21
46.18.216.0/21
62.64.140.0/22
62.64.160.0-62.64.255.255
79.98.160.0/21
89.197.0.0/16
95.138.200.0/21
128.127.24.0/21
185.20.60.0/22
193.115.192.0/18
193.117.128.0/17
IPv6:
2a01:a000::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
47474
Signature Algorithm: sha256WithRSAEncryption
1d:e5:bb:0e:13:9f:b0:3b:39:0a:0d:a1:b0:fa:66:f0:4d:66:
71:db:6f:d1:f9:d3:82:a8:de:75:6c:89:e8:c6:e6:74:06:c9:
1a:f0:eb:ab:98:0e:f7:42:e3:9e:98:71:5d:d2:0a:0e:2c:20:
17:9e:ad:65:5d:b1:25:c2:d3:7a:f9:5e:fb:e6:a1:83:3b:8a:
d7:28:cd:df:42:5d:b1:24:23:ec:d0:2a:0a:0e:8f:20:aa:2e:
32:82:4b:66:c7:c8:01:08:75:b3:30:04:30:09:dc:4c:51:2d:
75:98:5b:34:21:c8:eb:03:da:9c:19:f7:20:34:69:c4:49:a8:
f7:4b:31:36:c4:aa:f5:50:58:c3:6f:1b:45:49:6c:75:1a:4c:
66:b2:f9:b9:e9:a6:4c:56:84:ab:27:7a:19:5f:ae:4f:62:4d:
b3:8c:aa:62:b6:b1:68:4b:ef:c9:7b:67:25:73:17:16:00:f5:
2a:61:3d:e1:08:c9:8a:a2:76:1e:de:21:70:95:11:48:1d:e2:
a3:b4:ff:02:d2:3c:69:29:49:8e:85:ef:4b:4d:3f:ef:ed:45:
ca:0d:6b:54:56:fd:d9:df:69:3d:67:6c:4c:61:1f:a3:a1:3b:
e0:af:29:c2:f5:f2:02:bd:b9:df:08:35:38:37:bc:b5:1c:2c:
25:b3:8c:c5
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZQljtnChBGOM80UjS/RNbqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdiNWQxNDkwYjM4NWEyZjgwYzJhMDMyNGZlOThlMzUxMDkxNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Xqq0//EO6DsNkbp4JIr7TZ+11G
mZuVDGsayiqiQwAj/Q+1EHn6iApf7D+1l3UwHqs4Uqk8BULUs2CglM9mlbt3ovEN
iH4UqvAipg8fXqH4rXz3dueqE5p/ywBNH98gXg1/vgNWK+N2jQt1Cjra8x2mznTE
kQow0IrQ6WxWkDL+ab8vPyx0ha1FEMNPS0TGlDtZ6EAxcgYdj0iSo1YntotgMwX5
59yCedRNRlHyqQG3DKnucwmaiIIaAcrvRj6/Aro9RONMEKQWEev8sbuakCaH1Uj2
1jvIieETGyCuj7TMmhZHD4xbZxBc+IINSE6KEhfnLG6GDzCY7UuIwBLWAQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFAl7XRSQs4Wi+AwqAyT+mONRCRSQMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0LzdlMzgx
Ni04YzhlLTQ3YTAtOTRlYy00ZmM5ZjBkMmFjYTMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQvN2UzODE2
LThjOGUtNDdhMC05NGVjLTRmYzlmMGQyYWNhMy8xL0NYdGRGSkN6aGFMNERDb0RK
UDZZNDFFSkZKQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHAGCCsGAQUF
BwEHAQH/BGEwXzBOBAIAATBIAwQDJYL4AwQDLhLYAwQCPkCMMAsDBAU+QKADAwA+
QAMEA09ioAMDAFnFAwQDX4rIAwQDgH8YAwQCuRQ8AwQGwXPAAwQHwXWAMA0EAgAC
MAcDBQAqAaAAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwC5cjANBgkqhkiG9w0B
AQsFAAOCAQEAHeW7DhOfsDs5Cg2hsPpm8E1mcdtv0fnTgqjedWyJ6MbmdAbJGvDr
q5gO90LjnphxXdIKDiwgF56tZV2xJcLTevle++ahgzuK1yjN30JdsSQj7NAqCg6P
IKouMoJLZsfIAQh1szAEMAncTFEtdZhbNCHI6wPanBn3IDRpxEmo90sxNsSq9VBY
w28bRUlsdRpMZrL5uemmTFaEqyd6GV+uT2JNs4yqYraxaEvvyXtnJXMXFgD1KmE9
4QjJiqJ2Ht4hcJURSB3io7T/AtI8aSlJjoXvS00/7+1Fyg1rVFb92d9pPWdsTGEf
o6E74K8pwvXyAr253wg1ODe8tRwsJbOMxQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:27 2025 by rpki-client