Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
File: KqggK00MXBEdN08emLc9tJJNZLE.cer (raw, json)
Hash identifier: IOpNtPLcLplDOaTMAEk/0QqIfr4yRI4K5EAHdUf5YBo=
Subject key identifier: 2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C725D45E9288F5676E9516AE5796C
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:05 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 202008
IP: 185.53.188.0/22
IP: 2a02:4060::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:72:5d:45:e9:28:8f:56:76:e9:51:6a:e5:79:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:11:d7:94:ac:8f:ff:ab:d5:1b:38:60:69:
44:3c:fa:6e:96:03:7f:79:95:90:9c:5a:a9:14:3d:
1f:12:7b:4f:d5:a0:70:04:98:8a:42:a5:3c:47:72:
4e:df:ea:fc:1f:ad:73:a7:1d:1f:92:8c:65:5d:10:
ab:40:b2:b2:34:6c:04:f3:c6:c3:c0:44:b1:f7:1e:
38:0a:d8:b4:bf:b2:12:77:bc:68:36:e1:e4:9d:a5:
5b:90:70:fe:48:e1:4f:ae:4a:4e:84:9d:b2:db:5c:
18:3e:3d:06:3b:80:80:54:1d:89:00:16:63:a0:5d:
92:59:ff:9f:90:b8:1e:de:ee:86:99:05:98:b1:49:
e1:fe:0f:c0:69:36:25:dc:b7:cd:65:47:38:5f:4b:
02:ea:38:9b:8b:76:aa:7e:cb:af:e8:c5:f0:69:42:
85:09:8b:5e:ec:69:e3:0f:b0:e2:44:0f:83:52:5f:
b8:8c:10:8f:c0:d1:33:c3:e7:24:0d:05:d1:d5:fb:
f0:b1:7c:e7:8e:fb:92:f1:36:02:50:31:37:cc:19:
2f:93:d7:9f:67:5a:38:84:dc:02:56:79:db:87:9d:
9e:2c:20:2a:3e:3f:26:0e:6b:25:51:40:2d:39:42:
f8:42:36:d8:f3:92:ea:02:28:a2:41:34:38:57:3e:
42:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.188.0/22
IPv6:
2a02:4060::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
202008
Signature Algorithm: sha256WithRSAEncryption
0d:18:9f:9d:ac:6c:7a:92:ad:69:65:ef:0c:3b:96:2c:2b:2c:
ad:c8:ee:7b:0e:a0:c2:3f:a3:a6:c6:74:bb:b3:60:fd:c7:6b:
34:e6:f9:20:ad:a5:39:81:49:9d:04:8b:ba:32:21:06:16:72:
8f:8e:33:59:a4:16:78:a5:8f:98:b3:f2:f9:57:67:75:9a:db:
21:15:8b:b6:4c:a4:84:1e:52:81:ea:f1:00:2d:b4:86:60:fc:
45:ad:ea:ea:f8:0b:0c:97:8c:54:f7:b0:18:7c:53:1f:3b:fc:
71:13:bf:30:95:eb:48:22:6e:b1:77:07:22:72:d2:76:a5:84:
57:a9:6d:d8:2d:4b:47:75:58:74:96:f9:78:a4:db:2e:bb:10:
4e:5d:65:1b:62:5d:b1:f9:e7:ce:b0:a0:a3:d9:b4:99:37:6b:
f5:d7:d2:e0:f3:07:57:fa:da:9e:08:37:9f:8d:64:29:b0:4d:
74:5d:70:c3:8c:37:d8:2c:1c:e5:0e:e7:fe:02:95:f1:e3:7f:
df:3b:a0:e2:c5:9f:49:58:74:0f:fa:50:5a:c5:57:f5:f9:2b:
e3:82:03:88:cc:78:29:60:7c:f6:9d:4e:7e:3a:f4:29:a2:bf:
78:c9:43:c1:72:d1:ae:65:b1:8c:e0:fb:75:a7:9f:95:25:bc:
da:f0:97:a6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQfjHJdRekoj1Z26VFq5XlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE4MjAyYjRkMGM1YzExMWQzNzRmMWU5OGI3M2RiNDkyNGQ2NGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylYR15Ssj/+r1Rs4YGlEPPpulgN/
eZWQnFqpFD0fEntP1aBwBJiKQqU8R3JO3+r8H61zpx0fkoxlXRCrQLKyNGwE88bD
wESx9x44Cti0v7ISd7xoNuHknaVbkHD+SOFPrkpOhJ2y21wYPj0GO4CAVB2JABZj
oF2SWf+fkLge3u6GmQWYsUnh/g/AaTYl3LfNZUc4X0sC6jibi3aqfsuv6MXwaUKF
CYte7GnjD7DiRA+DUl+4jBCPwNEzw+ckDQXR1fvwsXznjvuS8TYCUDE3zBkvk9ef
Z1o4hNwCVnnbh52eLCAqPj8mDmslUUAtOUL4QjbY85LqAiiiQTQ4Vz5CUwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFCqoICtNDFwRHTdPHpi3PbSSTWSxMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y0LzI3YjNi
My00YjIyLTQ3NDAtYTY1YS02ZTdiYWU1ZmY4OTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvMjdiM2Iz
LTRiMjItNDc0MC1hNjVhLTZlN2JhZTVmZjg5OC8xL0txZ2dLMDBNWEJFZE4wOGVt
TGM5dEpKTlpMRS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTW8MA0EAgACMAcDBQMqAkBgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMVGDANBgkqhkiG9w0BAQsFAAOCAQEADRifnaxsepKt
aWXvDDuWLCssrcjuew6gwj+jpsZ0u7Ng/cdrNOb5IK2lOYFJnQSLujIhBhZyj44z
WaQWeKWPmLPy+VdndZrbIRWLtkykhB5SgerxAC20hmD8Ra3q6vgLDJeMVPewGHxT
Hzv8cRO/MJXrSCJusXcHInLSdqWEV6lt2C1LR3VYdJb5eKTbLrsQTl1lG2Jdsfnn
zrCgo9m0mTdr9dfS4PMHV/rangg3n41kKbBNdF1ww4w32Cwc5Q7n/gKV8eN/3zug
4sWfSVh0D/pQWsVX9fkr44IDiMx4KWB89p1Ofjr0KaK/eMlDwXLRrmWxjOD7daef
lSW82vCXpg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:20:59 2025 by rpki-client