Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
File: HJnOvgzwmQOQPRnBygrmJCF2SFk.cer (raw, json)
Hash identifier: OARTUwL+Ub9mqEm56Kh9oivOmyOfKevjDYflXozxWC4=
Subject key identifier: 1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FDECB36ADC352BAE17ED84D436A449
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:45 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 16186
IP: 89.105.48.0/20
IP: 151.249.112.0/21
IP: 185.88.10.0/24
IP: 185.115.252.0/22
IP: 185.116.4.0/22
IP: 185.206.48.0/22
IP: 185.234.92.0/22
IP: 194.156.192.0/22
IP: 213.179.32.0/20
IP: 2001:820::/32
IP: 2a01:160::/32
IP: 2a01:a840::/32
IP: 2a07:40::/29
IP: 2a07:e140::/29
IP: 2a0b:1040::/29
IP: 2a0d:f00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ec:b3:6a:dc:35:2b:ae:17:ed:84:d4:36:a4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:82:e1:d2:43:16:13:9c:7e:06:80:ce:75:
5c:92:2d:e2:b8:e6:79:81:c2:1c:0f:a9:1b:4b:77:
ad:90:44:91:d2:b1:53:3c:dc:19:e9:b3:05:09:0a:
79:40:39:db:62:19:fb:ff:d1:d3:30:dc:b1:84:2a:
2a:02:12:a1:e4:33:88:df:1b:20:ad:8d:5b:34:2c:
86:f4:07:23:56:11:28:14:25:24:50:51:80:54:13:
a5:f5:c4:29:48:6c:b0:e2:5f:81:d6:b7:d1:08:c4:
ee:a5:87:4e:20:df:74:1e:f9:51:20:d6:c0:e0:ec:
56:20:8a:5a:18:da:61:17:e1:48:d2:7d:1e:56:4f:
fa:1d:18:91:38:3c:ed:08:29:32:89:f2:fa:d1:b7:
25:c1:c0:08:fe:0d:0c:0b:b1:6b:f9:7b:ce:78:0e:
be:8b:d0:f2:79:c0:4c:7e:6b:8a:72:e1:00:ed:9e:
a3:2d:44:15:71:26:f1:35:60:db:4a:e4:b2:0b:7e:
d8:61:b3:28:e4:75:c5:e3:b1:6b:48:49:da:55:71:
a1:d9:cc:a9:7f:83:29:69:a8:79:84:ff:f7:e6:23:
be:b8:fa:00:97:ed:75:bb:ec:d6:f1:4e:69:1c:91:
8c:7d:13:9f:af:77:2f:25:a2:18:e8:d1:58:da:0b:
64:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.48.0/20
151.249.112.0/21
185.88.10.0/24
185.115.252.0/22
185.116.4.0/22
185.206.48.0/22
185.234.92.0/22
194.156.192.0/22
213.179.32.0/20
IPv6:
2001:820::/32
2a01:160::/32
2a01:a840::/32
2a07:40::/29
2a07:e140::/29
2a0b:1040::/29
2a0d:f00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
16186
Signature Algorithm: sha256WithRSAEncryption
8b:85:66:f8:cc:c9:1a:95:64:ba:9a:51:37:8c:02:7e:1c:dd:
ff:b8:25:9f:5b:16:49:6f:09:e8:b9:96:5d:e9:fe:40:eb:2e:
48:ac:c3:cc:e4:5e:49:5c:9d:03:57:32:b2:3b:ea:16:57:be:
f5:d7:7a:b1:fe:ad:48:f1:95:fd:e1:6e:b9:61:7c:ae:8b:cb:
