Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
File: Q5OKPegDvWyR8UrZZ71BQbigKK8.cer (raw, json)
Hash identifier: KEwXl5DQdM8t6/JRQtg8rJxaq6Fp2DBmCc197ARVSv8=
Subject key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019426D97805ECA1C42115B3140E31239B8B
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Thu 02 Jan 2025 11:49:33 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 203254
IP: 185.129.12.0/22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:78:05:ec:a1:c4:21:15:b3:14:0e:31:23:9b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 2 11:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:93:20:38:35:a9:26:c2:a3:56:b7:14:8c:a4:
d3:b3:46:62:01:22:e5:1c:42:6a:07:61:ec:70:66:
24:61:97:ff:32:f6:19:17:fb:c2:a1:d2:3f:dc:f5:
d8:e7:e5:1e:1c:00:ee:97:4b:ab:9e:9b:19:a6:b5:
3b:b9:53:83:99:03:ac:86:0f:0c:34:31:00:d7:4e:
b0:03:71:eb:37:51:ff:4b:6c:1f:e8:d4:15:10:d0:
51:a4:14:eb:b6:5a:31:f7:79:0a:b4:32:88:00:69:
99:dc:f2:53:ec:74:00:73:de:d7:53:63:a5:09:97:
68:e1:8a:c8:3d:86:fe:6f:2c:7f:51:96:c0:f9:5b:
49:64:b5:f4:5e:c5:56:c9:1e:c9:0e:b3:04:6b:42:
48:71:fe:14:0c:01:42:e0:0b:6e:c0:6f:80:70:a0:
c6:44:fd:88:99:7a:7c:16:2a:75:6d:7d:2f:79:f3:
41:51:76:3f:25:c8:c0:03:56:b9:69:cb:de:2e:2f:
40:14:f5:b0:04:de:63:bc:e5:af:3c:9c:c2:9b:14:
ea:ac:2d:8c:34:5c:35:a4:88:52:e9:6c:b6:30:43:
78:a9:f7:0c:fc:1b:94:85:af:e6:af:8b:5f:a1:ee:
99:8b:56:a2:e3:b2:60:bd:27:d2:66:d1:62:37:a1:
78:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.12.0/22
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
203254
Signature Algorithm: sha256WithRSAEncryption
30:05:8a:5e:53:ad:a1:b2:a8:e8:6e:5a:a6:fc:a8:fe:10:0d:
66:58:8f:b8:ca:f8:1c:89:61:6b:26:4f:02:5c:c3:0a:1f:87:
17:95:00:93:c1:ca:ee:67:2a:e0:a8:1f:c0:43:8b:d2:bc:65:
97:f8:e9:53:91:8f:40:8c:5a:49:fa:5f:be:56:ae:8c:58:f5:
d4:68:14:6d:0a:d2:54:62:2b:b0:45:4b:d1:68:f2:be:9f:fc:
04:61:f3:a9:d9:a2:ad:cd:fd:8d:21:5e:00:8b:13:59:9f:2f:
20:89:7a:c3:c5:44:8e:58:38:db:5d:15:d7:80:69:99:2a:03:
cc:dc:da:31:87:25:b3:05:59:f6:39:a5:7b:79:8c:48:05:d0:
7b:b7:4a:b8:d9:bd:78:31:9d:3a:d5:a7:47:16:7c:0e:39:1b:
b2:c4:a4:7d:97:14:4b:5f:2e:1c:69:2f:b1:8e:4a:5c:cb:04:
e8:c7:0d:c2:1f:7a:79:40:99:9d:c7:5b:ec:51:9d:64:e6:b2:
51:4a:b6:b5:ad:49:d6:bd:1f:9b:20:47:60:61:be:d6:6d:80:
58:27:26:1f:7c:94:24:b0:4f:43:f2:25:eb:3e:ee:ba:f4:d5:
1e:6e:b8:8e:41:fe:9b:4d:3a:3f:26:09:8b:b9:9d:80:0c:5b:
42:8b:63:b0
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZQm2XgF7KHEIRWzFA4xI5uLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAyMTE0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzkzOGEzZGU4MDNiZDZjOTFmMTRhZDk2N2JkNDE0MWI4YTAyOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypMgODWpJsKjVrcUjKTTs0ZiASLl
HEJqB2HscGYkYZf/MvYZF/vCodI/3PXY5+UeHADul0urnpsZprU7uVODmQOshg8M
NDEA106wA3HrN1H/S2wf6NQVENBRpBTrtlox93kKtDKIAGmZ3PJT7HQAc97XU2Ol
CZdo4YrIPYb+byx/UZbA+VtJZLX0XsVWyR7JDrMEa0JIcf4UDAFC4AtuwG+AcKDG
RP2ImXp8Fip1bX0vefNBUXY/JcjAA1a5acveLi9AFPWwBN5jvOWvPJzCmxTqrC2M
NFw1pIhS6Wy2MEN4qfcM/BuUha/mr4tfoe6Zi1ai47JgvSfSZtFiN6F4CwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEOTij3oA71skfFK2We9QUG4oCivMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJjL2VjZGEy
NC1kN2MzLTQ0NmEtYWYzNi1mZTU2MzRjMTdjYzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvZWNkYTI0
LWQ3YzMtNDQ2YS1hZjM2LWZlNTYzNGMxN2NjOS8xL1E1T0tQZWdEdld5UjhVclpa
NzFCUWJpZ0tLOC5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQCuYEMMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUC
AwMZ9jANBgkqhkiG9w0BAQsFAAOCAQEAMAWKXlOtobKo6G5apvyo/hANZliPuMr4
HIlhayZPAlzDCh+HF5UAk8HK7mcq4KgfwEOL0rxll/jpU5GPQIxaSfpfvlaujFj1
1GgUbQrSVGIrsEVL0Wjyvp/8BGHzqdmirc39jSFeAIsTWZ8vIIl6w8VEjlg4210V
14BpmSoDzNzaMYclswVZ9jmle3mMSAXQe7dKuNm9eDGdOtWnRxZ8DjkbssSkfZcU
S18uHGkvsY5KXMsE6McNwh96eUCZncdb7FGdZOayUUq2ta1J1r0fmyBHYGG+1m2A
WCcmH3yUJLBPQ/Il6z7uuvTVHm64jkH+m006PyYJi7mdgAxbQotjsA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 04:02:53 2025 by rpki-client