Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DqPJxEl8H6SF6d0XWK-fAA4r1L8.cer
File: DqPJxEl8H6SF6d0XWK-fAA4r1L8.cer (raw, json)
Hash identifier: Ef0ijn6mJGM5mqkT7KGEyx8Ols3VOxklTnvJrIzfJdM=
Subject key identifier: 0E:A3:C9:C4:49:7C:1F:A4:85:E9:DD:17:58:AF:9F:00:0E:2B:D4:BF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942823B8F7A4A45D7A63B3AF3E8797BBD9
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/DqPJxEl8H6SF6d0XWK-fAA4r1L8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:50:17 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 193.111.87.0/24
IP: 195.88.166.0/23
IP: 2001:67c:2420::/48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:b8:f7:a4:a4:5d:7a:63:b3:af:3e:87:97:bb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ea3c9c4497c1fa485e9dd1758af9f000e2bd4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:ab:0b:0c:c7:7b:7c:9a:9a:8a:62:a4:7d:
ea:9e:f0:4f:38:b7:43:e8:a5:3d:86:54:b2:89:8d:
3e:bd:0c:78:59:36:85:32:75:20:52:66:d8:3e:7d:
48:00:c2:68:8b:75:aa:1f:2d:15:aa:23:92:d3:3a:
e7:80:e7:5e:2a:47:4a:3b:4f:04:c0:3f:d3:88:78:
12:0f:19:d5:31:1d:f6:aa:1a:3a:12:db:86:f8:8b:
1d:fd:9c:cd:be:99:7d:c7:b7:3a:78:f2:b3:85:98:
7d:ee:e8:d9:5b:76:14:5e:17:76:f7:aa:9d:7e:ea:
11:bb:73:4f:5d:64:97:5d:b6:66:6b:a1:ef:90:32:
48:1e:6a:02:ec:a5:7f:a3:5b:6a:fa:4c:dc:73:b7:
fe:5d:d1:22:20:ee:c6:28:fc:24:18:57:0c:bc:7c:
b0:59:c0:eb:83:75:64:33:9d:b4:d9:c1:79:10:77:
62:c2:ad:0a:ca:bb:f5:43:37:03:0a:15:31:c7:d2:
16:de:50:f7:a7:25:aa:17:2a:af:2d:46:28:ed:37:
89:1c:8a:41:ca:ca:05:f1:a8:ff:61:e4:0d:70:43:
25:d4:90:a9:e7:94:09:c3:a5:df:32:9f:0e:b9:69:
43:89:92:06:a4:d1:42:c2:9a:f8:8c:b3:d6:18:8f:
e7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A3:C9:C4:49:7C:1F:A4:85:E9:DD:17:58:AF:9F:00:0E:2B:D4:BF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/aad27b-69ba-49ed-bb7e-a990f9064a57/1/DqPJxEl8H6SF6d0XWK-fAA4r1L8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.87.0/24
195.88.166.0/23
IPv6:
2001:67c:2420::/48
Signature Algorithm: sha256WithRSAEncryption
0b:22:6f:2b:c8:4a:30:8f:70:de:d6:77:2f:53:d7:51:e6:eb:
49:3a:c5:79:0d:84:10:1e:8b:79:a2:6d:3a:38:ce:e2:70:77:
60:60:78:83:1b:5a:b4:18:31:fd:e7:06:e5:c7:e5:56:d7:99:
82:0d:cb:96:09:d0:70:50:74:06:54:e7:88:43:ed:04:50:3e:
2f:ca:5d:39:9c:0a:06:3c:b2:0b:d5:c4:2a:ef:e5:d7:99:43:
5d:3d:d1:13:87:77:15:db:55:13:e0:b7:9b:85:a3:eb:5c:b2:
ee:03:3c:ec:a5:4f:84:e2:66:15:e0:5a:1b:14:66:3c:1c:45:
c7:16:1a:4f:60:17:95:e5:1d:0a:cc:b1:cb:09:b0:42:5b:7d:
01:25:c7:9a:80:f5:86:10:16:a9:c9:f5:44:89:da:ea:52:0f:
38:6f:ef:45:82:61:10:a0:d3:4d:bd:8c:f6:f3:46:f2:85:c7:
ff:70:c5:29:c1:ff:81:31:d2:1d:1c:a5:3f:86:59:4d:0b:8e:
97:30:ad:5f:ab:9a:54:cf:dc:91:b1:90:f2:96:2a:e3:3e:bf:
2f:f3:66:4a:d9:23:7f:19:19:0a:35:c3:f5:e8:39:c1:38:04:
01:80:a5:14:50:fd:3c:81:bf:4d:8e:31:82:85:71:33:ad:45:
8f:10:1e:ca
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQoI7j3pKRdemOzrz6Hl7vZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWEzYzljNDQ5N2MxZmE0ODVlOWRkMTc1OGFmOWYwMDBlMmJkNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8erCwzHe3yamopipH3qnvBPOLdD
6KU9hlSyiY0+vQx4WTaFMnUgUmbYPn1IAMJoi3WqHy0VqiOS0zrngOdeKkdKO08E
wD/TiHgSDxnVMR32qho6EtuG+Isd/ZzNvpl9x7c6ePKzhZh97ujZW3YUXhd296qd
fuoRu3NPXWSXXbZma6HvkDJIHmoC7KV/o1tq+kzcc7f+XdEiIO7GKPwkGFcMvHyw
WcDrg3VkM5202cF5EHdiwq0Kyrv1QzcDChUxx9IW3lD3pyWqFyqvLUYo7TeJHIpB
ysoF8aj/YeQNcEMl1JCp55QJw6XfMp8OuWlDiZIGpNFCwpr4jLPWGI/nxwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFA6jycRJfB+khendF1ivnwAOK9S/MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2IxL2FhZDI3
Yi02OWJhLTQ5ZWQtYmI3ZS1hOTkwZjkwNjRhNTcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvYWFkMjdi
LTY5YmEtNDllZC1iYjdlLWE5OTBmOTA2NGE1Ny8xL0RxUEp4RWw4SDZTRjZkMFhX
Sy1mQUE0cjFMOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUF
BwEHAQH/BCcwJTASBAIAATAMAwQAwW9XAwQBw1imMA8EAgACMAkDBwAgAQZ8JCAw
DQYJKoZIhvcNAQELBQADggEBAAsibyvISjCPcN7Wdy9T11Hm60k6xXkNhBAei3mi
bTo4zuJwd2BgeIMbWrQYMf3nBuXH5VbXmYINy5YJ0HBQdAZU54hD7QRQPi/KXTmc
CgY8sgvVxCrv5deZQ1090ROHdxXbVRPgt5uFo+tcsu4DPOylT4TiZhXgWhsUZjwc
RccWGk9gF5XlHQrMscsJsEJbfQElx5qA9YYQFqnJ9USJ2upSDzhv70WCYRCg0029
jPbzRvKFx/9wxSnB/4Ex0h0cpT+GWU0LjpcwrV+rmlTP3JGxkPKWKuM+vy/zZkrZ
I38ZGQo1w/XoOcE4BAGApRRQ/TyBv02OMYKFcTOtRY8QHso=
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:43:59 2025 by rpki-client