Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KTbYQje3g8aiQFErjKckFhwNYds.cer
File: KTbYQje3g8aiQFErjKckFhwNYds.cer (raw, json)
Hash identifier: lhlDn2HCYX7BFWFtIUJ1zXNuLncQ+pB6XkQ+OvBuT2s=
Subject key identifier: 29:36:D8:42:37:B7:83:C6:A2:40:51:2B:8C:A7:24:16:1C:0D:61:DB
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D976483C4B5FE1829205FA655D701A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/KTbYQje3g8aiQFErjKckFhwNYds.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 41246
IP: 178.237.52.0/22
IP: 195.74.68.0/24
IP: 2a0d:54c0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:76:48:3c:4b:5f:e1:82:92:05:fa:65:5d:70:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2936d84237b783c6a240512b8ca724161c0d61db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:7c:e0:35:02:7a:74:21:39:87:3d:87:cb:
48:bf:b4:b8:7f:06:8f:3b:b1:21:e7:d8:65:44:ff:
7e:2a:d4:98:5b:ce:9b:8d:2b:75:7c:b1:8a:6b:74:
2b:9a:a4:c6:d6:ce:bf:aa:1d:57:43:87:71:2b:32:
f6:27:61:26:35:9b:e0:05:2e:be:11:6a:f1:21:db:
31:43:4b:0e:89:7d:6c:15:72:5b:29:3f:62:58:7d:
fd:c9:9b:43:5a:de:81:4a:a3:3f:39:90:c2:f6:30:
f2:54:1b:08:5d:f4:1c:7c:d5:62:46:bc:db:18:94:
39:f9:01:2a:8d:81:cb:c6:79:3f:00:32:5a:99:01:
b6:f2:0d:1e:fe:19:50:46:38:dc:82:f2:5c:c2:07:
d2:b4:2e:99:90:49:b2:24:c2:78:a4:92:01:e1:44:
ce:dc:c7:4c:2d:c2:44:8d:b6:0c:10:8d:11:a9:da:
ec:c8:8f:d4:77:a3:53:bf:19:c1:63:5b:a8:34:57:
56:ce:1c:d6:0e:0f:b6:41:2a:de:27:92:05:82:65:
30:29:54:27:17:ce:80:98:1e:13:26:bc:a3:49:ff:
b9:59:d4:6e:d4:3d:12:44:32:ee:34:53:03:f5:ff:
8b:d8:46:34:27:77:a3:97:84:29:86:8f:7d:86:74:
42:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:36:D8:42:37:B7:83:C6:A2:40:51:2B:8C:A7:24:16:1C:0D:61:DB
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5437ad-80af-4fdd-8724-af7e17ad8fb3/1/KTbYQje3g8aiQFErjKckFhwNYds.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.52.0/22
195.74.68.0/24
IPv6:
2a0d:54c0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
41246
Signature Algorithm: sha256WithRSAEncryption
3f:00:83:af:84:e5:33:23:b4:47:1a:f9:42:e2:6b:7c:8a:76:
bf:16:b8:7c:94:b0:d3:b6:48:60:a4:11:5f:be:84:e6:0d:5e:
94:fd:df:35:2f:a6:ce:da:74:e1:9f:57:94:f6:7e:ed:90:e3:
ce:53:1d:3f:b8:6d:f0:2b:be:c0:64:36:9a:e1:42:9a:7e:86:
4c:a4:af:d6:9f:af:f4:61:20:20:55:9a:2c:5b:f0:92:d7:a7:
a3:a3:0d:06:7a:56:3a:c1:c4:3f:83:e1:94:98:d6:e9:99:a0:
e1:4b:43:89:a1:67:8e:0c:28:c8:42:46:0f:7f:fa:3c:b6:67:
a5:ff:83:45:f6:23:20:52:bd:9f:50:52:13:0b:a4:0c:d5:df:
2a:0d:50:f9:10:60:25:0a:ba:6c:f2:9b:01:bf:48:84:27:f1:
c0:51:e4:b5:29:12:9a:d1:48:07:15:b1:90:20:5b:07:9a:6a:
56:c2:8e:61:d0:af:56:3e:71:d8:0c:b2:ce:ab:5f:03:40:5f:
fc:a2:25:af:96:9c:1d:62:b2:b3:c6:b5:4c:bd:54:f6:27:bb:
b6:e3:f9:78:45:77:02:6b:b5:6d:ea:2f:ee:f5:4b:79:2c:9e:
ed:37:3d:42:db:e2:57:7b:41:bc:ea:56:ea:ed:b3:96:3c:59:
9f:b0:4c:1c
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQm2XZIPEtf4YKSBfplXXAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM2ZDg0MjM3Yjc4M2M2YTI0MDUxMmI4Y2E3MjQxNjFjMGQ2MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bV84DUCenQhOYc9h8tIv7S4fwaP
O7Eh59hlRP9+KtSYW86bjSt1fLGKa3QrmqTG1s6/qh1XQ4dxKzL2J2EmNZvgBS6+
EWrxIdsxQ0sOiX1sFXJbKT9iWH39yZtDWt6BSqM/OZDC9jDyVBsIXfQcfNViRrzb
GJQ5+QEqjYHLxnk/ADJamQG28g0e/hlQRjjcgvJcwgfStC6ZkEmyJMJ4pJIB4UTO
3MdMLcJEjbYMEI0RqdrsyI/Ud6NTvxnBY1uoNFdWzhzWDg+2QSreJ5IFgmUwKVQn
F86AmB4TJryjSf+5WdRu1D0SRDLuNFMD9f+L2EY0J3ejl4Qpho99hnRCzQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCk22EI3t4PGokBRK4ynJBYcDWHbMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VhLzU0Mzdh
ZC04MGFmLTRmZGQtODcyNC1hZjdlMTdhZDhmYjMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvNTQzN2Fk
LTgwYWYtNGZkZC04NzI0LWFmN2UxN2FkOGZiMy8xL0tUYllRamUzZzhhaVFGRXJq
S2NrRmh3Tllkcy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCsu00AwQAw0pEMA0EAgACMAcDBQAqDVTAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwChHjANBgkqhkiG9w0BAQsFAAOCAQEAPwCD
r4TlMyO0Rxr5QuJrfIp2vxa4fJSw07ZIYKQRX76E5g1elP3fNS+mztp04Z9XlPZ+
7ZDjzlMdP7ht8Cu+wGQ2muFCmn6GTKSv1p+v9GEgIFWaLFvwkteno6MNBnpWOsHE
P4PhlJjW6Zmg4UtDiaFnjgwoyEJGD3/6PLZnpf+DRfYjIFK9n1BSEwukDNXfKg1Q
+RBgJQq6bPKbAb9IhCfxwFHktSkSmtFIBxWxkCBbB5pqVsKOYdCvVj5x2Ayyzqtf
A0Bf/KIlr5acHWKys8a1TL1U9ie7tuP5eEV3Amu1beov7vVLeSye7Tc9QtviV3tB
vOpW6u2zljxZn7BMHA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:50:09 2025 by rpki-client