Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/J7ITMhmYnmoy1xFY0IUqUW62958.cer
File: J7ITMhmYnmoy1xFY0IUqUW62958.cer (raw, json)
Hash identifier: ENrQXjU72bSXt7yvozzfcs8sMtcDsxYqxF/8zxqI2iw=
Subject key identifier: 27:B2:13:32:19:98:9E:6A:32:D7:11:58:D0:85:2A:51:6E:B6:F7:9F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421444E256EC9D833A5E1FB5A6C6F0B8B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d3/c66606-2ae8-4ada-b35b-c2e8a0303fc3/1/J7ITMhmYnmoy1xFY0IUqUW62958.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d3/c66606-2ae8-4ada-b35b-c2e8a0303fc3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:32 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 202675
IP: 185.17.106.0/23
IP: 185.56.218.0/23
IP: 2a02:5620::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4e:25:6e:c9:d8:33:a5:e1:fb:5a:6c:6f:0b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27b2133219989e6a32d71158d0852a516eb6f79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b9:a5:9f:80:27:f6:04:e3:ba:4d:1c:e0:e1:
2f:4a:3c:c7:33:6f:a0:8b:87:a9:9c:ad:9c:db:61:
55:22:3a:e6:11:d9:e0:fb:44:76:ae:15:1d:41:8c:
e1:5e:7e:37:9e:b5:4a:f8:f7:c4:23:31:b3:3d:5b:
86:70:ef:8d:c4:82:19:2c:2d:e2:eb:00:bc:4d:06:
3d:24:b0:77:be:84:62:ad:e3:7a:57:dc:19:a5:0d:
6d:f0:58:e6:6c:28:f8:40:9f:f7:b8:9f:ed:1d:71:
79:37:b0:e4:a4:2b:e4:fb:7b:a7:3f:fb:8c:98:fa:
ab:d1:3c:2e:4d:ed:cb:1b:70:fb:86:8c:0d:d6:61:
89:22:6d:d7:ef:67:08:5a:b3:e4:ad:b1:c6:d1:ef:
15:9f:45:01:f1:31:66:02:63:26:eb:81:e2:44:8c:
58:ea:b8:52:54:1c:92:c5:8f:c4:e3:0f:5a:19:8c:
79:11:3e:a4:1d:f9:6f:96:d2:0d:b2:37:16:fa:b3:
cd:2a:19:fa:69:e4:57:44:74:f2:5a:42:20:dc:66:
77:9c:b5:ee:97:c3:e9:29:66:e4:c3:b6:08:04:39:
0d:82:50:e2:5b:0e:d3:69:10:87:ab:a5:3e:2c:57:
fb:a5:e0:8e:e5:4d:d9:00:9a:bf:c3:ed:73:09:15:
f4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B2:13:32:19:98:9E:6A:32:D7:11:58:D0:85:2A:51:6E:B6:F7:9F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c66606-2ae8-4ada-b35b-c2e8a0303fc3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c66606-2ae8-4ada-b35b-c2e8a0303fc3/1/J7ITMhmYnmoy1xFY0IUqUW62958.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.106.0/23
185.56.218.0/23
IPv6:
2a02:5620::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202675
Signature Algorithm: sha256WithRSAEncryption
11:21:f1:27:fa:56:c7:b5:19:75:8b:e0:5d:c5:d7:1c:72:ae:
19:95:b0:cf:19:fb:72:7c:81:f4:47:d2:54:15:81:57:b2:80:
07:e2:bf:38:88:c8:20:36:ba:e0:0f:75:c0:42:e7:88:1c:5f:
5a:c6:4f:cd:58:9f:b2:01:19:82:20:4a:4c:92:15:b8:89:a3:
dc:62:0b:49:3c:8d:ec:b9:a4:1e:24:2d:6e:19:eb:6b:6c:ee:
31:d1:fc:21:15:e0:63:8f:c2:59:cd:89:1a:88:cd:23:76:4d:
32:38:dd:0c:25:ad:32:e4:a4:0a:a4:8f:9e:41:19:e0:20:73:
ad:8f:3d:9a:c1:66:94:fb:21:66:f9:1e:9e:6f:e2:aa:74:5a:
85:0b:f2:1c:6a:d7:65:f2:45:f1:48:02:05:4f:f9:4b:ca:bf:
20:d7:07:f5:37:20:74:c1:7a:0f:83:47:5c:dd:c4:a2:59:c4:
11:b5:78:d2:16:df:08:b5:75:3d:0e:9a:7d:bd:0c:72:15:2c:
cb:dd:33:bb:85:fa:fd:64:f4:12:eb:91:7b:4a:53:dc:82:eb:
31:0f:83:b7:bc:e4:25:2a:09:57:26:cc:9d:32:e4:d0:ce:cd:
d0:68:0c:d0:e2:85:6e:ce:30:ef:5b:ef:bc:94:be:1b:cc:27:
7a:db:6b:52
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQhRE4lbsnYM6Xh+1psbwuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2IyMTMzMjE5OTg5ZTZhMzJkNzExNThkMDg1MmE1MTZlYjZmNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbmln4An9gTjuk0c4OEvSjzHM2+g
i4epnK2c22FVIjrmEdng+0R2rhUdQYzhXn43nrVK+PfEIzGzPVuGcO+NxIIZLC3i
6wC8TQY9JLB3voRireN6V9wZpQ1t8FjmbCj4QJ/3uJ/tHXF5N7DkpCvk+3unP/uM
mPqr0TwuTe3LG3D7howN1mGJIm3X72cIWrPkrbHG0e8Vn0UB8TFmAmMm64HiRIxY
6rhSVBySxY/E4w9aGYx5ET6kHflvltINsjcW+rPNKhn6aeRXRHTyWkIg3GZ3nLXu
l8PpKWbkw7YIBDkNglDiWw7TaRCHq6U+LFf7peCO5U3ZAJq/w+1zCRX0XwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCeyEzIZmJ5qMtcRWNCFKlFutvefMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QzL2M2NjYw
Ni0yYWU4LTRhZGEtYjM1Yi1jMmU4YTAzMDNmYzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMvYzY2NjA2
LTJhZTgtNGFkYS1iMzViLWMyZThhMDMwM2ZjMy8xL0o3SVRNaG1Zbm1veTF4Rlkw
SVVxVVc2Mjk1OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQBuRFqAwQBuTjaMA0EAgACMAcDBQAqAlYgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMXszANBgkqhkiG9w0BAQsFAAOCAQEAESHx
J/pWx7UZdYvgXcXXHHKuGZWwzxn7cnyB9EfSVBWBV7KAB+K/OIjIIDa64A91wELn
iBxfWsZPzVifsgEZgiBKTJIVuImj3GILSTyN7LmkHiQtbhnra2zuMdH8IRXgY4/C
Wc2JGojNI3ZNMjjdDCWtMuSkCqSPnkEZ4CBzrY89msFmlPshZvkenm/iqnRahQvy
HGrXZfJF8UgCBU/5S8q/INcH9TcgdMF6D4NHXN3EolnEEbV40hbfCLV1PQ6afb0M
chUsy90zu4X6/WT0EuuRe0pT3ILrMQ+Dt7zkJSoJVybMnTLk0M7N0GgM0OKFbs4w
71vvvJS+G8wnettrUg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:56:48 2025 by rpki-client