Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.cer
File: Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.cer (raw, json)
Hash identifier: om1pPq0x90PjnGBHQvcybzGNdL8rzcZ3gRCy6KIVfAE=
Subject key identifier: 1A:3E:97:0E:D6:27:71:34:3A:09:6F:FB:2E:FC:26:AB:B7:ED:68:AF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221FE6870EB89456E7B4832244CE802C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:48:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 39771
IP: 193.227.136.0/21
IP: 194.4.72.0 -- 194.4.99.255
IP: 195.42.0.0/18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e6:87:0e:b8:94:56:e7:b4:83:22:44:ce:80:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a3e970ed62771343a096ffb2efc26abb7ed68af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d8:1d:dc:6d:6d:a2:39:5b:40:7e:15:7a:89:
72:55:02:ca:15:de:60:99:85:94:6b:d9:76:08:37:
a1:88:f3:d5:97:d5:e1:d9:df:08:95:45:d1:e2:7d:
ee:78:fc:24:c1:f0:0d:2b:27:ba:7e:34:40:33:bb:
85:27:99:42:6b:ff:ef:48:2b:32:b6:c7:e1:c3:28:
8b:6e:f1:4a:0c:29:3e:1f:60:3f:8c:3b:c2:05:34:
96:69:e7:3f:8e:42:e2:08:5d:0b:ab:e6:35:b1:86:
7b:f1:d5:c0:f0:ee:ff:71:2c:17:10:5e:d9:2d:54:
77:ae:7f:7c:87:62:7b:f8:52:77:a7:6a:0f:5d:cc:
40:61:da:b6:fa:5d:91:e8:29:9e:fd:5c:ee:84:52:
67:40:4f:33:c8:68:c6:cf:33:4c:1e:8e:70:20:90:
3c:9f:c9:37:f1:21:59:e0:be:02:b6:6d:30:5b:bc:
e8:c4:c9:87:14:2b:5a:a8:32:43:bc:c5:32:79:ba:
55:45:bc:3a:f6:4b:25:1b:8b:ae:cd:03:11:68:d4:
00:74:46:08:f6:ae:ef:3b:e1:62:55:91:41:d5:91:
6d:04:15:af:ac:9c:c4:1c:b4:08:f6:25:60:2a:41:
90:fd:9e:49:a9:ba:0a:a0:e2:2a:6e:cb:ec:68:00:
ab:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3E:97:0E:D6:27:71:34:3A:09:6F:FB:2E:FC:26:AB:B7:ED:68:AF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0f7092-e3a4-470b-85a5-d489094c6604/1/Gj6XDtYncTQ6CW_7Lvwmq7ftaK8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.136.0/21
194.4.72.0-194.4.99.255
195.42.0.0/18
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39771
Signature Algorithm: sha256WithRSAEncryption
67:64:a2:76:b3:1d:92:c5:aa:07:a4:c6:fb:bb:cf:bd:57:04:
4a:59:a6:97:ea:5c:6c:9a:5e:85:0a:74:39:3f:4e:ed:45:fa:
b8:4a:40:6f:4d:83:e3:f2:4a:09:22:0c:64:88:6b:24:b4:a2:
1e:01:81:ab:05:4a:fd:2e:8c:08:8a:11:9e:fa:07:0e:a5:ef:
07:70:e4:28:57:ed:77:be:96:89:bc:49:8a:59:e7:c3:cd:d7:
db:89:ac:74:d4:4c:7a:8b:0b:41:75:18:cf:d6:49:7d:1d:71:
59:35:9b:ba:23:b0:82:1f:2c:1b:06:a0:ed:bb:b7:6a:d3:ee:
51:e0:b1:cd:31:c6:99:98:02:79:7a:7b:a8:d0:09:a7:64:22:
40:86:8c:1f:f6:95:1d:4d:2b:35:29:8a:c0:1d:bc:c1:e8:53:
d4:82:e1:27:dc:95:fe:0d:18:d0:79:e2:99:5f:59:ad:69:4c:
3f:07:5e:a3:39:9d:15:44:b6:3f:55:c8:9f:4d:26:13:5f:94:
c7:0f:9c:20:7b:99:f0:99:33:e5:a7:df:ee:2b:2c:06:6e:28:
e2:34:45:1c:79:0d:4c:9d:c9:ba:75:b6:11:30:cb:f4:0e:ba:
bc:58:75:f2:85:d4:a2:84:1e:17:d4:8a:b9:92:88:df:91:2f:
7f:42:9f:02
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZQiH+aHDriUVue0gyJEzoAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNlOTcwZWQ2Mjc3MTM0M2EwOTZmZmIyZWZjMjZhYmI3ZWQ2OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49gd3G1tojlbQH4VeolyVQLKFd5g
mYWUa9l2CDehiPPVl9Xh2d8IlUXR4n3uePwkwfANKye6fjRAM7uFJ5lCa//vSCsy
tsfhwyiLbvFKDCk+H2A/jDvCBTSWaec/jkLiCF0Lq+Y1sYZ78dXA8O7/cSwXEF7Z
LVR3rn98h2J7+FJ3p2oPXcxAYdq2+l2R6Cme/VzuhFJnQE8zyGjGzzNMHo5wIJA8
n8k38SFZ4L4Ctm0wW7zoxMmHFCtaqDJDvMUyebpVRbw69kslG4uuzQMRaNQAdEYI
9q7vO+FiVZFB1ZFtBBWvrJzEHLQI9iVgKkGQ/Z5JqboKoOIqbsvsaACrPwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFBo+lw7WJ3E0Oglv+y78Jqu37WivMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFiLzBmNzA5
Mi1lM2E0LTQ3MGItODVhNS1kNDg5MDk0YzY2MDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIvMGY3MDky
LWUzYTQtNDcwYi04NWE1LWQ0ODkwOTRjNjYwNC8xL0dqNlhEdFluY1RRNkNXXzdM
dndtcTdmdGFLOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUF
BwEHAQH/BCQwIjAgBAIAATAaAwQDweOIMAwDBAPCBEgDBALCBGADBAbDKgAwGgYI
KwYBBQUHAQgBAf8ECzAJoAcwBQIDAJtbMA0GCSqGSIb3DQEBCwUAA4IBAQBnZKJ2
sx2SxaoHpMb7u8+9VwRKWaaX6lxsml6FCnQ5P07tRfq4SkBvTYPj8koJIgxkiGsk
tKIeAYGrBUr9LowIihGe+gcOpe8HcOQoV+13vpaJvEmKWefDzdfbiax01Ex6iwtB
dRjP1kl9HXFZNZu6I7CCHywbBqDtu7dq0+5R4LHNMcaZmAJ5enuo0AmnZCJAhowf
9pUdTSs1KYrAHbzB6FPUguEn3JX+DRjQeeKZX1mtaUw/B16jOZ0VRLY/VcifTSYT
X5THD5wge5nwmTPlp9/uKywGbijiNEUceQ1Mncm6dbYRMMv0Drq8WHXyhdSihB4X
1Iq5kojfkS9/Qp8C
-----END CERTIFICATE-----
Generated at Tue Apr 15 10:46:53 2025 by rpki-client