Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
File: LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer (raw, json)
Hash identifier: ZKfmA0WHAo/Gn090OSJtpabLlPhM3i9TrRXtDbW0E8U=
Subject key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01941F8C855BEF2147D319196B9A6A8857C0
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 01:48:10 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 9098
AS: 30788
IP: 5.181.13.0 -- 5.181.15.255
IP: 45.82.80.0/22
IP: 45.145.52.0/22
IP: 45.150.48.0/22
IP: 45.159.180.0/24
IP: 45.159.182.0/23
IP: 94.199.7.0/24
IP: 194.34.244.0/22
IP: 2a06:7840::/29
IP: 2a0a:f8c0::/29
IP: 2a0b:2a80::/29
IP: 2a0b:2d80::/29
IP: 2a0c:7b80::/29
IP: 2a0c:c180::/29
IP: 2a0d:4440::/29
IP: 2a0f:f00::/29
IP: 2a0f:59c0::/29
IP: 2a0f:8440::/29
IP: 2a0f:a380::/29
IP: 2a12:5640::/29
IP: 2a13:5200::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:85:5b:ef:21:47:d3:19:19:6b:9a:6a:88:57:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:27:7d:94:c5:a9:4a:ea:0d:5f:b9:2c:db:85:
12:91:e6:f9:4f:73:e0:e4:97:7e:ce:e1:e5:a3:6c:
d0:44:5d:41:06:d7:3c:22:af:e8:dc:93:e1:6c:00:
7e:50:dd:f8:89:df:db:5d:1d:c9:ff:de:bf:ea:83:
6a:48:cd:18:f5:ec:0e:5d:bd:40:9d:01:5e:36:0c:
db:97:ee:3e:75:d4:37:1d:a3:2e:7e:ad:82:4f:c5:
55:5c:80:c4:1b:26:d5:c2:1a:3f:67:b2:7a:8b:1a:
7b:ad:13:b3:c7:9c:0d:a7:61:57:c7:9c:8f:62:16:
87:9f:c5:1b:20:e7:5a:ea:ab:1d:bd:3f:e3:79:a7:
e6:e6:18:1c:8f:39:80:25:23:68:5b:18:7a:03:96:
7b:85:cb:68:2e:d5:e4:fe:fd:9c:75:b0:f4:62:04:
00:c4:4a:58:06:b4:87:52:36:5f:85:4f:d1:64:db:
95:7d:c1:ef:42:48:44:d0:c7:84:0e:9f:99:24:ec:
32:ab:e9:f3:7f:07:1e:bd:a8:6f:9b:5a:91:cc:7d:
73:79:90:97:03:07:b5:64:9e:ee:94:0e:7c:10:2b:
ad:5a:b6:ee:12:a5:f6:b4:2d:14:aa:96:fd:1b:51:
d7:c1:09:ca:fa:ef:8f:c3:10:ec:7f:7b:75:99:96:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.13.0-5.181.15.255
45.82.80.0/22
45.145.52.0/22
45.150.48.0/22
45.159.180.0/24
45.159.182.0/23
94.199.7.0/24
194.34.244.0/22
IPv6:
2a06:7840::/29
2a0a:f8c0::/29
2a0b:2a80::/29
2a0b:2d80::/29
2a0c:7b80::/29
2a0c:c180::/29
2a0d:4440::/29
2a0f:f00::/29
2a0f:59c0::/29
2a0f:8440::/29
2a0f:a380::/29
2a12:5640::/29
2a13:5200::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
9098
30788
Signature Algorithm: sha256WithRSAEncryption
4b:23:92:b9:f4:3c:2a:43:99:46:c0:96:7b:a5:4a:e7:f6:02:
92:86:4a:01:e7:2c:3f:f9:e8:12:79:09:5f:b7:0e:02:40:e9:
