Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
File: IYzG4kEF3mxckAPWUkOJPLPP3QE.cer (raw, json)
Hash identifier: 51Jhpfj0s7dvd2QrLdMn0wStKYSqbhkROVNTACmJ07Y=
Subject key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019420D5A36D8A94986103533658A8DF8930
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 07:47:39 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 206074
AS: 206092
AS: 206150
AS: 206164
AS: 210277
AS: 213060
AS: 213074
AS: 213085
IP: 82.21.0.0 -- 82.27.255.255
IP: 82.29.0.0/16
IP: 2a13:9500::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a3:6d:8a:94:98:61:03:53:36:58:a8:df:89:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 07:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f9:96:ea:84:58:ba:6d:1c:bb:e7:ef:d6:86:
76:8c:ed:d1:6d:03:27:6d:8d:13:84:78:1f:79:c2:
4e:59:ca:66:c1:58:3c:b3:b9:ff:29:c2:c6:1b:40:
d3:af:15:75:51:db:fe:0f:5f:dc:ce:82:e8:e8:5e:
48:93:59:a4:3e:25:5e:b9:50:05:b9:a6:98:e7:62:
e5:ae:8d:ae:ec:32:0b:3c:64:56:2e:af:bd:84:65:
f5:6f:18:81:6a:36:40:6c:f5:44:ea:c1:84:37:f5:
8e:97:ac:f1:2b:9d:c1:d5:54:a2:9a:33:52:b8:04:
eb:f5:45:5e:88:87:82:db:ce:ef:6c:95:e4:ca:88:
b5:f7:30:72:a7:ad:c3:8f:96:2e:62:94:b4:03:9d:
c2:91:09:56:3c:29:06:12:34:aa:4c:d1:f2:3a:5f:
3a:2c:4d:0e:84:3d:ae:a2:1e:6d:67:56:d6:aa:fc:
50:2c:e7:49:bf:10:46:34:51:3c:a3:4e:56:a2:b6:
6a:a3:5a:07:93:55:5a:fc:1d:12:b3:dd:9a:35:93:
0c:a5:07:30:00:b7:25:ca:f9:25:9e:3c:4b:84:7e:
42:04:a5:39:d8:ba:f0:ba:04:92:0e:3b:01:2e:c7:
e2:dc:88:89:45:c8:63:e6:c6:18:65:04:06:08:45:
3a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0-82.27.255.255
82.29.0.0/16
IPv6:
2a13:9500::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
206074
206092
206150
206164
210277
213060
213074
213085
Signature Algorithm: sha256WithRSAEncryption
20:ca:70:f2:00:9b:93:84:b6:82:ef:62:34:c0:46:da:c3:7e:
c4:2d:fa:72:77:bb:f4:16:1b:7b:42:5c:85:12:c0:47:d6:2b:
e5:29:97:37:1e:d8:d1:c6:80:32:38:b8:06:d5:76:fc:80:45:
4b:48:85:d0:7d:1c:d0:29:bb:bf:66:1d:ee:46:19:f6:2d:32:
9d:b6:3b:9c:ee:82:42:ec:8f:50:88:ba:b3:fa:c3:e2:5f:2d:
da:57:a0:60:01:38:af:89:1c:7a:5d:77:f7:f8:fc:e2:62:79:
84:00:e9:f6:75:d9:47:c3:fc:c4:13:f9:88:ca:28:8b:79:cf:
16:ac:e6:c5:7b:25:8e:ee:2d:a4:e7:77:d2:a1:fb:c1:e8:e9:
36:79:f1:5a:86:0a:15:f4:b0:33:23:25:41:b9:fb:f4:27:0e:
48:30:15:8c:25:72:68:e7:52:d7:ce:84:ec:d4:e7:6a:b7:e4:
b8:d0:a9:aa:07:61:9b:5e:76:0b:d1:75:58:89:4e:e5:3f:17:
d0:08:5b:55:a2:7d:5e:d2:e2:c1:d3:e5:1d:a7:51:89:10:b9:
66:fc:5a:a3:66:03:e9:a4:81:c3:48:c7:2d:24:80:42:5f:d1:
b1:96:0a:2a:7c:41:8a:a1:73:eb:c2:ea:ef:82:39:60:ac:75:
a2:a8:2a:95
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAZQg1aNtipSYYQNTNlio34kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjYzZlMjQxMDVkZTZjNWM5MDAzZDY1MjQzODkzY2IzY2ZkZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfmW6oRYum0cu+fv1oZ2jO3RbQMn
bY0ThHgfecJOWcpmwVg8s7n/KcLGG0DTrxV1Udv+D1/czoLo6F5Ik1mkPiVeuVAF
uaaY52Llro2u7DILPGRWLq+9hGX1bxiBajZAbPVE6sGEN/WOl6zxK53B1VSimjNS
uATr9UVeiIeC287vbJXkyoi19zByp63Dj5YuYpS0A53CkQlWPCkGEjSqTNHyOl86
LE0OhD2uoh5tZ1bWqvxQLOdJvxBGNFE8o05WorZqo1oHk1Va/B0Ss92aNZMMpQcw
ALclyvklnjxLhH5CBKU52LrwugSSDjsBLsfi3IiJRchj5sYYZQQGCEU6OwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFCGMxuJBBd5sXJAD1lJDiTyzz90BMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGEx
YjRmLWI2NGMtNDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4
YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMjE4Q0M2RTI0MTA1
REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwETAK
AwMAUhUDAwJSGAMDAFIdMA0EAgACMAcDBQMqE5UAMD0GCCsGAQUFBwEIAQH/BC4w
LKAqMCgCAwMk+gIDAyUMAgMDJUYCAwMlVAIDAzVlAgMDQEQCAwNAUgIDA0BdMA0G
CSqGSIb3DQEBCwUAA4IBAQAgynDyAJuThLaC72I0wEbaw37ELfpyd7v0Fht7QlyF
EsBH1ivlKZc3HtjRxoAyOLgG1Xb8gEVLSIXQfRzQKbu/Zh3uRhn2LTKdtjuc7oJC
7I9QiLqz+sPiXy3aV6BgATiviRx6XXf3+PziYnmEAOn2ddlHw/zEE/mIyiiLec8W
rObFeyWO7i2k53fSofvB6Ok2efFahgoV9LAzIyVBufv0Jw5IMBWMJXJo51LXzoTs
1Odqt+S40KmqB2GbXnYL0XVYiU7lPxfQCFtVon1e0uLB0+Udp1GJELlm/FqjZgPp
pIHDSMctJIBCX9GxlgoqfEGKoXPrwurvgjlgrHWiqCqV
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:46:06 2025 by rpki-client