Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
File: OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer (raw, json)
Hash identifier: fIbEjOeP5lKXdz4Lwi4I0DL5Upb5w6qvOPKfU0A0u/k=
Subject key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019425FCC42207AB88B6B3E6D9426602B701
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 07:48:29 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 204973
IP: 185.184.108.0/22
IP: 2a0b:2680::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:c4:22:07:ab:88:b6:b3:e6:d9:42:66:02:b7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38728e9bd37399df9ffae587bd06884b350a65b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:38:bc:f3:75:d9:05:af:65:57:97:14:96:f1:
c8:8b:1b:61:6a:15:01:23:0a:40:07:92:fd:11:74:
8f:7c:1b:a3:b6:ed:48:81:69:bc:06:7e:49:69:d7:
48:07:8e:97:af:12:24:3a:4f:99:8b:81:6b:f5:68:
7a:93:a4:fb:54:86:42:b5:34:81:2d:37:5b:60:b7:
88:75:3a:05:07:39:52:f2:ab:d4:ca:a7:aa:30:10:
b6:dd:c9:9a:36:1c:67:33:2f:c1:c9:be:2c:c8:ab:
b9:0f:da:d3:72:07:a9:b3:9d:26:77:e9:d4:82:6c:
71:cb:77:07:9b:f4:74:09:ba:fd:64:d2:df:b6:2b:
4a:d8:e6:a6:42:bb:91:58:68:7b:4d:59:15:e6:90:
f8:f0:e3:db:61:e8:0c:2c:cf:0b:0a:c9:43:c3:69:
7d:36:01:8c:bd:18:74:bc:46:7f:df:0a:e8:29:0b:
a7:bb:d8:e3:e3:86:e2:4f:77:fa:ce:2e:2a:25:ea:
79:2c:f1:62:8a:73:c9:ab:56:31:e4:fb:fd:85:59:
59:c9:3c:c2:b9:57:aa:26:fa:91:a3:95:27:80:13:
ea:76:27:96:07:78:31:44:fc:c0:93:a5:7e:0d:fb:
da:90:82:51:2f:d1:9e:3d:00:d4:3d:53:e0:81:98:
7f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.108.0/22
IPv6:
2a0b:2680::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
204973
Signature Algorithm: sha256WithRSAEncryption
81:81:59:43:24:68:3d:a4:1d:45:9a:7a:f6:d5:b7:31:bc:6e:
49:0a:e3:45:20:b0:33:ed:5a:fd:b5:a6:65:da:bf:58:73:0c:
33:8a:34:8e:1b:80:1f:bc:fe:6f:12:c6:65:aa:71:a0:26:88:
5b:c3:ab:0b:fd:e0:b7:4d:7f:6c:8b:be:e7:ab:13:4b:68:66:
24:b9:1e:d9:2a:74:90:23:dd:21:b1:4c:53:af:20:bc:93:66:
54:08:61:d5:ac:d3:01:de:3b:e4:f1:58:ba:c4:9b:27:82:81:
ac:48:2e:53:57:b4:c1:59:3c:3d:5a:7f:f2:39:3d:6b:8e:c7:
26:78:ad:af:b4:75:3a:0f:33:17:12:f9:fd:ad:e0:e2:11:96:
2f:d6:a7:36:0e:1c:61:23:bb:cd:22:61:7d:a7:d5:9d:66:21:
96:1d:59:18:c9:ee:8a:d8:c4:12:53:a9:bd:e1:c0:f1:07:ee:
91:2e:3b:ae:cd:cf:73:4a:07:38:34:d4:27:89:cb:aa:e7:36:
7e:11:4e:f6:61:56:4b:54:bf:dd:65:ca:99:0a:3e:67:57:ba:
07:a5:3c:16:1a:30:4b:09:49:22:d5:10:29:49:fd:a5:db:1f:
72:68:ac:91:75:4b:4b:25:ef:75:dc:24:2e:97:fc:be:9e:55:
80:3c:f8:82
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQl/MQiB6uItrPm2UJmArcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcyOGU5YmQzNzM5OWRmOWZmYWU1ODdiZDA2ODg0YjM1MGE2NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzi883XZBa9lV5cUlvHIixthahUB
IwpAB5L9EXSPfBujtu1IgWm8Bn5JaddIB46XrxIkOk+Zi4Fr9Wh6k6T7VIZCtTSB
LTdbYLeIdToFBzlS8qvUyqeqMBC23cmaNhxnMy/Byb4syKu5D9rTcgeps50md+nU
gmxxy3cHm/R0Cbr9ZNLftitK2OamQruRWGh7TVkV5pD48OPbYegMLM8LCslDw2l9
NgGMvRh0vEZ/3wroKQunu9jj44biT3f6zi4qJep5LPFiinPJq1Yx5Pv9hVlZyTzC
uVeqJvqRo5UngBPqdieWB3gxRPzAk6V+DfvakIJRL9GePQDUPVPggZh/fwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFDhyjpvTc5nfn/rlh70GiEs1CmW3MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q3L2JlM2Uy
NS04ODFjLTRhZWMtYTkzMi1mOGNmYTMzZDY4NGUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcvYmUzZTI1
LTg4MWMtNGFlYy1hOTMyLWY4Y2ZhMzNkNjg0ZS8xL09IS09tOU56bWQtZi11V0h2
UWFJU3pVS1piYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCubhsMA0EAgACMAcDBQMqCyaAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMgrTANBgkqhkiG9w0BAQsFAAOCAQEAgYFZQyRoPaQd
RZp69tW3MbxuSQrjRSCwM+1a/bWmZdq/WHMMM4o0jhuAH7z+bxLGZapxoCaIW8Or
C/3gt01/bIu+56sTS2hmJLke2Sp0kCPdIbFMU68gvJNmVAhh1azTAd475PFYusSb
J4KBrEguU1e0wVk8PVp/8jk9a47HJnitr7R1Og8zFxL5/a3g4hGWL9anNg4cYSO7
zSJhfafVnWYhlh1ZGMnuitjEElOpveHA8QfukS47rs3Pc0oHODTUJ4nLquc2fhFO
9mFWS1S/3WXKmQo+Z1e6B6U8FhowSwlJItUQKUn9pdsfcmiskXVLSyXvddwkLpf8
vp5VgDz4gg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:06:59 2025 by rpki-client