Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
File: MlNiVLPnSQBnW8br1QroJYKLmnY.cer (raw, json)
Hash identifier: xf3uVIg5gb0hy1AEsVArs/DRO/5y/k3kJmztipNUoqA=
Subject key identifier: 32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FC35A40002BE1C360A8405570D61DD
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:49:01 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35086
IP: 185.95.140.0/22
IP: 2a04:fe40::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:a4:00:02:be:1c:36:0a:84:05:57:0d:61:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32536254b3e74900675bc6ebd50ae825828b9a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:d9:33:2a:39:da:ce:9c:97:a6:b8:34:33:
4c:19:8f:7f:3d:bb:62:f9:b6:e0:1f:ef:50:75:38:
f6:da:89:6d:07:99:66:27:8a:62:30:16:99:7b:f1:
de:3e:b5:95:a7:e2:3e:09:5e:c3:94:0d:78:35:e7:
54:ad:cf:a6:d1:b6:e4:82:c5:a1:b8:24:d5:07:6a:
e8:7f:1e:0e:77:94:ec:6e:6e:86:ca:f1:7a:5e:b9:
ee:27:65:61:ea:f0:9f:9c:9c:24:6b:0d:5d:3b:b6:
d7:cb:30:f9:4a:89:d9:10:e6:05:2e:af:5b:aa:fa:
e0:70:f0:a2:91:94:07:d8:4b:bc:b6:67:cd:c6:5f:
51:cb:bd:29:9e:98:05:0b:15:95:e2:3d:27:63:e8:
1c:04:22:7c:75:bc:82:86:2d:58:4e:0b:9c:8b:9f:
29:5e:b9:c9:a5:7a:02:33:27:9f:9e:79:0e:9a:0a:
2c:98:8e:09:75:61:ff:44:5e:70:77:81:db:52:6c:
e9:8e:91:b9:d3:e2:e9:6f:88:bf:1c:6e:65:96:02:
4b:71:a5:0c:51:a2:15:84:12:f5:1e:f1:b1:2c:43:
d9:c2:8c:37:61:9f:e1:48:64:ce:17:17:ff:38:28:
30:40:c4:c3:0c:2d:49:06:10:28:90:3d:ff:fb:14:
71:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.140.0/22
IPv6:
2a04:fe40::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35086
Signature Algorithm: sha256WithRSAEncryption
67:62:10:ec:ab:ed:a6:24:8b:a3:4a:fc:61:78:9e:d8:47:13:
c3:88:01:cb:91:16:e8:4d:19:62:d2:89:d4:6d:a1:e2:b4:6a:
89:b3:43:58:a3:a6:8f:ac:3b:1e:e4:73:d7:c2:09:e5:b4:5e:
fd:05:ca:66:1d:78:fd:ec:47:02:4a:8d:5f:0d:bd:af:f2:d2:
ca:56:8b:09:42:61:08:d3:61:e6:ea:ac:63:8b:c2:2c:a0:f2:
bc:86:c1:cc:0d:4c:04:8e:38:0a:62:7b:6d:fd:60:84:0c:f2:
a8:4a:57:06:ac:57:ee:0e:05:5a:f5:fe:9b:5f:8b:49:ad:df:
79:08:c1:76:0f:7a:da:e6:a2:d6:9c:0f:ea:54:98:62:56:a0:
90:1e:16:63:59:7e:5e:9c:c1:4c:b0:12:43:98:bf:14:93:7e:
75:c4:b5:06:94:ff:84:73:0f:a0:2a:ae:43:bb:29:f0:6d:c0:
ae:72:77:f8:b9:eb:ed:16:32:f0:e1:07:c3:cc:11:30:af:13:
3d:47:00:3e:27:e2:ca:61:97:f7:eb:3d:87:7d:5b:dd:32:b7:
04:50:18:c6:08:ea:1b:56:eb:8d:e0:b4:99:3d:64:83:83:93:
91:9a:1d:b3:a8:f4:da:45:f0:4f:37:d9:b8:7f:40:a4:a9:c4:
27:39:de:10
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQi/DWkAAK+HDYKhAVXDWHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUzNjI1NGIzZTc0OTAwNjc1YmM2ZWJkNTBhZTgyNTgyOGI5YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEDZMyo52s6cl6a4NDNMGY9/Pbti
+bbgH+9QdTj22oltB5lmJ4piMBaZe/HePrWVp+I+CV7DlA14NedUrc+m0bbkgsWh
uCTVB2rofx4Od5Tsbm6GyvF6XrnuJ2Vh6vCfnJwkaw1dO7bXyzD5SonZEOYFLq9b
qvrgcPCikZQH2Eu8tmfNxl9Ry70pnpgFCxWV4j0nY+gcBCJ8dbyChi1YTguci58p
XrnJpXoCMyefnnkOmgosmI4JdWH/RF5wd4HbUmzpjpG50+Lpb4i/HG5llgJLcaUM
UaIVhBL1HvGxLEPZwow3YZ/hSGTOFxf/OCgwQMTDDC1JBhAokD3/+xRxNwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDJTYlSz50kAZ1vG69UK6CWCi5p2MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzLzk2ZDcz
MC0zOGVmLTRiMjEtYjFmZS1hNTdkNDg4NzQ0YzIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvOTZkNzMw
LTM4ZWYtNGIyMS1iMWZlLWE1N2Q0ODg3NDRjMi8xL01sTmlWTFBuU1FCblc4YnIx
UXJvSllLTG1uWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuV+MMA0EAgACMAcDBQMqBP5AMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwCJDjANBgkqhkiG9w0BAQsFAAOCAQEAZ2IQ7KvtpiSL
o0r8YXie2EcTw4gBy5EW6E0ZYtKJ1G2h4rRqibNDWKOmj6w7HuRz18IJ5bRe/QXK
Zh14/exHAkqNXw29r/LSylaLCUJhCNNh5uqsY4vCLKDyvIbBzA1MBI44CmJ7bf1g
hAzyqEpXBqxX7g4FWvX+m1+LSa3feQjBdg962uai1pwP6lSYYlagkB4WY1l+XpzB
TLASQ5i/FJN+dcS1BpT/hHMPoCquQ7sp8G3ArnJ3+Lnr7RYy8OEHw8wRMK8TPUcA
PifiymGX9+s9h31b3TK3BFAYxgjqG1brjeC0mT1kg4OTkZods6j02kXwTzfZuH9A
pKnEJzneEA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:33:16 2025 by rpki-client