Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Iqs7vLPNUyaosST8ld7RRFN1L6I.cer
File: Iqs7vLPNUyaosST8ld7RRFN1L6I.cer (raw, json)
Hash identifier: FuTyhKW/0ZtSrtyK8chAdzzjMCLl0WN3o+6dwQc7Q94=
Subject key identifier: 22:AB:3B:BC:B3:CD:53:26:A8:B1:24:FC:95:DE:D1:44:53:75:2F:A2
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C056F68B78F7CCEC51EAAA06518E2
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/392489-7337-4bd7-95ae-fa8a5e86b348/1/Iqs7vLPNUyaosST8ld7RRFN1L6I.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/392489-7337-4bd7-95ae-fa8a5e86b348/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:47:37 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 30931
IP: 91.223.203.0/24
IP: 91.223.218.0/24
IP: 193.30.41.0/24
IP: 194.107.118.0/24
IP: 195.234.39.0/24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:05:6f:68:b7:8f:7c:ce:c5:1e:aa:a0:65:18:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22ab3bbcb3cd5326a8b124fc95ded14453752fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:47:f0:cd:95:77:3b:4a:90:ed:02:57:4b:ac:
fd:67:30:47:81:d5:fa:1c:20:db:c0:7e:76:c8:96:
2a:3b:39:36:c3:b0:c6:9a:a0:27:2d:d9:b9:f2:46:
7f:9c:89:8e:04:2f:54:af:03:87:58:b9:41:83:64:
9b:f5:89:24:41:64:d1:55:82:af:55:32:b3:3a:3c:
ad:51:77:4c:07:1e:87:ec:fa:9e:a7:be:46:25:f9:
f8:a6:da:a1:fe:27:4a:5b:05:9e:f2:49:64:18:f0:
9f:cf:ed:55:d7:76:61:39:32:5c:49:74:c3:e3:9e:
09:92:89:06:a7:2f:e7:f4:82:be:c9:0a:0f:f3:08:
3d:bf:78:bc:cd:b1:ae:9d:af:86:d2:67:f1:80:9c:
ad:9d:10:19:7c:ab:9b:0f:ac:a0:66:3c:d7:14:77:
ba:be:09:d5:20:7d:f1:8c:04:cd:35:20:ef:55:39:
78:fe:ad:e1:7d:ed:c4:e0:b0:63:7a:5a:64:43:ae:
f7:7c:68:17:2b:8f:23:6b:db:20:76:ca:38:8a:c0:
16:7e:ac:49:91:e6:8d:7a:b1:1b:3c:cb:9e:cf:ef:
97:ed:5d:01:22:db:0b:36:a5:26:2d:ad:51:e9:5a:
f5:2d:f2:13:ab:d2:1a:db:76:0f:e4:bd:41:e7:10:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AB:3B:BC:B3:CD:53:26:A8:B1:24:FC:95:DE:D1:44:53:75:2F:A2
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/392489-7337-4bd7-95ae-fa8a5e86b348/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/392489-7337-4bd7-95ae-fa8a5e86b348/1/Iqs7vLPNUyaosST8ld7RRFN1L6I.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.203.0/24
91.223.218.0/24
193.30.41.0/24
194.107.118.0/24
195.234.39.0/24
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
30931
Signature Algorithm: sha256WithRSAEncryption
49:b0:91:70:56:75:d1:47:c6:9d:54:ac:15:8a:dc:ba:a1:40:
78:3c:1b:33:04:75:1b:72:30:b8:85:49:aa:08:5f:ce:9a:62:
b0:a1:4b:6b:98:7a:a5:77:63:51:22:28:a5:b9:72:ef:21:58:
89:e9:c2:c8:9a:a8:1f:b3:b9:df:a8:9f:0c:ce:c6:96:15:b3:
79:d3:bb:b2:8d:a9:00:2d:54:2d:85:8f:fd:54:8a:30:da:ab:
37:2a:2f:d2:6b:7f:60:d8:4a:9d:1f:be:43:27:9e:42:f2:fa:
76:98:f3:d3:2b:fa:4a:20:ba:62:2a:b3:67:0f:f9:78:9f:92:
62:64:22:cc:d8:3c:c0:a5:7e:0c:85:cf:5c:a4:d6:36:28:30:
31:df:95:8b:ed:b0:aa:e6:e3:6b:a8:58:d6:31:01:b5:3b:6d:
49:30:9f:ac:16:06:73:a9:b5:49:ef:ca:d1:5a:7f:f3:ca:44:
83:55:1b:ae:33:7b:d0:80:10:a2:03:cd:65:c2:b0:2d:73:68:
f1:35:06:95:3c:da:84:63:60:e7:2e:3b:87:08:44:5c:f8:b8:
a9:ff:b6:10:e7:79:fb:0a:76:98:e6:4a:ee:62:6e:54:81:d9:
6e:b8:3b:25:71:63:12:45:a4:a6:ea:c6:f6:8b:f3:70:c8:11:
0b:d2:94:8e
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZQfjAVvaLePfM7FHqqgZRjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFiM2JiY2IzY2Q1MzI2YThiMTI0ZmM5NWRlZDE0NDUzNzUyZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UfwzZV3O0qQ7QJXS6z9ZzBHgdX6
HCDbwH52yJYqOzk2w7DGmqAnLdm58kZ/nImOBC9UrwOHWLlBg2Sb9YkkQWTRVYKv
VTKzOjytUXdMBx6H7Pqep75GJfn4ptqh/idKWwWe8klkGPCfz+1V13ZhOTJcSXTD
454JkokGpy/n9IK+yQoP8wg9v3i8zbGuna+G0mfxgJytnRAZfKubD6ygZjzXFHe6
vgnVIH3xjATNNSDvVTl4/q3hfe3E4LBjelpkQ673fGgXK48ja9sgdso4isAWfqxJ
keaNerEbPMuez++X7V0BItsLNqUmLa1R6Vr1LfITq9Ia23YP5L1B5xDb3QIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFCKrO7yzzVMmqLEk/JXe0URTdS+iMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjLzM5MjQ4
OS03MzM3LTRiZDctOTVhZS1mYThhNWU4NmIzNDgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvMzkyNDg5
LTczMzctNGJkNy05NWFlLWZhOGE1ZTg2YjM0OC8xL0lxczd2TFBOVXlhb3NTVDhs
ZDdSUkZOMUw2SS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUF
BwEHAQH/BCgwJjAkBAIAATAeAwQAW9/LAwQAW9/aAwQAwR4pAwQAwmt2AwQAw+on
MBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnjTMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
sJFwVnXRR8adVKwVity6oUB4PBszBHUbcjC4hUmqCF/OmmKwoUtrmHqld2NRIiil
uXLvIViJ6cLImqgfs7nfqJ8MzsaWFbN507uyjakALVQthY/9VIow2qs3Ki/Sa39g
2EqdH75DJ55C8vp2mPPTK/pKILpiKrNnD/l4n5JiZCLM2DzApX4Mhc9cpNY2KDAx
35WL7bCq5uNrqFjWMQG1O21JMJ+sFgZzqbVJ78rRWn/zykSDVRuuM3vQgBCiA81l
wrAtc2jxNQaVPNqEY2DnLjuHCERc+Lip/7YQ53n7CnaY5kruYm5UgdluuDslcWMS
RaSm6sb2i/NwyBEL0pSO
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:18:13 2025 by rpki-client