Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
File: OSG38e7pDZnilCGKk4dTweotwmc.cer (raw, json)
Hash identifier: RgY3kOmd61EXOmBPfS9wTJTgkci2EefbF9YFl99nX60=
Subject key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0196FC22E1399D44DC2E646E3F554D686EA5
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Fri 23 May 2025 07:54:26 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 201675
IP: 45.151.220.0/22
IP: 89.21.80.0/22
IP: 149.232.242.0/24
IP: 185.67.144.0/22
IP: 2a05:1000::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:22:e1:39:9d:44:dc:2e:64:6e:3f:55:4d:68:6e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: May 23 07:54:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:58:78:13:10:63:82:7d:4e:fd:56:e4:4c:
27:b9:1c:fc:61:41:d1:79:03:f8:61:8c:da:76:2e:
08:1c:5b:a0:39:11:de:6e:7f:b7:40:c1:f5:6f:98:
f5:af:c5:17:2f:c5:87:95:63:34:b3:46:a8:c8:7d:
42:d1:17:72:0e:57:bf:25:e9:34:3a:41:3a:a5:bf:
bc:e9:3c:3c:bc:cf:24:d2:b7:ed:69:f8:55:1f:d4:
61:9c:78:93:18:3b:3a:80:77:2e:d5:11:cf:dd:99:
0a:bf:28:75:09:ca:2d:e5:5a:9b:5b:2f:24:50:bc:
ac:7d:34:6d:d6:9b:1a:83:46:24:38:aa:7b:2b:9e:
de:67:e2:4d:7f:db:03:39:fe:1c:4d:f3:1c:cc:d9:
38:54:a8:cf:47:e6:1e:c9:23:52:7a:75:ee:32:95:
70:0f:0d:02:f5:a7:f6:93:ac:8a:ba:38:0e:04:2d:
12:91:97:85:f4:2b:fa:71:58:c7:c4:cc:ac:e9:d8:
9c:28:d7:09:a9:51:bf:11:43:82:ef:7e:be:19:6e:
7a:04:db:d4:fc:ae:9d:86:22:af:29:a5:4d:05:91:
41:cd:af:8b:ef:dc:00:f7:2c:6f:82:b2:68:72:56:
4f:f2:5d:5b:a6:fc:33:37:91:93:20:d1:5b:4a:53:
d6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.220.0/22
89.21.80.0/22
149.232.242.0/24
185.67.144.0/22
IPv6:
2a05:1000::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201675
Signature Algorithm: sha256WithRSAEncryption
97:ed:27:6d:74:57:41:11:bb:56:72:44:94:de:1f:ae:0c:41:
ff:a1:d1:aa:31:0e:d8:32:b1:38:66:3d:d3:f9:45:fc:4e:43:
25:e8:d3:3d:4f:f4:21:ed:4d:07:f5:13:b4:d8:ae:6d:ce:fc:
a4:c8:9a:40:9e:4d:a1:39:c0:5f:2a:d8:f8:c4:9f:84:ea:b6:
b1:d0:d6:8a:da:77:0f:44:d4:0f:c8:99:39:f1:1f:3c:05:53:
ef:27:a9:56:00:17:7d:dd:dd:7f:d4:fa:b6:5a:5b:4f:f4:94:
d5:83:53:25:bf:8d:0a:cd:e7:a2:db:ee:d3:4c:bd:22:ab:6b:
ef:10:81:2d:d4:f0:51:ad:ac:ef:4b:22:03:0b:58:1f:16:92:
81:4a:e9:7c:aa:b1:17:a1:0b:3a:ee:09:74:c5:e8:d8:64:64:
94:87:50:e5:b3:30:bf:d1:ea:9a:3e:09:8d:6a:f3:d5:cd:3e:
f5:e7:63:84:f3:5c:a2:d4:bb:b7:7f:fe:ec:34:3d:d0:e2:8c:
33:92:ce:1c:bf:f3:ad:61:78:42:d4:ec:37:a1:99:f4:93:94:
3d:c7:58:83:1e:a9:b1:12:04:af:3a:af:fd:d8:4f:c7:3d:3d:
cd:14:10:4d:18:17:ed:54:80:87:5c:cd:a3:9f:07:11:ec:f7:
e0:00:be:a7
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAZb8IuE5nUTcLmRuP1VNaG6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwNTIzMDc1NDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIxYjdmMWVlZTkwZDk5ZTI5NDIxOGE5Mzg3NTNjMWVhMmRjMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1RYeBMQY4J9Tv1W5EwnuRz8YUHR
eQP4YYzadi4IHFugORHebn+3QMH1b5j1r8UXL8WHlWM0s0aoyH1C0RdyDle/Jek0
OkE6pb+86Tw8vM8k0rftafhVH9RhnHiTGDs6gHcu1RHP3ZkKvyh1Ccot5VqbWy8k
ULysfTRt1psag0YkOKp7K57eZ+JNf9sDOf4cTfMczNk4VKjPR+YeySNSenXuMpVw
Dw0C9af2k6yKujgOBC0SkZeF9Cv6cVjHxMys6dicKNcJqVG/EUOC736+GW56BNvU
/K6dhiKvKaVNBZFBza+L79wA9yxvgrJoclZP8l1bpvwzN5GTINFbSlPWewIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5L2JlMWRi
MS00ZGM0LTQ2M2MtYmFmOC0yNDQxZTEwZjZmOGYvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkvYmUxZGIx
LTRkYzQtNDYzYy1iYWY4LTI0NDFlMTBmNmY4Zi8xL09TRzM4ZTdwRFpuaWxDR0tr
NGRUd2VvdHdtYy5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUF
BwEHAQH/BDEwLzAeBAIAATAYAwQCLZfcAwQCWRVQAwQAlejyAwQCuUOQMA0EAgAC
MAcDBQMqBRAAMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMTyzANBgkqhkiG9w0B
AQsFAAOCAQEAl+0nbXRXQRG7VnJElN4frgxB/6HRqjEO2DKxOGY90/lF/E5DJejT
PU/0Ie1NB/UTtNiubc78pMiaQJ5NoTnAXyrY+MSfhOq2sdDWitp3D0TUD8iZOfEf
PAVT7yepVgAXfd3df9T6tlpbT/SU1YNTJb+NCs3notvu00y9Iqtr7xCBLdTwUa2s
70siAwtYHxaSgUrpfKqxF6ELOu4JdMXo2GRklIdQ5bMwv9Hqmj4JjWrz1c0+9edj
hPNcotS7t3/+7DQ90OKMM5LOHL/zrWF4QtTsN6GZ9JOUPcdYgx6psRIErzqv/dhP
xz09zRQQTRgX7VSAh1zNo58HEez34AC+pw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:22:16 2025 by rpki-client