Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
File: I1PVKkAkkfT5n-VHG90aXdb0K7w.cer (raw, json)
Hash identifier: JlZBgAEXn11WlU5Wih+6bnqhhbgZyrnFihDsq+rWukU=
Subject key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194221F74E1E654CB24087F8C920F0381AB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 13:47:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 39567
IP: 185.65.28.0/22
IP: 185.231.120.0/22
IP: 2a03:18e0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:74:e1:e6:54:cb:24:08:7f:8c:92:0f:03:81:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:95:69:91:8a:b6:1c:fd:68:60:c3:62:12:
c5:ac:43:a7:70:d9:6c:06:50:cc:5f:a7:f7:9b:bc:
e0:f1:e2:3a:84:af:e4:91:12:53:7a:8e:29:e5:fc:
e1:74:6c:3e:36:a2:9d:4f:29:68:37:d2:3f:35:a6:
e7:65:41:5a:05:18:62:07:75:60:1a:18:17:71:2f:
e5:4d:4d:72:b2:42:75:b3:62:ab:94:63:7f:b7:64:
37:97:0f:33:52:76:ff:d9:07:40:b7:42:6c:d6:be:
02:1c:2a:38:48:01:bb:dc:8d:ee:bb:4d:c6:85:e0:
0c:30:b0:a4:a4:ad:19:f8:ec:9f:95:21:90:3e:b2:
88:39:6b:47:34:6c:68:fe:f9:3a:9f:89:ea:e2:d6:
35:68:26:d3:e5:68:aa:89:5c:18:c1:26:86:cd:f5:
37:24:fe:d4:76:dc:5d:94:b1:50:5c:0b:22:7b:e2:
52:85:93:ec:c0:9d:6e:68:ba:7e:bd:e1:75:13:cc:
d0:3a:ed:95:80:4d:a7:1c:10:7b:3c:79:00:76:25:
49:28:c5:ec:f1:4d:88:8e:fd:d7:00:a4:a0:f5:53:
00:cb:74:c9:af:ba:97:22:e6:3a:88:71:28:ac:2e:
87:da:89:7e:01:d4:e8:ee:a5:bc:34:bc:35:5c:a0:
d1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.28.0/22
185.231.120.0/22
IPv6:
2a03:18e0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
39567
Signature Algorithm: sha256WithRSAEncryption
5b:e5:ac:83:3f:d5:a8:33:72:80:0f:4a:97:62:b5:bb:26:77:
35:fb:6f:32:f3:eb:07:a6:7f:89:54:c4:9d:b0:eb:c0:37:15:
a0:14:73:ff:41:d0:c5:44:3c:c8:5e:82:28:e4:e3:76:bf:d8:
f9:b6:3d:97:48:51:ce:0b:cf:07:8e:27:72:ae:07:87:48:04:
51:87:9a:24:42:b0:e8:db:52:28:ea:4b:bf:57:a8:b4:14:ee:
f6:c3:0c:b5:b1:f5:89:89:00:b7:7b:03:4c:2b:5f:05:11:96:
ed:da:bc:50:f7:62:bf:61:89:eb:2f:0e:67:8e:b3:86:4c:be:
da:f5:04:9e:3e:38:aa:c2:51:5f:c1:40:c3:aa:51:b7:1f:42:
5b:30:f1:98:ac:71:76:f4:eb:09:f8:0b:2b:48:31:8c:2d:06:
86:81:ec:d8:54:76:0d:7c:34:c9:18:7f:a8:ad:2b:77:85:52:
e7:06:ad:92:a6:e3:e0:fe:f3:73:df:83:bc:ff:91:92:46:7f:
37:bd:b9:28:90:2a:ee:ca:4a:3b:7b:e1:ed:09:f9:03:cf:15:
97:97:dd:18:29:f4:39:da:12:b8:ae:c6:7a:8c:93:c2:5b:38:
d6:49:b3:35:49:96:dd:35:b6:7d:09:28:c1:cb:2a:9c:9d:e6:
29:ea:4a:14
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQiH3Th5lTLJAh/jJIPA4GrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzUzZDUyYTQwMjQ5MWY0Zjk5ZmU1NDcxYmRkMWE1ZGQ2ZjQyYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQKVaZGKthz9aGDDYhLFrEOncNls
BlDMX6f3m7zg8eI6hK/kkRJTeo4p5fzhdGw+NqKdTyloN9I/NabnZUFaBRhiB3Vg
GhgXcS/lTU1yskJ1s2KrlGN/t2Q3lw8zUnb/2QdAt0Js1r4CHCo4SAG73I3uu03G
heAMMLCkpK0Z+OyflSGQPrKIOWtHNGxo/vk6n4nq4tY1aCbT5WiqiVwYwSaGzfU3
JP7UdtxdlLFQXAsie+JShZPswJ1uaLp+veF1E8zQOu2VgE2nHBB7PHkAdiVJKMXs
8U2Ijv3XAKSg9VMAy3TJr7qXIuY6iHEorC6H2ol+AdTo7qW8NLw1XKDRbQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY0LzFmMWFm
Ni1kZDFiLTQxMTctYWMxNy1kZWFiODU4NmYyY2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQvMWYxYWY2
LWRkMWItNDExNy1hYzE3LWRlYWI4NTg2ZjJjZS8xL0kxUFZLa0Fra2ZUNW4tVkhH
OTBhWGRiMEs3dy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCuUEcAwQCued4MA0EAgACMAcDBQAqAxjgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCajzANBgkqhkiG9w0BAQsFAAOCAQEAW+Ws
gz/VqDNygA9Kl2K1uyZ3NftvMvPrB6Z/iVTEnbDrwDcVoBRz/0HQxUQ8yF6CKOTj
dr/Y+bY9l0hRzgvPB44ncq4Hh0gEUYeaJEKw6NtSKOpLv1eotBTu9sMMtbH1iYkA
t3sDTCtfBRGW7dq8UPdiv2GJ6y8OZ46zhky+2vUEnj44qsJRX8FAw6pRtx9CWzDx
mKxxdvTrCfgLK0gxjC0GhoHs2FR2DXw0yRh/qK0rd4VS5watkqbj4P7zc9+DvP+R
kkZ/N725KJAq7spKO3vh7Qn5A88Vl5fdGCn0OdoSuK7GeoyTwls41kmzNUmW3TW2
fQkowcsqnJ3mKepKFA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:34:20 2025 by rpki-client