Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer
File: DsodW91QNE_174hKZg6C66g7wNs.cer (raw, json)
Hash identifier: EjVULD8LK7gRpTK9mHJLHR/tAMMS6WbjR+ti07R7Crc=
Subject key identifier: 0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942521F04AD5D908B492FD11D486018D8A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:28 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 3327
IP: 62.128.96.0/19
IP: 87.98.0.0/17
IP: 89.219.0.0/22
IP: 89.219.128.0/22
IP: 89.219.134.0 -- 89.219.154.255
IP: 89.219.161.0 -- 89.219.162.255
IP: 89.219.168.0/24
IP: 195.137.179.0/24
IP: 195.222.0.0/19
IP: 212.27.224.0/19
IP: 212.47.192.0/19
IP: 212.49.0.0/19
IP: 217.28.240.0/20
IP: 2001:7f8:39::/48
IP: 2001:ad0::/32
IP: 2a01:80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f0:4a:d5:d9:08:b4:92:fd:11:d4:86:01:8d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:42:10:95:45:92:47:b7:d2:47:56:3e:1b:
98:49:69:b1:ed:25:0c:8c:11:a5:e9:1d:df:18:ea:
13:92:6a:dc:b4:8d:8a:c4:88:03:fc:75:21:16:cb:
56:d7:e7:da:48:63:76:6d:9b:7d:0b:8a:ef:d1:a7:
44:73:02:e4:71:fb:c3:9b:9c:91:ea:03:45:e9:c8:
cb:0d:0f:9c:8b:86:75:b5:57:6c:1e:75:b9:0d:cf:
fb:c4:ad:ae:6a:b5:f1:df:bf:0e:a5:6c:83:af:11:
10:ae:25:e5:59:2b:46:e7:b1:68:b2:5e:54:6f:09:
f7:cb:4f:94:13:c4:e5:b3:86:c8:8b:0e:76:49:6f:
5a:9c:3e:88:c2:86:e4:aa:69:d0:2c:b4:30:2a:1b:
81:82:68:7d:2b:6a:b1:55:e2:07:e0:ab:74:06:5d:
79:35:90:52:1f:1c:fb:c6:cb:4c:45:d8:e8:41:5e:
21:70:3c:3f:6d:49:aa:fb:cf:f1:f6:a0:9e:ac:25:
39:5e:bb:92:ec:2b:b5:3c:a1:c9:02:77:76:eb:52:
1c:84:52:00:72:57:86:15:66:45:cf:23:5e:46:7c:
08:4e:41:70:a3:18:2c:6b:e5:f1:2f:3e:39:2c:a6:
d1:b6:4d:84:ce:14:77:11:25:bc:98:c2:47:73:e5:
8b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.96.0/19
87.98.0.0/17
89.219.0.0/22
89.219.128.0/22
89.219.134.0-89.219.154.255
89.219.161.0-89.219.162.255
89.219.168.0/24
195.137.179.0/24
195.222.0.0/19
212.27.224.0/19
212.47.192.0/19
212.49.0.0/19
217.28.240.0/20
IPv6:
2001:7f8:39::/48
2001:ad0::/32
2a01:80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
3327
Signature Algorithm: sha256WithRSAEncryption
a5:49:95:3a:d5:bb:2f:d9:62:58:e2:b3:30:f8:d5:ab:6b:c7:
ba:1d:f5:74:9e:e9:ed:a9:3d:2e:d8:a3:6d:cf:ef:fc:d6:d3:
35:00:8d:37:fc:75:64:72:e3:38:81:4c:17:11:53:df:37:bc:
