Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer
File: N86qYmy9iQUvNUUzXf2zGhM4MAQ.cer (raw, json)
Hash identifier: uKeqRpZnFPslg1btzwIkmDy9rfH16HmhrXMn48ylBX8=
Subject key identifier: 37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FD90E50890F474A35C97A105502EC3
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:49:22 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: IP: 194.76.41.0/24
IP: 194.76.44.0/24
IP: 194.76.53.0/24
IP: 194.76.143.0/24
IP: 2a0f:adc0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:90:e5:08:90:f4:74:a3:5c:97:a1:05:50:2e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37ceaa626cbd89052f3545335dfdb31a13383004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:45:7f:76:eb:21:20:17:c2:77:31:34:e0:52:
85:fe:98:44:33:a0:16:d3:36:1c:be:03:c0:21:2d:
01:61:8c:15:51:dd:41:0c:f1:eb:0a:5f:71:e8:3a:
8a:80:40:66:a0:bd:4a:8b:b8:cc:ef:27:81:2f:6d:
6d:75:a8:73:2e:d4:33:21:d8:7b:8c:e7:ea:d2:74:
2c:97:01:e8:dc:51:50:51:3a:eb:c3:9b:ab:d1:7a:
a3:39:5c:c2:c1:7d:96:c8:3b:f6:7e:8e:0e:1a:a6:
89:bc:6c:42:f4:3c:13:22:97:49:15:b7:56:9c:c3:
e1:d1:7a:c1:3c:23:8a:d2:08:af:89:fc:c4:3f:db:
58:ca:5e:aa:60:f2:3b:e8:7d:bf:14:34:f8:90:72:
45:cc:52:03:fc:4b:ac:c7:12:7c:35:89:7a:05:ec:
1e:43:39:0e:4b:01:b6:d3:c6:e0:2a:04:b5:a0:a6:
85:bc:a1:6e:a9:68:d2:b8:ec:80:63:e1:75:0b:4c:
11:97:34:76:9b:4c:06:b3:9e:85:56:db:0a:90:43:
e9:a5:03:0c:f3:45:77:0d:a7:9c:b1:a9:2c:cf:46:
fc:82:34:a9:9d:a9:0a:0f:75:90:fe:71:1f:1b:fc:
99:e6:0c:45:88:19:df:ad:50:dd:da:3b:be:5c:fb:
c3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CE:AA:62:6C:BD:89:05:2F:35:45:33:5D:FD:B3:1A:13:38:30:04
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ad8994-51f1-4b65-aca0-e15a8b70e8d2/1/N86qYmy9iQUvNUUzXf2zGhM4MAQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.41.0/24
194.76.44.0/24
194.76.53.0/24
194.76.143.0/24
IPv6:
2a0f:adc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:47:1c:a7:28:17:e6:01:d9:4f:b8:e4:43:5b:c2:25:58:a5:
e0:76:94:57:8f:25:39:ff:0c:c1:a4:29:03:14:50:18:fd:31:
ec:14:3d:63:00:e0:5b:08:a7:73:7c:08:55:23:f9:33:0a:60:
6c:4a:08:0e:eb:1e:8b:52:9d:1f:90:36:db:e3:9e:2b:96:c4:
8f:45:ca:65:c2:da:5b:1f:07:62:dc:b7:4f:b5:9f:30:29:db:
6f:92:96:f0:6e:71:ef:ba:b0:38:e0:92:7a:29:3f:24:b8:49:
d9:2d:db:61:44:bf:e0:18:9e:f1:f5:d1:fb:6b:2c:09:25:8d:
35:7a:c4:38:d9:19:b6:8c:22:db:dd:40:e4:b0:f6:43:11:1a:
fe:37:3b:0b:80:60:74:5f:11:e2:f3:4c:da:3d:b3:74:20:e4:
20:8d:54:e8:54:96:89:4a:44:1f:51:ff:26:08:2a:ad:6d:99:
79:b9:01:27:58:80:b2:51:cd:d0:47:97:78:9f:be:7f:b1:ff:
26:91:e2:69:7a:0c:6c:0b:19:e5:0e:8b:06:0c:c0:80:bd:64:
cd:01:86:c4:8a:4b:6e:64:62:6f:48:1c:cc:36:f1:8d:62:ec:
56:65:1a:fa:68:e4:36:41:bd:00:e0:ee:6d:4d:11:65:87:73:
1b:4d:27:90
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZQl/ZDlCJD0dKNcl6EFUC7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NlYWE2MjZjYmQ4OTA1MmYzNTQ1MzM1ZGZkYjMxYTEzMzgzMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUV/dushIBfCdzE04FKF/phEM6AW
0zYcvgPAIS0BYYwVUd1BDPHrCl9x6DqKgEBmoL1Ki7jM7yeBL21tdahzLtQzIdh7
jOfq0nQslwHo3FFQUTrrw5ur0XqjOVzCwX2WyDv2fo4OGqaJvGxC9DwTIpdJFbdW
nMPh0XrBPCOK0givifzEP9tYyl6qYPI76H2/FDT4kHJFzFID/EusxxJ8NYl6Bewe
QzkOSwG208bgKgS1oKaFvKFuqWjSuOyAY+F1C0wRlzR2m0wGs56FVtsKkEPppQMM
80V3Daecsaksz0b8gjSpnakKD3WQ/nEfG/yZ5gxFiBnfrVDd2ju+XPvDAwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFDfOqmJsvYkFLzVFM139sxoTODAEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJmL2FkODk5
NC01MWYxLTRiNjUtYWNhMC1lMTVhOGI3MGU4ZDIvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYvYWQ4OTk0
LTUxZjEtNGI2NS1hY2EwLWUxNWE4YjcwZThkMi8xL044NnFZbXk5aVFVdk5VVXpY
ZjJ6R2hNNE1BUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQAwkwpAwQAwkwsAwQAwkw1AwQAwkyPMA0EAgAC
MAcDBQMqD63AMA0GCSqGSIb3DQEBCwUAA4IBAQA5RxynKBfmAdlPuORDW8IlWKXg
dpRXjyU5/wzBpCkDFFAY/THsFD1jAOBbCKdzfAhVI/kzCmBsSggO6x6LUp0fkDbb
454rlsSPRcplwtpbHwdi3LdPtZ8wKdtvkpbwbnHvurA44JJ6KT8kuEnZLdthRL/g
GJ7x9dH7aywJJY01esQ42Rm2jCLb3UDksPZDERr+NzsLgGB0XxHi80zaPbN0IOQg
jVToVJaJSkQfUf8mCCqtbZl5uQEnWICyUc3QR5d4n75/sf8mkeJpegxsCxnlDosG
DMCAvWTNAYbEiktuZGJvSBzMNvGNYuxWZRr6aOQ2Qb0A4O5tTRFlh3MbTSeQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:28:00 2025 by rpki-client