Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JOU3iL1O-iOxqCB7fnSo4cxnewA.cer
File: JOU3iL1O-iOxqCB7fnSo4cxnewA.cer (raw, json)
Hash identifier: tdLq4ATOfg4ZzKvpAPEjB0k5IZih3H4gyss4jfrUKBY=
Subject key identifier: 24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942016218107E5694E3193E5F5748E9FEA
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
caRepository: rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/
Notify URL: https://rrdp.paas.rpki.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 04:18:28 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44838
IP: 46.183.24.0/21
IP: 91.203.40.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:16:21:81:07:e5:69:4e:31:93:e5:f5:74:8e:9f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 04:18:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24e53788bd4efa23b1a8207b7e74a8e1cc677b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:bc:72:7c:8b:16:47:fe:62:30:c8:4c:26:
04:f7:cf:83:16:08:b1:f0:14:53:b7:7c:5c:d4:15:
97:51:d2:74:29:b5:68:b3:51:0a:c7:e7:f8:66:a0:
33:84:72:aa:f0:3f:36:f6:6d:ac:7f:bc:a2:23:c4:
da:a5:d5:27:68:24:e4:af:43:6a:78:76:a6:7b:f3:
09:7f:d1:ea:45:4a:cf:54:9b:39:8f:54:16:0f:7a:
53:04:81:a0:42:48:29:6e:ac:02:f3:07:2b:59:30:
6d:b9:f5:45:83:eb:ce:b1:73:c2:b8:33:8a:0f:56:
4e:d7:38:25:a2:1c:13:fc:83:0a:b1:28:ce:7c:b9:
ea:5c:ef:dc:fa:5c:9d:01:90:c5:b9:13:a2:b3:d0:
38:2f:ec:ef:7a:bb:dc:d3:64:fa:ee:3e:3b:1f:cd:
69:87:7c:cf:38:bc:d4:76:46:08:8c:3b:0c:4b:0b:
e9:7e:12:3a:7a:f5:28:94:9e:57:fd:e0:13:e0:88:
d2:7a:3f:de:ce:0a:15:12:a6:02:a9:af:5f:16:e8:
09:6a:73:06:a9:ca:01:20:33:4e:31:5b:f3:6f:0c:
a7:44:0a:66:f0:98:9a:62:eb:9c:45:0d:77:10:01:
8a:1a:3e:46:22:df:de:4e:aa:df:ff:cd:5b:19:70:
d1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E5:37:88:BD:4E:FA:23:B1:A8:20:7B:7E:74:A8:E1:CC:67:7B:00
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/
RPKI Manifest - URI:rsync://rsync.paas.rpki.ripe.net/repository/16acb9a0-6d1e-4ae4-9177-d938e9804395/0/24E53788BD4EFA23B1A8207B7E74A8E1CC677B00.mft
RPKI Notify - URI:https://rrdp.paas.rpki.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.24.0/21
91.203.40.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44838
Signature Algorithm: sha256WithRSAEncryption
a5:4a:da:37:b1:fd:33:27:20:c1:01:55:45:14:54:b9:c5:8f:
22:49:20:7a:ec:6e:9c:d3:30:d1:a2:9c:b7:2a:ab:e5:11:60:
ae:c6:d0:ae:a5:25:cb:2d:f8:3a:b8:cb:c2:da:b0:fc:98:cc:
43:c5:cf:6e:bc:a5:f8:2a:be:19:02:19:37:6e:b5:db:61:a2:
07:59:b5:6c:c4:2a:d3:53:71:6f:47:0f:71:67:d6:e5:ee:d2:
c0:96:74:04:3c:9f:3b:35:63:ba:22:15:71:d5:39:74:d0:e6:
25:fe:a0:46:4f:e3:12:69:78:86:27:1a:fd:ee:39:ef:5c:a4:
4c:ab:7b:22:ac:59:17:07:1d:06:c7:ed:3c:67:97:cc:75:1c:
bd:37:fc:1e:78:80:3b:60:a4:b1:0c:b7:90:e7:5c:b4:57:b0:
48:f9:80:40:60:92:c7:82:c4:5d:2a:5b:7c:13:f4:f0:eb:4a:
0f:3f:ac:40:bc:b3:15:1b:33:44:bc:a6:35:bc:c3:2d:b7:18:
32:59:51:76:57:93:eb:ad:95:3b:3b:9e:9b:d9:57:28:63:2b:
58:15:38:b3:05:3e:47:80:51:82:cf:4d:8d:92:2c:c8:86:ef:
5d:1a:4b:6b:d3:18:80:b3:a1:5f:f5:00:36:fe:a1:b7:8e:6a:
8e:aa:a8:89
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZQgFiGBB+VpTjGT5fV0jp/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDQxODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU1Mzc4OGJkNGVmYTIzYjFhODIwN2I3ZTc0YThlMWNjNjc3YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/u8cnyLFkf+YjDITCYE98+DFgix
8BRTt3xc1BWXUdJ0KbVos1EKx+f4ZqAzhHKq8D829m2sf7yiI8TapdUnaCTkr0Nq
eHame/MJf9HqRUrPVJs5j1QWD3pTBIGgQkgpbqwC8wcrWTBtufVFg+vOsXPCuDOK
D1ZO1zglohwT/IMKsSjOfLnqXO/c+lydAZDFuROis9A4L+zvervc02T67j47H81p
h3zPOLzUdkYIjDsMSwvpfhI6evUolJ5X/eAT4IjSej/ezgoVEqYCqa9fFugJanMG
qcoBIDNOMVvzbwynRApm8JiaYuucRQ13EAGKGj5GIt/eTqrf/81bGXDR7wIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFCTlN4i9Tvojsagge350qOHMZ3sAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggE/BggrBgEFBQcBCwSCATEwggEtMF8GCCsGAQUFBzAFhlNy
c3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzE2YWNi
OWEwLTZkMWUtNGFlNC05MTc3LWQ5MzhlOTgwNDM5NS8wLzCBiwYIKwYBBQUHMAqG
f3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTZh
Y2I5YTAtNmQxZS00YWU0LTkxNzctZDkzOGU5ODA0Mzk1LzAvMjRFNTM3ODhCRDRF
RkEyM0IxQTgyMDdCN0U3NEE4RTFDQzY3N0IwMC5tZnQwPAYIKwYBBQUHMA2GMGh0
dHBzOi8vcnJkcC5wYWFzLnJwa2kucmlwZS5uZXQvbm90aWZpY2F0aW9uLnhtbDBZ
BgNVHR8EUjBQME6gTKBKhkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0twU28zVlZLNXdFSElKbkhDMlFIVlYzZDVtay5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAME
Ay63GAMEAlvLKDAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMAryYwDQYJKoZIhvcN
AQELBQADggEBAKVK2jex/TMnIMEBVUUUVLnFjyJJIHrsbpzTMNGinLcqq+URYK7G
0K6lJcst+Dq4y8LasPyYzEPFz268pfgqvhkCGTdutdthogdZtWzEKtNTcW9HD3Fn
1uXu0sCWdAQ8nzs1Y7oiFXHVOXTQ5iX+oEZP4xJpeIYnGv3uOe9cpEyreyKsWRcH
HQbH7Txnl8x1HL03/B54gDtgpLEMt5DnXLRXsEj5gEBgkseCxF0qW3wT9PDrSg8/
rEC8sxUbM0S8pjW8wy23GDJZUXZXk+utlTs7npvZVyhjK1gVOLMFPkeAUYLPTY2S
LMiG710aS2vTGICzoV/1ADb+obeOao6qqIk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:51:44 2025 by rpki-client