7c:8f:f0:c3:1e:dd:ab:63:c2:e0:cc:5b:1c:a2:5d:32:c1:55:
d2:eb:ac:d2:c3:b4:e5:ab:73:d6:22:4c:5e:32:58:69:ec:63:
e8:c4:21:04:52:f4:4c:84:d4:72:bc:a0:e1:e4:6a:16:fe:2a:
ee:92:a3:ff:e7:49:78:0d:f6:55:63:bd:38:54:77:32:a9:2d:
2d:06:30:1f:e3:9e:3b:98:a2:a8:b7:f9:50:db:3f:07:78:30:
0b:a7:64:53:e4:2f:3d:10:00:6b:2d:b8:c4:47:6d:29:ac:90:
2a:f9:a7:57:9b:87:ad:1a:ae:34:ce:0e:2b:e3:2b:9c:24:e3:
a0:34:63:c7:ed:6b:e7:e0:72:fa:e1:2a:79:f9:5b:ab:16:4f:
93:2a:35:d9:f0:3e:86:b8:c7:22:4b:c3:5c:34:5d:9e:0b:1a:
bc:0e:01:4d:9d:02:d7:30:fe:a4:41:9e:8b:7d:eb:26:09:b8:
fb:56:80:30
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAZQl/eyzatw1K64X7YTUNqRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5Y2ViZTBjZjA5OTAzOTAzZDE5YzFjYTBhZTYyNDIxNzY0ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1KC4dJDFhOcfgaAznVcki3iuOZ5
gcIcD6kbS3etkESR0rFTPNwZ6bMFCQp5QDnbYhn7/9HTMNyxhCoqAhKh5DOI3xsg
rY1bNCyG9AcjVhEoFCUkUFGAVBOl9cQpSGyw4l+B1rfRCMTupYdOIN90HvlRINbA
4OxWIIpaGNphF+FI0n0eVk/6HRiRODztCCkyifL60bclwcAI/g0MC7Fr+XvOeA6+
i9DyecBMfmuKcuEA7Z6jLUQVcSbxNWDbSuSyC37YYbMo5HXF47FrSEnaVXGh2cyp
f4Mpaah5hP/35iO+uPoAl+11u+zW8U5pHJGMfROfr3cvJaIY6NFY2gtkwQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFByZzr4M8JkDkD0ZwcoK5iQhdkhZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzNmZWEx
YS01N2JjLTQ5M2EtOWEzZS04YzI1YjVmYjI3NmYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvM2ZlYTFh
LTU3YmMtNDkzYS05YTNlLThjMjViNWZiMjc2Zi8xL0hKbk92Z3p3bVFPUVBSbkJ5
Z3JtSkNGMlNGay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGIBggrBgEF
BQcBBwEB/wR5MHcwPAQCAAEwNgMEBFlpMAMEA5f5cAMEALlYCgMEArlz/AMEArl0
BAMEArnOMAMEArnqXAMEAsKcwAMEBNWzIDA3BAIAAjAxAwUAIAEIIAMFACoBAWAD
BQAqAahAAwUDKgcAQAMFAyoH4UADBQMqCxBAAwUDKg0PADAZBggrBgEFBQcBCAEB
/wQKMAigBjAEAgI/OjANBgkqhkiG9w0BAQsFAAOCAQEAi4Vm+MzJGpVkuppRN4wC
fhzd/7gln1sWSW8J6LmWXen+QOsuSKzDzOReSVydA1cysjvqFle+9dd6sf6tSPGV
/eFuuWF8rovLfI/wwx7dq2PC4MxbHKJdMsFV0uus0sO05atz1iJMXjJYaexj6MQh
BFL0TITUcryg4eRqFv4q7pKj/+dJeA32VWO9OFR3MqktLQYwH+OeO5iiqLf5UNs/
B3gwC6dkU+QvPRAAay24xEdtKayQKvmnV5uHrRquNM4OK+MrnCTjoDRjx+1r5+By
+uEqeflbqxZPkyo12fA+hrjHIkvDXDRdngsavA4BTZ0C1zD+pEGei33rJgm4+1aA
MA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:13:15 2025 by rpki-client