Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer
File: NbA-yF0IYHprHd8f553GUcz-Pzc.cer (raw, json)
Hash identifier: edrqJR7RBzWKXaRFp3xpvBl3dJuzxlbXWAsEqYS89PM=
Subject key identifier: 35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019422FBBEF6C6347C7CD02C7C5D0D6ED732
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 17:48:31 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 44134
IP: 79.142.224.0/20
IP: 217.71.0.0/20
IP: 2a02:2190::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:be:f6:c6:34:7c:7c:d0:2c:7c:5d:0d:6e:d7:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c3:79:6a:ed:7a:ad:3b:c0:5e:32:b9:39:72:
fb:d6:01:65:b6:50:6c:a0:22:56:bf:ad:21:ed:51:
ed:90:dd:12:27:5b:21:07:d2:f7:e8:05:0f:8d:66:
f0:55:56:0d:61:23:18:b0:d1:df:5a:21:74:05:c7:
94:ee:01:6a:dc:b8:8e:e2:3c:4a:e7:8a:43:19:84:
8c:bb:76:c3:21:1a:a5:00:19:28:56:a2:be:e6:e7:
83:8f:a2:7c:2d:4e:74:2b:69:74:16:dc:75:20:91:
65:79:37:64:9c:e6:ef:9a:9b:38:86:d8:70:bd:07:
96:d4:4a:4b:bc:5f:c9:85:bf:f8:31:5f:be:63:d8:
b1:68:29:cf:e9:8f:ee:e4:72:6b:ab:f5:a1:4b:ec:
e3:4a:50:d1:e0:87:9e:b1:65:04:44:e6:d7:e4:5b:
22:7d:98:2d:39:5a:76:ce:13:c5:a4:bd:c3:04:e7:
d9:a5:df:6b:b8:2b:b1:8a:f5:17:26:12:40:1c:99:
39:78:43:b3:b3:e9:aa:c5:d3:79:3e:91:b9:18:89:
25:68:0f:d5:ae:d8:c0:b9:73:ee:9a:c3:44:81:c8:
9d:d3:e3:69:c2:e0:88:27:ee:f1:82:3e:de:fe:5a:
2a:55:08:9a:94:2d:df:0c:0c:cf:00:2d:73:94:87:
00:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.224.0/20
217.71.0.0/20
IPv6:
2a02:2190::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
44134
Signature Algorithm: sha256WithRSAEncryption
31:0f:98:77:fa:64:00:1a:24:35:97:78:55:24:55:96:57:05:
d4:78:8d:41:b3:14:a1:4b:5a:ee:34:bf:54:f1:31:f1:81:43:
4b:f9:9d:3d:d3:f9:42:29:f2:bb:89:49:49:44:d6:2c:74:3b:
70:61:2e:99:2b:e7:48:9d:ea:d5:a5:fd:ba:e8:70:25:67:9a:
e0:e0:c6:c6:63:c4:3f:30:3f:f0:13:74:9f:16:82:53:3d:a1:
b6:3b:95:11:f6:b2:ba:d4:d0:cc:65:3f:54:a3:8e:b4:21:e5:
a5:db:98:07:9b:a0:98:fa:15:11:ac:00:56:55:77:11:5e:2c:
6a:47:11:56:5e:1e:d7:a5:21:da:8f:6c:cf:30:d4:41:be:55:
3e:10:1b:71:85:cf:0b:17:36:c7:6b:71:08:3f:ee:6a:1f:95:
6d:15:8e:aa:6e:09:f4:7c:c4:78:48:d9:50:89:d2:a0:6e:35:
a5:e0:4e:a0:5a:e6:7d:09:e5:8d:38:9b:21:c9:1a:af:15:c4:
48:70:52:2e:6d:4d:18:af:44:ab:28:52:9f:cc:6e:2e:2f:95:
67:77:bc:c0:d6:ac:60:e7:ce:c6:5d:60:fe:16:3f:17:a9:f0:
1a:1f:ec:ae:7c:19:57:d5:39:28:d4:15:1a:35:37:3b:d4:fa:
59:eb:97:5c
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQi+772xjR8fNAsfF0NbtcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWIwM2VjODVkMDg2MDdhNmIxZGRmMWZlNzlkYzY1MWNjZmUzZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMN5au16rTvAXjK5OXL71gFltlBs
oCJWv60h7VHtkN0SJ1shB9L36AUPjWbwVVYNYSMYsNHfWiF0BceU7gFq3LiO4jxK
54pDGYSMu3bDIRqlABkoVqK+5ueDj6J8LU50K2l0Ftx1IJFleTdknObvmps4hthw
vQeW1EpLvF/Jhb/4MV++Y9ixaCnP6Y/u5HJrq/WhS+zjSlDR4IeesWUERObX5Fsi
fZgtOVp2zhPFpL3DBOfZpd9ruCuxivUXJhJAHJk5eEOzs+mqxdN5PpG5GIklaA/V
rtjAuXPumsNEgcid0+NpwuCIJ+7xgj7e/loqVQialC3fDAzPAC1zlIcAjwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDWwPshdCGB6ax3fH+edxlHM/j83MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk1L2NjNGZl
OS1lNDhjLTQyZGEtOTdlYS1hYjU3Y2FiYzE4ZjcvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUvY2M0ZmU5
LWU0OGMtNDJkYS05N2VhLWFiNTdjYWJjMThmNy8xL05iQS15RjBJWUhwckhkOGY1
NTNHVWN6LVB6Yy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQET47gAwQE2UcAMA0EAgACMAcDBQMqAiGQMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCsZjANBgkqhkiG9w0BAQsFAAOCAQEAMQ+Y
d/pkABokNZd4VSRVllcF1HiNQbMUoUta7jS/VPEx8YFDS/mdPdP5Qinyu4lJSUTW
LHQ7cGEumSvnSJ3q1aX9uuhwJWea4ODGxmPEPzA/8BN0nxaCUz2htjuVEfayutTQ
zGU/VKOOtCHlpduYB5ugmPoVEawAVlV3EV4sakcRVl4e16Uh2o9szzDUQb5VPhAb
cYXPCxc2x2txCD/uah+VbRWOqm4J9HzEeEjZUInSoG41peBOoFrmfQnljTibIcka
rxXESHBSLm1NGK9EqyhSn8xuLi+VZ3e8wNasYOfOxl1g/hY/F6nwGh/srnwZV9U5
KNQVGjU3O9T6WeuXXA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:03:23 2025 by rpki-client