Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/O5olHl0dO6vkxXnJHrPgrDf3vyo.cer
File: O5olHl0dO6vkxXnJHrPgrDf3vyo.cer (raw, json)
Hash identifier: tnmwhUxgjKvkQdpg4TRk5TKVrwv2gphfjplaZ/2c8yY=
Subject key identifier: 3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942143A933E81F48007387E159C76DDD57
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 09:47:49 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 205020
IP: 94.142.252.0/24
IP: 2a12:76c0::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:a9:33:e8:1f:48:00:73:87:e1:59:c7:6d:dd:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 09:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b9a251e5d1d3babe4c579c91eb3e0ac37f7bf2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f4:73:5a:65:69:42:91:3a:f7:e4:94:56:ab:
6d:a1:13:15:23:ed:ec:5f:88:93:1a:9a:ee:c9:09:
8e:df:99:3d:c9:8b:f3:dc:17:df:49:4d:87:76:09:
d1:83:ed:74:d8:a0:07:92:ed:81:f5:3c:14:72:c1:
49:b1:4a:5e:77:32:02:0c:a2:ae:92:7d:a5:90:b5:
23:b0:e5:fd:9c:f5:19:8c:f0:39:5c:eb:4f:77:0c:
19:3e:dd:09:e7:de:d6:9f:48:d2:ac:88:42:e9:fd:
6f:cc:1e:f6:3a:50:dc:f0:f0:a0:5a:78:e4:b2:1b:
d7:89:8b:ee:88:48:88:3d:ee:49:ad:c9:2b:d9:23:
cb:4c:b4:bd:e2:bf:6d:02:a7:6a:3b:d6:a2:90:82:
de:35:e3:3c:6f:ca:43:0a:ad:fa:14:b8:67:fc:e4:
b4:27:00:c7:2f:ef:97:0e:c3:f4:14:07:f3:2c:13:
fd:8a:e2:53:fa:fa:32:58:53:9a:39:f7:0f:4c:bb:
93:50:56:05:7a:6b:14:1c:e1:ef:90:81:32:dc:28:
88:de:77:f8:b7:2f:be:4d:1c:c0:ef:38:a3:1b:e4:
35:16:8a:12:5e:d3:6b:68:2d:e2:0e:4e:a9:e5:6d:
9d:36:45:98:4b:6a:da:70:0f:b3:52:95:c6:50:76:
0f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9A:25:1E:5D:1D:3B:AB:E4:C5:79:C9:1E:B3:E0:AC:37:F7:BF:2A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/0ddff3-9e70-4d63-b5a0-c6632cc014b0/1/O5olHl0dO6vkxXnJHrPgrDf3vyo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.252.0/24
IPv6:
2a12:76c0::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
205020
Signature Algorithm: sha256WithRSAEncryption
a9:49:d3:42:12:14:b6:48:a4:13:80:ca:d3:3a:d2:9f:33:f7:
30:6a:ef:a9:79:6b:f2:78:4b:4e:54:86:60:e8:13:37:43:eb:
02:7b:f2:cb:5b:b2:e0:58:f3:bf:7b:5b:98:b1:9e:68:46:9f:
33:4e:f3:61:11:da:42:6c:49:02:85:66:ba:a3:d3:c4:8c:f5:
a8:e9:bf:40:33:c2:76:e5:b3:dd:2b:e0:7d:e5:c6:88:4f:94:
b2:f2:d3:9e:6f:2e:b0:1a:0d:62:66:e5:4f:4c:32:77:2a:31:
26:76:05:3d:4b:a8:25:c1:0a:29:0c:76:70:1c:d4:c6:6b:7f:
29:79:2f:2a:f7:3c:7a:28:e4:a7:9b:2f:ca:41:1c:8d:4b:b6:
7b:ea:ee:f1:ee:07:b3:2e:b2:41:f9:c2:b3:1a:32:4f:b8:c7:
56:02:b9:de:48:82:20:df:5f:b4:24:e9:43:ce:4f:21:ba:4c:
d3:a2:b1:9f:e1:18:45:36:86:57:e4:ec:c4:4b:9f:e6:f6:c2:
7c:f1:35:62:66:81:ef:97:45:da:79:62:ed:51:8d:d2:ad:5b:
78:8b:3c:2b:de:a8:4e:e0:40:32:eb:49:49:33:ea:5f:28:7e:
93:2b:70:00:4c:08:f6:6d:58:ed:8d:5f:97:94:55:24:9e:ae:
61:67:7d:fd
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQhQ6kz6B9IAHOH4VnHbd1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMDk0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjlhMjUxZTVkMWQzYmFiZTRjNTc5YzkxZWIzZTBhYzM3ZjdiZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfRzWmVpQpE69+SUVqttoRMVI+3s
X4iTGpruyQmO35k9yYvz3BffSU2HdgnRg+102KAHku2B9TwUcsFJsUpedzICDKKu
kn2lkLUjsOX9nPUZjPA5XOtPdwwZPt0J597Wn0jSrIhC6f1vzB72OlDc8PCgWnjk
shvXiYvuiEiIPe5Jrckr2SPLTLS94r9tAqdqO9aikILeNeM8b8pDCq36FLhn/OS0
JwDHL++XDsP0FAfzLBP9iuJT+voyWFOaOfcPTLuTUFYFemsUHOHvkIEy3CiI3nf4
ty++TRzA7zijG+Q1FooSXtNraC3iDk6p5W2dNkWYS2racA+zUpXGUHYP+wIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDuaJR5dHTur5MV5yR6z4Kw3978qMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1LzBkZGZm
My05ZTcwLTRkNjMtYjVhMC1jNjYzMmNjMDE0YjAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvMGRkZmYz
LTllNzAtNGQ2My1iNWEwLWM2NjMyY2MwMTRiMC8xL081b2xIbDBkTzZ2a3hYbkpI
clBnckRmM3Z5by5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQAXo78MA0EAgACMAcDBQMqEnbAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMg3DANBgkqhkiG9w0BAQsFAAOCAQEAqUnTQhIUtkik
E4DK0zrSnzP3MGrvqXlr8nhLTlSGYOgTN0PrAnvyy1uy4Fjzv3tbmLGeaEafM07z
YRHaQmxJAoVmuqPTxIz1qOm/QDPCduWz3SvgfeXGiE+UsvLTnm8usBoNYmblT0wy
dyoxJnYFPUuoJcEKKQx2cBzUxmt/KXkvKvc8eijkp5svykEcjUu2e+ru8e4Hsy6y
QfnCsxoyT7jHVgK53kiCIN9ftCTpQ85PIbpM06Kxn+EYRTaGV+TsxEuf5vbCfPE1
YmaB75dF2nli7VGN0q1beIs8K96oTuBAMutJSTPqXyh+kytwAEwI9m1Y7Y1fl5RV
JJ6uYWd9/Q==
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:05:45 2025 by rpki-client