Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
File: K-U9NAqL9Hwb800yVeEC77GBrRk.cer (raw, json)
Hash identifier: haYWyx50608KmeWMpG4yGA6d1+Xrg6YpBGt2RYNfDG8=
Subject key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1E038EF397C61F9BC7E926B19CDA0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:12 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 46.236.0.0/18
IP: 81.29.64.0/19
IP: 89.151.64.0/18
IP: 178.236.144.0/20
IP: 185.68.112.0/22
IP: 2a02:16f8::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:38:ef:39:7c:61:f9:bc:7e:92:6b:19:cd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b7:c0:93:7f:c2:76:3e:4a:ad:f6:a4:22:52:
a8:44:d6:6d:45:62:2b:03:7a:11:d8:3a:50:3b:65:
01:7e:b7:0e:ef:11:5a:c4:86:df:07:4c:99:64:d1:
50:5d:29:ea:38:94:40:d1:70:81:c3:e5:11:bb:1c:
b8:a9:8e:b8:e7:32:98:12:dc:43:a1:6a:ba:31:48:
fd:28:53:f0:95:63:bf:97:4b:41:3a:e6:a3:a2:90:
8c:3c:d7:0b:cf:5e:4f:90:dd:f9:2c:bf:29:7b:c1:
b3:38:40:c1:15:81:f3:e8:13:69:e0:bc:71:3c:6a:
4b:9a:1f:66:16:a7:c4:b6:c2:88:f1:2c:d7:ad:a4:
a6:19:1c:a5:21:fd:75:55:6b:5e:77:aa:09:37:69:
5d:7b:2d:4b:cd:0d:e5:3b:b3:a2:17:00:06:bc:fd:
75:11:d0:03:17:a3:df:46:a1:d2:ee:b6:95:31:0d:
99:de:d8:6d:77:d7:6c:96:ec:97:d7:e3:50:3b:88:
2c:c7:7d:73:61:44:92:61:c9:45:c6:0c:01:bb:71:
c7:88:01:37:4a:9f:89:30:61:98:4a:a8:9c:31:55:
c1:6f:cf:e0:7c:31:e6:65:7e:bc:9d:8f:a1:89:73:
70:d2:f8:a0:e9:bb:96:c2:77:34:09:da:98:70:7b:
62:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.0.0/18
81.29.64.0/19
89.151.64.0/18
178.236.144.0/20
185.68.112.0/22
IPv6:
2a02:16f8::/32
Signature Algorithm: sha256WithRSAEncryption
95:81:af:dd:5a:38:04:b6:cb:22:dd:1c:c4:57:b6:58:00:60:
e7:eb:9a:ad:fd:04:17:42:f8:ba:4a:27:04:d5:94:a5:36:c5:
5e:01:46:b3:24:28:f6:68:df:26:69:49:40:a0:f2:f7:13:6e:
1a:c1:9f:bf:8a:88:3c:e7:6c:f7:67:1d:4d:f2:ae:f9:b8:b6:
a1:89:b2:d9:50:8e:e4:c5:fc:36:0f:7c:cf:cf:72:a2:16:6a:
37:ac:87:06:d8:1a:88:e8:73:3f:59:91:95:35:0c:bb:d8:e2:
01:3f:54:31:c7:1c:b3:b1:a6:de:e3:0b:cf:5b:7a:4e:6a:7d:
69:ba:f1:d2:18:fc:0d:b4:44:b8:a5:0e:97:46:12:e5:bf:40:
e4:08:fd:e6:78:ce:3b:17:81:ed:bf:c8:91:ec:dc:7a:91:ad:
7a:2b:b4:e4:8b:26:29:ef:46:52:4a:6c:a5:42:5e:1a:16:e0:
63:d4:f1:38:ca:99:64:7a:d3:6c:b5:73:54:e5:92:6a:03:73:
68:0a:23:68:79:2a:2b:5c:23:e2:8e:45:e3:ff:dc:0b:29:b9:
34:14:4b:e2:01:26:07:2e:44:fe:24:e8:bd:e6:a9:fc:ee:bf:
ab:d1:02:c7:98:ed:b3:7d:63:7a:65:ab:ed:ba:b1:dc:75:17:
28:ed:52:68
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZQhseA47zl8Yfm8fpJrGc2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU1M2QzNDBhOGJmNDdjMWJmMzRkMzI1NWUxMDJlZmIxODFhZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7fAk3/Cdj5KrfakIlKoRNZtRWIr
A3oR2DpQO2UBfrcO7xFaxIbfB0yZZNFQXSnqOJRA0XCBw+URuxy4qY645zKYEtxD
oWq6MUj9KFPwlWO/l0tBOuajopCMPNcLz15PkN35LL8pe8GzOEDBFYHz6BNp4Lxx
PGpLmh9mFqfEtsKI8SzXraSmGRylIf11VWted6oJN2ldey1LzQ3lO7OiFwAGvP11
EdADF6PfRqHS7raVMQ2Z3thtd9dsluyX1+NQO4gsx31zYUSSYclFxgwBu3HHiAE3
Sp+JMGGYSqicMVXBb8/gfDHmZX68nY+hiXNw0vig6buWwnc0CdqYcHtinQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFCvlPTQKi/R8G/NNMlXhAu+xga0ZMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2U3L2Y3MjU2
Mi00NWY1LTQwMTktODNhMS03NGYwYzNlNjYzY2IvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcvZjcyNTYy
LTQ1ZjUtNDAxOS04M2ExLTc0ZjBjM2U2NjNjYi8xL0stVTlOQXFMOUh3YjgwMHlW
ZUVDNzdHQnJSay5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUF
BwEHAQH/BDcwNTAkBAIAATAeAwQGLuwAAwQFUR1AAwQGWZdAAwQEsuyQAwQCuURw
MA0EAgACMAcDBQAqAhb4MA0GCSqGSIb3DQEBCwUAA4IBAQCVga/dWjgEtssi3RzE
V7ZYAGDn65qt/QQXQvi6SicE1ZSlNsVeAUazJCj2aN8maUlAoPL3E24awZ+/iog8
52z3Zx1N8q75uLahibLZUI7kxfw2D3zPz3KiFmo3rIcG2BqI6HM/WZGVNQy72OIB
P1Qxxxyzsabe4wvPW3pOan1puvHSGPwNtES4pQ6XRhLlv0DkCP3meM47F4Htv8iR
7Nx6ka16K7TkiyYp70ZSSmylQl4aFuBj1PE4yplketNstXNU5ZJqA3NoCiNoeSor
XCPijkXj/9wLKbk0FEviASYHLkT+JOi95qn87r+r0QLHmO2zfWN6ZavturHcdRco
7VJo
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:45:01 2025 by rpki-client