Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
File: NW2albrOGXhcQGR2Y_MdkFYmHC8.cer (raw, json)
Hash identifier: gMyyExR6GQ1GKvHZD50z+VZT0o9DsjmBsPd/UgPbGNQ=
Subject key identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942369E66887002B16CB6AD410E8A41784
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 19:48:50 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 60321
IP: 185.32.192.0/22
IP: 2a04:5840::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e6:68:87:00:2b:16:cb:6a:d4:10:e8:a4:17:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=356d9a95bace19785c40647663f31d9056261c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:13:f8:80:e6:ad:96:b2:a5:3a:22:30:f4:
4a:51:d2:3e:ed:43:8a:dd:14:c7:8b:1a:99:fe:f7:
4a:a7:0a:84:24:01:73:c3:b9:b7:2f:7b:55:9b:5a:
36:69:7f:0a:48:a8:fa:75:28:7d:e9:89:99:16:59:
eb:f0:f9:10:36:e9:a1:40:cf:79:31:e5:2f:86:f1:
0b:28:82:82:a1:ea:ec:b9:bf:dd:12:0d:b0:9d:f9:
85:97:9a:77:98:5f:b2:43:8f:90:d3:f0:d1:de:77:
24:9f:b1:5c:92:01:ab:0b:6c:8a:c6:12:dc:6a:d1:
50:08:90:8f:60:de:82:e1:c3:7c:7e:28:90:d4:8b:
d8:8f:9b:c9:15:4a:bd:8d:13:96:2d:c5:ba:90:ef:
28:a6:f1:cb:f9:6d:f4:df:7b:d2:0a:ab:5c:07:ed:
93:e9:fd:be:82:b8:82:13:17:14:32:29:3c:ab:33:
07:d3:80:70:31:a2:89:91:89:cd:f0:9d:52:88:53:
66:87:98:a5:bf:9f:73:ae:12:64:52:24:2d:cc:cc:
d9:c0:38:71:07:88:8a:d8:8a:7a:f0:f5:92:a7:dc:
92:60:a0:1f:5f:7d:cf:7c:db:8e:7d:78:14:4f:b0:
9a:b2:10:ee:f4:6a:12:e0:f3:a6:19:64:dc:2a:2b:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.192.0/22
IPv6:
2a04:5840::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
60321
Signature Algorithm: sha256WithRSAEncryption
11:9b:84:da:7c:21:19:64:d9:3b:4c:f0:ea:e7:d4:88:53:de:
cb:18:28:2a:4d:d7:6c:a6:e3:b4:e6:1d:28:7b:9d:06:dc:15:
fa:bb:9a:48:65:60:aa:2d:50:4e:13:a2:90:62:ba:9f:65:a0:
89:9c:de:b9:ea:7f:92:0c:6c:c6:c0:ba:2e:02:5f:1c:e6:75:
8a:31:51:5c:93:ab:a3:05:05:7b:a8:cd:02:73:fe:90:0b:39:
15:b2:f7:8f:e7:45:eb:a6:dd:3e:5d:20:0f:38:f5:5c:a1:bf:
fe:84:07:22:6d:36:8e:f2:16:b5:46:24:eb:3c:e0:0e:a9:20:
01:83:77:88:dc:7b:a7:35:39:87:00:77:18:2c:69:c0:87:20:
66:ac:df:b7:cc:e7:55:2a:b2:53:ca:c0:48:50:39:17:99:66:
82:3c:65:fb:97:12:c7:51:e4:15:2f:39:e6:8e:62:09:fc:6f:
0f:be:fb:69:b7:47:2b:01:1a:b5:a9:bd:a5:e5:2b:6c:8f:27:
84:32:73:22:d7:d8:a0:7e:51:f2:07:be:4a:a9:62:6f:70:52:
ee:e1:ef:bc:11:f6:b2:03:8a:48:bb:26:3d:7f:07:ea:25:06:
f6:ab:c8:0d:2b:bb:0f:85:f8:c1:8a:f0:a9:85:0b:0c:b4:8c:
60:17:0c:69
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQjaeZohwArFstq1BDopBeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZkOWE5NWJhY2UxOTc4NWM0MDY0NzY2M2YzMWQ5MDU2MjYxYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUcT+IDmrZaypToiMPRKUdI+7UOK
3RTHixqZ/vdKpwqEJAFzw7m3L3tVm1o2aX8KSKj6dSh96YmZFlnr8PkQNumhQM95
MeUvhvELKIKCoersub/dEg2wnfmFl5p3mF+yQ4+Q0/DR3nckn7FckgGrC2yKxhLc
atFQCJCPYN6C4cN8fiiQ1IvYj5vJFUq9jROWLcW6kO8opvHL+W3033vSCqtcB+2T
6f2+griCExcUMik8qzMH04BwMaKJkYnN8J1SiFNmh5ilv59zrhJkUiQtzMzZwDhx
B4iK2Ip68PWSp9ySYKAfX33PfNuOfXgUT7CashDu9GoS4POmGWTcKiut4wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDVtmpW6zhl4XEBkdmPzHZBWJhwvMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JhL2RkOWM5
MC0zMWE5LTQ5OTUtOWRhMy00ZWZkZTZlYjMyZDQvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEvZGQ5Yzkw
LTMxYTktNDk5NS05ZGEzLTRlZmRlNmViMzJkNC8xL05XMmFsYnJPR1hoY1FHUjJZ
X01ka0ZZbUhDOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuSDAMA0EAgACMAcDBQMqBFhAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDroTANBgkqhkiG9w0BAQsFAAOCAQEAEZuE2nwhGWTZ
O0zw6ufUiFPeyxgoKk3XbKbjtOYdKHudBtwV+ruaSGVgqi1QThOikGK6n2WgiZze
uep/kgxsxsC6LgJfHOZ1ijFRXJOrowUFe6jNAnP+kAs5FbL3j+dF66bdPl0gDzj1
XKG//oQHIm02jvIWtUYk6zzgDqkgAYN3iNx7pzU5hwB3GCxpwIcgZqzft8znVSqy
U8rASFA5F5lmgjxl+5cSx1HkFS855o5iCfxvD777abdHKwEatam9peUrbI8nhDJz
ItfYoH5R8ge+Sqlib3BS7uHvvBH2sgOKSLsmPX8H6iUG9qvIDSu7D4X4wYrwqYUL
DLSMYBcMaQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:04:43 2025 by rpki-client