Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
File: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer (raw, json)
Hash identifier: daGLx5sQZFFJL5cuo/EgpRIevn538daDoEQqLNDLtjI=
Subject key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942068675999CAB26238B6B24DC25024EB
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 05:48:20 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 201641
IP: 185.102.100.0/22
IP: 194.15.212.0/24
IP: 2001:67c:6e8::/48
IP: 2a10:a600::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:67:59:99:ca:b2:62:38:b6:b2:4d:c2:50:24:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:a7:18:3f:3c:9f:0f:ba:71:0c:26:d2:e8:
49:5e:f2:5e:1c:75:ea:68:2e:55:d8:ea:65:16:db:
38:24:5b:26:9d:0d:35:e8:e8:79:7c:04:3d:1e:28:
07:18:4c:d1:66:c9:00:ee:88:44:26:df:f6:87:2f:
55:e6:0f:68:31:ca:38:e6:f9:67:b0:de:92:36:53:
2c:a4:60:8c:8a:a5:14:bf:f8:14:47:3a:16:ea:fe:
71:b0:fb:30:42:d9:d6:21:29:ba:5d:32:e6:3d:d8:
6b:9d:49:e0:ee:00:64:ae:d1:3f:fa:a4:51:27:e3:
69:d1:6e:48:d6:b4:2c:30:c3:1e:91:f2:46:f1:73:
32:7f:d4:67:08:a4:0b:27:80:dc:cd:8e:07:0f:64:
04:18:b0:45:72:22:c1:99:b6:f9:50:66:9f:27:b6:
3f:63:47:e8:75:c3:f7:ee:40:80:4e:e8:97:5a:46:
dc:45:5b:34:b3:e5:04:68:43:55:b1:0d:48:96:59:
2c:29:6d:a0:33:e6:a8:cd:6f:09:22:56:2d:c3:74:
42:89:2a:ab:de:3e:66:65:68:3d:15:04:5c:65:d3:
f9:5d:ca:01:de:9e:14:9f:c8:0b:76:01:e8:b2:c4:
14:64:5a:33:4b:1d:a7:79:16:ab:fb:5e:5a:90:28:
be:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.100.0/22
194.15.212.0/24
IPv6:
2001:67c:6e8::/48
2a10:a600::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201641
Signature Algorithm: sha256WithRSAEncryption
6b:51:f3:9e:0d:6d:95:11:e1:70:63:26:55:6b:b6:14:77:f0:
94:90:38:15:d6:92:b2:6a:d9:bb:2a:a2:91:71:3f:18:e1:57:
c2:e2:a4:fa:d3:63:44:5b:a4:a6:9f:71:bf:66:ea:45:ab:53:
74:0a:e6:89:24:e5:dc:4f:b6:73:d2:ec:aa:23:56:d7:3a:05:
58:73:86:36:cc:9b:59:ca:08:95:cb:3d:74:51:63:93:f0:0e:
2e:83:f2:59:bb:9d:41:77:55:e5:aa:ca:5b:b7:f9:ae:7d:d2:
80:03:fd:84:83:2b:f9:6b:0c:4a:e1:0e:0d:3c:46:82:21:8a:
a9:88:69:1f:92:4f:2b:e5:35:93:59:de:52:a3:b8:67:c6:60:
5a:9e:b8:de:c2:dd:9a:84:bc:4a:c8:db:c5:7c:2c:3d:41:0e:
88:14:c8:7f:6a:77:03:66:82:4c:59:e4:a7:e6:29:85:9d:27:
4d:51:ea:31:50:42:92:6f:06:2c:ae:58:c2:3b:e5:e9:71:ca:
fd:9b:b8:2f:92:39:53:3d:57:84:5c:9b:e2:79:fa:d1:02:49:
05:27:f1:4a:29:1a:42:c3:af:aa:26:62:ae:9f:0a:f4:a2:66:
ee:03:44:ea:f5:26:5f:9b:f7:e6:4f:0f:b7:20:bf:2c:d3:48:
29:0d:ef:a8
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZQgaGdZmcqyYji2sk3CUCTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWFhMjhkZTIxYmM5MWYzOWRiZjJkMDEyZmQ1NTJkMjJkMGY1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusynGD88nw+6cQwm0uhJXvJeHHXq
aC5V2OplFts4JFsmnQ016Oh5fAQ9HigHGEzRZskA7ohEJt/2hy9V5g9oMco45vln
sN6SNlMspGCMiqUUv/gURzoW6v5xsPswQtnWISm6XTLmPdhrnUng7gBkrtE/+qRR
J+Np0W5I1rQsMMMekfJG8XMyf9RnCKQLJ4DczY4HD2QEGLBFciLBmbb5UGafJ7Y/
Y0fodcP37kCATuiXWkbcRVs0s+UEaENVsQ1IllksKW2gM+aozW8JIlYtw3RCiSqr
3j5mZWg9FQRcZdP5XcoB3p4Un8gLdgHossQUZFozSx2neRar+15akCi+QQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFCGqKN4hvJHznb8tAS/VUtItD1qqMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2UxLzYzYTVi
Yi0yNGQwLTRkYjktYjUxMC1mOTk3M2M1NzZiMDMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEvNjNhNWJi
LTI0ZDAtNGRiOS1iNTEwLWY5OTczYzU3NmIwMy8xL0lhb28zaUc4a2ZPZHZ5MEJM
OVZTMGkwUFdxby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUF
BwEHAQH/BC4wLDASBAIAATAMAwQCuWZkAwQAwg/UMBYEAgACMBADBwAgAQZ8BugD
BQAqEKYAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMTqTANBgkqhkiG9w0BAQsF
AAOCAQEAa1Hzng1tlRHhcGMmVWu2FHfwlJA4FdaSsmrZuyqikXE/GOFXwuKk+tNj
RFukpp9xv2bqRatTdArmiSTl3E+2c9LsqiNW1zoFWHOGNsybWcoIlcs9dFFjk/AO
LoPyWbudQXdV5arKW7f5rn3SgAP9hIMr+WsMSuEODTxGgiGKqYhpH5JPK+U1k1ne
UqO4Z8ZgWp643sLdmoS8SsjbxXwsPUEOiBTIf2p3A2aCTFnkp+YphZ0nTVHqMVBC
km8GLK5Ywjvl6XHK/Zu4L5I5Uz1XhFyb4nn60QJJBSfxSikaQsOvqiZirp8K9KJm
7gNE6vUmX5v35k8PtyC/LNNIKQ3vqA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:06:22 2025 by rpki-client