Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
File: PBuDiIaW_ERHjGk9bngD6VFiUOY.cer (raw, json)
Hash identifier: /lRzA7oE3dTQqabd+CDjBlCUGCldlVkuWv9P7haKqpU=
Subject key identifier: 3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D9C9CDF8487B60144EE4A1FFE22D21
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:54 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 216442
IP: 46.31.71.0/24
IP: 185.51.172.0/22
IP: 2a01:b2a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c9:cd:f8:48:7b:60:14:4e:e4:a1:ff:e2:2d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c1b83888696fc44478c693d6e7803e9516250e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:66:21:23:be:f9:1d:0e:1c:df:a3:07:8c:
03:69:25:00:ae:ea:9e:20:56:1b:5d:aa:f5:8c:0d:
c6:0c:f1:c1:7f:7c:e8:f3:d2:cc:cc:33:f6:fc:22:
af:27:91:32:00:f1:0a:b9:f1:c4:8c:0d:36:01:6e:
22:4d:6b:1c:72:aa:12:a5:ec:1a:b2:89:5d:05:17:
29:a8:f3:87:1b:69:3f:fd:0c:21:4f:f3:f4:c5:d0:
7f:8d:ba:83:72:f7:cb:cd:42:76:9b:79:39:49:06:
7d:26:d5:f1:9e:7f:7d:5c:56:ca:1d:b3:05:58:e4:
08:66:58:42:16:6f:02:02:bd:74:7f:42:46:f0:e1:
a9:85:fd:d0:d9:13:d3:82:ec:12:e9:fa:50:7e:7b:
f1:ac:1a:8a:2d:07:1c:09:0d:ef:db:01:bc:32:09:
95:91:f3:e3:e5:fe:08:19:4b:b7:03:1a:a1:f7:7f:
60:5f:cf:f6:d9:ea:4f:8f:4a:de:66:80:41:f1:5f:
6c:81:9f:1e:37:a6:11:f9:ac:0f:09:22:a6:55:f7:
86:9c:d2:33:89:ea:44:ec:9d:f6:ad:0f:f8:6a:cd:
44:2e:e4:9f:6e:4e:68:91:29:29:71:76:fc:07:e6:
58:b4:1c:8d:b5:20:4f:8f:0e:a9:23:55:6c:e4:bf:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.71.0/24
185.51.172.0/22
IPv6:
2a01:b2a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
216442
Signature Algorithm: sha256WithRSAEncryption
87:fa:05:ca:69:45:f7:13:4c:1e:a3:e3:70:4f:27:2c:8d:db:
cf:42:1e:fa:83:b5:f2:29:d3:35:d6:d3:83:e8:55:af:07:ae:
5c:17:e5:f8:15:3e:69:6d:60:12:17:ad:43:83:9e:96:0a:74:
7a:96:13:05:42:8d:8e:ff:a7:8a:06:64:2c:a4:0f:4e:66:84:
29:e9:13:c4:09:7a:57:c4:1b:59:70:97:9a:52:7d:de:92:ba:
e8:f3:48:bd:81:84:13:ca:c5:d1:9b:6d:68:f4:cd:84:de:22:
e8:d0:b9:fe:53:f0:66:3d:a6:d8:19:d9:2d:73:88:87:d2:de:
32:d8:83:c2:4d:f1:aa:7a:14:46:51:d8:a2:f5:00:61:8d:a6:
3c:05:bf:48:4f:64:8f:d9:93:6e:a1:42:02:1a:02:08:34:34:
79:62:8e:7d:9c:b3:aa:db:d6:79:48:b7:32:b7:93:ac:98:3e:
a4:e6:66:b9:0a:30:1f:78:34:99:01:c6:29:0a:77:32:b5:3d:
b5:ff:e0:16:34:72:19:96:e3:b1:8a:04:21:68:09:e1:ec:99:
70:b1:cf:82:07:81:e5:73:ff:4d:3c:e7:46:e6:61:55:a5:31:
99:85:d0:c1:c4:e2:e2:12:7a:fc:60:f0:b2:16:80:34:4a:a0:
18:93:45:a7
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQm2cnN+Eh7YBRO5KH/4i0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFiODM4ODg2OTZmYzQ0NDc4YzY5M2Q2ZTc4MDNlOTUxNjI1MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycJmISO++R0OHN+jB4wDaSUAruqe
IFYbXar1jA3GDPHBf3zo89LMzDP2/CKvJ5EyAPEKufHEjA02AW4iTWsccqoSpewa
soldBRcpqPOHG2k//QwhT/P0xdB/jbqDcvfLzUJ2m3k5SQZ9JtXxnn99XFbKHbMF
WOQIZlhCFm8CAr10f0JG8OGphf3Q2RPTguwS6fpQfnvxrBqKLQccCQ3v2wG8MgmV
kfPj5f4IGUu3Axqh939gX8/22epPj0reZoBB8V9sgZ8eN6YR+awPCSKmVfeGnNIz
iepE7J32rQ/4as1ELuSfbk5okSkpcXb8B+ZYtByNtSBPjw6pI1Vs5L8JmwIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDwbg4iGlvxER4xpPW54A+lRYlDmMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I2L2Q1NTY4
My1mZWMyLTQ3ZmQtYWM2ZS05ZTgyZGE3MzE1Y2YvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvZDU1Njgz
LWZlYzItNDdmZC1hYzZlLTllODJkYTczMTVjZi8xL1BCdURpSWFXX0VSSGpHazli
bmdENlZGaVVPWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQALh9HAwQCuTOsMA0EAgACMAcDBQAqAbKgMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwNNejANBgkqhkiG9w0BAQsFAAOCAQEAh/oF
ymlF9xNMHqPjcE8nLI3bz0Ie+oO18inTNdbTg+hVrweuXBfl+BU+aW1gEhetQ4Oe
lgp0epYTBUKNjv+nigZkLKQPTmaEKekTxAl6V8QbWXCXmlJ93pK66PNIvYGEE8rF
0ZttaPTNhN4i6NC5/lPwZj2m2BnZLXOIh9LeMtiDwk3xqnoURlHYovUAYY2mPAW/
SE9kj9mTbqFCAhoCCDQ0eWKOfZyzqtvWeUi3MreTrJg+pOZmuQowH3g0mQHGKQp3
MrU9tf/gFjRyGZbjsYoEIWgJ4eyZcLHPggeB5XP/TTznRuZhVaUxmYXQwcTi4hJ6
/GDwshaANEqgGJNFpw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:19 2025 by rpki-client