Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MksgMsOPsX9C-IMqTCHh8NXxnuA.cer
File: MksgMsOPsX9C-IMqTCHh8NXxnuA.cer (raw, json)
Hash identifier: zilXEZqV9VJEJgV0qv8Hk2Ot1sYbqOprQS6rxIwbhp0=
Subject key identifier: 32:4B:20:32:C3:8F:B1:7F:42:F8:83:2A:4C:21:E1:F0:D5:F1:9E:E0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FBA8DAEA24A1AD3E4588B036DF02C7
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/MksgMsOPsX9C-IMqTCHh8NXxnuA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:25 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 197205
IP: 83.150.244.0/22
IP: 195.66.82.0/24
IP: 2a09:1f00::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a8:da:ea:24:a1:ad:3e:45:88:b0:36:df:02:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324b2032c38fb17f42f8832a4c21e1f0d5f19ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:c8:22:50:67:b3:ee:19:d0:26:02:e8:e1:
87:9b:34:08:9b:f1:83:a9:a8:36:23:1b:8b:b1:1f:
c4:21:9a:84:44:4e:04:1b:11:48:72:8d:71:d6:b5:
f5:42:85:b6:f5:a0:10:30:2e:d3:0e:38:fe:85:6b:
4e:16:56:60:f6:a3:8b:6b:df:d1:b2:23:d2:cb:55:
16:6d:1c:1e:88:a1:a6:de:18:04:cc:4d:86:ab:d2:
3e:9e:fc:7c:bd:48:27:31:06:3d:c8:d7:9a:16:f4:
49:66:37:62:57:d0:d3:ea:23:39:17:55:cf:34:fd:
d5:6d:6e:b3:ad:a2:ef:73:25:79:61:32:81:d7:d2:
35:f3:a8:5c:ff:01:03:dd:16:73:f0:8e:37:44:02:
6f:dd:d5:15:fb:f3:a6:a1:fe:5d:10:a6:74:8b:58:
56:13:6a:7c:28:09:e8:cb:8a:fb:7e:78:d4:a0:b4:
2f:f2:c4:39:8c:1d:ee:2d:b6:c3:b6:d5:e0:b9:91:
1d:3d:1a:0a:f7:91:19:18:12:06:a4:fe:a9:9b:97:
df:1b:aa:26:d4:ae:94:3b:38:b1:f5:20:1f:1a:c3:
4a:e7:ca:4b:bc:7f:4e:40:c6:1b:70:e0:6b:d2:26:
d0:d6:3e:36:0a:94:9a:7e:4c:02:1a:ae:4d:b1:cb:
5c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4B:20:32:C3:8F:B1:7F:42:F8:83:2A:4C:21:E1:F0:D5:F1:9E:E0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/79ebc6-617b-4ea9-b453-4360ee06a22c/1/MksgMsOPsX9C-IMqTCHh8NXxnuA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.244.0/22
195.66.82.0/24
IPv6:
2a09:1f00::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
197205
Signature Algorithm: sha256WithRSAEncryption
1d:29:d8:65:0a:15:73:34:cc:58:a4:91:de:37:78:f4:fb:0b:
15:54:5e:1c:a2:70:85:4b:d7:60:9f:5d:7d:74:70:c6:64:84:
1a:6e:04:67:e3:ba:f0:f1:83:31:d1:c3:f6:da:d2:62:23:31:
0d:91:bc:0c:a3:96:36:98:26:75:e5:f7:ca:6d:28:c5:57:9b:
42:da:5a:0a:fb:ea:1a:f8:a8:c6:bc:e1:4c:a0:d4:46:fa:c8:
40:9a:36:3f:08:db:b4:a7:85:78:18:b7:29:6b:cc:e8:80:98:
c7:e4:cd:04:9c:e1:45:ea:3a:25:d8:04:33:24:19:8d:31:da:
fb:05:1c:e7:67:85:b2:5e:12:af:65:44:1e:dc:eb:10:fd:13:
05:e8:c5:d8:3e:39:fe:b6:9d:16:f9:06:80:22:46:12:fa:a8:
05:39:d0:c2:64:6e:5e:7e:cf:2b:c8:98:28:49:e8:a3:99:f3:
32:03:a8:13:54:25:74:38:e6:0e:84:df:20:50:d3:7b:20:89:
3b:05:f5:73:3f:ea:6d:81:b0:0b:16:04:4f:c1:00:b4:a1:69:
f6:62:86:24:19:5c:de:97:5c:0e:5e:8a:d7:61:77:74:98:6d:
75:d5:ad:78:87:06:6a:84:b7:18:47:c4:a3:2d:71:64:e4:95:
c2:52:2d:13
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQi+6ja6iShrT5FiLA23wLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRiMjAzMmMzOGZiMTdmNDJmODgzMmE0YzIxZTFmMGQ1ZjE5ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09zIIlBns+4Z0CYC6OGHmzQIm/GD
qag2IxuLsR/EIZqERE4EGxFIco1x1rX1QoW29aAQMC7TDjj+hWtOFlZg9qOLa9/R
siPSy1UWbRweiKGm3hgEzE2Gq9I+nvx8vUgnMQY9yNeaFvRJZjdiV9DT6iM5F1XP
NP3VbW6zraLvcyV5YTKB19I186hc/wED3RZz8I43RAJv3dUV+/Omof5dEKZ0i1hW
E2p8KAnoy4r7fnjUoLQv8sQ5jB3uLbbDttXguZEdPRoK95EZGBIGpP6pm5ffG6om
1K6UOzix9SAfGsNK58pLvH9OQMYbcOBr0ibQ1j42CpSafkwCGq5Nsctc9QIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDJLIDLDj7F/QviDKkwh4fDV8Z7gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0Lzc5ZWJj
Ni02MTdiLTRlYTktYjQ1My00MzYwZWUwNmEyMmMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvNzllYmM2
LTYxN2ItNGVhOS1iNDUzLTQzNjBlZTA2YTIyYy8xL01rc2dNc09Qc1g5Qy1JTXFU
Q0hoOE5YeG51QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQCU5b0AwQAw0JSMA0EAgACMAcDBQMqCR8AMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwMCVTANBgkqhkiG9w0BAQsFAAOCAQEAHSnY
ZQoVczTMWKSR3jd49PsLFVReHKJwhUvXYJ9dfXRwxmSEGm4EZ+O68PGDMdHD9trS
YiMxDZG8DKOWNpgmdeX3ym0oxVebQtpaCvvqGvioxrzhTKDURvrIQJo2PwjbtKeF
eBi3KWvM6ICYx+TNBJzhReo6JdgEMyQZjTHa+wUc52eFsl4Sr2VEHtzrEP0TBejF
2D45/radFvkGgCJGEvqoBTnQwmRuXn7PK8iYKEnoo5nzMgOoE1QldDjmDoTfIFDT
eyCJOwX1cz/qbYGwCxYET8EAtKFp9mKGJBlc3pdcDl6K12F3dJhtddWteIcGaoS3
GEfEoy1xZOSVwlItEw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:56:47 2025 by rpki-client