Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
File: OKN8JN3KNH1xPteU0zzUqBqLSYo.cer (raw, json)
Hash identifier: m8iIz48lChL0DH22Rw0tDdABI+vTy98hey3KziptwjY=
Subject key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 01942825EEB10886460DF4234E98E1589F6F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 17:52:42 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 34978
IP: 81.29.224.0/20
IP: 185.52.8.0/22
IP: 2a04:c640::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:ee:b1:08:86:46:0d:f4:23:4e:98:e1:58:9f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 17:52:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:df:34:62:81:54:47:b4:9b:ca:9f:03:34:
9d:27:ad:c8:e6:f2:0a:12:26:11:05:07:40:2b:ab:
73:ff:8d:8a:34:4a:d2:89:88:37:c8:66:59:72:69:
91:f8:96:50:34:4b:be:df:12:d7:08:40:61:4c:83:
51:0d:ba:5f:d7:b7:c9:03:8e:73:76:83:02:12:88:
aa:a0:42:c6:c1:d4:fe:2d:2c:f2:e1:f9:51:bd:9b:
66:15:57:03:b2:e7:c8:73:59:b9:c9:0d:18:93:85:
9e:23:0c:96:bd:97:94:c9:7e:24:ed:08:73:aa:91:
ea:9a:85:0c:52:7f:e8:b5:29:f6:b0:6d:6c:c3:02:
d9:76:d4:c3:69:7f:84:85:8f:5a:97:b2:22:6b:a2:
8c:f5:fe:43:a6:05:02:5e:39:c5:75:7e:ab:fa:28:
06:c1:1b:22:79:25:08:88:15:22:74:a8:75:ec:cf:
9a:a1:9a:56:64:ac:25:a1:69:52:5f:6c:3c:5b:c9:
38:63:11:18:fd:98:5d:21:4a:e4:21:3a:a4:89:d9:
d0:c7:23:c4:9a:e6:52:3f:68:73:dd:56:c5:67:9b:
a1:cc:40:6e:79:3a:88:a0:be:c0:81:a9:bd:17:0c:
65:22:67:c8:bb:b4:ef:0c:9e:e8:b2:82:ce:eb:c5:
15:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.224.0/20
185.52.8.0/22
IPv6:
2a04:c640::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
34978
Signature Algorithm: sha256WithRSAEncryption
25:a4:b0:52:39:76:5e:24:20:fc:d7:09:0c:0b:b8:8b:ed:2d:
e1:51:6f:c7:e5:66:d4:fc:88:6b:37:c9:c5:52:a5:8c:1d:09:
92:e6:73:eb:0f:de:cf:06:a5:50:1c:3b:08:6a:f3:3a:59:6c:
b3:66:92:c2:2f:fc:3b:07:36:32:c8:af:43:6b:8a:83:d3:da:
f4:80:85:29:55:b8:d8:79:0e:ad:f0:50:db:62:d9:87:81:97:
7f:20:ef:77:5e:58:0d:b4:a6:7b:32:82:9e:38:2e:dc:3a:f0:
1b:0d:f9:e5:3e:c7:e2:b8:79:c8:82:d2:ad:a1:19:9a:5a:27:
91:80:5d:ec:b8:0d:b7:0a:1d:88:8c:c9:82:20:47:d8:30:a5:
ea:ab:64:0c:d6:fd:f8:2e:57:10:87:3a:e0:16:90:6c:76:ec:
3e:b0:5d:1a:69:c9:45:1b:d6:8c:e6:56:13:d3:01:ee:08:bc:
12:91:50:7c:b4:23:67:7e:b9:53:b2:d1:77:56:eb:bb:be:fa:
ce:fb:0c:14:f0:3a:74:6b:e8:64:8b:77:2d:ad:4b:dd:98:30:
ba:28:53:cb:1b:5c:7e:17:2d:40:ef:77:b4:96:54:38:cb:62:
3c:9f:52:a3:70:2d:02:c0:9c:b0:c4:cc:ae:7e:0c:c7:d0:aa:
e9:9d:7e:cc
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQoJe6xCIZGDfQjTpjhWJ9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTc1MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEzN2MyNGRkY2EzNDdkNzEzZWQ3OTRkMzNjZDRhODFhOGI0OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdXfNGKBVEe0m8qfAzSdJ63I5vIK
EiYRBQdAK6tz/42KNErSiYg3yGZZcmmR+JZQNEu+3xLXCEBhTINRDbpf17fJA45z
doMCEoiqoELGwdT+LSzy4flRvZtmFVcDsufIc1m5yQ0Yk4WeIwyWvZeUyX4k7Qhz
qpHqmoUMUn/otSn2sG1swwLZdtTDaX+EhY9al7Iia6KM9f5DpgUCXjnFdX6r+igG
wRsieSUIiBUidKh17M+aoZpWZKwloWlSX2w8W8k4YxEY/ZhdIUrkITqkidnQxyPE
muZSP2hz3VbFZ5uhzEBueTqIoL7Agam9FwxlImfIu7TvDJ7osoLO68UVJQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDijfCTdyjR9cT7XlNM81Kgai0mKMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZlLzFlMzNj
My1kMTk3LTQ1ZjItODI4ZS00NGE0OWQyNjM3MDAvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUvMWUzM2Mz
LWQxOTctNDVmMi04MjhlLTQ0YTQ5ZDI2MzcwMC8xL09LTjhKTjNLTkgxeFB0ZVUw
enpVcUJxTFNZby5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQEUR3gAwQCuTQIMA0EAgACMAcDBQMqBMZAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCIojANBgkqhkiG9w0BAQsFAAOCAQEAJaSw
Ujl2XiQg/NcJDAu4i+0t4VFvx+Vm1PyIazfJxVKljB0JkuZz6w/ezwalUBw7CGrz
Ollss2aSwi/8Owc2MsivQ2uKg9Pa9ICFKVW42HkOrfBQ22LZh4GXfyDvd15YDbSm
ezKCnjgu3DrwGw355T7H4rh5yILSraEZmlonkYBd7LgNtwodiIzJgiBH2DCl6qtk
DNb9+C5XEIc64BaQbHbsPrBdGmnJRRvWjOZWE9MB7gi8EpFQfLQjZ365U7LRd1br
u776zvsMFPA6dGvoZIt3La1L3ZgwuihTyxtcfhctQO93tJZUOMtiPJ9So3AtAsCc
sMTMrn4Mx9Cq6Z1+zA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:31 2025 by rpki-client