Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer
File: CnN3j7G-woyZgmUq7ehqAEwmgvE.cer (raw, json)
Hash identifier: vWygZWo/KPeHyT9CAue63ctBRkKFmihvrzEVmf30CuU=
Subject key identifier: 0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5F79B67691D474616B77793739E08
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:48:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 185.30.28.0/22
IP: 185.38.196.0/22
IP: 2a00:ae60::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f7:9b:67:69:1d:47:46:16:b7:77:93:73:9e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a73778fb1bec28c9982652aede86a004c2682f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:5d:75:ec:c3:94:fd:c2:ec:d3:2e:6b:11:
94:32:20:52:33:e6:f4:a2:70:c9:de:ea:a9:34:4f:
c5:75:5b:89:6a:d3:68:91:1a:42:31:9d:e7:1e:24:
ae:8f:8f:93:58:2a:a1:66:47:90:39:7a:15:64:29:
d7:da:8d:17:fd:21:3c:c5:b2:f6:5c:6c:43:03:fb:
19:85:41:a2:df:f1:e6:7f:fc:ca:c3:12:8d:24:87:
6a:03:a2:1e:13:48:30:da:55:d2:89:52:5c:72:7c:
c7:51:14:4a:c7:2d:31:48:87:8f:13:81:66:58:6e:
cf:3a:dc:d2:dc:70:33:5d:44:b6:86:75:c1:12:17:
47:0c:41:1b:01:dd:76:b9:45:0d:c5:14:20:0f:22:
30:3a:42:d2:de:b2:0a:8c:d3:58:c5:4b:a8:88:b4:
74:a2:1e:a1:26:b0:12:86:3d:ac:a0:5c:b5:ff:46:
e5:3c:87:eb:63:8f:50:c5:26:57:e9:7a:d4:b8:ac:
a8:e8:36:05:bb:c4:1e:ce:19:05:fc:79:86:b5:d0:
01:f0:c4:d9:c7:c5:85:ae:90:f6:9c:74:aa:1e:ba:
b8:56:68:bf:9a:2f:60:8b:7c:9b:8a:c8:cf:bc:f7:
66:52:71:32:ef:97:fc:74:2d:89:16:87:45:d5:42:
de:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.28.0/22
185.38.196.0/22
IPv6:
2a00:ae60::/32
Signature Algorithm: sha256WithRSAEncryption
85:af:a6:c5:32:db:04:4a:ae:f7:ba:eb:3a:fe:83:b5:5f:e0:
68:e1:a7:4f:60:5f:04:56:a4:6d:a3:80:0d:ff:3b:18:5c:7c:
81:01:aa:e5:90:df:b9:de:c8:5f:4d:11:62:66:0d:b2:25:9b:
92:8c:29:09:58:45:61:af:b0:14:a2:82:48:c0:53:c6:ec:d8:
85:5a:0f:30:5f:64:36:6b:59:bb:1a:0d:89:5f:26:29:ae:39:
cc:f3:60:87:d6:73:fb:81:83:e1:d4:19:99:81:cd:eb:5d:25:
1d:d5:c3:98:9a:92:5f:18:5f:3b:f0:3b:d7:95:f5:94:0d:6e:
48:49:6e:0b:df:d8:71:02:b6:4b:4e:9f:42:5a:5a:c1:82:67:
86:cb:62:bb:3f:68:df:88:be:a4:15:cc:eb:fc:69:a0:ae:7c:
79:ca:d1:53:6e:9e:ec:9b:47:7b:96:e5:07:f0:4e:28:b5:9e:
d9:53:26:05:e9:da:0d:8c:c7:14:98:bb:5f:61:37:dd:ec:3e:
5d:37:44:78:ff:46:58:50:3b:21:82:8e:d4:be:2b:df:a0:3e:
ca:b5:70:b5:a5:9d:68:f1:b6:51:67:d6:ec:45:62:0f:0a:27:
28:35:1e:76:ed:f6:26:b1:0f:f1:2c:87:a5:c2:8a:bd:3c:85:
6d:66:c9:b7
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZQg1febZ2kdR0YWt3eTc54IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTczNzc4ZmIxYmVjMjhjOTk4MjY1MmFlZGU4NmEwMDRjMjY4MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjZddezDlP3C7NMuaxGUMiBSM+b0
onDJ3uqpNE/FdVuJatNokRpCMZ3nHiSuj4+TWCqhZkeQOXoVZCnX2o0X/SE8xbL2
XGxDA/sZhUGi3/Hmf/zKwxKNJIdqA6IeE0gw2lXSiVJccnzHURRKxy0xSIePE4Fm
WG7POtzS3HAzXUS2hnXBEhdHDEEbAd12uUUNxRQgDyIwOkLS3rIKjNNYxUuoiLR0
oh6hJrAShj2soFy1/0blPIfrY49QxSZX6XrUuKyo6DYFu8QezhkF/HmGtdAB8MTZ
x8WFrpD2nHSqHrq4Vmi/mi9gi3ybisjPvPdmUnEy75f8dC2JFodF1ULeEwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFApzd4+xvsKMmYJlKu3oagBMJoLxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc2L2U2ZTE1
Yy0xMmIwLTQwYmUtOGJjMS01NzA4ZjU4MGUzNmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvZTZlMTVj
LTEyYjAtNDBiZS04YmMxLTU3MDhmNTgwZTM2YS8xL0NuTjNqN0ctd295WmdtVXE3
ZWhxQUV3bWd2RS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuR4cAwQCuSbEMA0EAgACMAcDBQAqAK5gMA0G
CSqGSIb3DQEBCwUAA4IBAQCFr6bFMtsESq73uus6/oO1X+Bo4adPYF8EVqRto4AN
/zsYXHyBAarlkN+53shfTRFiZg2yJZuSjCkJWEVhr7AUooJIwFPG7NiFWg8wX2Q2
a1m7Gg2JXyYprjnM82CH1nP7gYPh1BmZgc3rXSUd1cOYmpJfGF878DvXlfWUDW5I
SW4L39hxArZLTp9CWlrBgmeGy2K7P2jfiL6kFczr/Gmgrnx5ytFTbp7sm0d7luUH
8E4otZ7ZUyYF6doNjMcUmLtfYTfd7D5dN0R4/0ZYUDshgo7UvivfoD7KtXC1pZ1o
8bZRZ9bsRWIPCicoNR527fYmsQ/xLIelwoq9PIVtZsm3
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:55:16 2025 by rpki-client