eb:4e:68:f1:27:d6:83:36:7a:3c:63:4c:f5:26:fe:40:b6:1f:
d4:23:21:9b:5d:86:dc:2b:64:bf:4b:31:9d:2d:b5:36:ba:cd:
1c:49:b9:ab:52:5a:2f:1f:a3:3a:65:4e:aa:d1:b3:42:7a:b7:
ef:91:7f:f0:ba:48:d6:b8:e4:69:73:61:cc:2e:1e:a9:0f:ac:
d7:3b:ca:81:38:8e:53:e9:25:eb:fa:56:44:b5:a8:32:4c:0e:
a2:da:12:2b:ab:d8:2a:8a:23:ef:d2:9c:51:99:3e:7c:f2:03:
7c:ba:51:56:63:dd:6f:5a:92:0f:ad:cb:25:14:0c:d9:b0:37:
d5:a7:3a:90:1e:8d:42:9b:f2:81:43:61:7b:2a:ba:b8:2d:a0:
d4:9b:74:ee:cc:da:92:a1:3f:a5:ac:dd:4d:59:d9:44:f6:b7:
06:36:f9:13:0a:b8:05:1c:7c:69:bb:60:12:3b:87:07:b7:b0:
95:c2:51:da:53:61:fd:a7:a8:0d:22:25:99:fd:b5:36:66:71:
3c:30:34:12
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZQlIfBK1dkItJL9EdSGAY2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNhMWQ1YmRkNTAzNDRmZjVlZjg4NGE2NjBlODJlYmE4M2JjMGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqVCEJVFkke30kdWPhuYSWmx7SUM
jBGl6R3fGOoTkmrctI2KxIgD/HUhFstW1+faSGN2bZt9C4rv0adEcwLkcfvDm5yR
6gNF6cjLDQ+ci4Z1tVdsHnW5Dc/7xK2uarXx378OpWyDrxEQriXlWStG57Fosl5U
bwn3y0+UE8Tls4bIiw52SW9anD6IwobkqmnQLLQwKhuBgmh9K2qxVeIH4Kt0Bl15
NZBSHxz7xstMRdjoQV4hcDw/bUmq+8/x9qCerCU5XruS7Cu1PKHJAnd261IchFIA
cleGFWZFzyNeRnwITkFwoxgsa+XxLz45LKbRtk2EzhR3ESW8mMJHc+WLPwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFA7KHVvdUDRP9e+ISmYOguuoO8DbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzljL2JlN2Zj
Yi0wNzU1LTRjMWUtYWM3Ny03YzdmMDBhOTUzZTEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvYmU3ZmNi
LTA3NTUtNGMxZS1hYzc3LTdjN2YwMGE5NTNlMS8xL0Rzb2RXOTFRTkVfMTc0aEta
ZzZDNjZnN3dOcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGYBggrBgEF
BQcBBwEB/wSBiDCBhTBkBAIAATBeAwQFPoBgAwQHV2IAAwQCWdsAAwQCWduAMAwD
BAFZ24YDBABZ25owDAMEAFnboQMEAFnbogMEAFnbqAMEAMOJswMEBcPeAAMEBdQb
4AMEBdQvwAMEBdQxAAMEBNkc8DAdBAIAAjAXAwcAIAEH+AA5AwUAIAEK0AMFACoB
AIAwGQYIKwYBBQUHAQgBAf8ECjAIoAYwBAICDP8wDQYJKoZIhvcNAQELBQADggEB
AKVJlTrVuy/ZYljiszD41atrx7od9XSe6e2pPS7Yo23P7/zW0zUAjTf8dWRy4ziB
TBcRU983vOtOaPEn1oM2ejxjTPUm/kC2H9QjIZtdhtwrZL9LMZ0ttTa6zRxJuatS
Wi8fozplTqrRs0J6t++Rf/C6SNa45GlzYcwuHqkPrNc7yoE4jlPpJev6VkS1qDJM
DqLaEiur2CqKI+/SnFGZPnzyA3y6UVZj3W9akg+tyyUUDNmwN9WnOpAejUKb8oFD
YXsqurgtoNSbdO7M2pKhP6Ws3U1Z2UT2twY2+RMKuAUcfGm7YBI7hwe3sJXCUdpT
Yf2nqA0iJZn9tTZmcTwwNBI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:55:05 2025 by rpki-client