Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.cer
File: KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.cer (raw, json)
Hash identifier: AsRVLPNYAN2Vqm4l9z6ei1pZnG+JnAyVRFVrzghCapY=
Subject key identifier: 28:CB:66:1A:64:39:68:F3:F8:1E:7B:11:9E:EB:96:C5:0D:2D:39:C7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425223AF6DCAEA72B2EC718BD09B61A5B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 03:49:47 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44545
IP: 91.202.48.0/22
IP: 185.212.92.0/22
IP: 2a0b:75c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:3a:f6:dc:ae:a7:2b:2e:c7:18:bd:09:b6:1a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28cb661a643968f3f81e7b119eeb96c50d2d39c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:54:47:80:13:c0:88:53:c6:73:cb:7e:dc:1f:
2a:af:49:79:ab:85:29:d1:b6:1e:d9:b8:60:c4:89:
46:16:be:e1:a9:50:ec:43:2e:39:f8:9d:c3:45:68:
70:1c:62:90:0e:c1:3d:71:cc:30:04:ca:92:7b:28:
9f:b6:72:20:60:f4:0b:00:4e:d4:35:40:f7:0d:f8:
7d:ef:bd:e9:3e:37:81:9b:4e:b9:fe:97:de:6e:fb:
b2:d5:65:b9:b1:fe:43:e9:ca:5c:ce:67:e5:fd:e1:
80:27:11:3d:0c:e4:b8:a1:46:cd:59:7a:a7:ea:6e:
20:dc:2f:bc:1e:d4:eb:88:2a:ca:41:8c:45:82:e8:
ae:86:cd:d3:92:ce:eb:db:6a:84:8d:6c:26:61:ca:
3b:c9:25:be:07:f8:d1:5f:ea:e0:4e:f4:7b:91:8f:
a9:63:1d:b2:0c:7c:44:39:ce:5c:14:13:cb:23:ad:
3b:16:70:f2:89:c7:47:1e:71:17:3f:31:df:10:75:
6d:ee:48:04:f4:e7:71:b0:4e:6b:07:a0:85:5b:24:
59:60:e8:40:25:22:ce:fc:de:e8:93:4d:6c:15:28:
46:19:bd:c3:df:1c:6b:b7:8a:22:c2:c6:72:a3:09:
05:e1:7a:1a:31:f3:e0:6e:ce:9c:01:f7:bb:91:36:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:66:1A:64:39:68:F3:F8:1E:7B:11:9E:EB:96:C5:0D:2D:39:C7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/276bf7-7a15-4c56-ac56-7d4e68dd4cce/1/KMtmGmQ5aPP4HnsRnuuWxQ0tOcc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.48.0/22
185.212.92.0/22
IPv6:
2a0b:75c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44545
Signature Algorithm: sha256WithRSAEncryption
a0:ce:48:62:f5:77:40:6d:4b:54:a5:5a:cf:f8:03:86:88:f8:
1d:b5:32:f9:84:88:cf:52:82:b6:d5:fb:fe:a6:7e:fc:0f:c5:
6d:28:af:4e:0b:44:f2:18:84:c6:7e:c3:ad:dc:1b:12:f5:d9:
e3:fc:4c:a6:e5:0f:ff:2c:cc:97:7d:66:4f:a4:18:d7:98:9c:
36:47:41:70:ed:5a:65:90:f5:e0:1b:12:6f:cc:c1:ed:d3:24:
57:a9:6c:3d:17:14:9c:3a:69:ae:36:ed:2b:c0:11:76:69:52:
21:a8:1f:cc:66:0c:c5:05:3f:71:d4:67:c3:a0:ff:0d:e7:68:
18:c7:42:40:95:4b:6a:9c:a0:48:41:84:7d:d1:ac:c1:8a:47:
a8:5d:80:19:90:85:0f:49:44:c3:53:01:cb:2b:4b:76:cc:89:
c5:1f:a7:9c:e2:a5:2b:b0:25:27:8a:e9:09:8b:06:5b:4b:ef:
50:e8:6a:9a:b2:f3:26:aa:99:a2:2b:9d:8d:7b:99:2a:d8:77:
44:93:cc:7b:5a:1f:40:82:4a:86:bd:1c:c5:29:25:9f:be:64:
2d:ec:84:fd:f0:07:61:c6:88:4d:d7:f5:e2:33:50:23:ab:8e:
10:b7:78:99:96:2d:ab:d2:9b:c3:77:5e:2a:14:6d:7f:38:40:
fd:a6:af:bd
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQlIjr23K6nKy7HGL0JthpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNiNjYxYTY0Mzk2OGYzZjgxZTdiMTE5ZWViOTZjNTBkMmQzOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01RHgBPAiFPGc8t+3B8qr0l5q4Up
0bYe2bhgxIlGFr7hqVDsQy45+J3DRWhwHGKQDsE9ccwwBMqSeyiftnIgYPQLAE7U
NUD3Dfh9773pPjeBm065/pfebvuy1WW5sf5D6cpczmfl/eGAJxE9DOS4oUbNWXqn
6m4g3C+8HtTriCrKQYxFguiuhs3Tks7r22qEjWwmYco7ySW+B/jRX+rgTvR7kY+p
Yx2yDHxEOc5cFBPLI607FnDyicdHHnEXPzHfEHVt7kgE9OdxsE5rB6CFWyRZYOhA
JSLO/N7ok01sFShGGb3D3xxrt4oiwsZyowkF4XoaMfPgbs6cAfe7kTaowQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCjLZhpkOWjz+B57EZ7rlsUNLTnHMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5LzI3NmJm
Ny03YTE1LTRjNTYtYWM1Ni03ZDRlNjhkZDRjY2UvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvMjc2YmY3
LTdhMTUtNGM1Ni1hYzU2LTdkNGU2OGRkNGNjZS8xL0tNdG1HbVE1YVBQNEhuc1Ju
dXVXeFEwdE9jYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCW8owAwQCudRcMA0EAgACMAcDBQMqC3XAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCuATANBgkqhkiG9w0BAQsFAAOCAQEAoM5I
YvV3QG1LVKVaz/gDhoj4HbUy+YSIz1KCttX7/qZ+/A/FbSivTgtE8hiExn7Drdwb
EvXZ4/xMpuUP/yzMl31mT6QY15icNkdBcO1aZZD14BsSb8zB7dMkV6lsPRcUnDpp
rjbtK8ARdmlSIagfzGYMxQU/cdRnw6D/DedoGMdCQJVLapygSEGEfdGswYpHqF2A
GZCFD0lEw1MByytLdsyJxR+nnOKlK7AlJ4rpCYsGW0vvUOhqmrLzJqqZoiudjXuZ
Kth3RJPMe1ofQIJKhr0cxSkln75kLeyE/fAHYcaITdf14jNQI6uOELd4mZYtq9Kb
w3deKhRtfzhA/aavvQ==
-----END CERTIFICATE-----
Generated at Sat Mar 8 22:08:20 2025 by rpki-client