Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
File: DFFAKCWR-ZEvljnuFBK20dz_CGE.cer (raw, json)
Hash identifier: q9kPJom37rLjn/MmapMyCkaQkTvASTAGukGTkVuyUV4=
Subject key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941FFAAE3C5336D956DA113495A950B25D
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 03:48:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 200178
AS: 210016
AS: 211970
IP: 185.72.252.0/22
IP: 185.234.245.0/24
IP: 188.72.0.0 -- 188.72.11.255
IP: 188.72.13.0 -- 188.72.14.255
IP: 188.72.20.0/24
IP: 188.72.23.0 -- 188.72.29.255
IP: 188.72.32.0 -- 188.72.41.255
IP: 188.72.44.0 -- 188.72.63.255
IP: 2a10:e880::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ae:3c:53:36:d9:56:da:11:34:95:a9:50:b2:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4c:b0:2b:0b:ab:a6:e8:b6:bd:e8:97:52:73:
d2:89:1b:b4:fd:f0:0c:ae:10:14:49:d9:b1:e5:c6:
75:9d:6f:53:c4:5d:2e:1a:59:81:f2:dd:29:b1:60:
e6:ed:8d:01:58:fa:ce:09:f1:df:77:de:a4:c4:62:
4a:0a:31:c9:d6:86:61:a1:c2:ed:23:82:c3:66:d5:
37:a7:a4:f3:69:b2:f0:c4:ff:4a:a5:78:3b:b0:89:
03:71:3d:7b:27:48:93:b7:85:62:b2:b3:8a:00:e5:
50:fc:4f:9d:e0:c4:f4:1b:f2:87:c6:49:14:f2:3f:
05:43:1d:73:05:8b:49:b1:a7:31:b4:ad:f9:45:bc:
03:be:21:78:da:aa:7e:05:c7:ff:c7:31:cc:be:9f:
f5:c7:89:00:1e:bf:d0:bb:5d:76:bc:79:5d:58:f2:
71:39:c0:2a:89:1c:29:b3:ae:e6:fc:77:44:08:3c:
10:fb:3f:90:da:b5:da:8f:9a:a7:60:54:63:be:da:
26:0e:37:6e:47:4b:2d:07:7c:70:d5:e5:2e:29:f2:
c2:f8:7e:59:b0:ae:bf:d0:0b:d8:bf:2d:2a:0e:4b:
0b:da:cd:07:1f:a1:06:e9:38:c7:fb:13:2d:af:a5:
de:86:3a:b3:6f:70:bb:c9:87:f9:5e:6b:0c:ef:45:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.252.0/22
185.234.245.0/24
188.72.0.0-188.72.11.255
188.72.13.0-188.72.14.255
188.72.20.0/24
188.72.23.0-188.72.29.255
188.72.32.0-188.72.41.255
188.72.44.0-188.72.63.255
IPv6:
2a10:e880::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
200178
210016
211970
Signature Algorithm: sha256WithRSAEncryption
61:b7:4b:e5:85:ad:16:9a:25:92:aa:29:d9:f3:a3:92:2c:eb:
57:f7:d2:fa:b3:3b:5d:3b:95:09:25:b1:da:fe:54:23:22:ee:
ca:df:05:62:fb:84:72:4c:76:29:d6:25:44:9e:21:0d:32:38:
bf:8a:47:27:ff:c5:5e:1c:da:c9:37:90:b5:d2:ba:29:68:b4:
13:a7:26:64:bf:88:0f:38:72:e1:57:17:26:5f:cd:6a:18:2d:
ed:85:58:10:e3:74:81:54:57:72:5b:86:e8:fc:94:37:d1:88:
8d:72:98:30:f0:e0:93:6c:3a:f9:e0:db:8d:e3:c8:7c:01:e2:
10:92:fd:45:72:6e:36:93:6c:87:6d:61:ea:9f:44:fb:98:88:
42:46:82:13:19:e3:76:92:b8:07:cd:90:8e:7c:2a:1b:93:32:
00:70:88:d4:7a:66:d7:0b:2d:85:12:f4:09:c8:a8:78:6c:76:
30:5a:d5:91:8a:43:6b:20:b7:2d:6d:fc:d2:32:92:0a:80:76:
48:74:99:55:66:27:6f:04:fe:b2:03:c8:2e:51:62:f1:32:39:
f4:59:3f:0c:da:4b:cc:de:e7:a9:37:de:70:fe:40:c3:cc:1c:
cd:dd:5d:eb:b7:81:99:2a:14:97:99:06:43:82:3d:f7:ba:8b:
86:43:68:7a
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZQf+q48UzbZVtoRNJWpULJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUxNDAyODI1OTFmOTkxMmY5NjM5ZWUxNDEyYjZkMWRjZmYwODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7EywKwurpui2veiXUnPSiRu0/fAM
rhAUSdmx5cZ1nW9TxF0uGlmB8t0psWDm7Y0BWPrOCfHfd96kxGJKCjHJ1oZhocLt
I4LDZtU3p6TzabLwxP9KpXg7sIkDcT17J0iTt4VisrOKAOVQ/E+d4MT0G/KHxkkU
8j8FQx1zBYtJsacxtK35RbwDviF42qp+Bcf/xzHMvp/1x4kAHr/Qu112vHldWPJx
OcAqiRwps67m/HdECDwQ+z+Q2rXaj5qnYFRjvtomDjduR0stB3xw1eUuKfLC+H5Z
sK6/0AvYvy0qDksL2s0HH6EG6TjH+xMtr6Xehjqzb3C7yYf5XmsM70WqiwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFAxRQCglkfmRL5Y57hQSttHc/whhMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjLzA1NTRh
Mi1kM2Q5LTRmYzQtOGVkNS1kZTkxNDY5ZDM3NzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2MvMDU1NGEy
LWQzZDktNGZjNC04ZWQ1LWRlOTE0NjlkMzc3Mi8xL0RGRkFLQ1dSLVpFdmxqbnVG
QksyMGR6X0NHRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUF
BwEHAQH/BHAwbjBdBAIAATBXAwQCuUj8AwQAuer1MAsDAwO8SAMEArxICDAMAwQA
vEgNAwQAvEgOAwQAvEgUMAwDBAC8SBcDBAG8SBwwDAMEBbxIIAMEAbxIKDAMAwQC
vEgsAwQGvEgAMA0EAgACMAcDBQMqEOiAMCQGCCsGAQUFBwEIAQH/BBUwE6ARMA8C
AwMN8gIDAzRgAgMDPAIwDQYJKoZIhvcNAQELBQADggEBAGG3S+WFrRaaJZKqKdnz
o5Is61f30vqzO107lQklsdr+VCMi7srfBWL7hHJMdinWJUSeIQ0yOL+KRyf/xV4c
2sk3kLXSuilotBOnJmS/iA84cuFXFyZfzWoYLe2FWBDjdIFUV3Jbhuj8lDfRiI1y
mDDw4JNsOvng243jyHwB4hCS/UVybjaTbIdtYeqfRPuYiEJGghMZ43aSuAfNkI58
KhuTMgBwiNR6ZtcLLYUS9AnIqHhsdjBa1ZGKQ2sgty1t/NIykgqAdkh0mVVmJ28E
/rIDyC5RYvEyOfRZPwzaS8ze56k33nD+QMPMHM3dXeu3gZkqFJeZBkOCPfe6i4ZD
aHo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:20:37 2025 by rpki-client