Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer
File: PXDx9lY95DoR02RJdWZ8HCjnlZ4.cer (raw, json)
Hash identifier: 56SbwQTkcD08QlpT7+zAeT8vGOdO9l1E7FNvVrdlEJ0=
Subject key identifier: 3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019427B65F90F3C73D18DC37EA58692B4D4F
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 15:50:51 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35492
IP: 78.41.112.0/21
IP: 185.194.20.0/22
IP: 193.238.156.0/22
IP: 2a02:60::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5f:90:f3:c7:3d:18:dc:37:ea:58:69:2b:4d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 15:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d70f1f6563de43a11d3644975667c1c28e7959e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:9b:52:c0:01:56:c8:04:0c:03:12:28:e4:
28:a3:08:31:41:65:e3:e6:51:c0:6e:4a:96:41:b4:
0e:52:46:cf:d2:a8:1e:e5:92:26:6a:f6:3d:38:ff:
61:66:88:3a:0b:ab:c9:2b:b5:28:e6:9c:cc:f6:6f:
9d:c7:2c:c0:7f:6d:09:32:8f:af:2e:cd:a0:a9:cf:
7b:e8:39:33:23:6d:90:3f:2e:7a:6a:97:bb:b7:72:
da:fc:5c:b3:94:c9:23:4a:44:06:73:fc:1c:6e:d1:
ec:00:60:75:dd:78:63:0a:b8:69:6e:af:0a:b2:75:
20:d1:a8:b5:0f:b3:b4:4e:eb:67:df:ff:ef:ba:70:
a4:13:f3:20:18:56:61:93:05:da:b0:26:cd:1b:66:
73:09:c8:51:b3:ba:1d:a3:91:13:97:b9:0b:dd:f8:
51:db:d6:ec:77:c3:db:64:db:a0:9a:e5:a6:2b:53:
ed:e4:09:f8:41:c6:65:f0:93:5b:38:68:56:00:1b:
11:23:64:ba:ca:4e:4c:c0:56:0d:82:98:c0:d2:e8:
bf:0c:0e:d7:a2:99:9c:50:0a:53:d9:af:47:dd:eb:
0f:37:aa:62:d8:31:e3:c3:e1:31:f1:44:1f:6a:b5:
56:d7:0d:b7:36:76:59:2f:90:88:dc:a2:88:a9:bf:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:F1:F6:56:3D:E4:3A:11:D3:64:49:75:66:7C:1C:28:E7:95:9E
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6c075e-6263-4ff3-a26d-8d32220715ee/1/PXDx9lY95DoR02RJdWZ8HCjnlZ4.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.112.0/21
185.194.20.0/22
193.238.156.0/22
IPv6:
2a02:60::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35492
Signature Algorithm: sha256WithRSAEncryption
0d:39:d0:0f:fe:29:4e:0c:31:4e:99:6c:c0:a5:cd:93:d6:cb:
8f:fa:73:ce:ce:e3:28:5d:df:9f:98:e7:f9:a6:5c:c6:27:7c:
2b:d2:cb:b7:67:98:e3:73:c0:e2:49:e6:d8:c8:6d:25:38:8b:
f7:37:37:fa:c3:cd:15:12:e7:9a:a5:5b:f5:34:03:01:ae:da:
87:a1:1e:f0:f4:03:b3:63:73:89:a1:5e:17:b8:09:14:e0:31:
79:84:ba:5a:ef:a4:56:dd:92:bd:1c:a3:2c:46:9f:f8:4d:fd:
74:86:c9:38:1e:27:c7:4b:01:4f:d5:5e:f9:13:f2:d2:38:23:
81:25:d3:64:9d:d2:21:12:28:a5:9f:c6:fa:d7:69:30:80:21:
8f:02:0e:8d:33:99:ff:bf:29:98:a7:09:6a:f0:86:76:62:42:
62:b3:52:3b:d8:d5:ef:3a:b2:2c:7d:fa:48:b5:26:4a:7f:2e:
0e:c6:dc:f4:6d:31:ef:11:0a:2b:0b:a8:aa:ca:1b:d2:41:41:
ee:46:ca:07:a3:78:33:12:d1:79:9c:32:a6:9d:b4:a3:95:84:
96:56:63:7b:04:7f:a3:22:ab:99:2d:c7:be:a5:af:8a:48:48:
9c:18:ea:7b:e5:d2:4e:59:0b:aa:b7:8f:bf:26:62:2b:9a:70:
95:3c:5a:83
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZQntl+Q88c9GNw36lhpK01PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTU1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwZjFmNjU2M2RlNDNhMTFkMzY0NDk3NTY2N2MxYzI4ZTc5NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq42bUsABVsgEDAMSKOQoowgxQWXj
5lHAbkqWQbQOUkbP0qge5ZImavY9OP9hZog6C6vJK7Uo5pzM9m+dxyzAf20JMo+v
Ls2gqc976DkzI22QPy56ape7t3La/FyzlMkjSkQGc/wcbtHsAGB13XhjCrhpbq8K
snUg0ai1D7O0Tutn3//vunCkE/MgGFZhkwXasCbNG2ZzCchRs7odo5ETl7kL3fhR
29bsd8PbZNugmuWmK1Pt5An4QcZl8JNbOGhWABsRI2S6yk5MwFYNgpjA0ui/DA7X
opmcUApT2a9H3esPN6pi2DHjw+Ex8UQfarVW1w23NnZZL5CI3KKIqb/T0QIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFD1w8fZWPeQ6EdNkSXVmfBwo55WeMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlkLzZjMDc1
ZS02MjYzLTRmZjMtYTI2ZC04ZDMyMjIwNzE1ZWUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNmMwNzVl
LTYyNjMtNGZmMy1hMjZkLThkMzIyMjA3MTVlZS8xL1BYRHg5bFk5NURvUjAyUkpk
V1o4SENqbmxaNC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUF
BwEHAQH/BCswKTAYBAIAATASAwQDTilwAwQCucIUAwQCwe6cMA0EAgACMAcDBQMq
AgBgMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCKpDANBgkqhkiG9w0BAQsFAAOC
AQEADTnQD/4pTgwxTplswKXNk9bLj/pzzs7jKF3fn5jn+aZcxid8K9LLt2eY43PA
4knm2MhtJTiL9zc3+sPNFRLnmqVb9TQDAa7ah6Ee8PQDs2NziaFeF7gJFOAxeYS6
Wu+kVt2SvRyjLEaf+E39dIbJOB4nx0sBT9Ve+RPy0jgjgSXTZJ3SIRIopZ/G+tdp
MIAhjwIOjTOZ/78pmKcJavCGdmJCYrNSO9jV7zqyLH36SLUmSn8uDsbc9G0x7xEK
Kwuoqsob0kFB7kbKB6N4MxLReZwypp20o5WEllZjewR/oyKrmS3HvqWvikhInBjq
e+XSTlkLqrePvyZiK5pwlTxagw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:56:29 2025 by rpki-client