Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
File: Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer (raw, json)
Hash identifier: qp138dHtBc9i3Ytw5Z/XmpdXQfOhJ6SFsNctxchtp3k=
Subject key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423D7A20AD79F350CD9116E418DEF4B98
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 21:48:41 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204171
IP: 2.59.180.0/22
IP: 45.156.144.0/22
IP: 185.103.120.0/22
IP: 2a06:2bc0::/29
IP: 2a09:f740::/29
IP: 2a0f:2280::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a2:0a:d7:9f:35:0c:d9:11:6e:41:8d:ef:4b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 21:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d5:ba:da:7f:53:76:e0:4d:d5:ed:80:29:e0:
4b:e6:de:34:2a:92:d4:f2:0e:5e:82:42:38:0b:48:
e2:ba:06:bf:cb:7d:dc:cc:b6:77:f8:37:52:17:19:
1f:2e:07:75:ca:a5:fa:5e:61:72:a3:98:0d:96:42:
f9:d6:a4:5e:70:6f:29:fe:17:52:2f:8e:bd:4d:57:
e1:72:a9:2d:3b:5d:90:d9:fe:ae:6b:1d:33:0b:2d:
49:83:9d:68:80:46:da:d3:f4:a5:d1:b5:15:ae:3d:
54:8a:74:ff:34:09:d7:ef:f2:de:9f:44:c9:11:7d:
9c:2c:70:98:73:99:4a:8d:ec:87:8c:a9:9f:6d:f5:
32:20:19:ce:48:21:7e:99:62:97:60:06:92:c4:9c:
86:56:8e:37:ba:db:6e:c3:ce:d5:7a:cc:10:48:f1:
66:3b:13:1b:60:9f:dd:3d:ec:e3:75:ee:a9:6b:94:
d3:63:68:b5:2d:9b:b0:7c:dc:e7:67:66:f9:9a:c5:
20:e7:a4:5f:7a:61:de:7b:f1:02:1a:d0:33:4d:7a:
9b:3e:b5:4d:35:96:34:84:f2:d9:42:6b:c1:63:ae:
2c:38:28:0d:4e:48:9e:01:f7:bd:af:4a:a1:2b:34:
5a:fa:7f:80:03:22:4e:79:e0:8e:19:6a:35:8d:2c:
5b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/22
45.156.144.0/22
185.103.120.0/22
IPv6:
2a06:2bc0::/29
2a09:f740::/29
2a0f:2280::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204171
Signature Algorithm: sha256WithRSAEncryption
95:ba:65:d0:3c:c4:ab:6d:41:fe:e5:9a:ae:72:be:0f:6c:b9:
d9:f5:1b:89:07:c0:ed:54:94:7a:e1:19:5a:a0:17:6e:f1:57:
fc:39:04:05:40:64:db:b5:d0:aa:2b:8a:cb:85:b3:aa:c0:b2:
44:eb:0d:4a:62:10:eb:36:58:3f:5f:3f:5d:d2:7b:bc:6d:94:
15:d3:d9:e7:fa:91:8a:39:01:c0:66:a0:56:a0:b2:d5:ec:ba:
0c:9b:e8:6f:7d:bb:59:3e:07:11:64:69:2c:3f:cf:6b:00:05:
74:bd:1e:f1:e9:33:24:da:2d:e4:3a:07:5e:1c:18:16:b2:3c:
8e:ee:8d:5e:c8:05:0e:31:ce:47:70:02:70:b2:a9:ea:7c:09:
24:99:ba:c4:ed:32:03:74:f6:af:f0:b8:4e:74:76:ca:a1:2c:
3e:fc:67:76:33:69:93:d0:ae:26:5d:2c:50:17:1c:6d:41:fd:
6f:24:9d:6c:5a:77:f0:82:9a:ec:e7:a6:9a:e6:d1:d4:3d:6c:
e8:31:5b:10:eb:62:33:bb:54:91:25:d0:ca:d0:c9:de:94:20:
23:f6:f6:c6:df:2f:71:85:66:ad:bb:f3:83:26:29:e6:8b:81:
7d:67:cd:ca:22:7a:59:b4:5f:45:ec:69:f4:90:c8:f3:a7:15:
73:be:3f:98
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZQj16IK1581DNkRbkGN70uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMjE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTdmMDM2ZTI1OTIzOTFmYjQ1YTNkZDMzY2FmMGIwNzk1Njk3M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtW62n9TduBN1e2AKeBL5t40KpLU
8g5egkI4C0jiuga/y33czLZ3+DdSFxkfLgd1yqX6XmFyo5gNlkL51qRecG8p/hdS
L469TVfhcqktO12Q2f6uax0zCy1Jg51ogEba0/Sl0bUVrj1UinT/NAnX7/Len0TJ
EX2cLHCYc5lKjeyHjKmfbfUyIBnOSCF+mWKXYAaSxJyGVo43uttuw87VeswQSPFm
OxMbYJ/dPezjde6pa5TTY2i1LZuwfNznZ2b5msUg56RfemHee/ECGtAzTXqbPrVN
NZY0hPLZQmvBY64sOCgNTkieAfe9r0qhKzRa+n+AAyJOeeCOGWo1jSxbCwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFBp/A24lkjkftFo90zyvCweVaXPPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VkLzI0YmUx
YS0xNmRhLTQ4MWMtOGJjYi0zNDBkNjI1YzZkYmEvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvMjRiZTFh
LTE2ZGEtNDgxYy04YmNiLTM0MGQ2MjVjNmRiYS8xL0duOERiaVdTT1ItMFdqM1RQ
SzhMQjVWcGM4OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUF
BwEHAQH/BDkwNzAYBAIAATASAwQCAju0AwQCLZyQAwQCuWd4MBsEAgACMBUDBQMq
BivAAwUDKgn3QAMFAyoPIoAwGgYIKwYBBQUHAQgBAf8ECzAJoAcwBQIDAx2LMA0G
CSqGSIb3DQEBCwUAA4IBAQCVumXQPMSrbUH+5Zqucr4PbLnZ9RuJB8DtVJR64Rla
oBdu8Vf8OQQFQGTbtdCqK4rLhbOqwLJE6w1KYhDrNlg/Xz9d0nu8bZQV09nn+pGK
OQHAZqBWoLLV7LoMm+hvfbtZPgcRZGksP89rAAV0vR7x6TMk2i3kOgdeHBgWsjyO
7o1eyAUOMc5HcAJwsqnqfAkkmbrE7TIDdPav8LhOdHbKoSw+/Gd2M2mT0K4mXSxQ
FxxtQf1vJJ1sWnfwgprs56aa5tHUPWzoMVsQ62Izu1SRJdDK0MnelCAj9vbG3y9x
hWatu/ODJinmi4F9Z83KInpZtF9F7Gn0kMjzpxVzvj+Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:35:42 2025 by rpki-client