Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
File: JaVTeUIj5rTGMnebUTcdxOfXBwU.cer (raw, json)
Hash identifier: 3B5wt15YVZ8rhD/Pgvc9NlT7uHT6gIVBxJc25N2Gvk8=
Subject key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019423697954F1C6526A064864E9DA73CD37
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:48:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 46.102.248.0/24
IP: 84.40.0.0 -- 84.40.39.255
IP: 84.40.48.0/21
IP: 89.33.207.0/24
IP: 89.36.24.0/21
IP: 89.36.255.0/24
IP: 89.41.60.0/23
IP: 89.42.155.0/24
IP: 89.47.247.0/24
IP: 176.223.192.0/18
IP: 188.215.38.0/24
IP: 2001:67c:4dc::/48
IP: 2a06:6b80::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:79:54:f1:c6:52:6a:06:48:64:e9:da:73:cd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25a553794223e6b4c632779b51371dc4e7d70705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:b0:79:e1:72:a6:29:9f:7a:da:b3:2e:8a:
ea:65:60:b2:b9:ff:7d:2e:e1:83:22:5f:b8:e1:4b:
70:f2:a8:c6:54:37:bf:de:bd:96:6c:a6:eb:d1:11:
b5:5c:b9:c1:5a:30:4e:5a:c2:a3:28:f0:d9:9b:a2:
2d:b7:19:00:e0:9b:8a:43:81:45:42:0c:32:0d:e9:
cd:ad:7f:19:20:f5:97:8c:b9:0f:9c:96:50:f1:60:
a2:0d:67:df:3d:22:5b:e6:95:e9:e9:1d:44:38:48:
9b:ec:60:30:f8:6b:e8:ed:ca:7b:f1:94:0b:6b:91:
e3:0e:eb:34:5c:e4:a4:af:b3:4f:42:11:74:01:1f:
9d:f6:d5:18:85:b3:02:d6:81:98:be:c4:42:ec:b8:
d0:d6:68:31:57:92:7b:a8:5b:1a:94:9c:b9:6b:8e:
07:c7:54:59:6a:8b:87:3f:68:75:09:d6:2b:cb:9a:
b6:5a:31:b2:78:12:04:10:42:89:86:e0:ac:51:f9:
fb:37:ec:67:91:fb:f4:c6:d5:16:90:df:29:b7:a2:
80:e3:76:5e:56:d0:77:8c:cf:82:2b:fb:f0:52:22:
cd:76:1d:55:f7:78:06:77:2f:b6:20:df:b5:16:02:
52:67:aa:45:1f:b0:1c:31:00:13:02:aa:e7:e0:ec:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.248.0/24
84.40.0.0-84.40.39.255
84.40.48.0/21
89.33.207.0/24
89.36.24.0/21
89.36.255.0/24
89.41.60.0/23
89.42.155.0/24
89.47.247.0/24
176.223.192.0/18
188.215.38.0/24
IPv6:
2001:67c:4dc::/48
2a06:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
29:0a:42:8e:b2:51:55:c9:ed:f8:69:39:cb:8b:47:69:51:6d:
91:5d:7c:59:8f:8b:e6:b0:d0:91:16:15:b4:1d:9c:88:35:ec:
74:10:93:0a:b5:4f:eb:e9:28:c8:3b:99:4f:b2:76:ad:93:ac:
42:5f:b2:b3:02:65:3c:0e:2b:90:be:97:c2:ec:00:22:4d:9b:
e4:86:17:d9:18:57:18:85:b8:69:47:ac:b1:80:3d:c7:7b:3c:
91:f3:d1:55:d1:39:f9:58:4a:2e:59:c3:63:1a:dd:41:48:e3:
19:99:1f:1f:d6:d1:c9:91:2e:d5:5f:bb:41:ec:a3:f0:af:2e:
f3:d5:d1:6c:b1:67:ce:a3:5a:48:0b:5f:1f:fc:42:b4:ba:ac:
d4:6c:42:ce:23:0d:11:9e:89:c5:70:00:0c:33:e3:87:90:0a:
bc:26:28:fd:f1:2c:a8:a6:bb:d7:20:fe:56:a5:3e:ec:e3:4c:
5c:c9:3f:83:f7:9d:b7:82:7f:38:86:40:19:48:29:59:e1:66:
ec:dc:7c:4f:49:71:6a:94:0f:2d:8a:2a:2e:85:84:7a:b4:fd:
47:ef:a3:4e:8a:97:35:14:47:59:89:c3:7a:ad:b0:cc:55:13:
e3:ff:58:66:84:3c:1d:e0:16:d8:b9:ee:a0:e7:5b:cb:32:0a:
c7:9d:ac:c5
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZQjaXlU8cZSagZIZOnac803MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE1NTM3OTQyMjNlNmI0YzYzMjc3OWI1MTM3MWRjNGU3ZDcwNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr2weeFypimfetqzLorqZWCyuf99
LuGDIl+44Utw8qjGVDe/3r2WbKbr0RG1XLnBWjBOWsKjKPDZm6IttxkA4JuKQ4FF
QgwyDenNrX8ZIPWXjLkPnJZQ8WCiDWffPSJb5pXp6R1EOEib7GAw+Gvo7cp78ZQL
a5HjDus0XOSkr7NPQhF0AR+d9tUYhbMC1oGYvsRC7LjQ1mgxV5J7qFsalJy5a44H
x1RZaouHP2h1CdYry5q2WjGyeBIEEEKJhuCsUfn7N+xnkfv0xtUWkN8pt6KA43Ze
VtB3jM+CK/vwUiLNdh1V93gGdy+2IN+1FgJSZ6pFH7AcMQATAqrn4OxVwwIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUzLzFmOTZj
Yy01ZWE2LTQ5ZTMtOGY1Zi0zMGU5MjllZDEwNjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvMWY5NmNj
LTVlYTYtNDllMy04ZjVmLTMwZTkyOWVkMTA2My8xL0phVlRlVUlqNXJUR01uZWJV
VGNkeE9mWEJ3VS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHoGCCsGAQUF
BwEHAQH/BGswaTBPBAIAATBJAwQALmb4MAsDAwNUKAMEA1QoIAMEA1QoMAMEAFkh
zwMEA1kkGAMEAFkk/wMEAVkpPAMEAFkqmwMEAFkv9wMEBrDfwAMEALzXJjAWBAIA
AjAQAwcAIAEGfATcAwUDKgZrgDANBgkqhkiG9w0BAQsFAAOCAQEAKQpCjrJRVcnt
+Gk5y4tHaVFtkV18WY+L5rDQkRYVtB2ciDXsdBCTCrVP6+koyDuZT7J2rZOsQl+y
swJlPA4rkL6XwuwAIk2b5IYX2RhXGIW4aUessYA9x3s8kfPRVdE5+VhKLlnDYxrd
QUjjGZkfH9bRyZEu1V+7Qeyj8K8u89XRbLFnzqNaSAtfH/xCtLqs1GxCziMNEZ6J
xXAADDPjh5AKvCYo/fEsqKa71yD+VqU+7ONMXMk/g/edt4J/OIZAGUgpWeFm7Nx8
T0lxapQPLYoqLoWEerT9R++jToqXNRRHWYnDeq2wzFUT4/9YZoQ8HeAW2LnuoOdb
yzIKx52sxQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:13:57 2025 by rpki-client