Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
File: Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer (raw, json)
Hash identifier: SPdj4/yDkMJnOFFWM7Bjs0MtRe6zVMh4WPxsRGmAmWM=
Subject key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1988959FFAA75DCFB0D5F629BD3C6
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:47:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 24796
AS: 196959
AS: 201462
AS: 206122
IP: 185.0.9.0/24
IP: 185.1.218.0/24
IP: 185.33.108.0/22
IP: 193.24.29.0/24
IP: 193.201.28.0/23
IP: 193.201.40.0/24
IP: 2001:7f8:10::/48
IP: 2001:7f8:11b::/48
IP: 2001:7f8:13f::/48
IP: 2a0f:80::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:98:89:59:ff:aa:75:dc:fb:0d:5f:62:9b:d3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b3daef89306a75f0b88191440742a720afb3f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b9:8d:60:92:93:e2:bb:2a:91:a7:02:35:54:
dc:5c:80:15:84:33:10:4e:29:12:1c:5d:5c:15:86:
06:c0:13:db:d3:78:58:a4:4c:66:b4:3c:e3:23:24:
28:e8:e6:1e:cc:8b:c2:a5:2a:a8:b4:9a:1c:1d:1e:
d0:69:2c:63:57:b1:1a:1a:d9:19:2d:08:47:09:bc:
23:2b:66:2e:78:50:d3:a9:c9:9e:ae:51:73:c1:31:
b5:0a:11:20:e2:7c:97:97:6a:40:9b:39:80:13:ec:
8d:6d:ce:99:11:e8:80:0c:ea:35:e3:d3:1b:14:6b:
19:68:7a:34:c7:11:d7:1d:39:57:3e:3f:3f:44:75:
9b:45:85:62:49:98:38:53:9b:0c:c0:4d:3f:3f:0b:
b8:98:2c:56:ac:0e:06:74:84:5c:0b:8b:c0:c6:82:
7b:25:a1:38:1d:02:12:b4:03:28:ae:74:47:26:4a:
dd:cf:a6:e6:7c:90:73:90:43:59:d0:25:fb:6d:ce:
e9:74:a3:5a:ea:39:e0:ea:28:3b:15:60:34:9f:db:
06:45:00:3d:cb:a3:ed:b4:a8:65:64:29:05:ce:ad:
b3:fc:6a:78:86:58:a1:39:34:aa:0c:4b:53:a8:32:
cc:14:c2:63:b8:ce:f6:f4:95:d7:df:f0:b5:e3:e5:
5a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.0.9.0/24
185.1.218.0/24
185.33.108.0/22
193.24.29.0/24
193.201.28.0/23
193.201.40.0/24
IPv6:
2001:7f8:10::/48
2001:7f8:11b::/48
2001:7f8:13f::/48
2a0f:80::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
24796
196959
201462
206122
Signature Algorithm: sha256WithRSAEncryption
08:30:2d:70:85:ce:94:75:20:80:9c:02:9d:44:83:38:ef:2b:
a8:22:30:7e:9f:48:2f:16:25:a8:6f:45:f2:30:6a:68:ae:4a:
c9:c8:32:16:53:8f:68:13:a1:7f:f8:64:ce:0a:a9:63:c4:ca:
79:bc:54:c8:81:74:1d:c9:e4:46:ed:bd:38:88:27:b5:00:5f:
d7:d7:cb:43:e7:40:f0:a4:f7:55:aa:f9:74:5a:42:95:92:46:
3e:b4:9e:ea:41:ae:e8:35:f5:10:eb:6b:8a:98:f6:2b:89:8d:
d8:ea:d0:8c:ca:0c:9a:4f:da:45:fa:50:1e:80:a5:a4:e1:19:
1b:4c:58:da:1e:fa:31:88:1a:5d:99:8c:ea:10:bd:f3:26:11:
03:71:48:82:e3:39:13:99:41:35:29:46:0a:e6:3a:a8:33:01:
69:2d:ca:15:1e:19:ca:34:21:1a:5e:92:84:19:89:c7:6f:74:
92:c5:97:5c:56:0c:19:eb:b9:c4:32:4a:1c:b4:5d:84:ac:b9:
97:50:a7:d5:31:ef:a3:a4:94:b5:01:10:a2:a3:90:9d:1f:cf:
dd:00:fe:d3:bf:92:4c:4d:9e:0d:ff:92:d7:a2:cb:87:84:ea:
24:50:5e:96:8e:ea:37:8b:a5:f9:f7:8e:e5:f6:67:84:e0:af:
27:4e:3e:8d
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZQhsZiJWf+qddz7DV9im9PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNkYWVmODkzMDZhNzVmMGI4ODE5MTQ0MDc0MmE3MjBhZmIzZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurmNYJKT4rsqkacCNVTcXIAVhDMQ
TikSHF1cFYYGwBPb03hYpExmtDzjIyQo6OYezIvCpSqotJocHR7QaSxjV7EaGtkZ
LQhHCbwjK2YueFDTqcmerlFzwTG1ChEg4nyXl2pAmzmAE+yNbc6ZEeiADOo149Mb
FGsZaHo0xxHXHTlXPj8/RHWbRYViSZg4U5sMwE0/Pwu4mCxWrA4GdIRcC4vAxoJ7
JaE4HQIStAMornRHJkrdz6bmfJBzkENZ0CX7bc7pdKNa6jng6ig7FWA0n9sGRQA9
y6PttKhlZCkFzq2z/Gp4hlihOTSqDEtTqDLMFMJjuM729JXX3/C14+Va4QIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFDs9rviTBqdfC4gZFEB0KnIK+z8gMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJkL2YxNTBi
MS00M2I5LTQ5MTEtYTAwNS1hYWNhZDg2YzYxN2QvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQvZjE1MGIx
LTQzYjktNDkxMS1hMDA1LWFhY2FkODZjNjE3ZC8xL096MnUtSk1HcDE4TGlCa1VR
SFFxY2dyN1B5QS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGCCsGAQUF
BwEHAQH/BFgwVjAqBAIAATAkAwQAuQAJAwQAuQHaAwQCuSFsAwQAwRgdAwQBwckc
AwQAwckoMCgEAgACMCIDBwAgAQf4ABADBwAgAQf4ARsDBwAgAQf4AT8DBQAqDwCA
MCgGCCsGAQUFBwEIAQH/BBkwF6AVMBMCAmDcAgMDAV8CAwMS9gIDAyUqMA0GCSqG
SIb3DQEBCwUAA4IBAQAIMC1whc6UdSCAnAKdRIM47yuoIjB+n0gvFiWob0XyMGpo
rkrJyDIWU49oE6F/+GTOCqljxMp5vFTIgXQdyeRG7b04iCe1AF/X18tD50DwpPdV
qvl0WkKVkkY+tJ7qQa7oNfUQ62uKmPYriY3Y6tCMygyaT9pF+lAegKWk4RkbTFja
HvoxiBpdmYzqEL3zJhEDcUiC4zkTmUE1KUYK5jqoMwFpLcoVHhnKNCEaXpKEGYnH
b3SSxZdcVgwZ67nEMkoctF2ErLmXUKfVMe+jpJS1ARCio5CdH8/dAP7Tv5JMTZ4N
/5LXosuHhOokUF6Wjuo3i6X5947l9meE4K8nTj6N
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:19:33 2025 by rpki-client