Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q53Rzq4PZdYqLrfGfEjdQw59ppY.cer
File: Q53Rzq4PZdYqLrfGfEjdQw59ppY.cer (raw, json)
Hash identifier: wjFANoqrRezrdncpV1PkY7Har7srt87Du8Am1I4Jt+k=
Subject key identifier: 43:9D:D1:CE:AE:0F:65:D6:2A:2E:B7:C6:7C:48:DD:43:0E:7D:A6:96
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228D143BF6837D39DC9BDC0D235B4D65
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/5b/b37a56-7bb1-4f83-a17e-6417bd8fe29c/1/Q53Rzq4PZdYqLrfGfEjdQw59ppY.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/5b/b37a56-7bb1-4f83-a17e-6417bd8fe29c/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:47:38 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 201876
IP: 185.50.112.0/22
IP: 2a01:a1a0::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:14:3b:f6:83:7d:39:dc:9b:dc:0d:23:5b:4d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=439dd1ceae0f65d62a2eb7c67c48dd430e7da696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:a2:0f:76:2e:10:8c:1d:45:ce:86:f5:e4:
65:cc:c3:ef:c9:1f:76:29:de:dc:97:50:6a:5f:1d:
57:af:45:c5:13:b8:62:51:36:89:95:f7:2f:bc:91:
cc:b8:5a:aa:6e:21:99:2e:2d:11:ed:99:02:31:11:
cd:e6:da:ef:ec:90:d7:4a:db:60:17:4e:e3:86:15:
6e:e5:4e:c6:6d:bc:3e:c5:c7:de:a5:a7:ec:b2:da:
01:cd:b1:c8:0e:c3:98:63:81:36:71:78:cb:1f:81:
0a:e2:e6:5f:3c:49:18:e0:1f:d5:98:cb:3f:c3:72:
b6:ae:62:81:bc:e6:75:5b:ce:7e:b6:59:76:5b:49:
15:80:e9:b0:b9:cc:c0:49:45:56:cd:fe:4c:e6:40:
bf:de:97:4b:b2:9a:62:fd:ea:89:13:e6:e8:b7:f6:
3d:2d:ea:4c:92:42:c5:ab:60:13:7d:f9:55:ff:0c:
16:0a:28:e6:7f:10:20:b6:1a:ee:e4:c1:ad:53:f2:
bd:a7:d4:03:e1:c2:19:31:28:ac:e7:7e:f8:6b:2e:
9e:de:e2:0b:57:7c:75:55:f0:06:53:17:fe:3a:c1:
97:c3:08:dc:25:21:89:09:d7:e7:73:62:41:28:c0:
c8:11:b9:20:ea:e3:44:e3:a5:50:8d:00:e9:48:6e:
de:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9D:D1:CE:AE:0F:65:D6:2A:2E:B7:C6:7C:48:DD:43:0E:7D:A6:96
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b37a56-7bb1-4f83-a17e-6417bd8fe29c/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b37a56-7bb1-4f83-a17e-6417bd8fe29c/1/Q53Rzq4PZdYqLrfGfEjdQw59ppY.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.112.0/22
IPv6:
2a01:a1a0::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
201876
Signature Algorithm: sha256WithRSAEncryption
97:63:1a:3e:76:eb:e5:aa:6f:ee:4d:de:70:b1:4e:90:4f:ad:
76:3a:32:6b:6e:67:f9:81:69:f5:84:33:09:fe:97:fe:fc:cd:
74:12:bb:be:00:fd:e3:38:13:fe:08:d8:d4:53:8b:5b:8a:30:
c4:31:68:c9:a8:10:0f:3f:ca:7f:1d:af:7a:ee:3f:8a:bf:a8:
b0:a2:a9:6a:74:7b:2b:6e:de:bd:76:53:06:1a:71:1e:71:b4:
6f:d5:c4:5d:8f:b0:8d:42:e7:9d:fa:c4:72:0e:6d:07:bf:f5:
8a:1c:ad:ff:67:74:b3:e7:3e:03:43:ae:77:99:ac:7c:0b:00:
90:0c:bc:d9:56:f6:18:bb:0d:0c:51:3c:9e:e6:79:3e:8c:68:
04:09:28:67:da:2d:5f:95:47:35:6f:0f:ae:73:d7:43:f8:27:
5c:e1:2c:5f:3c:7a:67:84:e8:bf:dd:dc:a8:58:43:83:de:c6:
05:bd:46:6f:03:e5:13:6e:58:9d:9e:80:ce:a0:12:b7:20:6b:
12:02:91:37:df:8d:1d:d9:c1:4f:54:dc:b7:67:da:4f:b1:5e:
34:68:6a:16:08:5d:74:62:dd:e3:45:09:55:2d:9d:6e:d4:e8:
8b:9d:66:d0:02:92:e3:bb:a1:98:ae:d4:49:7b:a0:21:17:f0:
3d:dd:77:13
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZQijRQ79oN9Odyb3A0jW01lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzlkZDFjZWFlMGY2NWQ2MmEyZWI3YzY3YzQ4ZGQ0MzBlN2RhNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaOiD3YuEIwdRc6G9eRlzMPvyR92
Kd7cl1BqXx1Xr0XFE7hiUTaJlfcvvJHMuFqqbiGZLi0R7ZkCMRHN5trv7JDXSttg
F07jhhVu5U7Gbbw+xcfepafsstoBzbHIDsOYY4E2cXjLH4EK4uZfPEkY4B/VmMs/
w3K2rmKBvOZ1W85+tll2W0kVgOmwuczASUVWzf5M5kC/3pdLsppi/eqJE+bot/Y9
LepMkkLFq2ATfflV/wwWCijmfxAgthru5MGtU/K9p9QD4cIZMSis5374ay6e3uIL
V3x1VfAGUxf+OsGXwwjcJSGJCdfnc2JBKMDIEbkg6uNE46VQjQDpSG7e+QIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEOd0c6uD2XWKi63xnxI3UMOfaaWMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViL2IzN2E1
Ni03YmIxLTRmODMtYTE3ZS02NDE3YmQ4ZmUyOWMvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYjM3YTU2
LTdiYjEtNGY4My1hMTdlLTY0MTdiZDhmZTI5Yy8xL1E1M1J6cTRQWmRZcUxyZkdm
RWpkUXc1OXBwWS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQCuTJwMA0EAgACMAcDBQAqAaGgMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwMUlDANBgkqhkiG9w0BAQsFAAOCAQEAl2MaPnbr5apv
7k3ecLFOkE+tdjoya25n+YFp9YQzCf6X/vzNdBK7vgD94zgT/gjY1FOLW4owxDFo
yagQDz/Kfx2veu4/ir+osKKpanR7K27evXZTBhpxHnG0b9XEXY+wjULnnfrEcg5t
B7/1ihyt/2d0s+c+A0Oud5msfAsAkAy82Vb2GLsNDFE8nuZ5PoxoBAkoZ9otX5VH
NW8PrnPXQ/gnXOEsXzx6Z4Tov93cqFhDg97GBb1GbwPlE25YnZ6AzqAStyBrEgKR
N9+NHdnBT1Tct2faT7FeNGhqFghddGLd40UJVS2dbtToi51m0AKS47uhmK7USXug
IRfwPd13Ew==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:57:21 2025 by rpki-client