Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer
File: KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer (raw, json)
Hash identifier: DDv3lFSaJvvreoWzKGcudPytLQYTowliiys3gEWIhSE=
Subject key identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421442ACAF9E48198C8330C6A9355F2C3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:48:23 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205940
IP: 185.201.140.0/22
IP: 2a0a:c540::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2a:ca:f9:e4:81:98:c8:33:0c:6a:93:55:f2:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:ce:0e:d8:5c:0e:ad:5d:95:b6:15:a4:88:
2c:2c:ee:97:40:c2:10:87:03:42:a2:b8:bb:da:9e:
92:34:a2:be:4d:01:9c:56:81:f2:80:71:a6:6b:ce:
eb:37:36:63:0f:f4:96:4f:50:75:84:d0:8b:c1:f8:
ea:d7:1c:60:98:b9:3d:41:e0:40:24:e5:64:1b:7d:
f9:27:d2:9d:32:65:79:a6:ef:18:8f:9d:97:9b:2a:
95:6e:ae:97:ee:ac:d8:0a:3d:c1:1a:27:72:3b:53:
3b:6a:02:e7:57:c2:e9:72:6b:8e:4a:10:d2:ce:d7:
75:0e:83:99:b4:5d:c2:d4:35:55:9c:ae:cb:04:54:
05:8c:2e:35:7a:83:fa:75:59:ac:f5:76:43:e8:e3:
39:5b:b6:27:d1:9b:19:87:26:56:b4:9a:e5:3b:40:
34:4c:23:c9:9e:3a:b5:44:93:0e:b0:28:91:66:f1:
04:21:55:ce:b2:f9:98:33:a1:09:a9:2d:c1:3b:6b:
c0:2a:4a:65:4e:6c:21:55:4b:08:d1:7c:8b:83:69:
c2:7f:4e:ac:40:64:f1:d1:73:04:84:ee:0a:43:de:
1b:24:18:2f:46:d4:0e:fe:ff:eb:9a:90:bd:1d:cc:
20:15:36:43:7f:43:61:74:5f:a4:ae:da:d8:4f:e5:
0f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.140.0/22
IPv6:
2a0a:c540::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205940
Signature Algorithm: sha256WithRSAEncryption
35:68:08:bb:94:12:aa:00:11:3a:a0:5d:9d:c3:c5:4f:4e:de:
9e:be:cd:d8:bb:d3:2d:3f:48:20:d0:ab:b3:05:e0:98:cb:80:
20:fa:1a:5e:77:37:e6:da:a4:b1:73:6c:2a:2a:0c:c4:45:25:
86:a0:8c:28:69:b6:43:73:5c:fa:e9:f6:8d:ba:c8:19:1f:3b:
11:20:1b:e1:6e:05:2c:28:8e:ff:38:43:af:92:30:bb:6c:9a:
9e:98:c3:e5:a3:85:9f:d7:65:1a:cd:63:70:bb:19:49:07:c5:
30:ac:d9:63:d2:81:22:c4:2a:1f:ce:ba:41:cf:86:db:c5:75:
b8:e5:e8:82:1b:b5:ea:33:9c:e0:4b:df:54:f2:27:0c:27:34:
54:9b:3a:14:5a:d1:3e:42:4f:4c:e7:62:60:ea:aa:2c:01:b7:
a4:c7:4c:59:dd:b5:2b:da:c7:76:32:18:b4:2a:bf:8e:52:c6:
4d:63:cf:26:ba:bc:d9:3a:35:16:1f:36:31:3b:11:03:50:59:
63:66:f0:25:c3:95:a4:24:cf:e8:ac:31:30:54:d5:0a:38:00:
a4:63:71:5f:89:64:f6:3e:47:0d:40:0c:49:9f:0e:90:f2:4c:
36:03:77:7d:62:32:a4:02:ed:d8:1b:f2:48:e1:95:36:46:a2:
cd:d5:bd:50
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQhRCrK+eSBmMgzDGqTVfLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcxOTRmNGI1MmI5ZmY0MzNmMmJmMGQxNmI1OGMxMWM3Y2YxMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3XODthcDq1dlbYVpIgsLO6XQMIQ
hwNCori72p6SNKK+TQGcVoHygHGma87rNzZjD/SWT1B1hNCLwfjq1xxgmLk9QeBA
JOVkG335J9KdMmV5pu8Yj52XmyqVbq6X7qzYCj3BGidyO1M7agLnV8LpcmuOShDS
ztd1DoOZtF3C1DVVnK7LBFQFjC41eoP6dVms9XZD6OM5W7Yn0ZsZhyZWtJrlO0A0
TCPJnjq1RJMOsCiRZvEEIVXOsvmYM6EJqS3BO2vAKkplTmwhVUsI0XyLg2nCf06s
QGTx0XMEhO4KQ94bJBgvRtQO/v/rmpC9HcwgFTZDf0NhdF+krtrYT+UPfwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFClxlPS1K5/0M/K/DRa1jBHHzxExMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1LzgwYjRj
MC0wNmNiLTQ0MjQtOWRkNS01YTk4ODkzMWVhMzMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvODBiNGMw
LTA2Y2ItNDQyNC05ZGQ1LTVhOTg4OTMxZWEzMy8xL0tYR1U5TFVybl9RejhyOE5G
cldNRWNmUEVURS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCucmMMA0EAgACMAcDBQMqCsVAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMkdDANBgkqhkiG9w0BAQsFAAOCAQEANWgIu5QSqgAR
OqBdncPFT07enr7N2LvTLT9IINCrswXgmMuAIPoaXnc35tqksXNsKioMxEUlhqCM
KGm2Q3Nc+un2jbrIGR87ESAb4W4FLCiO/zhDr5Iwu2yanpjD5aOFn9dlGs1jcLsZ
SQfFMKzZY9KBIsQqH866Qc+G28V1uOXoghu16jOc4EvfVPInDCc0VJs6FFrRPkJP
TOdiYOqqLAG3pMdMWd21K9rHdjIYtCq/jlLGTWPPJrq82To1Fh82MTsRA1BZY2bw
JcOVpCTP6KwxMFTVCjgApGNxX4lk9j5HDUAMSZ8OkPJMNgN3fWIypALt2BvySOGV
NkaizdW9UA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:58:30 2025 by rpki-client