94:d2:8c:b4:dd:a0:fe:e0:7f:da:c1:6b:31:f3:37:b1:f2:3f:
9e:1e:2a:3f:06:f5:9c:25:93:f0:50:34:68:5a:ba:59:9f:76:
e3:33:5f:b9:b5:04:4c:12:ae:d6:31:08:2e:14:5c:4a:5e:80:
9c:0d:43:73:74:e9:9a:46:3f:2c:27:9a:70:db:2a:25:c2:f1:
46:b8:16:b1:b6:29:81:bf:1f:ea:ad:b2:68:a0:44:a2:ba:12:
00:54:1a:10:dc:35:28:21:28:8c:32:fb:7e:d5:6a:7d:f1:b3:
08:0c:e7:05:57:f9:cc:f9:4d:df:7e:87:d7:c6:83:64:6d:78:
71:09:1d:c6:27:ff:5b:2d:94:b3:8b:0d:bc:de:d9:a7:30:05:
03:9c:d5:7c:1e:d3:9f:da:86:63:78:c7:a0:b1:d1:53:47:00:
f4:36:fd:0d:94:04:70:8a:4e:bc:3f:55:72:be:f3:88:fd:42:
05:54:87:f2:e9:c6:db:0b:81:57:c7:41:76:c4:0e:9c:cd:f2:
cd:48:01:16:d2:eb:86:51:67:75:cc:1f:88:75:44:7b:30:fb:
36:f1:ff:6c
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAZQfjIVb7yFH0xkZa5pqiFfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTExNjRhOWI1MDEzZDYyZjA1MTM0NGY2ZGY5MWYxM2JjN2VjYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSd9lMWpSuoNX7ks24USkeb5T3Pg
5Jd+zuHlo2zQRF1BBtc8Iq/o3JPhbAB+UN34id/bXR3J/96/6oNqSM0Y9ewOXb1A
nQFeNgzbl+4+ddQ3HaMufq2CT8VVXIDEGybVwho/Z7J6ixp7rROzx5wNp2FXx5yP
YhaHn8UbIOda6qsdvT/jeafm5hgcjzmAJSNoWxh6A5Z7hctoLtXk/v2cdbD0YgQA
xEpYBrSHUjZfhU/RZNuVfcHvQkhE0MeEDp+ZJOwyq+nzfwcevahvm1qRzH1zeZCX
Awe1ZJ7ulA58ECutWrbuEqX2tC0Uqpb9G1HXwQnK+u+PwxDsf3t1mZbEJQIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFC4RZKm1AT1i8FE0T235HxO8fssPMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU0L2ZiNDY5
Ni02NzhmLTRkNDUtYTA5MS1mZDdmMTdiYjFhNWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQvZmI0Njk2
LTY3OGYtNGQ0NS1hMDkxLWZkN2YxN2JiMWE1Yy8xL0xoRmtxYlVCUFdMd1VUUlBi
ZmtmRTd4LXl3OC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG2BggrBgEF
BQcBBwEB/wSBpjCBozA+BAIAATA4MAwDBAAFtQ0DBAQFtQADBAItUlADBAItkTQD
BAItljADBAAtn7QDBAEtn7YDBABexwcDBALCIvQwYQQCAAIwWwMFAyoGeEADBQMq
CvjAAwUDKgsqgAMFAyoLLYADBQMqDHuAAwUDKgzBgAMFAyoNREADBQMqDw8AAwUD
Kg9ZwAMFAyoPhEADBQMqD6OAAwUDKhJWQAMFAyoTUgAwHQYIKwYBBQUHAQgBAf8E
DjAMoAowCAICI4oCAnhEMA0GCSqGSIb3DQEBCwUAA4IBAQBLI5K59DwqQ5lGwJZ7
pUrn9gKShkoB5yw/+egSeQlftw4CQOmU0oy03aD+4H/awWsx8zex8j+eHio/BvWc
JZPwUDRoWrpZn3bjM1+5tQRMEq7WMQguFFxKXoCcDUNzdOmaRj8sJ5pw2yolwvFG
uBaxtimBvx/qrbJooESiuhIAVBoQ3DUoISiMMvt+1Wp98bMIDOcFV/nM+U3ffofX
xoNkbXhxCR3GJ/9bLZSziw283tmnMAUDnNV8HtOf2oZjeMegsdFTRwD0Nv0NlARw
ik68P1VyvvOI/UIFVIfy6cbbC4FXx0F2xA6czfLNSAEW0uuGUWd1zB+IdUR7MPs2
8f9s
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:26 2025 by rpki-client